Sybex CompTia Server Study Guide 2nd Edition

Using Your Sybex Electronic Book
To realize the full potential of this Sybex electronic book, you must have Adobe Acrobat Reader with
Search installed on your computer. To find out if you have the correct version of Acrobat Reader, click on
the Edit menu—Search should be an option within this menu file. If Search is not an option in the Edit
menu, please exit this application and install Adobe Acrobat Reader with Search from this CD (double-
click rp500enu.exe in the Adobe folder).
Navigation
Navigate through the book by clicking on the headings that appear in the left panel;
the corresponding page from the book displays in the right panel.
Search To search, click the Search Query button on the toolbar

or choose Edit >Search > Query to open the Search window. In
the Adobe Acrobat Search dialog’s text field, type the text you
want to find and click Search.
Use the Search Next button (Control+U) and Search

Previous button (Control+Y) to go to other matches in
the book. The Search command also has powerful tools for
limiting and expanding the definition of the term you are
searching for. Refer to Acrobat's online Help (Help > Plug-In
Help > Using Acrobat Search) for more information.
Click here to begin using

your Sybex Elect ronic Book! www.sybex.com
Server+ TM
Study Guide
Second Edition
Brad Hryhoruk
Diana Bartley
Quentin Docter
San Francisco • London
Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

Associate Publisher: Neil Edde
Acquisitions and Developmental Editor: Elizabeth Hurley
Editor: Linda Stephenson
Production Editor: Liz Burke
Technical Editors: Andre Paree-Huff, Andy Barkl
Graphic Illustrator: Tony Jonick
Electronic Publishing Specialist: Interactive Composition Corporation
Proofreaders: Nancy Riddiough, Dave Nash, Laurie O’Connell, Richard Ganis
Indexer: Lynnzee Elze
CD Coordinator: Dan Mummert
CD Technician: Kevin Ly
Book Designer: Bill Gibson
Cover Designer: Archer Design
Cover Illustrator/Photographer: Natural Selection
Copyright © 2002 SYBEX Inc., 1151 Marina Village Parkway, Alameda, CA 94501. World rights reserved. No part of this
publication may be stored in a retrieval system, transmitted, or reproduced in any way, including but not limited to photo-
copy, photograph, magnetic, or other record, without the prior agreement and written permission of the publisher.
First Edition copyright © 2001 SYBEX Inc.
Library of Congress Card Number: 2001099339
ISBN: 0-7821-4087-4
SYBEX and the SYBEX logo are either registered trademarks or trademarks of SYBEX Inc. in the United States and/or other
countries.
Screen reproductions produced with FullShot 99. FullShot 99 © 1991–1999 Inbit Incorporated. All rights reserved.
FullShot is a trademark of Inbit Incorporated.
The CD interface was created using Macromedia Director, COPYRIGHT 1994, 1997–1999 Macromedia Inc. For more
information on Macromedia and Macromedia Director, visit http://www.macromedia.com.
Internet screen shot(s) using Microsoft Internet Explorer 5.0 reprinted by permission from Microsoft Corporation.
SYBEX is an independent entity from Citrix Systems, Inc., and not affiliated with Citrix Systems, Inc. in any manner. This
publication may be used in assisting students to prepare for a Citrix Certified Administrator Exam. Neither Citrix Systems,
its designated review company, nor SYBEX warrants that use of this publication will ensure passing the relevant exam. Cit-
rix is either a registered trademark or trademark of Citrix Systems, Inc. in the United States and/or other countries.
TRADEMARKS: SYBEX has attempted throughout this book to distinguish proprietary trademarks from descriptive terms
by following the capitalization style used by the manufacturer.
The author and publisher have made their best efforts to prepare this book, and the content is based upon final release soft-
ware whenever possible. Portions of the manuscript may be based upon pre-release versions supplied by software manu-
facturer(s). The author and the publisher make no representation or warranties of any kind with regard to the completeness
or accuracy of the contents herein and accept no liability of any kind including but not limited to performance, merchant-
ability, fitness for any particular purpose, or any losses or damages of any kind caused or alleged to be caused directly or
indirectly from this book.
Manufactured in the United States of America
10 9 8 7 6 5 4 3 2 1

To Our Valued Readers:
Sybex is proud to have served as a cornerstone member of CompTIA’s Server+ Advisory Committee.
Just as CompTIA is committed to establishing measurable standards for certifying individuals who will
support server environments in the future, Sybex is committed to providing those individuals with the
skills needed to meet those standards. By working alongside CompTIA, and in conjunction with other
esteemed members of the Server+ committee, it is our desire to help bridge the knowledge and skills
gap that currently confronts the IT industry.
In the year since its release, the Server+ has gained industry-wide recognition as a solid indicator of
competency in server technologies. Microsoft recently incorporated the Server+ certification into their
new MCSA (Microsoft Certified Systems Associate) program as an elective option when paired with
CompTIA’s A+ certification. Such integration into vendor-specific certification programs is a strong
endorsement for Server+ and bodes well for those who possess it.
Our authors, editors, and technical reviewers have worked hard to ensure that this Server+ Study Guide
is comprehensive, in-depth, and pedagogically sound. We’re confident that this books will meet and
exceed the demanding standards of the certification marketplace and help you, the Server+ exam can-
didate, succeed in your endeavors.
Good luck in pursuit of your Server+ certification!
Neil Edde
Associate Publisher—Certification
Sybex, Inc.

Software License Agreement: Terms and Conditions
The media and/or any online materials accompanying this If you discover a defect in the media during this warranty
book that are available now or in the future contain pro- period, you may obtain a replacement of identical format at
grams and/or text files (the “Software”) to be used in connec- no charge by sending the defective media, postage prepaid,
tion with the book. SYBEX hereby grants to you a license to with proof of purchase to:
use the Software, subject to the terms that follow. Your pur-
chase, acceptance, or use of the Software will constitute your SYBEX Inc.
acceptance of such terms. Product Support Department
1151 Marina Village Parkway
The Software compilation is the property of SYBEX unless
Alameda, CA 94501
otherwise indicated and is protected by copyright to SYBEX
Web: http://www.sybex.com
or other copyright owner(s) as indicated in the media files
(the “Owner(s)”). You are hereby granted a single-user
After the 90-day period, you can obtain replacement media
license to use the Software for your personal, noncommercial
of identical format by sending us the defective disk, proof of
use only. You may not reproduce, sell, distribute, publish,
purchase, and a check or money order for $10, payable to
circulate, or commercially exploit the Software, or any por-
SYBEX.
tion thereof, without the written consent of SYBEX and the
specific copyright owner(s) of any component software Disclaimer
included on this media. SYBEX makes no warranty or representation, either
In the event that the Software or components include specific expressed or implied, with respect to the Software or its con-
license requirements or end-user agreements, statements of tents, quality, performance, merchantability, or fitness for a
condition, disclaimers, limitations or warranties (“End-User particular purpose. In no event will SYBEX, its distributors,
License”), those End-User Licenses supersede the terms and or dealers be liable to you or any other party for direct, indi-
conditions herein as to that particular Software component. rect, special, incidental, consequential, or other damages
Your purchase, acceptance, or use of the Software will con- arising out of the use of or inability to use the Software or its
stitute your acceptance of such End-User Licenses. contents even if advised of the possibility of such damage. In
By purchase, use or acceptance of the Software you further the event that the Software includes an online update feature,
agree to comply with all export laws and regulations of the SYBEX further disclaims any obligation to provide this fea-
United States as such laws and regulations may exist from ture for any specific duration other than the initial posting.
time to time. The exclusion of implied warranties is not permitted by some
states. Therefore, the above exclusion may not apply to you.
Software Support
This warranty provides you with specific legal rights; there
Components of the supplemental Software and any offers may be other rights that you may have that vary from state to
associated with them may be supported by the specific state. The pricing of the book with the Software by SYBEX
Owner(s) of that material, but they are not supported by reflects the allocation of risk and limitations on liability con-
SYBEX. Information regarding any available support may be tained in this agreement of Terms and Conditions.
obtained from the Owner(s) using the information provided
in the appropriate read.me files or listed elsewhere on the Shareware Distribution
media. This Software may contain various programs that are distrib-
Should the manufacturer(s) or other Owner(s) cease to offer uted as shareware. Copyright laws apply to both shareware
support or decline to honor any offer, SYBEX bears no and ordinary commercial software, and the copyright
responsibility. This notice concerning support for the Soft- Owner(s) retains all rights. If you try a shareware program
ware is provided for your information only. SYBEX is not the and continue using it, you are expected to register it. Individ-
agent or principal of the Owner(s), and SYBEX is in no way ual programs differ on details of trial periods, registration,
responsible for providing any support for the Software, nor is and payment. Please observe the requirements stated in
it liable or responsible for any support provided, or not pro- appropriate files.
vided, by the Owner(s). Copy Protection
Warranty The Software in whole or in part may or may not be copy-
SYBEX warrants the enclosed media to be free of physical protected or encrypted. However, in all cases, reselling or
defects for a period of ninety (90) days after purchase. The redistributing these files without authorization is expressly
Software is not available from SYBEX in any other form or forbidden except as specifically provided for by the Owner(s)
media than that enclosed herein or posted to www.sybex.com. therein.

This book is dedicated to my motivation, strength, and support.
—Brad Hryhoruk
To Kara and Abbie.
—Quentin Docter

Acknowledgments
In creating a project of this magnitude there are a great number of peo-
ple involved. I would like to extend my thanks to everyone who helped make
this book a reality. Liz Burke and Elizabeth Hurley have been wonderfully
supportive and patient with me as I worked toward this goal. Special thanks
to Linda Stephenson for her support and positive criticism throughout this
entire process. I would also like to acknowledge Martial Marcoux. Thank
you for your enduring support and friendship over the years and especially
your support and strength in the last few months. I would not have made it
with out you. Finally I would like to mention my close friends Nancy and
Jerret. The two of you have helped me in more ways then I can ever repay.
—Brad Hryhoruk
I would like to thank my wife Kara for her unwavering support and uncon-
ditional love. I would also like to thank the entire Sybex crew. You are all
great to work with, and very under appreciated.
—Quentin Docter
To the talented staff who assisted us in this undertaking: Liz Burke,

Elizabeth Hurley, Andre Paree-Huff, Andy Barkl, Nancy Riddiough, Dave
Nash, Laurie O’Connell, Richard Ganis, Lynnzee Elze, Stacey Loomis, Dan
Mummert, and Kevin Ly. Thank you for all your hard work and dedication
to this project.

Introduction
Welcome to the Sybex Server+ Certification Study Guide. The pur-
pose of this text is to assist you in preparing to challenge and succeed at the
CompTIA Server+ Exam. This book was created with the understanding that
you have already successfully completed your A+ certification. Several key
elements in the A+ certification are built upon within the Server+ certifica-
tion. On their website (www.comptia.com) CompTIA recommends that can-
didates wishing to achieve Server+ certification first obtain their A+. From
my experience with the Server+ Exam, I recommend also obtaining your
Network+ certification prior to attempting the Server+. Concepts dealing
with networking and network protocols are covered very well in the Net-
work+ Study Guide, by David Groth (Sybex, 2001), and appear within the
Server+ Exam questions.
This text contains several key elements that will assist you on this journey
to Server+ certification. Each chapter begins with an objective outline. The
objectives are outlined in detail later in the introduction, but for now you
should know that they are the key elements that you are expected to know
in detail. This will help you focus your studies on the specifics of the objec-
tives at hand. Each chapter in this book prepares you for the detailed
objectives that are covered in the exam.
Throughout each chapter there are also real world scenarios. These
are real experiences: some describe good situations and others serve as a
warning. Either good or bad, they serve as a means of seeing in action the
information learned.
At times in the chapters, warnings will be given. Performing certain tasks
could pose a threat to server or user safety. Other times the warning is used
to draw your attention to a serious matter that requires your complete focus.
Each time that a warning appears, you will see a small bomb icon.
This is an example of how a warning will be presented within a chapter.

Please be sure to read every warning carefully before proceeding with the
activity.
Chapters end with several important elements. These include a chapter

summary, exam essentials, key terms, and review questions.
The chapter summary gives a brief explanation of the key essential com-
ponents of each major topic covered in the chapter. This serves as a refresher

xxiv Introduction
to you as well as a means of finding out if you remember the major features
discussed.
Exam essentials are brief statements (one sentence) that reemphasize the
most important points that you need to be aware of prior to taking the exam.
Each statement is followed by a brief explanation of why this point is essen-
tial. Be sure to know these essentials before proceeding to the next chapter.
Key terms are exactly what the name implies: a collection of important
terms unique to the chapter and exam. They are defined within the context
of the chapter and then sorted into a list at the end of the chapter. You need
to be aware of these terms as well as their meanings in order to successfully
challenge the Server+ Exam.
The most significant feature in our Study Guides is the practice exam.
Each chapter includes 20 review questions at the end. These practice ques-
tions test your comprehension of the information and key details covered in
each chapter. It is imperative that you work through these chapter tests.
They not only help you remember the information presented in the chapters,
but also assist you in preparing for the real Server+ Exam.
Don’t just study the questions and answers—the questions on the actual
exam will be different from the practice ones included in this book and on the
CD. The exam is designed to test your knowledge of a concept or objective, so
use this book to learn the objective behind the question.
What Is Server+ Certification?

T he Server+ certification was created by the Computer Technology
Industry Association (CompTIA) with the purpose of providing a vendor-
neutral means of certifying the competency of a Server Hardware Specialist.
A Server Hardware Specialist is someone who spends time solving problems
to ensure that servers are functional and applications remain available. The
specialist should have an in-depth understanding of how to plan a network
and how to install, configure, and maintain a server. This should include
knowing the hardware that goes into a server implementation, how data
storage subsystems work, the basics of data recovery, and how I/O sub-
systems work. CompTIA recommends that Server+ candidates have between

Introduction xxv
18 and 24 months of experience in the server technology industry, as well as

experience working on a server. This will provide you with the essential
hands-on experience to understand as well as work through the concepts
successfully. A Server+ specialist should be able to demonstrate competency
in the following areas:
Has in-depth knowledge of servers, including working knowledge of
troubleshooting, physical security, and disaster recovery. Can recover
from a server failure.
Ensures high availability by meeting the Service Level Agreement
requirements, including proactively recognizing and responding to
problems and performing recovery.
Has thorough working knowledge of hardware configuration and net-
work connectivity. Includes the ability to perform problem determi-
nation for all aspects of the server (hardware, software, networking).
Installs and configures server hardware to meet application
requirements.
Implements current and emerging data storage and transfer technolo-
gies such as SCSI and RAID.
Has a thorough working knowledge of networking protocols (e.g.,
TCP/IP, IPX/SPX, SNMP, DMI) for diagnosing the impact of the net-
work on the server and vice versa.
Provides support, including second-level support, for resellers and end
users.
Performs maintenance on server systems, data storage subsystems,
and network devices.
Has good planning and integration skills to be able to upgrade a server
without impacting network users; increase storage capacity without
impacting network users; design and implement a data recovery plan
in the event of a network device failure; and perform peripheral
upgrades, BIOS upgrades, memory upgrades, processor upgrades,
mass storage upgrades, and adapter upgrades
Demonstrates high levels of leadership through mentoring and training
others in server concepts and operations.

xxvi Introduction
Why Become Server+ Certified?

