2.3 Given a scenario, use appropriate resources to support configuration management - Paiet/Tech-Journal-for-Everything GitHub Wiki

2.3 Given a scenario, use appropriate resources to support configuration management

  • Archives/backups
    • Scenario: Network device has failed component that must be replaced and put back into production as soon as possible.
    • e.g. router configuration or switch configurations
  • Baselines
    • The standard levels of performance used to identify when abnormalities occur
    • Scenario: You've made a configuration adjustment to improve performance and now you're trying to determine the improvement.
  • On-boarding and off-boarding of mobile devices
    • Scenario: Use Network Access Control to provide ability for self-registering or unregistering of devices.
    • BYOD, Vendor access control
  • NAC (Network Access Control)
    • Scenario: When we need automated security. e.g. open ports in a waiting room or break room where a device could be plugged in.
    • Sets a standard of security for devices before access is granted to the network
      • Antivirus
      • Current OS/Software updates
      • Security Policy Compliance
    • Port security
      • 802.1x
      • EAP (Extensible Authentication Protocol)
      • Scenario Wireless Access Control is needed because of many APs for consistent application of policy
    • Makes use of RADIUS (net+ episode 1.2 networking services)
      • Won't allow network access without centralized authentication.
      • Scenario Router at the edge of network.
    • Web based authentication page
      • Like at a hotel login page
    • Persistent/Non-persistent Agent
      • Persistent Agent: constantly checking in with the NAC system to verify health/status
      • Non-persistent Agent: Installs the agent, checks health and status with the NAC, then removes the agent software
      • Agentless: Uses Scanning and Inventory to determine health characteristics
  • Documentation
    • Network diagrams (logical/physical)
      • Logical diagram allows the network to be rebuilt, in part or whole by showing the flow of the network traffic
    • Contains the system configs and logical layouts
      • Device name (Fully Qualified Domain Name)
      • IP Addresses
      • Server roles
      • Routing topology
    • Physical diagrams allows the network to be rebuilt, in part or whole
      • If any equipment dies, the physical diagram will aid in its replacement
      • Will most likely be used in conjunction with the logical diagram for configuring the new device
    • Asset management
      • Keeps track of all the hardware and software owned by the company
        • This also includes service contracts and leases
        • Not just about what you own, but also where you're money is going
        • Scenario: Replacement equipment sometimes must be exact or must know specs to replace components within the asset.
    • Hardware
      • Workstations
      • Network Equipment
      • Special equipment
        • Fluke
        • Servers
        • Backup Hardware
          • Hard drives, routers, switches, etc.
    • Software
      • OS and software licenses
      • Maintenance utilities
    • IP address utilization
      • Defining device role/location by ip address
        • Servers
        • Workstations
        • Network equipment
    • Vendor documentation
      • List of all vendors being used with all their specifics
        • Appliances
        • Leases
          • Pricing
          • ISPs
          • Services
          • Contracts
          • Consultants/technicians
          • Licensing
          • Contact info
    • Internal operating procedures/policies/standards
      • Acceptable Use Policy
      • Disaster recovery
      • Change requests
        • Formal rather than incidental
        • Process, personnel and policy reviewed
      • templates are helpful here