Introduction
This is a Intranet Manager's
Technical Guide which provide useful information about maintaining
Intranet. Intranet Managers should consider the following topics
when upgrading and maintaining Rich-Kay Technology's Intranet.
- Topics to consider when upgrading
and maintaining a Intranet
1.1 Security
Some concerns you may have:
- How can access to personal data
on PCs be restricted?
- Is it possible for people to
damage data on a PC from outside?
- Are computers connected to a
network more vulnerable to viruses?
- Can a hacker monitor what I
am doing on a network?
- How can I ensure the physical
security of the equipment?
Connecting a computer to any sort of network inevitably increases
the risk of damage to the data on the computer by malicious or
inadvertent access from the network. The security of the data
can be protected in two main ways: by requiring passwords to
be supplied, and by encrypting data. There is no guaranteed way
of making a network-connected computer secure, but the risks
should be weighed up realistically according to the sensitivity
and value of the data, and the desirability of making the data
more accessible (and hence perhaps more valuable).
For someone elsewhere on the network to change your data, it
would normally be necessary for your computer to be running some
software (usually the Ethercard driver and the intranet software).
Merely plugging the computer into the network would not normally
make it possible to look at its data.
As well as protecting the data
resident on your computer, you need to consider the possibility
that data flowing between your computer and somewhere else on
the network could be monitored by someone. Because Ethernet sends
data from one station to another by 'broadcasting' it, ie by
sending data packets which can be received by all stations connected
to that segment of the network, there is the possibility that
someone could 'listen in' to the network traffic. Encryption
is probably the only way round this.
Computers connected to networks
are probably more vulnerable to viruses only in the sense that
networking allows data and files to move much more freely.
Physical security should also
be considered. Servers should be in locked rooms or locked cabinets.
Devices should be etched with a security code if possible, but
bear in mind that the target of a theft may be particular components,
for example memory boards, rather than complete systems.
Top
of Page
1.2 Cabling
When choosing a suitable cable
type for your network, there are several aspects to consider:
- The cost
- Ease of installation
- Compatibility with the University's
data network
- Availability of interfaces to
equipment (printers, PCs, etc)
- Maximum speed capability
- Lifetime
Top
of Page
1.3 Hardware
When considering the installation
of a network, it is important to make an inventory of all the
existing equipment (personal computers, printers, plotters, scanners)
which you might like to connect to the network. For PCs, you
should find out the following details:
- Processor type (eg Pentium,
166MHz)
- Random access memory (RAM)
- Hard disk size
- Screen type (eg mono, colour,
VGA)
- Operating system type and version
(eg Windows 95, Windows 98)
Although it is quite possible
to connect a wide variety of different types of PC and printer
to a network, there are strong arguments for taking advantage
of the opportunity afforded to rationalize the equipment, because
it will create considerably more work both for installation,
and for subsequent maintenance, if you are trying to cater for
a wide range of equipment. A decision to install a departmental
network is partly also a decision to achieve greater integration
of your department's computing facilities, and this may well
imply imposing some sort of 'standard' arrangement, of both hardware
and software, for the majority of your users.
The importance of forming an
inventory of your existing equipment is thus that it enables
you to make a decision at an early stage about which equipment
to keep, and which to throw away (or reuse if possible).
It is recommended that servers
be connected to a 24-hour power supply, ie they should normally
run continuously, in contrast to workstations, which are normally
switched off when not in use, or outside working hours. Note:
you must also provide appropriate fire protection for equipment
running continuously.
Top
of Page
1.4 Software and licensing
As for hardware, an important
first step in planning a network is to find out which software
is already in use and, in particular, that all copies are licensed.
It is a criminal offence to use unlicensed software.
A strong motivation for moving
to a network is to rationalize software provision so that versions
of packages are consistent throughout, and to ensure that software
is run legally, ie that its use conforms to any licensing arrangements.
It is not necessary to buy a
copy of software for each PC to be connected to the network,
unless you actually must have guaranteed access to a particular
package at all times from each computer. What you must do is
ensure that you buy enough copies to cover the maximum number
of simultaneous uses of the package. In practice, this is best
done by means of a facility such as SofTrack, which limits the
number of copies which can be loaded from the server. A package
controlled by SofTrack in this way can then be used from any
connected PC, but only up to a defined number of copies.
For ease of maintenance of the
network, all packages should be put on to the server if possible,
with only the minimum amount of software resident on each PC's
own hard disk.
Many software packages are now
available in special network versions. Where network versions
are not available, you must then buy enough individual copies
to cover the maximum number to be in use at once, although you
will only actually install one copy on the server.