Obtaining the Server+ Certification will open several doors for you.
Not only is it gratifying to know you have obtained a personal growth
achievement, but you are also improving your employability skills. The
Server+ certification demonstrates a proof of professional achievement.
You will receive a certificate for framing and a wallet card. It increases your
marketability in today’s information technology–driven industry. Having
your Server+ certification also will help your pursuit for advancement in
the computer field. If you are hoping to become involved or more involved
in computer technical work, having your Server+ certification will assist
tremendously in validating your commitment and expertise.
There are a number of reasons for becoming Server+ certified:
It demonstrates proof of professional achievement.
It increases your marketability.
It provides greater opportunity for advancement in your field.
It is increasingly found as a requirement for some types of advanced
training.
It raises customer confidence in you and your company’s services.
Let’s explore each reason in detail.
Provides Proof of Professional Achievement

Specialized certifications are the best way to stand out from the crowd. In
this age of technology certifications, you will find hundreds of thousands of
administrators who have successfully completed the Microsoft and Novell
certification tracks. To set yourself apart from the crowd, you need a little bit
more. The Server+ exam is the starting point for the Server Specialist and will
give you the recognition you deserve.
Increases Your Marketability

Almost anyone can bluff their way through an interview. Once you have cer-
tified in an area such as Server+, you will have the credentials to prove your
competency. And certifications are not something that can be taken from
you when you change jobs. Once certified, you can take that certification
with you to any of the positions you accept.

Introduction xxvii
Provides Opportunity for Advancement

Those individuals who prove themselves as competent and dedicated are the
ones who will most likely be promoted. Becoming certified is a great way to
prove your skill level and shows your employers that you are committed to
improving your skill set. Look around you at those who are certified. They
are probably the ones who receive good pay, raises, and promotions when
they come up.
Fulfills Training Requirements

Many companies have set training requirements for their staff so that they
stay up-to-date on the latest technologies. Having a Server+ certification pro-
vides administrators another certification path to follow when they have
exhausted some of the other industry-standard certifications.
Raises Customer Confidence

As companies discover the advantages of having staff with the Server+ cer-
tification, they will undoubtedly want staff to challenge for this certification.
Many companies outsource the work to consulting firms with experience
working with servers. Those firms that have certified staff have a definite
advantage over other firms that do not.
How to Become Server+ Certified

There is only one exam that you must pass in order to achieve your
Server+ certification (SKO-001). This exam is administered by Sylvan
Prometric and can be taken at any authorized Prometric testing center. To
locate the closest testing center to you, call 1 800 755-EXAM. If you want
to register for your Server+ Exam, you can call the exam registration at
1-800-776-4276. If you have not booked an exam through Sylvan Prometric
before, you will need give them your name, social security number, mailing
address, phone number, employer, and a credit card number for payment. If
you choose, you can also register for the test at the Sylvan Prometric online
registration site (www.2test.com).
In order to obtain your Server+ certification, you must achieve a passing
mark of at least 75 percent on the 80-question exam in the 90 minutes

xxviii Introduction
allocated. All the questions are multiple choice and can contain one or
more answers. The questions are often tricky, often with several possibly
correct answers. You must select the most correct answer. Be sure to read
each question carefully. The Server+ Exam at this time is not adaptive. This
means that you can skip questions and come back to them at a later point in
the exam. CompTIA has not announced a date that the Server+ Exam will
become adaptive, or in fact whether it will at all.
Who Should Buy This Book?

I f you want to acquire a solid foundation in Server+, this book is for
you. You’ll find clear explanations of the concepts you need to grasp and
plenty of help to achieve the high level of professional competency you need
in order to succeed in your chosen field.
If you want to become certified as a Server+ technician, this book is
definitely for you. However, if you just want to attempt to pass the exam
without really understanding servers, this study guide is not for you. It is
written for people who want to acquire hands-on skills and in-depth
knowledge of network servers.
How to Use This Book and the CD

W e’ve included several testing features in both the book and on the
CD-ROM bound at the front of the book. These tools will help you retain
vital exam content as well as prepare to sit for the actual exam. Using our
custom test engine, you can identify weak areas up front and then develop a
solid studying strategy using each of these robust testing features. Our thor-
ough readme will walk you through the quick and easy installation process.
Before You Begin At the beginning of the book (right after this intro-
duction, in fact) is an assessment test that you can use to check your readi-
ness for the actual exam. Take this test before you start reading the book.
It will help you determine the areas you may need to brush up on. The
answers to each assessment test appear on a separate page after the last
question of the test. Each answer also includes an explanation and a note
telling you in which chapter this material appears.

Introduction xxix
Chapter Review Questions To test your knowledge as you progress

through the book, there are review questions at the end of each chapter.
As you finish each chapter, answer the review questions and then check to
see if your answers are right—the correct answers appear on the page fol-
lowing the last review question. You can go back to reread the section that
deals with each question you got wrong to ensure that you get the answer
correctly the next time you are tested on the material.
Electronic “Flashcards” You’ll also find 150 flashcard questions for on-
the-go review. Download them right onto your Palm device for quick and
convenient reviewing.
Test Engine In addition to the assessment test and the chapter review
tests, you’ll find two sample exams. Take these practice exams just as if
you were taking the actual exam (i.e., without any reference material).
When you have finished the first exam, move onto the next one to solidify
your test-taking skills. If you get more than 90 percent of the answers cor-
rect, you’re ready to go ahead and take the certification exam.
Full Text of the Book in PDF Also, if you have to travel but still need to
study for the Server+ exam and you have a laptop with a CD-ROM drive,
you can carry this entire book with you just by taking along the CD-ROM.
The CD-ROM contains this book in PDF (Adobe Acrobat) format so it
can be easily read on any computer.
Exam Objectives
A s with the other CompTIA certifications, a series of exam objectives or
topics have been identified by the Advisory Committee as being key to
becoming certified as a competent technician. In the Server+ certification,
these objectives fall under seven major areas: installation, configuration,
upgrading, proactive maintenance, environment, troubleshooting and prob-
lem determination, and disaster recovery. Each key area is weighted on the
Exam objectives are subject to change at any time without prior notice and
at CopmTIA’s sole discretion. Please visit the Certification page of CompTIA
website at www.comptia.org for the most current listing of exam objectives.

xxx Introduction
exam differently. The exam weights are set to focus on the areas that a server
technician needs to be most knowledgeable in.
Behind every computer industry exam you are sure to find exam objec-
tives—the broad topics on which the exam developers want to ensure your
competency. The official Server+ exam objectives are listed here.
Server+ Exam Blueprint

Job Dimension % of Exam (approximate)
1.0 Installation 17%
2.0 Configuration 18%
3.0 Upgrading 12%
4.0 Proactive Maintenance 9%
5.0 Environment 5%
6.0 Troubleshooting and Problem 27%
Determination
7.0 Disaster Recovery 12%
1.0 Installation (17%)

1.1 Conduct pre-installation planning activities
Plan the installation
Verify the installation plan
Verify hardware compatibility with operating system
Verify power sources, space, UPS and network availability
Verify that all correct components and cables have been delivered
1.2 Install hardware using ESD best practices (boards, drives, processors,
memory, internal cable, etc.)
Mount the rack installation
Cut and crimp network cabling
Install UPS

Introduction xxxi
Verify SCSI ID configuration and termination

Install external devices (e.g., keyboards, monitors, subsystems,
modem rack, etc.)
Verify power-on via power-on sequence
2.0 Configuration (18%)

2.1 Check/upgrade BIOS/firmware levels (system board, RAID, controller,
hard drive, etc.)
2.2 Configure RAID
2.3 Install NOS
Configure network and verify network connectivity
Verify network connectivity
2.4 Configure external peripherals (UPS, external drive subsystems, etc.)
2.5 Install NOS updates to design specifications
2.6 Update manufacturer specific drivers
2.7 Install service tools (SNMP, backup software, system monitoring
agents, event logs, etc.)
2.8 Perform Server baseline
2.9 Document the configuration
3.0 Upgrading (12%)

3.1 Perform full backup
Verify backup
3.2 Add Processors
On single processor upgrade, verify compatibility
Verify N 1 stepping
Verify speed and cache matching
Perform BIOS upgrade

xxxii Introduction
Perform OS upgrade to support multiprocessors

Perform upgrade checklist, including: locate/obtain latest test drivers,
OS updates, software, etc.; review FAQs, instruction, facts and issues;
test and pilot; schedule downtime; implement ESD best practices;
confirm that upgrade has been recognized; review and baseline; doc-
ument upgrade.
3.3 Add hard drives
Verify that drives are the appropriate type
Confirm termination and cabling
For ATA/IDE drives, confirm cabling, master/slave and potential
cross-brand compatibility
Upgrade mass storage
Add drives to array
Replace existing drives
Integrate into storage solution and make it available to the operating
system
Perform upgrade checklist, including: locate and obtain latest test
drivers, OS updates, software, etc.; Review FAQs, instructions, facts
and issues; test and pilot; schedule downtime; implement using ESD
best practices; confirm that the upgrade has been recognized; review
and baseline; document the upgrade.
3.4 Increase memory
Verify hardware and OS support for capacity increase
Verify memory is on hardware/vendor compatibility list
Verify memory compatibility (e.g., speed, brand, capacity, EDO,
ECC/non-ECC, SDRAM/RDRAM)
Perform upgrade checklist including: locate and obtain latest test
drivers, OS updates, software, etc.; review FAQs, instructions, facts
and baseline; document the upgrade

Introduction xxxiii
Verify that server and OS recognize the added memory

Perform server optimization to make use of additional RAM
3.5 Upgrade BIOS/firmware
3.6 Upgrade adapters (e.g., NICs, SCSI cards, RAID, etc.)
3.7 Upgrade peripheral devices, internal and external
Verify appropriate system resources (e.g., expansion slots, IRQ,
DMA, etc.)
3.8 Upgrade system-monitoring agents
3.9 Upgrade service tools (e.g., diagnostic tools, EISA configuration,
diagnostic partition, SSU, etc.)

xxxiv Introduction
3.10 Upgrade UPS
4.0 Proactive Maintenance (9%)

4.1 Perform regular backup
4.2 Create baseline and compare performance
4.3 Set SNMP thresholds
4.4 Perform physical housekeeping
4.5 Perform hardware verification
4.6 Establish remote notification
5.0 Environment (5%)

5.1 Recognize and report on physical security issues
Limit access to server room and backup tapes
Ensure physical locks exist on doors
Establish anti-theft devices for hardware (lock server racks)
5.2 Recognize and report on server room environmental issues (tempera-
ture, humidity/ESD/ power surges, back-up generator/fire suppression/
flood considerations)
6.0 Troubleshooting and Problem Determination (27%)

6.1 Perform problem determination
Use questioning techniques to determine what, how, when.
Identify contact(s) responsible for problem resolution

Introduction xxxv
Use senses to observe problem (e.g., smell of smoke, observation of

unhooked cable, etc.)
6.2 Use diagnostic hardware and software tools and utilities
Identify common diagnostic tools across the following OS: Microsoft
Windows NT/2000; Novell Netware, UNIX, Linux, IBM OS/2
Perform shut down across the following OS: Microsoft Windows NT/
2000, Novell Netware, UNIX, Linux, IBM OS/2
Select the appropriate tool
Use the selected tool effectively
Replace defective hardware components as appropriate
Identify defective FRUs and replace with correct part
Interpret error logs, operating system errors, health logs, and critical
events
Use documentation from previous technician successfully
Locate and effectively use hot tips (e.g., fixes, OS updates, E-support,
web pages, CDs)
Gather resources to get problem solved: identify situations requiring
call for assistance; acquire appropriate documentation
Describe how to perform remote troubleshooting for a wake-on-LAN
Describe how to perform remote troubleshooting for a remote alert.
6.3 Identify bottlenecks (e.g., processor, bus transfer, I/O, disk I/O,
network I/O, memory)
6.4 Identify and correct misconfigurations and/or upgrades
6.5 Determine if problem is hardware, software or virus related
7.0 Disaster Recovery (12%)

7.1 Plan for disaster recovery
Plan for redundancy (e.g., hard drives, power supplies, fans, NICs,
processors, UPS)

xxxvi Introduction
Use the technique of hot swap, warm swap and hot spare to ensure
availability
Use the concepts of fault tolerance/fault recovery to create a disaster
recovery plan
Develop disaster recovery plan
Identify types of backup hardware
Identify types of backup and restoration schemes
Confirm and use off site storage for backup
Document and test disaster recovery plan regularly, and update
as needed
7.2 Restoring
Identify hardware replacements
Identify hot and cold sites
Implement disaster recovery plan.
Tips for Taking the Server+ Exam

As you reach your final steps in preparing for the Server+ Exam, keep a few
general tips in mind:
Try to arrive at your exam early. This will allow you to familiarize
yourself with the location and exam setting. You can (try to) relax and
collect yourself for the task ahead.
Bring two forms of identification. It helps to have a photo identifica-
tion. You will be required to sign in and the examiner will perform some
last-minute registration with you.
Ask for a pen and sheet of paper. You are allowed to have these items
at your computer station with you. Many people are unaware of this, or
don’t take advantage of it. If you have to refer to charts, tables, or infor-
mation that you crammed in at the last minute, they can be written down
on this paper. When you are sitting at your station, the clock on your
exam does not start until you click Start. You can spend some time writing
your notes at this point. When you have written out all the information
that you need to, then click Start on the computer.

