pace-it: supporting configuration management (part 2)
TRANSCRIPT
Supporting configuration management II.
Page 2
Instructor, PACE-IT Program – Edmonds Community College
Areas of Expertise Industry Certification
PC Hardware
Network Administration
IT Project Management
Network Design
User Training
IT Troubleshooting
Qualifications Summary
Education
M.B.A., IT Management, Western Governor’s University
B.S., IT Security, Western Governor’s University
Entrepreneur, executive leader, and proven manger with 10+ years of experience turning complex issues into efficient and effective solutions.
Strengths include developing and mentoring diverse workforces, improving processes, analyzing business needs and creating the solutions required— with a focus on technology.
Brian K. Ferrill, M.B.A.
Page 3
Supporting configuration management II.
– Backups.
– Bring your own device.
PACE-IT.
Page 4
Backups.Supporting configuration management II.
Page 5
Archives and backups.
Backups are an essential part of any configuration management (CM) system.
Small changes in a network device’s configuration can introduce unexpected consequences into the network. In addition, there is always the possibility of a failure of a key component, which can lead to the loss of data or functionality.
Backups play a key role in recovering from unexpected consequences or from the failure of a component. Backup schedules must be implemented and periodic tests should be conducted to ensure that the backup process is working.
Supporting configuration management II.
Page 6
Backups.
– Types of backups.» Full: all data on the targeted system is backed
up.• Slowest backup method with the highest storage
requirements, but leads to the fastest recovery method.
• Recovery only requires the full backup file.» Incremental: only the new or modified files are
backed up.• Fastest backup method with the lowest storage
requirements, but leads to the slowest recovery method.
• Recovery requires the last full backup file and all of the incremental backup files.
» Differential: only data that has changed since the last full backup is saved.
• Time to backup is moderate, requires a moderate amount of storage, but also is the middle ground on the length of time for recovery.
• Recovery requires the last full backup file and the last differential backup file.
Supporting configuration management II.
Page 7
Backups.
The configuration files of a network device should also be backed up.
Once a network device (e.g., a router or switch) has been configured and is operating as expected, a backup of the configuration files and operating system should be done.
This helps to speed up the recovery time in cases of equipment failure or when a change to the configuration has introduced unexpected consequences.
Supporting configuration management II.
Page 8
Bring your own device.Supporting configuration management II.
Page 9
Bring your own device.
Bring your own device (BYOD) policies allow employees to use their personal devices on an organization’s network.
While the employees are happy that they get to use their favorite IT devices on the corporate network, IT departments aren’t quite as happy about it, as they have to deal with any consequences.
IT departments are tasked with keeping a network safe, yet they have very little control over the devices that employees bring in. In some cases, BYOD policies have led to the introduction of malware into an organization’s network environment.
Network Admission Control (NAC) has been implemented in an effort to reduce the risks associated with BYOD policies and to introduce CM to those devices.
Supporting configuration management II.
Page 10
Bring your own device.
– NAC (Network Admission Control).» NAC is a Cisco process; Microsoft uses Network
Access Protection (NAP).• The names may be different, but the functions are
similar.» Includes more than just authenticating users and
devices on the network.» All devices requesting access to network resources are
screened for:• Type of device.• Operating system used, including updates.• Security software, including updates.• Presence of malware.• Other security vulnerabilities.
» In some cases, if the connection request has been rejected, the device is redirected to a remediation server, which attempts to resolve the known issue.
Supporting configuration management II.
Page 11
What was covered.Supporting configuration management II.
Backups play an important role in any CM system. Backups are used to recover from failed system components or loss of data. Backups may be full, incremental, or differential in nature. Each has its own advantages and disadvantages. Network devices should have their operating systems and configuration files backed up as well.
Topic
Backups.
Summary
BYOD allows employees to bring in and use their favorite devices on an organization’s network. Since IT departments are responsible for the IT security of networks, this has led to some concerns. NAC is implemented in order to help ensure that BYOD policies do not introduce problems to the network. NAC screens devices for their suitability to join and use network resources.
Bring your own device.
Page 12
THANK YOU!
This workforce solution was 100 percent funded by a $3 million grant awarded by the U.S. Department of Labor's Employment and Training Administration. The solution was created by the grantee and does not necessarily reflect the official position of the U.S. Department of Labor. The Department of Labor makes no guarantees, warranties, or assurances of any kind, express or implied, with respect to such information, including any information on linked sites and including, but not limited to, accuracy of the information or its completeness, timeliness, usefulness, adequacy, continued availability or ownership. Funded by the Department of Labor, Employment and Training Administration, Grant #TC-23745-12-60-A-53.
PACE-IT is an equal opportunity employer/program and auxiliary aids and services are available upon request to individuals with disabilities. For those that are hearing impaired, a video phone is available at the Services for Students with Disabilities (SSD) office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call 425.354.3113 on a video phone for more information about the PACE-IT program. For any additional special accommodations needed, call the SSD office at 425.640.1814. Edmonds Community College does not discriminate on the basis of race; color; religion; national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran status; or genetic information in its programs and activities.