Top
of Page
1.5 Peripherals (printers,
CD-ROMs, scanners)
- 1.5.1 Printers
- There are effectively three
ways of connecting a printer to a network:
- Directly to the server parallel
port
- Directly via an internal network
interface in the printer
- Via a PC configured as a 'print-server'
- Via a parallel-to-Ethernet adaptor
device
For modern printers the best way is the internal network interface.
- Older printers are probably
best connected via a PC print-server or parallel-to-Ethernet
adaptor.
- 1.5.2 CD-ROMs
- It is likely that you will want
to provide access to several CD-ROMs on your network. To do this,
you will need a CD-ROM 'tower', ie a set of CD-ROM drives which
can be connected to your file-server, allowing you to put several
CD-ROMs 'online' at the same time.
- 1.5.3 Scanners
A scanner must be attached to one of the workstations rather
than to the server.
Top
of Page
1.6 Maintenance
- 1.6.1 Hardware maintenance
- Hardware maintenance refers
to the arrangements you make for repair of faulty equipment (including
cabling), and to routine preventive maintenance (cleaning components
and replenishing consumables).
- Equipment which is essential
for day-to-day operation of your network is normally put on a
formal maintenance contract, which typically guarantees a response
to fault reports of 4 hours or 8 hours. Non-essential equipment
can instead be repaired by a 'return-to-factory' or 'time-and-parts'
arrangement, which may not guarantee the 'turn-round' time.
- Items which are so critical
that even a loss of service for up to 4 hours is deemed unacceptable
- the file server could be put in this category - should have
a 'hot-swap' spare available, configured so that it can be put
into service as quickly as possible.
- You should list the items making
up your network, and decide which categories of maintenance you
would like them to be in ideally. Moving your department to a
networked arrangement makes you more dependent on equipment,
compared with a situation where the computers are mainly 'stand-alone'.
-
-
- 1.6.2 Software maintenance
- Software maintenance refers
usually to the fixing of faults in software. It may also be taken
to mean the provision of upgrades to new versions of the software
as they become available.
- A software maintenance agreement
may offer both 'bug-fixing' and upgrades to new releases, or
the upgrades may be charged separately (since new releases tend
to appear infrequently, unlike bug-fix releases, which can appear
several times a year.)
- It is sensible to define a time,
say 8am till 9am on a particular day of the week, when changes
to software such as fault-fixing or software upgrades are always
carried out, with as little disruption to the software taking
place at all other times, other than `emergency' work.
- It is good practice to advertise
any maintenance sessions to all users of the service (preferably
by electronic mail) well in advance, say one or two weeks before.
Top
of Page
1.7 Back-up, recovery and
resilience
It is essential that all data
held on the server (both the programs themselves, and any data
stored by the users of the network) is regularly 'backed-up',
that is, copied to an archive (typically a tape cartridge), so
that the service can be restored even if the hard disk on the
server breaks down completely.
A full back-up of the server's
data should be taken weekly, supplemented by daily back-ups only
of data which has been changed. This should ensure that, in the
event of loss of the server, the data can be restored to its
state at the end of the previous day at least.
A good practice to facilitate
this policy is to divide the server's disk areas into 'stable'
and 'variable' data areas.
Since backup of server data can
create a considerable load on the network, it is wise to arrange
that the back-up is done overnight, preferably by an automatic
procedure.
However you should bear in mind
that running any equipment overnight is a fire risk.
Top
of Page
1.8 Training
When introducing a network into
a department, good training in the use of the new hardware and
software must be provided to all users and potential users of
the network.
It is not sufficient to assume
that some measure of computer literacy among the users will enable
them to start using a network. The installation of a network,
as opposed to a collection of separate computers and printers,
entails a shift in the working practice of the whole department
which goes beyond learning some new commands and using new items
of equipment.
For this reason, training should
be provided which brings all users, regardless of their existing
level of computer skills, to the same level of skill in using
the network. Training should provide both general awareness of
the facilities being provided, and an understanding of how the
system has been set up in their particular context.
Don't forget the on-going need
for training for new staff.
Top
of Page
1.9 Electronic mail
Electronic mail can be viewed
for convenience in two areas:
- Communications within the department
- Communications with the 'outside
world' (ie outside the department)
While it is possible to provide an electronic mail system which
treats both areas in exactly the same way - and this may be the
best solution - it is likely that more sophisticated software
may be available for email within the department, especially
as part of a complete 'office systems' package, whereas email
with the outside world tends to have to use a 'lowest common
denominator' approach to account for the varity of email standards
in use world-wide.
Top
of Page