Introduction xxxvii
Read the questions carefully. Numerous questions are written with

multiple correct or apparently correct answers. You must select the most
appropriate answer. Many discussion groups based on certification exams
have complaints and in-depth discussions on specific questions, as they
appear so open-ended.
Don’t leave questions unanswered. You have a better chance of getting
a point if you guess.
Because the test is not adaptive, you can mark questions for review so you
can go back to them later. If you are not positive about your answer,
use this feature. It is possible that questions or answers later in the test will
tip you off to the questions that stumped you.
Questions can have more than one correct answer. In the test, answer
blanks will appear as check boxes, not radio dials. If more than one
option should be selected, the question will inform you that you are to
select multiple answers. If you select too many answers, the testing soft-
ware will prompt you—and this can come in handy if you are unsure of
how many answers are correct. Check all the answers that you feel could
be correct, and if the software alerts you that you have selected too many
responses, you can then eliminate the weakest options.
Work through the test in several phases. Your first run-through should
be to answer the easy questions as well as reading through all the ques-
tions and answers to familiarize yourself with what you are presented
with. Next go through and answer the medium-difficulty questions and
review your easy questions and answers. Save the hard ones for last. This
will let you know exactly how many hard ones there are left and the
amount of time you have remaining to deal with them. This way you can
best budget your time to complete the test.
There are many different websites with information pertaining to certifi-
cation exams. Many of these websites claim to have exam questions and
exam information posted on them. Part of the CompTIA exam require-
ment is that you agree not to share exam information after you have com-
pleted your test. You will ultimately decide on your own whether or not
to visit these websites. Many aspiring technicians feel that it takes away
from the validity of the exams and the certification. Another major con-
cern is the validity of the information presented on these websites. Every-
one appears to be an expert, yet there is a lot of incorrect information

xxxviii Introduction
posted. I would recommend not using these exam information websites

for this reason alone.
Good luck on your path to Server+ certification.
About the Authors

Brad Hryhoruk has been actively instructing for over 10 years. He has
his bachelor of Education degree as well as A+, Network+, Inet+, Server+,
and MCP. He currently teaches at the Aboriginal Community Campus in
Winnipeg Manitoba. Brad also instructs certification programs as well as
working as a project manager. You can reach Brad at b.d@netcom.ca.
Diana Bartley, B.ED., MCSE, MCP+I, MCT, A+, Network+, i-Net+, and
Server+, is currently an MCSE instructor and technical writer for various
IT-related topics. She has co-authored many books covering Windows 2000
Directory Services, MCSE Clustering, and ISA Server.
Quentin Docter, MCSE, MCT, CCNA, CNE, A+ and Server+, is a 9-year
industry veteran with experiences ranging from administrator, consultant, to
instructor. He is currently working as an independent consultant and author.
Quentin has worked on 7 books for Sybex, most recently, the MCSE
Windows 2000 Network Infrastructure Design Study Guide.

Assessment Test
1. Name three ways adapters can work together (select all that apply).
A. Adapter grouping
B. Adapter fault tolerance
C. Adapter virtual private networks
D. Adapter Load Balancing
E. Adapter teaming
2. What are three possible configurations for an ATA/IDE device (select

all that apply)?
A. Master, with slave present
B. Slave, with a master present
C. Slave, no master present
D. Master, no slave present
3. If you have a RAID 3 system made up of four 20GB drives, how much
usable disk storage space would you have?
A. 80GB
B. 60GB
C. 40GB
D. 20GB
4. You want to filter packets of certain TCP/IP types coming in from and
going out to the Internet. What type of server application do you
need?
A. Firewall
B. Proxy server
C. Router
D. Gateway

xl Assessment Test
5. Pick the levels of cache that can be present in a computer with a

Pentium III Gigahertz processor.
A. L1
B. L2
C. L3
D. L4
6. SNMP is part of what protocol suite?
A. TCP/IP
B. NetBEUI
C. IPX/SPX
D. AppleTalk
7. What type of server resolves DNS names to IP addresses?
A. DHCP
B. DNS
C. UDP
D. SMTP
8. What is the default ID setting for a SCSI host bus adapter?
A. 7
B. 5
C. 3
D. 6
9. Which of the following TCP/IP addresses is in a private address range?
A. 183.239.179.171.
B. 127.0.0.0.
C. 240.64.0.24
D. 172.16.0.0.

Assessment Test xli
10. With which Internet standard protocol is Active Directory accessed?
A. SNMP
B. SMTP
C. LDAP
D. POP3
11. A BNC connector is used on what type of Ethernet implementation?
A. Thinnet
B. Thicknet
C. UTP
D. STP
12. In every SCSI-3 bus, how many terminators are there?

A. Four
B. Three
C. Two
D. One
E. One per device
13. Your server’s backups are taking so long that you find you must start
them as you’re leaving work for the day and they often don’t finish
until noon the next day. What are some options you can consider
(select all that apply)?
A. Set up differential backups.
B. Add more backup tape drives.
C. Cut down on the number of files being backed up.
D. Set up incremental backups.
14. Which of the following is a memory error check?
A. EDO
B. ECC
C. RD RAM
D. SIMM
xlii Assessment Test
15. You want to set up your computer room so that an exact duplicate
exists in a different building and you somehow replicate the informa-
tion on the servers in your production room to this duplicate room.
What kind of function are you performing?
A. Backups
B. Fault tolerance
C. High-availability
D. Disaster recovery
16. Single mode fiber optics uses which of the following as a light source?
A. Laser
B. LED
C. Fluorescent
D. Incandescent
17. Memory Interleaving is another way of doing which of the following:
A. Error checking
B. Accessing information stored on the memory chip
C. Determining parity
D. Installing chips
18. What are some common diagnostic tools that you can utilize no
matter what NOS you’re working with (choose all that apply)?
A. Event logs
B. TCP/IP software
C. FDISK
D. BIOS utilities

Assessment Test xliii
19. How is a PCI bus configured?
A. Through jumpers
B. On the motherboard
C. Through the system BIOS
D. With a CD-ROM
20. Which of the following is a server-specific CPU?
A. Intel Itanium
B. AMD Duron
C. Intel Celeron
D. AMD Athlon
21. Name some areas of concern to look at when you are attempting to
diagnose system bottlenecks (select all that apply).
A. IRQ conflicts
B. CPU speed
C. Hard disk RPMs
D. SCSI version
22. What kind of hard disks will typically be installed in a RAID 5 system?
A. ATA
B. IDE
C. SCSI
D. ESD
23. Most servers today are equipped with what kind of system memory
chips?
A. SIMMs
B. ECC SIMMs
C. EDO SIMMs
D. DIMMs

xliv Assessment Test
24. Why are maintenance logs important?
A. They provide a clear picture of what the service techs have been
doing.
B. They provide a background of what has been done to a computer.
C. They provide an instruction manual for doing routine tasks.
25. When cabling a building, what should you do?
A. Only use fiber optic cable.
B. Always use copper conduit.
C. Always check local building codes.
D. Assume that you do not need a permit.
26. How many terminators are there on a Thinnet network?

A. One
B. Two
C. One for every 50 hosts
D. One for every 100 hosts
27. Which is true of fiber optics?
A. It is affected by EMI.
B. It is affected by heat.
C. The cable can be made of glass.

D. The cable is always made of copper.
28. You have a single network card with four ports on it. What can that
card not be configured to do?
A. Adapter Load Balancing
B. Adapter teaming
C. Adapter fault tolerance

Assessment Test xlv
29. Four network cards grouped together for Load Balancing will have
how many IP addresses?
A. Four
B. Three
C. Two
D. One
30. What category of UTP is rated for 1000Mbps transfer speeds?
A. Category 3
B. Category 5
C. Category 4
D. All of the above
31. You have just purchased a motherboard that supports dual proces-
sors. Which Pentium III processors can be used on the board?
A. Any Xeon with any P-II
B. P-IIIs of the same speed
C. Any P-III
D. Any P-II with any P-III
32. What happens when a parity-checking memory module determines

that corruption has occurred?
A. The problem is immediately corrected and the end user is none
the wiser.
B. An error message pops up on the screen describing the error to the
end user and giving the user a chance to fix the problem.
C. An entry is made in the memory error log, but the system continues
to operate.
D. The system is halted.

xlvi Assessment Test
33. What does ESD stand for?
A. Electromagnetic static discharge.
B. Electronic static device.
C. Environmental static discharge.
D. Electrostatic discharge.
34. When carrying memory chips from one place to another, what type of
ESD equipment should you use?
A. Wrist strap.
B. ESD vest.
C. Antistatic bag.
D. No ESD protection is required.
35. What is the plenum?
A. The type of metallic shielding surrounding a fiber optic cable
B. The type of cable used in fiber optic installations
C. The air space between the ceiling and the actual roof of a building
D. Precious metal like gold

Answers to Assessment Test xlvii
Answers to Assessment Test

1. B, D, E. Adapters can work together with Load Balancing, fault
tolerance, or teaming. See Chapter 6 for further information.
2. A, B, D. IDE devices can be a master with no slave present, a master
with a slave present, and a slave with a master present. See Chapter 4
for more information.
3. B. You would have three 20GB drives for storage and one 20GB
drive for parity. Therefore, you would have 60GB of usable storage
space. See Chapter 4 for more information.
4. A, B. Proxy servers and firewalls are closely comparable. Firewalls
perform network address translation (NAT), taking a private net-
work’s IP address and converting it to a public address; they also filter
incoming and outgoing packets. A proxy server filters incoming and
outgoing packets and might be able to NAT as well, though you prob-
ably didn’t buy proxy server software for its network address transla-
tion capabilities. Both firewalls and routers can prevent packets of
certain types from going out to the Internet or coming in from the
Internet. Routers route packets, and gateways provide an opening
to a different system or environment. See Chapter 1 for more
information.
5. A, B. Level 1 and Level 2 cache can only be present with a Pentium III
processor. See Chapter 3 for further information.
6. A. Simple Network Management Protocol is part of the TCP/IP
protocol suite. See Chapter 12 for more information.
7. B. A DNS Server resolves a DNS name to an IP address. See Chapter 1
for further information.
8. A. The SCSI bus adapter uses ID 7 by default. See Chapter 4 form
further information.
9. D. There are three IP address ranges that are considered to be private:
10.0.0.0, 172.16.0.0, and 192.168.0.0. See Chapter 8 for further
information.
10. C. Active Directory is based on LDAP. See Chapter 1 for further
information.

xlviii Answers to Assessment Test
11. A. BNC connectors are used on Thinnet Ethernet networks. See

Chapter 6 for further information.
12. C. There will always be two terminators, one at each end of the SCSI
chain. See Chapter 4 for further information.
13. B, C, D. You can add backup tape drives to the system, thus provid-
ing more places for backups. You can also groom the file list to see if
there are files that are being backed up that don’t actually need to be.
You can also go to a system where you perform a full backup over the
weekend and then use incremental backups during the week. Incre-
mental backups only back up the files that have changed since the
previous day’s backup. See Chapter 14 for further information.
14. B. ECC stands for error-correcting code and is used as a memory
error checker in RAM. See Chapter 12 for further information.
15. D. When you have a room in a different building that contains dupli-
cate computing gear and also contains data that has been replicated to it
from the primary servers, you’re working with a disaster recovery (DR)
methodology. DR is, as you might imagine, expensive. The technology
has grown and become viable for entities needing assurance that, should
something disastrous happen, they could continue on with everyday
business functions. See Chapter 15 for further information.
16. A. Single mode fiber optics technology uses a laser as the light source.
This is the more expensive form of fiber optic transmissions, but the
most efficient. See Chapter 6 for further information.
17. B. Memory interleaving is a way of quickly getting access to infor-
mation stored on the memory chip. See Chapter 12 for further
information.
18. A, B, D. All network operating systems create logs that inform you
of critical events. The method you use for reading the logs might be
different, but you can be assured that event logs are generated within
any NOS. You can use TCP/IP software commands such as PING and
NSLOOKUP to perform basic network connectivity troubleshooting.
You can use the server BIOS utilities and peripheral utilities to check to
see if the hardware is correctly configured. Option C would not be an
answer because not all machines have DOS installed on them. See

Answers to Assessment Test xlix
19. C. A PCI bus is configured through the system BIOS. See Chapter 3
for further information.
20. A. The Intel Itanium is a server-specific processor. All others listed
were originally created for a desktop computer. See Chapter 3 for fur-
ther information.
21. B, C, D. A CPU’s speed can create a bottleneck if the applications
and users trying to access the computer outpace the speed with which
the processor can answer requests. In SCSI you’ll also need to be con-
cerned about the hard disk’s RPMs and the SCSI version level. See
22. C. In almost all cases (except systems that utilize software RAID)
you’ll use SCSI drives in your RAID array. See Chapter 4 for further
information.
23. D. Most commercial servers today come equipped with 72-pin Dual
Inline Memory Modules (DIMMs). The reason for this is twofold: you
get 64-bit memory and SIMMs need to be installed in pairs whereas
DIMMs can be installed singly. See Chapter 3 for further information.
24. B. Maintenance logs provide a background of what has been done to
a computer. See Chapter 9 for further information.
25. C. When cabling a building, you should check the local building
codes. These codes will vary by locality. See Chapter 6 for further
information.
26. B. There is a 50-ohm terminator at each end of the bus on a Thinnet
network. See Chapter 6 for further information.
27. C. Fiber cable is made of glass or plastic. See Chapter 6 for further
information.
28. C. Fault tolerance requires more than one card, not more than one
port. See Chapter 6 for further information.
29. D. A group of network cards used in Load Balancing will have one IP
address. See Chapter 6 for further information.
30. B. Category 5 is the only option that supports transfer speeds of
1000Mbps. See Chapter 6 for further information.

l Answers to Assessment Test
31. B. With Pentium III processors, the multiplier and the FSB must
match. See chapter 3 for further information.
32. D. With parity, if it is determined that there has been some corruption,
the system is halted. See Chapter 12 for further information.
33. D. ESD is electrostatic discharge—rapid discharge of static electricity
from one conductor to another of a different potential. If your body is
holding a static charge and you touch an electronic component, that
discharge can seriously damage the electronics. See Chapter 15 for
further information.
34. C. Antistatic bags are used to carry electronic equipment from one
place to another. This will prevent ESD from damaging the chips. See
35. C. The plenum is the space created for air circulation between a
drop-down ceiling and the roof, or under a raised floor; this space is
commonly used to run cables. See Chapter 6 for further information.

Installation PART

Chapter Server Types and Roles

F or the most part, each chapter in this book closely maps to
the Server+ Exam Blueprint from CompTIA. We have listed the exam objec-
tives covered by each chapter at the start of the chapter, and fully covered
each objective to the best of our ability in that one chapter. In a couple of
cases objectives cross chapter lines, but this is infrequent, and is done to
arrange the information in the most readable and useful format possible.
Chapter 1, though, sets the stage for our later studies, and as such does
not specifically map to any objective. For many of you, this first chapter may
be review. That’s excellent, and the authors won’t mind at all if you move
quickly through this information—or any topic where your current level of
experience makes you extremely confident. This chapter will help get you get
started on achieving your goal of the Server+ Certification.
What Is a Server?
W hen preparing for the Server+ exam, one question needs to be
gotten out of the way immediately: What exactly are servers, and what
makes them special enough to deserve an entire exam dedicated to them?
The answer to this requires that the term server itself be defined. Put simply,
there are two key definitions of server in the Information Technology world:
serv·er (sûrvr), n. 1. Computer software designed to assist other
computers on a network by performing tasks for them or providing
information to them. 2. Computer hardware optimized for the task
of running server software.
Each of these definitions needs to be considered separately, along with
its implications for what a “server” is. We’ll take some time in the following
sections to dissect these definitions, taking care to examine servers as
software as well as servers that operate solely as hardware. We will cover
scalability versus expandability, the relationship between security and

What Is a Server? 5
dependability, and finally stability and redundancy. Before we move into

discussing the various roles of a server, we will overview server add-ons.
Server as Software
Let’s start by examining the first definition. For any computer to function, it
needs an operating system (OS). This is the code that tells the computer how
to function. You know that, of course. You have also probably encountered
the term NOS (network operating system), which is used to describe a server
OS. Things become a bit tricky, though, when we start trying to distinguish
an OS from a NOS.
The reason for this is that by the definitions we’ve just shown you, any OS
that can perform services or share files on the network is a server. Many
of you have used the file sharing capabilities of Windows 98, for instance.
All of Microsoft’s modern OSs have the ability to share out files, and even
to maintain NetBIOS browsing lists that allow computers to find each other
on the network. Even so, we don’t generally think of Windows 98 as a
“server OS,” and neither does the Server+ exam. Rather, the NOS term is
reserved for products such as Novell NetWare, Microsoft Windows 2000
Server, or Sun Solaris.
In order to decide which software you will need as your NOS software,
you will need to examine and consider the following characteristics:
Scalability
Security
Stability
Client prioritization
Reviewing each of these characteristics in full is a good starting place
when considering server hardware for your NOS. As such, we will start by
examining the concept of scalability and how it relates to server performance.
Scalability
Most computers serve only a single master, in that the user working locally on
the machine is the only one giving orders. The user may run one application,
or a number of them, but the amount of computer power a single user needs
is relatively limited, especially as we enter the world of multi-gigahertz pro-
cessing on the desktop. Because only one user is expected to be using the OS
at a time, a normal OS is intended for use on machines with limited resources.
Windows 98, for instance, cannot recognize or use more than one processor.

6 Chapter 1 Server Types and Roles
Windows 2000 Advanced Server, on the other hand, supports 8 processors,

and Sun’s Solaris supports up to 128 processors on a single system.
Besides just allowing for more hardware, network operating systems are
designed to allow for features like clustering and load balancing:
Clustering Used to allow a number of servers to share resources,
clustering essentially creates a single “virtual server” out of a number of
machines. The computers share an IP address and generally use the same
data array, as shown in Figure 1.1.
FIGURE 1.1 Server clustering
Hub
Server Server
Data
Load Balancing Similar to clustering, in that two or more servers team

up to do a single job. The thing that distinguishes load balancing, though,
is that each server retains its own identity and often keeps its own copy of
needed resources, as shown in Figure 1.2.
FIGURE 1.2 Server load balancing
Hub
Server Server
Data Data

What Is a Server? 7
Scalability, then, is the ability of a computer system to support large num-

bers of users, and run extremely demanding software applications. That is
just one job for a NOS, though. Next comes the ability to keep things safe.
Security
Network operating systems also are generally far more secure (or at least
securable) than client operating systems. This enhanced security can take the
form of a username/password database, access restrictions on files or
services, or any number of system security policies.
One of the odd things about the Server+ Exam is that, because most
of the questions follow a generic format, and because very little security
information falls into this “generic” category, you will find few system
security–related elements on the exam. This is strange, of course, because
network security is among the primary job functions of a server administrator!
The physical security of the server, however, is a major concern of the exam.
Locking down the server room will be dealt with in Chapter 13, “Managing
and Securing the Server Environment.” Some general security topics will
also be considered on a NOS-by-NOS basis in Chapter 7, “Network Operating
Systems.”
Stability
While most desktop PCs are shut down each night, and are used only a few
hours each day, servers are generally on 24/7, and as such they need an
OS that is extremely stable. Moreover, as tens or hundreds of people are
interacting with the server each day, it is critical that the OS be resilient and
able to deal with this constant onslaught of requests without locking up or
giving up.
To help guard the health of these machines, NOS software is often pickier
about what software it allows to run, and which applications and drivers
it will allow you to install. While this helps to insulate the server from prob-
lems caused by bad software, it also means that NOS applications often are
specifically written for the OS, and can be extremely expensive.
Client Prioritization
One last characteristic of a server OS is that it gives priority to client
connections when allocating resources. The primary purpose of a NOS is to
take care of clients, and as such a user at the server console is treated as just
another user, or sometimes even given a lower priority than network users.

Some examples of server-class operating systems are listed below, along

with website information so you can go to learn more about each of them.
NetWare: www.novell.com/products/netware/
OS/2: www-4.ibm.com/software/os/warp/
Solaris: www.sun.com/software/solaris/
Windows 2000 Server: www.microsoft.com/windows2000/server/
Solaris is a Unix-based system, and Unix operating systems are all based on a
server-class platform. Linux is also Unix based. Still, both Linux and Solaris are
often used as a desktop OS, and are as flexible as Windows in that they can be
used for pretty much any role in the enterprise. Start at www.linux.org/dist/
to learn more about the emerging Linux challenge to the established NOS/OS
leaders.
Servers as Hardware
The second definition of a server is one that involves specialized hardware
designed to handle the extreme demands of NOS software and network
users. Companies such as IBM and Compaq produce computers specifi-
cally for these needs, and sell them in separate product lines. Compaq, for
instance, has its extremely popular Proliant series, and Dell sells the Power-
Edge line. At a very general level, servers are essentially just enhanced PCs.
Many managers look at the price of a new Compaq Proliant 1GHz server
and say, “Why are we paying $10,000 for this computer, when we could get
a Compaq PC that is just as fast for $1,000 at Circuit City?”
This is a valid question, because Windows 2000 Advanced Server or Sun’s
Solaris can be installed on a desktop-class PC without any trouble. If you are
in the position of proposing a server purchase to a manager or client, you
should be prepared to explain the reasons behind the higher cost of special-
ized server hardware.
It is worth emphasizing here that server-class software can be installed on a

desktop PC and that Windows 98 can be installed on an IBM server. To get
best performance, though, both the hardware and software need to be
server-class.

What Is a Server? 9
To help you with that explanation, let’s take a closer look at the benefits
a server provides for that extra money:
Expandability
One of the most important characteristics of server-class hardware is that
it is generally built with generous expansion capability. Most servers allow
for far more RAM (often over 4GB), more drive space (most servers have
5–10 drive bays) and more processors—it is hard to get a desktop PC that fits
8 processors because the cases for normal PCs simply do not have room for
that much hardware. Along with all of this additional hardware comes
the need for additional fans and a larger power supply as well, which also
take up room.
Dependability
Server hardware needs to be reliable. Unlike desktop PCs, which are gener-
ally shut down each evening, servers often are expected to run constantly for
weeks or months. The length of time a server has been running, or sometimes
the percentage of time it has been running, is referred to as its uptime. Some
servers prominently display the amount of time they have been up on their
console, while others (Windows, anyone?) tend to hide that information!
Any time a server is not running, the dreaded word downtime is used
to describe the amount of time that it is off. Because servers are critical to
modern networks, and networks are critical to modern organizations, a
server down situation rarely goes unnoticed. E-mail doesn’t work, or users
can’t get to files, or “the Internet doesn’t work,” and calls start flooding into
the help desk.
Along with backup and security, the prevention of downtime is probably
one of the most important jobs of an administrator. Server-class hardware
helps to maximize uptime through higher quality hardware and the ability
to duplicate critical hardware for redundancy.
Quality
One of the reasons servers cost more than desktop PCs is that the pieces used
to build the server are better. No one argues about why a Porsche costs more
than a Yugo, but somehow a lot of people who drive very nice cars find it
difficult to understand why they should pay for quality in their server room
as well.
Server components are manufactured to higher standards, both in terms
of the materials used and the precision of the craftsmanship. Moreover, these
components are tested to ensure that they work well together. This is done

to ensure that a server will remain operating and reliable regardless of the
amount of work required of it. Much of this information is very different
from the way those same resources are discussed in the A+ book, which deals
with the maintenance of “normal” desktop PCs.
Redundancy
Quality components are great, but even the best machines sometimes
fail, and computers are no exception. In order to try to prevent hardware
problems from resulting in immediate downtime, though, most server-class
computers support redundant hardware for key components. This practice
is known as redundancy.
Redundant components can include power supplies, for instance. If a
server has two or more power supplies, both of them can work together to
power the system. However, if one of them fails (or is unplugged), the other
is able to take on an increased load and power the entire system. Other
examples of commonly duplicated hardware include hard drives, drive
controllers, and network cards.
Two items that are not redundant are processors and RAM modules. Even if
you have four processors in a machine, if one processor fails, the server will
go down. The same with RAM. Remember that expandability and redundancy
are different things!
Server-Only Features
Besides just supporting more and better hardware, and offering helpful ser-
vices not available on regular operating systems, modern servers also can be
equipped with a dizzying array of add-on equipment. Although some of these
components are making their way into the desktop computer environment,
they are normally associated with server environments. These include RAID
controllers (standard on most servers), SCSI controllers, an uninterruptible
power supply (UPS), external drive arrays, fax or modem bank hardware, and
tape backup drives. Any of these can be installed into desktop-class machines
as well, but generally their expense and resource requirements dictate that
they be used in server-class machines with server-class OSs.
You may already be in charge of a network, and have your own server(s)
to refer to as you read this book, but if not it might be useful to get an idea
of what these machines are like. Before reading too much further, you may
want to take a look at some of the beasts that the Server+ certification

Server Roles 11
prepares you to deal with. Below is a sampling of some large computer

hardware manufacturers, and their server lines:
Compaq: www.compaq.com/products/servers/
Dell: www.dell.com/us/en/esg/topics/
segtopic_servers_server_main.htm
Gateway: www.gateway.com/work/products/
sb_srv_catalog.shtml
Hewlett-Packard: www.hp.com/products1/servers/
IBM: www-1.ibm.com/servers/
While this book is being written, HP and Compaq are in the process of
merging, so things may be changing a bit there. For now, though, they
have separate product lines.
Server Roles
Servers must perform a dizzying variety of tasks on the network.
On smaller networks a single machine might perform many or all of these
tasks, and that is perfectly workable because servers are designed to be
good at doing multiple tasks simultaneously. On larger networks, though,
specialization allows each machine to be tailored specifically for the tasks
it is assigned.
This section will sample a few of these tasks for you and give you an
overview of what servers do on a network and how each of these tasks takes
its toll on server resources. Three general types of server roles will be detailed
in this section: security, network, and user. These are loosely grouped, and
some server roles cross over between the categories, so concentrate more on
what they do than where they are grouped. As you read through this section,
keep two questions in mind:
1. What roles does this server play on the network, and how does its
performance impact network users?
2. What type of operating system and hardware should be used to
improve the efficiency of the machine running this task?

Security Roles
Networks have evolved into the storage location for almost all documents
and data in most large and midsize companies. The protection of this data—
both from destruction and from unauthorized access—falls to the server
administrator.
Network security is generally provided by the operating system, and as
we look through each of the following sections, you will be given pointers to
websites that detail how these services are implemented into various server
systems. Because the Server+ exam itself is vendor-neutral, you don’t have
to spend a lot of time studying this stuff, but if you are interested in learn-
ing more about a topic, some of these URLs could come in handy as a
starting point.
Account Management
Most of the following services depend on the ability of the server to deter-
mine one fact—who it is that is trying to use the service. This is generally
accomplished by using one or more servers on the network to store and
authenticate user credentials.
Account management servers generally keep track of (among other
things) two basic pieces of information—the user and the password.
User (or Username)

The user is the basic building block of network security. The user defines an
individual (for example, “John Doe” becomes “JDoe”) or a network role
(“administrator” or “root”), and comes in one of three basic types:
Administrative At least one top-level account must be created during the
server installation process. That account is given authority to manage
the server. Sometimes called the “god account,” this first account is
known by many names by the various computer tribes. Microsoft calls it
the Administrator, Novell calls it Admin, and Unix/Linux calls it Root.
User Created The administrator can then create individual system
identities in order to differentiate between the various individuals on
your network, all of whom have their own network resource needs and
security clearances. Creating a user account registers the user as a security
object on the server.
Guest/Anonymous Sometimes access to the server needs to be granted
to users who are not registered in the account database. This can be done
by creating a default user. Anonymous users are most commonly seen on

Server Roles 13
Internet web servers, where thousands of users might visit a server to view
web content. The users do not have individual accounts, and they all log
on through a single generic account. FTP servers also often allow file
retrieval access to anonymous users.
Password
It is almost inconceivable that anyone reading this book needs to have pass-
words explained. If you do, all I can say is you have a bit of work ahead of
you! If a username says “this is who I am,” a password says “and here’s proof
I am who I say I am.” Password security is a critical part of server security,
because if your account passwords—especially administrative passwords —
are discovered, the server and network security are compromised.
Many of the services listed in the authentication section that follows are
specifically designed to protect system passwords. Sadly, even the best secu-
rity software cannot defend passwords scribbled on sticky notes and posted
on a user’s monitor. An effective password strategy needs to include a pass-
word scheme that balances security and usability.
Windows server administrators can use a nifty tool called L0phtCrack

(recently renamed to LC3) to test their system’s defenses. LC3 and other
and eye-opening toys for various OSs are available from @stake at
www.atstake.com/research/.
Designing a Password Strategy
You are in charge of a committee studying the current password structure

on your company’s network. The purpose of the committee is to examine
the corporate security needs and see whether the existing password struc-
ture is sufficient.
To your dismay, the committee reports back that not only are password
standards not uniform throughout the company, but that many offices
do not have any password policy at all. In attempting to craft a password
strategy, you find the following:
All users have Internet access.
Many users are logging on and working from home.

The corporate intranet and FTP servers both support plain text
passwords.
Users often share machines, and many times they use a shared network
account.
Obviously, this is a worst-case scenario. Still, the solution is relatively sim-

ple. Because you want to secure the network without causing undue trouble
to users, you could recommend that some of the following changes be
implemented:
Require a minimum password length.
Require that passwords be changed monthly.
Do not let users reuse old passwords.
Change website and FTP settings to require encrypted logons.
Require that all users have their own account.
This example is representative of the types of questions you might get. All
of the problems and solutions are generic because getting specific would
require mentioning particular authentication methods or require you to per-
form tasks on a particular directory structure. This would require dealing
with a certain vendor, and in most cases the exam is more interested in giving
you logic puzzles than it is testing your knowledge of a particular product.
Authentication
The process of submitting a username/password set and having it tested
against credentials stored in a server database is called authentication. There
are a number of methods of authentication available to a server. Here is a
sampling, arranged roughly in order of least secure to most secure:
Plain Text This is the simplest form of authentication. In plain text
authentication, username and password information is simply sent out
over the network in clear text—standard ASCII code that can be inter-
cepted and read easily. Plain text authentication is highly frowned upon
in secure environments. Scratch that...plain text is highly frowned upon
for any environment.

Server Roles 15
Encryption The process of protecting authentication information gener-

ally involves encrypting the username and password information as it is
transferred between the client and server. Encryption takes many forms,
but Solaris, for instance, supports Kerberos, Diffie-Hellman, and others.
Go to www.sun.com/software/white-papers/wp-security/ for
more on this topic.
Smart Cards Security can also have a physical component, and smart
card logon options are becoming more common. These depend on the
user knowing a piece of information (password) and having physical
proof of identity (generally a swipe card).
Biometric Identification The most complex and futuristic authentication
method—biometrics—uses retinal scans, voice scans, fingerprint analysis,
and other tools to provide physical proof of identity. The key is using a
human feature that is unique to each individual. Biometric ID integrates
physical identification with authentication.
The Benefits of Security
Many people take security for granted. After all, what’s the big deal? “There
is nothing on my computer worth stealing.” These are the famous last
words of many who have been caught up in an incident where their com-
puter has been broken into.
I recently experienced a situation that drives this point home. A private

school that I worked at long ago called me for some advice with regard
to their new network setup. The school had purchased a dedicated Internet
connection that was being shared to an entire lab of computers. Unfortu-
nately the server was not using a network operating system. The faculty
elected instead to use a desktop operating system. Desktop operating
systems do not provide the necessary level of security or authentication
needed for a server role.
In advising them on their network questions, I also cautioned them on the

security holes that their Internet connection and operating systems were
experiencing. Unfortunately it was only a few weeks later that I received
another call from the school: This time, they were frantic. They had received
a nasty letter from their Internet Service Provider, who was accusing them of
illegal activity. The faculty was completely oblivious to what was going on.

After I assisted them with some research as well as checking into the log
files with the ISP, we discovered that a hacker had broken into their network
and was using their high-speed connection for illegal activities. Since the
operating system was not providing adequate security, this hacker easily
broke in and then masqueraded as a computer within the network. Never
take your network security for granted.
Directory Services Server

Directory services servers allow the processes of account management
and authentication to be handled centrally by a single machine or group
of machines. This allows a single username and password set to be used
throughout an entire network. Microsoft made the idea of “one user, one
account” into a mantra when they were promoting their Windows NT
domain structure, and the key premise is sound. Wherever a user goes in the
enterprise, that user should be able to authenticate to the network using
the same username and password. Figure 1.3 shows how a user can log on
in two separate areas of a Windows 2000 domain using the Windows 2000
Active Directory.
FIGURE 1.3 User logon to the Windows 2000 Active Directory
If credentials are
successfully checked,
Credentials checked the server provides
by the AD server resources
User enters
credentials
Windows Active Directory SQL Server

Network Client Server Database server
Both the Active Directory Server and the SQL Server run copies of the
Active Directory and share the user database as well as the responsibility for
authentication. Common directory services servers include the following:
Microsoft’s Active Directory
Novell’s NetWare Directory Service (NDS)
Sun’s Solstice

Server Roles 17
The three services listed here are all based on the standards set by the Inter-
national Telecommunication Union (www.itu.int). The ITU’s x.500 directory
specification defines how accounts are created and managed. Because of
this, all three of these systems use similar structures and logic, making it
far simpler to manage multiple systems than ever before.
Security servers do not need to be tremendously powerful in terms

of hardware, but they must be powerful enough to respond quickly to
client requests. If the directory server is unable to keep up with authenti-
cation requests, the network simply slows down to its speed. Nobody gets
anywhere without permissions, and these servers are the gatekeepers.
If we were to pick just one resource to emphasize, it would probably
be network throughput, which is critical to a security server. Being able
to receive and send requests quickly can be facilitated by multiple network
cards, or even by locating the directory server in a central part of the net-
work. Also, encryption technologies can be heavily processor intensive, and
so servers with enhanced authentication schemes may require additional
processor power.
Networking Roles
Security work is the glamour job in the server world, and Active Directory
and Kerberos (a network security system, developed at MIT, which
verifies that a user is legitimate at login) seem to get all the attention
in the trade rags. Still, in order to make a network function smoothly,
a number of other services also need to be working in the background.
These services assist the network in locating servers, identifying computers,
connecting remote clients, or moving packets from one part of the network
to another.
You won’t be asked to know about the specifics of any one of these
technologies, since each of them is implemented a bit differently by different
server platforms, but you should be familiar with what they do, and the
basics of how they work.

Routing Services
One of the features that a server can offer to the network is to act as a router.
Routing and bridging services allow a server with multiple network interfaces
to link machines on either side. When acting as a router, the system must
build a routing table that shows which machines are available on which
interfaces.
As TCP/IP is by far the most common protocol you will need to deal with
(some NetWare environments still use IPX/SPX), the IP routing protocols are
the most important ones to keep in mind:
RIP The Routing Information Protocol (RIP) is a distance-vector pro-
tocol that enables computers to exchange routing information by means
of periodic routing table updates. RIP updates are sent to neighboring net-
works and RIP information from other routers is returned. The path with
the fewest hops (each router involved in a path is one hop) is used when
sending data.
OSPF Open Shortest Path First Protocol, or OSPF, is an open protocol,
meaning that it is a standard and that it is available for use in the public
domain. OSPF is a link-state routing protocol. Link-state advertisements
(LSAs) are sent to all other routers to allow them to update their routing
tables. These LSAs include changes to the routing table, but the actual
routing table itself is not sent, unlike RIP. OSPF is far more efficient than
RIP on large networks.
Although server machines can be used as routers, in most cases it is better to

purchase a dedicated router for this job. Cisco (www.cisco.com) and 3Com
(www.3com.com) are two major router manufacturers.
Firewall Server
A firewall is essentially a router turned bouncer. Firewalls are placed at the
edge of your network and are used to turn away communications from
unwanted or distrusted clients. Nearly every large corporate or organiza-
tional network now has at least one high-speed connection to the Internet.
While this makes it extremely easy for network clients to access the Web
and e-mail, the process also works in reverse, and networks are vulnerable
to attack from the Web. As such, nearly all firewalls are concerned with the

Server Roles 19
need to protect a local area network (LAN) from the perils of the Internet.
Figure 1.4 shows a common network configuration and introduces a concept
we need to define.
FIGURE 1.4 A common firewall configuration
Firewall Server
Public Network
Gateway to Internet
DMZ
Hub or Switch
Private LAN
Web Server
LAN PC LAN PC
Note the DMZ, or demilitarized zone. The DMZ is the buffer zone
between the Internet and your internal network. It is where any servers that
need to be exposed to the Web should be housed. In this case, a web server
is sitting in the DMZ, and a server running firewall software protects the
intranet. Any requests sent to the web server—including malicious DoS
(denial of service) attacks or Internet worms—will be able to reach that
server unhindered. The same requests or attacks directed toward the internal
network, though, will be intercepted by the firewall, which will be config-
ured to allow only particular information through.
In many cases, it is best to put the web server behind the firewall as well. The
firewall can let through HTTP requests while protecting the server.
Proxy Server
A special kind of Internet access server is a proxy server, which is part
accountant and part traffic cop. Proxy servers are used to funnel all Internet
traffic through a single location, and because of this central point, they can
effectively manage Internet traffic. Notice in Figure 1.5 that clients on the

network direct all requests for Internet information to the proxy server
\\Trantor. The server then checks for a number of things:
1. Is the user allowed Internet access?
2. Is the user allowed to go to the intended website?

3. Is the web page already requested in cache?
FIGURE 1.5 A proxy server at work
Client 1 Client 2 Client 3

Client requests
a web page
Server checks to see if

Router
the user is authorized
to view the page. If they Internet
are, it is retrieved either
from a local cache or
from the Internet. Trantor
Although a standard firewall can perform the first two of these tasks, the
proxy’s ability to cache pages for users makes it invaluable in saving on lim-
ited bandwidth. If three users request a page, only the first user’s request
actually hits the Internet—the other users are then given the page from inside
the cache.
One service that both firewalls and proxy servers provide is logging of
user requests. Administrators can parse the log files for any of the key unac-
ceptable words or phrases, or just check to see who is downloading .mp3s
at work.
Most of us didn’t sign up as network engineers with the intention of becoming

morality police or productivity enforcers. Still, it is an unfortunate fact that this
is a part of the job on modern networks.
Most routing services require little in the way of resources, with extremely
fast network connections being the key to their success. Making sure that
these machines have quality network cards and up-to-date network card
drivers is critical. Also, because the proxy server caches large amounts of
data, it may need a large drive array.

Server Roles 21
For a great look at how routers, firewalls, and proxy servers work, check
out the excellent film, Warriors of the Net. It is available to view free at
www.warriorsofthe.net, but you will need a fast connection, as the
high-res version is 150MB. It’s worth the time and the wait, though.
Remote Access Services

Ten years ago, a user leaving for a business trip must have felt an amazing
sense of freedom. No cell phones! No laptop! Check in by phone every day
or so, and otherwise you were safe from whatever disasters might need your
attention at the office.
Not so anymore.
As computer-based tasks become a more critical part of the normal work-
day, networks have evolved to provide easier access to resources for users
who can’t get to their desks. Among the most important tools available to
us who use laptops are remote access servers. These are servers that allow
remote users to function on the network as though they were in the office—
even if they are thousands of miles away!
Two of these are the traditional dial-in server and the virtual private net-
working (VPN) server. Each of these has advantages and drawbacks.
Dial-In Server
A dial-in server is essentially a router that has a modem as one of its network
interfaces. The server answers calls coming in from remote clients, authen-
ticates them with the network, and then acts as a conduit, allowing them to
access resources on the network.
In order for this process to work, a dial-in protocol must also be available.
The most common of these are Point-to-Point Protocol (PPP) and the less-
used SLIP (Serial Line Internet Protocol). PPP is newer, and is generally more
efficient because it has error-checking mechanisms built into it. For more
information on how PPP and SLIP differ, check out www.ccsi.com/
survival-kit/slip-vs-ppp.html for one ISP’s explanation of the two.
SLIP is not used much anymore, but it is good to at least recognize the acro-
nym, just in case.
The hardware requirements of a dial-in server can be quite specialized
because the task of providing many—often dozens—of modem connections
is beyond the comm port capabilities of a standard machine. Specialized
expansion boards by companies like Digi (www.digi.com) allow a server to
support this higher hardware level.

In Figure 1.6, a Windows 2000 Server is using the Routing and Remote
Access Service (RAS) to support dial-in clients. The clients authenticate to a
Windows domain controller on the network, and are then able to connect for
e-mail and file access.
FIGURE 1.6 A dial-in configuration for Windows
Server answers and

verifies the user's
identity and rights
with a directory server
Directory Server
Client dials
into RAS server
RAS Server
requests resources
Remote Server transfers RAS Server for the client
Client the data out to
the remote client
File server returns
the data to the server
File Server
VPN Server
A virtual private network (VPN) is similar to a dial-in connection in that it
allows users to access their network remotely. Unlike standard dial-in,
though, a VPN connection involves a two-step process:
1. Users attach to the public Internet using a dial-up or by configuring
their machine to use a high-speed connection.
Once an Internet link is established, users can start a VPN client to
make a connection across the Internet to a VPN server on their own
network. This server also needs to have a separate Internet connec-
tion. This process involves creating a secure tunnel connection through
the existing connection established in step 1. This secure connection is
called a Point-to-Point Tunnel Protocol (PPTP) connection.
The VPN connection is encrypted, and because all communication is
encapsulated within the VPN protocol, users can access network resources
through the VPN that they would otherwise be unable to see using standard
TCP/IP connectivity. Figure 1.7 shows a common VPN configuration. Note
how similar this process is to the one shown in Figure 1.6.

Server Roles 23
FIGURE 1.7 Connecting through a VPN
Server answers and

verifies the user's
identity and rights
with a directory server
Directory Server
Client dials
into VPN server
VPN Server
requests resources
Remote Server transfers RAS Server for the client
Client the data out to
the remote client.
File server returns
the data to the server
File Server
TCP/IP Services
TCP/IP has been mentioned briefly already this chapter and as you go
through this book you will continue to hear about it. As earlier mentioned,
this is essentially the only major protocol standard that you can depend on
any server to support. Because it is everywhere, certain server functions
needed by TCP/IP networking must be included on nearly all networks.
We will just mention these here, as Chapter 8, “TCP/IP,” deals in-depth
with understanding and configuring TCP/IP networking.
DHCP Server
The Dynamic Host Configuration Protocol is used to simplify TCP/IP con-
figuration on network clients. DHCP servers store the information needed to
bring a TCP/IP client onto the network, and when a client first starts up they
contact the server to obtain an address, gateway, subnet mask, and DNS
server, among other things.
If these terms are not already familiar to you, Chapter 7 alone may not be
enough! In that case, Andrew Blank’s TCP/IP JumpStart (Sybex, 2000) is a
good reference. Vendor-specific TCP/IP books are also available, but the
JumpStart book is nice because it maintains the vendor neutrality that
CompTIA espouses.
The DHCP server itself can run on any platform, and clients from
multiple operating systems can use a single DHCP server. It is important to

remember, though, that DHCP requests are done through network broad-
casts, so you generally need either a DHCP server or a DHCP relay agent on
each network segment. More on relay agents in Chapter8!
Name Server
Computers talk to each other quite happily using numbers, as digital infor-
mation all boils down to ones and zeros eventually. Human beings, on the
other hand, generally have an easier time with information presented to
them in the form of words and text characters. Because of this, name servers
allow both people and machines to have their own way. There are two pri-
mary types of name servers to keep in mind:
DNS Server The Domain Naming System (DNS) has been in use for
nearly two decades now, and is the worldwide standard for identifying
computers on TCP/IP networks. DNS servers resolve TCP/IP host
names to IP addresses. In Figure 1.8, the host Client1 requests access to
server1.sybex.com. The name is resolved by the DNS server, and Client1
can start the connection.
WINS Server Figure 1.8 also demonstrates the functionality of a WINS
server. WINS stands for Windows Internet Naming Service, and the “Win-
dows” part of that is a pretty good clue that this is not a vendor-neutral
service. Microsoft has been using its own naming structure—NetBIOS
naming—since the days of DOS, and a WINS server is used to support this
in a TCP/IP environment. Client1 can also access Server2, but does so
through a WINS server rather than a DNS server.
FIGURE 1.8 Name servers in action
server1.sybex.com
Client 1
DNS Server WINS Server
Server 2

Server Roles 25
A configuration like the one in Figure 1.8, where both DNS and WINS servers
are in use, is common. These services can coexist, and even can help each
other out on occasion (see Chapter 7 for more on that).
Management Server
TCP/IP also provides a protocol specifically designed for network manage-
ment functions. The aptly named Simple Network Management Protocol
(SNMP) is used to allow a server on the network to collect information
about other devices and issue commands in return. We won’t spend a lot of
time on SNMP, as it is doubtful you will find detailed SNMP questions on
the exam. Even so, www.snmp.org/protocol/ is a good place to go for an
overview of what SNMP is about.
In most cases, naming and management services are almost unnoticeable
in terms of their effect on the server. Even a very small server can support
thousands of clients with no problems. Again, the key is having sufficient
bandwidth to the server.
User Services
Finally we arrive at the services that users can see and interact with. When
most people talk about a server, they are concerned with the tasks discussed
below. This does not, of course, mean that they are the most important ser-
vices. Like a quarterback on a football team, user services get all the press
and most of the resources. The underlying network services listed above,
though, are as important and underappreciated as offensive linemen!
Notice that when services are started, the result is significant resource
usage. You should be able to identify how to plan for each of the following
types of servers by planning to boost critical resource needs.
File Server
The classic task of a network server is to store information that needs to be
shared among multiple users; in this role it is known as a file server. To suc-
cessfully store and share information, the server normally has to have a few
different elements in place. First, some sort of security needs to be present to
protect the files on the server. Different network operating systems handle
security in very different ways, but in all cases the server needs to be able to
ensure that users do not have access to files they should not see. Servers can

also make more subtle distinctions, such as allowing users to read a file but
not modify it.
The requirements for a file server are heavily weighted toward its hard
drives. Server hardware often comes with multiple drives, because file servers
are expected to store enormous amounts of data. File servers also need fast
drives—Compaq uses 10,000RPM drives in its servers. The drive controller
is also important, as is the network bandwidth available to the server. In
Chapter 4, “Storage Devices,” we will examine server drive configuration,
and you will notice that SCSI hardware is the overwhelming choice for
servers. This is because SCSI is faster and more expandable than IDE/EIDE.
It is interesting to consider that a traditional web server is actually nothing

more than an Internet-based file server. Same with FTP servers. Web servers
receive requests for HTML pages and serve those pages out, just as a file
server sends out .doc and .txt files.
Print Server
If you were interning to be a server on a network, it is likely that you would
start as a print server. Print servers require very little in the way of resources,
outside of requiring sufficient drive space to store files submitted for print-
ing. Even this is a relatively small requirement, because print jobs are gen-
erally stored only until they are printed, at which time they are deleted. The
process of network printing is enumerated below. Two terms you should be
familiar with when discussing printing are queue and spool:
Queue A queue is a list of documents waiting to be printed. The term
also describes the location where these documents are held.
Spool Spooling is the process of writing a document into the queue. The
queue is often called the spool file in fact. Spooling allows a print job to
be sent to the server even if the printer is busy, thereby freeing up the client
to continue on other tasks.
1. The client chooses to print a document. Part of this process involves
choosing a printer (or accepting the default printer).
2. The client’s printer driver is used to format the document for printing
on the particular printer chosen.
3. The document is submitted as a job to a local print queue on the client.
This is optional, but as it immediately frees up the client PC to work
on other tasks, local spooling is pretty standard.

Server Roles 27
4. The job is then sent from the local print spool to the network print
server. This server has another print queue, and the document is
placed here.
5. The print job is placed in line with the jobs of other users, and when
the printer is prepared to print it, the job is spooled out to the printer.
6. The printer produces the document, and reports back to the server,
which deletes the job from its queue.
It is possible to tell the print server to keep all print jobs rather than delete
them. While this is good for seeing what has printed, it can eat up drive space
and is not normally recommended.
A print server’s primary task is to interface with machines that are pain-
fully slow by computer standards—even the fastest printers move at a glacial
pace compared to PC speeds. Because of this, print servers require minimal
hardware, and print services can often be combined with other tasks rather
than having a dedicated print server.
Application Server
File and print servers are in many ways the backbone of a network—
application servers are its brain. App servers are machines running server
processes that perform tasks on behalf of users, or interact with client
machines in the completion of tasks.
There are a number of different application servers, but three of the most
common are these:
Database server
E-mail server
Active web server
The key to a server being classified as an application server rather than a
file server has to do with how much work the server does on the data before
sending it to the client. A great example of this can be found in Microsoft’s
database family.
Microsoft Access is a database program that can share a database among
multiple users. Because of this, the Access data file itself can be placed on a
server and made available to network users. At that point, the server is shar-
ing out a database, but it is not an application server. The reason for this is

that if a client requests information from the database, the process shown in
Figure 1.9 is initiated.
FIGURE 1.9 Requesting data from an Access database
Server
Access Client Client Requests Data
File server returns entire database

Client
processes
data
Notice that the client needs only a specific set of data, yet the server sends
the entire database across the network to the client, which is then responsible
for sorting out what it wants and discarding the rest of the information. This
is inefficient in two critical ways:
1. Time and bandwidth are wasted transferring unneeded rows of data.
2. Processing of the query is done on the less powerful client, meaning it

will take longer to complete the task.
Client-Server Architecture
The solution to this problem is the use of a client-server architecture, such
as the one available in Microsoft’s SQL Server. Client-server applications are
computer programs that are specifically designed to use the processing
power of both the server and the client machines in the completion of their
tasks. Generally this means that the client makes an initial request to the
server, and the server then does some initial processing on the request. The
result of that processing is then returned to the client, or to another machine
for additional work to be done with it.
If more than just a single client and server are involved, this is called an
“n-tier” architecture; n stands for the number of machines used in the
processing, meaning you could have a client and two servers involved
in the transaction, and it would be a “3-tier” design.
Microsoft SQL Server is a server-side application that runs as a service

and works with clients to ensure that they are given only the data they
request.

Server Roles 29
Figure 1.10 shows the same request being issued by the client as in
Figure 1.9, but with a significantly different response.
FIGURE 1.10 Requesting data from SQL Server
Client Requests Data Server

Access Client
Server accesses
database and
processes query
File server returns a requested subset

of the database
Client
processes
data
Do you see how this time the server has actually looked at what the client
needs and has preselected the data? By doing this, both the network and
the client are less heavily taxed, and the server is able to justify its expensive
hardware by actually doing something.
Because a large database server may be doing tasks for dozens—or even
hundreds—of users all at once, the hardware requirements on an application
server can be extreme. Moreover, because app servers do a lot of “thinking,”
faster processors or multiple processors can be crucial.
The Carnegie Mellon Software Engineering Institute has a nice reference

on client-server technologies at www.sei.cmu.edu/str/descriptions/
clientserver_body.html.
Internet Server
The last server type we will consider is one intended to deal specifically with
web-related or other Internet-related client requests. A number of Internet
services can be provided by network servers, but probably the most common
of these are the web server, the mail server, and the FTP server. Increasingly,
though, streaming media servers, online database servers, and Internet-
specific application servers are coming into use.
Web Server
The World Wide Web started out as a collection of HTML (HyperText
Markup Language) pages stored on Internet servers. Over the past few years,

though, web servers have gotten progressively more complex, and HTML
has evolved from a static file server technology to an active client-server
model.
The interaction between web servers and web clients (browsers) has
now become quite complex. Java, ActiveX, server-side scripting, and
database connectivity through the Web have all increased the power
and potential of web servers. Many enterprises now find that their web
servers are an integral part of both daily business environment through
intranets and web-based applications.
FTP Server
FTP servers, on the other hand, remain very much the same today as
they were 10 years ago. An FTP server is just a file server for the Internet,
operating over the FTP protocol. Clients connect to the server, authenticate,
and add (PUT) or retrieve (GET) files just as you would on any file server.
The hardware requirements for web servers are fluid, as these servers can
support a few concurrent (simultaneous) connections or a few thousand. As
your expectation of the number of people using the site rises, so should your
hardware levels.
Mail Server
There are a number of different e-mail server options available for use with
your network. Most NOS vendors have e-mail packages available for
their server operating systems, and a number of freeware or shareware
e-mail servers are in use as well.
Besides providing for the critical ability to send and receive messages,
e-mail servers can filter out inappropriate messages, provide protection
from e-mail borne viruses attempting to enter the system, and act as a
repository of information and communication data for the organization.
Because they do so much more than just shuffle mail around, these applica-
tions are often referred to as groupware rather than just as e-mail servers.
Summary
In this chapter, we have discussed what servers are and how to identify
server-class hardware and software. Knowing how to tell what hardware
components are appropriate, and which operating systems are designed for

Exam Essentials 31
server work, is critical when you are choosing a new server or deciding
whether an existing box is up to a new task.
We also looked at a sampling of the jobs that servers do, and examined
what types of hardware are needed for certain tasks. If you haven’t already,
spend a bit of time browsing the Internet links associated with the topics in
this chapter. There is a lot of good information there, and Web data hunting
is among the most important skills you will need to develop as a server
admin!
Throughout the rest of the book, you will take a Chapter Review Test.
Each test will consist of 20 questions designed to quiz you on the objectives
and content that you reviewed within the chapter. As stated, this chapter
does not cover any particular exam objectives—but, to keep your test-taking
skills sharp, we included 20 questions to reinforce some of the material
you’ve just reviewed. Much like the Assessment Test you took in the Intro-
duction, this test will help you target areas you may need to refresh before
forging ahead with the exam preparation. Good luck!
Exam Essentials
Know what a server is. Servers can be hardware or software that
provides a service for other devices connected to the network.
Know the characteristics of server operating systems. This includes
scalability, security, stability, and client prioritization.
Know the benefits of using server hardware. Expandability, depend-
ability, quality, and redundancy are the benefits of using server hardware
over server software.
Be familiar with common server roles. Servers can perform the
following roles within a network: security (account management,
authentication) and directory services.
Know the major routing protocols. RIP and OSPF are the main routing
protocols used today.
Know what a proxy server is. Proxy servers perform Internet tasks on
behalf of the computers on the network.
Know the main types of remote access servers. This includes dial-in
servers and VPN servers.

Be familiar with the different types of user services that a server can
perform. Servers can fulfill the following user services: file server, print
server, application server, Internet server, web server, FTP server, and
e-mail server.
Key Terms
Before you take the exam, be certain you are familiar with the follow-
ing terms:
application servers operating system (OS)

authentication Point-to-Point Protocol (PPP)
biometrics proxy server
client-server queue
clustering redundancy
directory services Routing Information
servers Protocol (RIP)
downtime server
file server smart card
firewall spooling
load balancing spool file
network operating system (NOS) uptime
Open Shortest Path First virtual private network
Protocol (OSPF) (VPN)

Review Questions 33
Review Questions
1. Which technology allows a number of servers to share resources and
create a single virtual server out of a number of machines?
A. Failover
B. Clustering
C. Scalability
D. Mirroring
2. Which server is used to funnel local Internet requests through a

single location?
A. Proxy server
B. Firewall server
C. VPN server
D. Directory Services server
3. Which of the following is not a reason for purchasing server hardware:
A. It is less expensive.
B. Multiprocessor support.
C. Expanded software support.
D. Expanded hardware support.
4. What is a key problem with using a desktop PC as a server?
A. Can’t install NOS software.

B. Unable to add security features.
C. Case does not have space or power capacity needed.
D. Nothing. Desktops are the recommended server platform.

5. Which term is used to describe a server failure that causes users to

be unable to use the system?
A. Restore
B. Backup
C. Uptime
D. Downtime
6. Which type of password authentication is the least secure?

A. Kerberos
B. Plain text
C. Smart cards
D. All are equally secure
7. x.500 is a standard of ___________.
A. Microsoft
B. CompTIA
C. ITU
D. OSI
8. Which of the following are routing protocols?
A. RIP
B. DMZ
C. OSPF
D. SLIP
9. PPTP is used with what type of network service?
A. DNS resolution
B. Authentication
C. Virtual private networking
D. Firewall access

Review Questions 35
10. A DNS server is what type of server?
A. Application
B. File
C. Naming
D. Remote Access
11. What is a server (select all that apply)?
A. Computer software designed to assist other computers on

a network
B. Computer hardware optimized for the task of running server
software
C. A computer within a network that is used to perform advanced
network calculations
D. A user’s computer
12. Which of the following is not a priority consideration in deciding on

a network operating system?
A. Scalability
B. Security
C. Ease of administration
D. Stability
13. What is clustering?
A. Grouping of client computers together on a network

B. Using more than one server on a network
C. Grouping servers together to share resources for users
D. Linking servers together to share work loads

14. What is load balancing?
A. Using more than one server to perform a single job
B. Using more than one server on a network
C. Sharing a single server across multiple resources

D. Adding more than one component within a server to prevent single
component failure
15. What is considered the basic building block of network security?

A. Users
B. Servers
C. Client operating systems
D. Network operating systems
16. Which of the following is not a secure password recommendation?
A. Requiring a minimum password length.
B. Requiring passwords change monthly.
C. Not letting users use old passwords.
D. Maintaining the same passwords locally as through remote access.
17. Which of the following is not a form of authentication?
A. Biometrics
B. Encryption
C. Write-protect tabs
D. Plain text
18. What type of protocol is RIP?
A. Distance vector
B. Link state
C. NetBIOS
D. IPX/SPX

Review Questions 37
19. What is a queue?
A. A list of printing protocols
B. A type of printer driver
C. A list of documents waiting to print

D. A pathway between a computer and a printer
20. Which of the following is not a type of application server?
A. Database server
B. E-mail server
C. Web server
D. TCP/IP server

Answers to Review Questions

1. B. Clustering allows two or more PCs to act as a single server,
providing higher availability and performance than a single PC could
handle. They can share an IP address and use the same data array.
2. A. A proxy server is a specialized Internet access server. Just as the
word proxy implies, it acts as an intermediary between a client and a
server. Because proxy servers are used to funnel all Internet traffic
through a single location, they can be extremely effective in managing
Internet traffic. This central point allows the firewall software to filter
requests more easily.
3. A. Server hardware is expandable and flexible, but it isn’t cheap. The
expense of server hardware is the key hangup with purchasing server-
class hardware in many organizations.
4. C. Although it is possible to use a standard desktop PC as a server,
these machines are generally not designed to handle the multiple drives,
multiple processors, or large amounts of RAM that servers need.
5. D. Uptime is how long the server has been running since its last shut-
down, while downtime is the amount of time the server is unavailable.
6. B. Plain text passwords are not encrypted, and can easily be inter-
cepted by others on the network. Kerberos and smart card technolo-
gies are both encrypted, and are far more secure.
7. C. The ITU created the x.500 directory structure that is the basis for
the NetWare Directory Service (NDS), the Microsoft Active Direc-
tory, and other network directory services.
8. A, C. RIP and OSPF are both used to help routers build routing
tables. A DMZ is a border area between a public and private network,
and SLIP is a dial-up protocol.
9. C. PPTP and L2TP are both used with VPN access. The other options
are not directly associated with PPTP.
10. C. DNS stands for Domain Naming System, and DNS servers are
using for maintaining and resolving TCP/IP host names.
11. A, B. Servers can be either hardware or software that assist other
computers on the network.

Answers to Review Questions 39
12. C. Although ease of administration may be a consideration, it is not

a priority in deciding on a network operating system.
13. C. Clustering is grouping servers together to share resources for users
with redundancy.
14. A. Clustering is using more than one server to perform a single task.
This prevents one server from becoming overrun with requests.
15. A. Due to the fact that they control their own passwords, users are
considered the basic building block of network security. If users do not
keep passwords secure, the entire network security is jeopardized.
16. D. Allowing users to maintain a common password for both internal
and remote connections compromises network security.
17. C. Write-protect tabs are not a form of authentication but rather a
form of data protection.
18. A. RIP is considered to be a distance vector routing protocol.
19. C. A queue is a location where documents are kept in order until they
can be printed.
20. D. TCP/IP is not a type of application server. It is a network protocol.

Chapter Installation
2 COMPTIA EXAM OBJECTIVES COVERED IN

THIS CHAPTER:

Verify that all correct components and cables have been
delivered
1.2 Install hardware using ESD best practices (boards, drives,

processors, memory, internal cable, etc.)
Install UPS
Install external devices (e.g., keyboards, monitors,
subsystems, modem rack, etc.)

T he two CompTIA objectives listed above concern installation,
and deal with the tasks and planning that must be done before your server
is even plugged in. CompTIA estimates that about 17 percent of the exam will
come from this material. For the most part this chapter is OS-free, and will
concern you only with the process of planning the server install and acquir-
ing, unpacking, and setting up your hardware.
Over the course of this chapter, we will deal with each subobjective in
turn, along with a number of thoughts on how such topics could turn into
exam questions. The hard part about these topics is that there are actually
very few “right” answers on how to plan a network, and many of the ques-
tions in this content area depend on you to make logical distinctions as to
what is “best” or “better,” not what is “right” or “wrong.” This makes for
some incredibly tricky (and frustrating) test questions, as you might suspect.
The two subobjectives not covered in this chapter are “Verify hardware com-
patibility with operating system” and “Verify SCSI ID configuration and ter-
mination.” SCSI is covered in detail in Chapter 4, “Storage Devices,” so we
will leave the discussion of termination and SCSI IDs until then, and operating
systems and their individual quirks will be considered in Chapter 7, “Network
Operating Systems.”
Plan the Installation

T he very fact that you are reading this book shows that you have an
understanding of the key point of this first chapter: A bit of hard work now
can save a great deal of trouble and disappointment later. Just as pre-test
studying is critical if you are going to be successful for the Server+ exam,

Plan the Installation 43
so pre-installation work is critical if you are going to be successful in the

server room.
When beginning any new project, the engineer in charge needs to carefully
manage a number of different elements:
Defining the project goals
Examining the current configuration
Budgeting the project
Setting a timeframe for completion
Simply put, this amounts to the following: What do we want to accom-
plish, what do we have already, what do we need to acquire, and how much
time and money do we get to do it?
Defining the Project Goal

The first of these is always going to be the most important. Unless you go
into the project with a clear idea of what it is you are looking to do, much
of your effort is likely to be squandered on tasks that prove useless later on.
This does not mean, though, that the project goal needs to be extremely
detailed. Rather, it just has to be extremely focused. For instance, a good
initial goal might be the following:
Purchase and install a database server for the company’s new
SQL-based accounting application.
Compare this to a far more detailed plan, such as the one below:
Purchase and install a database server for the company’s new
SQL-based accounting application, and upgrade the server to
facilitate the new software and client needs.
Upgrade network security and install a VPN to provide for increased
security so users can access the SQL server across the Internet.
Back up the entire server each night and verify backups on a weekly
basis.
There is nothing wrong with any of the ideas in this plan, but the problem
is that this is really three or four plans, not one. Of course you will have
to back up the server, but the process of researching and buying a tape
drive will probably depend in large part on what options you choose for a

44 Chapter 2 Installation
server OS, and what database you purchase. Moreover, making a declar-
ative such as “back up the entire server each night” implies that other
options—such as differential or incremental backups—have been auto-
matically removed from consideration. Further discussions on backups
will be covered in Chapter 14, “Backup.” A well-constructed goal should
be one that encourages ideas, not blocks them.
As that first goal from above seems as good an example as any for dis-
cussing planning, we will use this project as our example throughout this
chapter. This will allow you to see what some of the issues that might come
up in an actual install might be.
Examining the Current Configuration

First off, the engineer in charge of this project will have to examine the cur-
rent environment at the company. There are two major reasons to do this:
1. To find out what is currently available that can be leveraged or
cannibalized for the new project
2. To determine if any conversions or backward compatibility are
needed
It is likely that the company already had an accounting system, and as
such you will need to determine what that system is, and what it is running
on. If you can continue to use the current hardware, this will of course save
considerably in terms of your budget. Other considerations, such as where to
put new hardware, or how to install the software, may be influenced by the
current network configuration as well.
As you are documenting the current configuration, there is one more
critical question to keep in mind:
Considering that there is already a server in place doing the job (in this
case it is the accounting server), why is this upgrade being done, anyway?
The way to answer that question, of course, is to talk to people. Find out
what the problem is with the current system. If users say it is too slow, you
may want to concentrate on making sure that the hardware for the new
server is even stronger than you would normally plan. If the upgrade is being
done to gain a particular enhancement, be sure you research how the imple-
mentation of that enhancement is accomplished on the new system. The key
here is that upgrades always mean change, and users generally resist change.
By assuring that the new system will immediately show its best side to the
users, you make it more likely that they will accept it, rather than grumbling.

First Impressions Are Everything
True story: I was involved in upgrading an office of 150 people from ccMail
to Exchange/Outlook a couple of years back. We had trained the users on
how the new system would work, tested all the server and workstation
software for compatibility, and the entire rollout crew was confident that
the new system would go in without a hitch. People went home on Friday
night, we migrated them over the weekend, and when they came in Monday
morning, all their data had been transferred to Outlook and everything
worked great.
Unfortunately, that day was also the day that the “Melissa” e-mail virus
debuted, and it hit our location at about 10 A.M. The entire network was com-
pletely brought to its knees within minutes. It took days to get things back to
normal, and by then most users were begging for their ccMail back. They
didn’t necessarily know why the system had failed, and they didn’t really
care…they just remembered that this hadn’t ever happened with the previ-
ous system. One oversight, in other words, can make you and your work
look really bad, and it takes a long time to overcome a bad first impression.
Once you have talked to users about the system, you may want to go back
and modify your original project goal. Perhaps remote access to the server is
one of the critical areas driving the upgrade. In such a case, you may modify
the plan to read like this:
Purchase and install a database server for the company’s new SQL-based
accounting application, and upgrade the company web server to allow it
to host software that provides a web interface to the new database.
Part of the business case for upgrading the accounting server, in other
words, was to provide web access to data. This will be a key area that those
judging the success or failure of the project will examine, so you will want to
make sure that the hardware and software on the web server are up to the task.
Budgeting the Project

Once you are confident of what it is you need to do, the next step is to
sort out what additional resources you will need to complete the project.
Examine the list of what you have and what you need, which was compiled

in the last step. The administrators in the example we are using have come
up with the list in Table 2.1 (costs are as of Fall 2001, are not necessarily the
best prices available, and are used for example only).
TABLE 2.1 Preparing a Hardware Budget for the Upgrade
Current Recommended Cost to

Item Configuration Configuration Upgrade
Database server Pentium II 450 Dual P4 1.2GHz $12,000

hardware 256MB RAM 1GB RAM
27GB storage 80GB storage
Database NOS Windows NT 4 Windows 2000 $500, plus $40

Server Server per user for CAL
upgrade
Database server Access 97 SQL Database $2,000–$10,000

software Server Depends on
license type
Database Custom Access SQL-based $50,000, plus

accounting accounting fees for extra
database database modules and
customizations
Web server P III 800 Current config NA

hardware 256MB RAM OK
18GB storage
Web server Sun Solaris 8 Current config NA

NOS OK
Web server None. Server Custom option $1,500 to

interface to currently runs available from upgrade to
SQL Server Apache web vendor for iPlanet
server Solaris/iPlanet
Client hardware Varied Current hard- NA

ware OK for
new software
Client software Windows 98 98 Certified NA

by Vendor

Besides these costs, a number of other items must be considered and

worked into the final cost of the upgrade. These include:
Software training for users, help desk staff, and administrators
Downtime caused by the upgrade
Reduced initial productivity due to user unfamiliarity with the new
database client
Training is a commonly neglected part of an upgrade process, but proper
training of users prior to the upgrade makes for a more productive—and less
chaotic—environment in the days following the upgrade. Because of this,
you should try to work training dollars into the budget early on, and make
sure that those dollars stay in the final budget!
All too often, training funds are allocated as part of the budget for a project,
but are then among the first things that managers cut out if the project is
running over budget. Fight to keep these dollars, because trained users are
happier, less confused users, and happier users make for happier administra-
tors. Remember that it won’t be the manager going desk-to-desk to explain
how the new software does this or that differently.
Once you have a good idea of what needs to be done, and how much it
should cost, you need to plan out this last cost element—as measured in
time, not money. The implementation of a large project like ours will require
a good deal of human effort. This includes administrators testing and
implementing the new configuration and help desk people dealing with addi-
tional support needs and any downtime users experience when the upgrade
process is underway. It also includes time spent in training sessions and, if
the project is complex, might include allocating funds for a consultant to
assist in crucial phases of the upgrade.
The term consultant covers a broad range of job descriptions. Some
consultants work for a particular company, and are highly specialized.
It is likely, for instance, that the software company that makes our new
SQL-based accounting package has employees who know the app well and
are expert resources on issues regarding that particular software. Other
consultants roam the landscape.
Either of these types of consultants can offer an excellent way of bringing
additional expertise onto your project. Hiring a consultant is expensive, of
course, but an experienced engineer might help you avoid problems, help

optimize the solution, and in the end save you time and money. For this
project, we will be bringing in a consultant from the software company to
review our plan and will be bringing that consultant back for the weekend of
the actual migration. To be safe, we have budgeted for four days, though
only three should be needed. As it is likely that the total bill for this assistance
will be $1,000–$1,500 per day, the consultant will be kept for the fourth day
only if absolutely needed.
The final estimate for the upgrade comes in at around $100,000 when
training, consulting, hardware, and software are all added up. This will
likely cause some serious questions to be asked about trimming costs. If
you need to reduce the cost of the project, try to cut a bit from everywhere
rather than just cutting out the consultant, the training program, or the web
server upgrade. If the company wants an $80,000 upgrade, find a way to
scale back evenly.
In the real world, there are times when the decision about what to cut is not
left up to the engineers. In these cases, you sometimes just have to deal with
the cuts where they occur, and do your best to minimize their impact. If man-
agement makes unwise cuts, that can mean that if you don’t deal with the
potential problems then, you look bad, and your users suffer. The manager
who caused this will probably be too busy golfing to even notice that there is
anything wrong.
Setting a Timeframe for Completion

Time and money. That is what it all comes down to—what does it cost, and
when can we have it? Now that you have a good idea of what resources you
will need, it is time to plan exactly how much time you will need to imple-
ment the plan. Keep in mind a few basic rules here:
1. Prioritize what items need to be started earliest.
2. Decide which tasks are dependent on other tasks.
3. Set incremental delivery dates for parts of the project.
4. Set aside time for problems.

When forecasting how long things will take, it often helps to put your-
self in the shoes of a consultant bidding a job. When a consultant bids on a

project as a “job,” what that consultant is saying is, “I will do this project in
this many hours for this amount of money.” Because the work to be done
and the amount to be paid are fixed, the consultant must have a good idea
of how much time the project will take. If she estimates too high, her fee will
be too high, and someone else will get the bid. If she bids too low, she will get
the job but may spend a week doing a project bid out at a cost of two days.
That’s three days of free labor, which hurts.
Even if you are on salary, much the same process comes into play. If you
are too aggressive with the schedule, you might say, “We can do all that in
one day. No problem.” Of course you won’t actually be able to do that,
and you will end up backtracking, which can cause serious problems if other
people are planning off your schedule. Similarly, trying to be too safe can
make it seem like you are not interested in the project or not confident in
your ability to complete it.
Project Managers
All of this may seem confusing. You may even be thinking that you have no
interest in budgets or planning, and that isn’t what you got into computers
to do. If you are lucky, there is someone wandering around your office with
a title like “Project Manager” who deals with scheduling, budgeting, and all
the rest. If so, let him deal with all of this. Believe it or not, he might have
chosen to make that his life’s work. He will probably ask you a few ques-
tions, more than likely will require a list of project requirements as shown
above, and will later return with a spreadsheet that details the entire project
plan. Oh, and this probably goes without saying, but be nice to him—your
fate is in his hands!
If you don’t have this option, though, the following resources might come
in handy when planning the big upgrade:
From Serf to Surfer: Becoming a Network Consultant, by Matthew
Strebe, Marc Bragg, and Steven Klovanish (Sybex, 2000). This book
deals with issues related to working as a consultant, such as planning,
pricing, and all the other stuff we have been talking about.
Mastering Microsoft Project 2000, by Gini Courter and Annette
Marquis (Sybex, 2000). Project 2000 is reputed to be great software
for project management, and this book deals with how to use the
software and the management logic behind the process.

Verify the Installation Plan

Verification of an installation plan simply involves checking to make
sure that what you have decided to do will actually work. In order to do this,
a number of resources must be considered.
People
Hardware
Software
In the following sections, each of these will be examined briefly, along
with recommendations for success.
Playing Politics
As you spend more time working as an engineer, you will learn (or you may
have learned already) that the most complex aspects of computer systems are
the people who use them.
Because of this, one step you will need to take is to ensure that your
project plan is acceptable to all of the various groups and factions within
the organization. Without a doubt, the key element to surviving this part
of the project is this:
Get a sponsor!
If the project is going to get done, you are going to need someone who
has the power to get things done. Try to identify a department or group of
users who will specifically gain from the project, and co-opt them into the
process. Going back to our example project, it seems that the accounting
department manager, or maybe even the chief financial officer, might be a
good place to look.
The reason you want to specifically target them, though, is that this
engages them personally in the success or failure of your project. If problems
come up with the budget, time conflicts, or people getting cold feet about
moving to the new system, having these people with you can make all the dif-
ference. They will be able to manipulate the system in ways we cannot even
imagine, find money in places we would never think to look, and enforce
acceptance on the troops.
Moreover, having a sponsor lends authority to the project, and often just
the sponsor’s name on a proposal will quell dissent and speed authorization.
Crazy, but true.

Verify the Installation Plan 51
Even if you do have someone to help calm the rough waters, it is also
important to continually keep people up to date on what you are planning,
and how it will affect them. Find out what concerns people have about
the project, and try to implement steps into your rollout that protect against
problems that will have a significant impact on user acceptance of the
project.
For more information on IT project planning, consider reading the IT Project+

Study Guide, by Bill Heldman (Sybex, 2002). It covers everything you’ll need
to know—sponsors, budgets, and documentation—about managing complex
IT projects. Look for it on www.sybex.com.
Verify Hardware Compatibility with Operating System

Enough with the warm fuzzies. Our project plan has finally been approved,
the budget is set, and it is time to actually buy some new hardware and put
our plan into effect. Verification of the hardware you are planning to buy
is a critical part of this. There are few things more embarrassing than buying
expensive hardware that is not supported by the server OS or other software
you are depending on. Because of this, it is best to stick to well known
vendors, and check to see that all hardware you have has drivers specifically
written for it in your chosen OS.
The process of checking hardware/OS/application compatibility can take
you to a number of places. These include:
The OS vendor’s website. Microsoft, for instance, uses a document
called an HCL (Hardware Compatibility List) to enumerate all hard-
ware that has been certified for use with a particular OS.
The hardware vendor’s site. Many server solutions specifically tout
the fact that they are optimized for use with a particular OS. Some
even sell the server OS packaged with the hardware, which virtually
guarantees that the two work together.
The application vendor’s site. This is trickier. We might want to call the
vendor of our accounting package, for instance, and find out whether
there are any known issues with certain types of hardware or software.
Newsgroups or user forums. There are users out there working with
nearly every type of configuration possible. It is likely that at least one

of them has already tried what you are planning to try, and can give
you information on how it works.
Newsgroups
A newsgroup is a collection of articles posted on the Internet. They are

categorized by topic, subtopic, and replies to the topics. Newsgroups can be
helpful resources but the information posted can be inaccurate. The infor-
mation and answers to questions can be posted by anyone on the Internet
who has an opinion about the topic. Always remember to verify any solution
located on a newsgroup for accuracy.
You will see all of these again, especially when we look at the objective
dealing with troubleshooting. For now, though, just remember that you
should check for compatibility when you plan, double-check before you
actually buy, and watch for problems when you implement.
Most software companies will allow you to test their software for compatibil-
ity using a trial version that has limited functionality or timed deactivation.
Certain hardware vendors also let you test out their devices, but this is gen-
erally only an option if you are considering buying a large quantity. Still, it
never hurts to ask.
Once you are certain that all the pieces of your project will fit together, it
is time to order your hardware and software, and start implementing your
project plan.
Verify Power Sources, Space, and UPS

and Network Availability
For our project, one server will be replacing another. We will therefore want
to verify that the new server will be able to fit into the location the old
one occupied. If it does not, or if you have decided to place the server in a
different location, than you should find that location early on, during the
budgeting/purchasing process.
If the server will be going into a new space, you may need to buy a server
rack, UPS (uninterruptible power supply), KVM (keyboard/video/mouse

Install Hardware Using ESD Best Practices 53
switch, and monitor for the server. You may also have to budget for having
network cabling, routers, etc. if this is a new server location.
Once you have found space for your server, and identified UPS, KVM, and net-
work hookups, it is important to protect them from being stolen by someone
else. Months often pass between planning and implementation, and server
room space is always at a premium. Find some way of identifying the outlets,
network ports, and KVM ports that you will be using!
Verify That All Correct Components

and Cables Have Been Delivered
Once your hardware starts arriving, you will want to create a checklist of
some sort, so that you can keep track of what has arrived and what is still
needed. Checklists can assist tremendously with organizing and keeping
track of components as they arrive. Checklists also will help keep you on
task with the installation. Depending on the nature of the project, checklists
will vary, but they should contain detailed information relevant to the
project. If the project involves 15 servers, a couple of hundred workstations,
and some network devices, a list is utterly essential.
You will also have to remove plastic clips holding various movable
parts in place. The power supplies, for instance, are generally secured for
shipping, and the server cannot power up until you have removed their
retaining pieces.
When setting up the server, make sure you have some room. These are not
small machines, and they generally come in extremely large, well-packed
boxes. Having someone else to help lift is also a good idea.
Install Hardware Using ESD Best Practices

At this point you have a server sitting in front of you. It has no
operating system, no specialized hardware, and likely not even any hard
disks. Before you can put this new beast into production, you will need to

finish adding components, move the server into its new home in the server
room, and connect all necessary cabling.
Most servers come pre-assembled, in that their motherboards, power
supplies, and other standard components are all in place when you get them.
Most also have built-in or included network and video cards. Even so, it
is important to go through the server and check that cables are tightened
properly, cards are properly seated, and everything is in order.
It is interesting that CompTIA has chosen to mention these elements
under its first objective, “Conduct pre-installation planning activities,”
because they are referenced again in their own topics later. As such, this
book will follow a similar tack. Chapters 3 through 6 will talk extensively
about the different types of hardware available to you, and how to determine
what is the best option for your needs. In this chapter, we will concentrate
instead on just putting things together. That process is actually rather
straightforward, and includes the following steps:
Add additional RAM, processors, or other resources to the server
as needed.
Insert hard disks, extra CD drives, or backup drives.
Mount the server into its rack.
Cut and crimp cabling to the server.
Connect the server to a UPS.
Verify SCSI settings.
Install external devices.
As you are working to put the machine together, be certain to take a
few general precautions. First off, make certain that you do not have power
active to the server when you are installing devices. Obviously you don’t
want to try and do this while the server is on, but even just having active
current going to the machine can pose a danger to the server—and to you.
Also, using an ESD static strap to discharge static electricity is an excellent
idea. ESD, or electrostatic discharge, is the leading reason for component
failure during installation. A static strap is a wrist strap that connects between
your wrist and a ground. The strap contains a resistor that will slowly drain
any static charges out of your body and away from the computer. ESD and

ESD static wrist straps are covered in detail in Chapter 15, “Disaster
Recovery.” The proper use of a static strap is shown in Figure 2.1.
FIGURE 2.1 Using a static strap
This is the sort of thing that can cause problems for experienced server
administrators. Many administrators have developed their own installation
habits over time, and may no longer use a static strap when installing. Just
remember that for the test you should do things by the book.
Installing RAM or Processors

Many servers come with processors and RAM pre-installed, but this is not
always the case. Also, any expansion kits you have purchased will need to be
added in. Installing RAM and a processor (or processors) into a server is very
similar to adding these components to any standard PC. RAM especially
is almost identical in the way it is used. Although server RAM is generally
higher quality and more expensive, it is a difference of function, not form.
Processors and motherboards will be discussed in Chapter 3, “Mother-
boards and Processors.”
With processors, a few differences must be taken into account. First off,
servers often employ expansion cards to make room for new processors. A
quad-processor-capable server, for instance, likely does not simply have four
sockets on the motherboard. Moreover, servers generally require an addi-
tional piece of hardware, called a VRM (voltage regulator module), for each
processor installed. A VRM installs on a motherboard to regulate the voltage
fed to the microprocessor. Forgetting this can seriously damage the proces-
sor and possibly the server. Figure 2.2 shows a VRM.

FIGURE 2.2 A server VRM
Make certain that the RAM and processor are seated properly, and
that the fan and heat sink for each processor are properly attached. Also
assure that the fan is plugged in.
As processors have gotten faster, the amount of heat they generate has
increased. Because of that, the processor fan and heat sink are critical to the
health of your system. Make sure that the processor fan is working by briefly
powering up the computer after installing the fan. You don’t need disk drives
or any of that—just make sure the blades are spinning properly, and power
back down.
Installing Hard Disks

One of the primary characteristics of a server-class machine is the presence of
a large drive bay, often strung off of a RAID controller. Chapter 4 will deal
with the types of drives available, and how they need to be configured. When
putting the server together, the only part of this you need to worry about
is that the drives are compatible with the server and are installed properly.

Although it is possible to install drives into internal bays, many servers use
external bays into which drives are inserted. In such cases, the drives are
placed into a protective shell called a tray. This tray then fits into the bay on
the server.
In order to ensure that drives are working, you should check the inter-
nal cabling leading to the drive bay, verify that the drive trays you have
are correct for the server, and make sure that the drives themselves are
properly secured within their trays. You will also need to carefully insert
each of the trays into its bay according to vendor instructions, as in
Figure 2.3.
FIGURE 2.3 Inserting a drive into its bay
Remember to purchase the trays! Each drive purchased will need its own
drive tray, and these do not come with the server. It’s amazing how many
installations are held up waiting for trays that no one thought about until
it was too late.

Server Form Factors

There are two primary form factors for server machines—tower or rack
mount. The form factor defines the type of case that the server is housed in,
and which type you have will make a significant difference as to what steps
you take when moving the computer into its place in the server room.
Let’s look at each of these:
Tower Form Factor The tower form allows servers to be freestanding, so
they resemble normal clone PC towers. These were the most common type
of server in 1980s and early 90s. Tower servers can be nice because they
are easy to place and require no special equipment. Simply set up a table—
not some folding table, but a solid desk or workspace—and plug in the
server as you would a desktop PC. A tower server is shown in Figure 2.4.
FIGURE 2.4 An IBM tower server
Rack Form Factor A rack form server (see Figure 2.5) and a tower
server can be identical in their components or their capabilities. What is
different about them, though, is that they are specifically designed to be
placed inside space-optimizing storage cases. These server racks allow
servers and other network components to be stacked on top of each other,
making it easy to store them and also facilitating keyboard and monitor
sharing and other conveniences.

FIGURE 2.5 An IBM rack server
For a look at different types of servers and a chance to go under the hood and
look around, check out Dell’s interactive 3-D demos of selected servers. Go to
www.dell.com/us/en/biz/products/model_pedge_pedge_6450.htm to
see the PowerEdge 6450, but other models can be checked out as well. Just hit
the View 3D Demo button and wait for it to install the applet.
Mount the Rack Installation

Chapter 13 on server room procedures will cover the task of how to install
racks and what the best practices are for their use. Here we will only note
that rack-mounting a server generally is a relatively easy task, but also is a
two-person job.
The first part of the install is the mounting of the rails on which the server
will sit. These are important, because if the server needs RAM added, or
some other work done, the server can slide out on the rails, rather than
having to be removed completely. After that, corresponding drive rails are
attached to the server itself and the beast can be lifted into the rack.
Many companies are now offering rack-optimized servers that are smaller and
easier to handle. They are also, of course, more expensive and more difficult
to expand, and they generally lack the drive and processor capacity of larger
rack servers or towers.
Some servers fit nicely into a standard rack, while other companies—
Compaq and Sun come quickly to mind—build their servers to their own
specs, and you usually need to buy a rack from them that is specifically

designed for their servers. The problem is generally not the width of the case,
as all cases have standardized on a 19 IN. width. Rather, the issue is that
these servers are so heavy and deep that they will topple any case that does
not have proper support.
Install External Devices

Once the server has been secured in the rack, you must attach all of the
needed cabling. Depending on the network type, the server’s network con-
nection might require installing a patch cable for each network card in the
server, or addition of the server to the network through another means.
Networking will be covered in depth in Chapter 6, “Networking.” Other
cables to be attached at this point include power cords and, if more than
one server is being used, peripheral cables leading to the KVM. Otherwise,
the keyboard, video, and mouse will be attached directly to the server.
KVM Switch
Generally just called a KVM (keyboard/video/mouse), this switch is a
component that allows multiple computers to be controlled using a single
set of input-output devices. One workspace can be set up near the rack, and
the KVM allows users to switch back and forth between servers.
One limitation of a KVM is that only one machine at a time can be managed.
To manage servers simultaneously, separate inputs and outputs must be
maintained.
The KVM is able to work with multiple machines so well because it is a

powered device, and can maintain its connection to all servers, even those
that are not actively being viewed. KVM switches are often mounted
directly into the rack, or a neighboring rack, and generally come in 4-, 8-,
and 16-device versions. Larger ones are also available. KVMs generally run
$200–$600. Not terribly expensive, but also not something you can buy out
of petty cash. Well worth the money, though, and you should make certain
to budget in the cost of this device if you need it.
Switchbox For those on a budget, a standard monitor switchbox is also
available. These are far simpler, and do not have their own power source.
Because of this, they do not maintain an active connection to all devices.
Switchboxes work well for monitors, but not for keyboards and mice.

UPS
Every server should have a UPS (uninterruptible power supply) serving it.
This device ensures that if the server room loses power, the server will have
time to properly shut down, rather than just shutting off. Chapter 13 deals
more with how to plan for UPS and KVM coverage in your environment. For
now, just make sure that a connection to the UPS is available, and that it is
plugged in.
Backup Drive
Backup will be covered in more detail in Chapter 14, but let’s take an
overview approach here to get your feet wet, so to speak. As you are setting
up the new server you should make sure that all of the drive space you are
adding to the network can be backed up by your existing backup strategy—
you will do this with a backup drive. A backup drive is nothing more than
a device that creates a copy of your data on a removable device such as a
magnetic tape or an optical disk (CD or DVD). If your current backup strat-
egy is not adequate, you may need to purchase another backup drive and add
it to the new server.
Backup drives generally will need a shelf in one of the server racks, and the
drive should be easily accessible, making the changing of tapes as convenient
as possible.
Backup can be done either locally or remotely. It is generally a good idea to

put the backup drive onto one of the servers that has the heaviest backup
need. For instance, if one server has 60GB of drive space, and another has
10GB, putting the backup drive on the server with the larger drive array will
save network traffic and make backup complete faster.
Backup drives usually run off a SCSI controller, although IDE/EIDE and
even floppy controller–based backup drives are available. Because of this,
the installation of the backup drive dovetails nicely with our next item:
checking the SCSI settings.
Verify SCSI ID Configuration and Termination

Most servers use a SCSI (small computer system interface) as a means of
interfacing items such as hard disks, tape drives, and optical devices with the

server. With a SCSI connection a careful configuration must be done in order

for the SCSI chain to operate as expected. Once all SCSI components are
attached, take a bit of time to go over the connections, and verify the two
critical configuration parameters of SCSI disk systems:
SCSI ID
Termination
Setting and Checking IDs

Chapter 4 deals extensively with SCSI disks and the SCSI architecture, and
so getting into this here would be overkill. The key thing, though, is that
probably the most common reason why a server does not boot properly is
because there is a device set to the wrong ID. Remember that not only do
SCSI hard disks have to be checked, but also SCSI CD-ROM drives and
any external SCSI devices. Each SCSI device must have a unique SCSI ID
configured.
Termination
SCSI termination must occur at the beginning and end of the SCSI chain.
Remember that SCSI devices can be external or internal. Proper termination
also includes using the appropriate terminator for the SCSI type that you
are using.
Rumor has it that there is an unnaturally large concentration of SCSI questions

on the Server+ Exam. Read Chapter 4 extremely carefully, and if possible
spend some time doing outside research on the SCSI architecture as well!
Cut and Crimp Network Cabling

Once you have the server and its accessories safe in their place, it is time
to clean up after yourself a bit. Servers always have a great deal of cabling
running into and around them. An important safety step is to get them off
of the floor and out of the way.
Also, if you have had to run new network cabling for the server, it is likely
that this cabling will need to be cut and crimped for use. The process of deal-
ing with making and managing cabling will be dealt with in Chapter 6.

Verify Power-On Via Power-On Sequence 63
Verify Power-On Via Power-On Sequence

If you looked at the CompTIA objectives, you would think that an
administrator should follow these steps when installing a new server:
1. Take the server out of the box.
2. Add hardware as needed.
3. Mount it in the rack.
4. Turn it on and test it.
5. Install software.
There is nothing more depressing than hefting a new 200-pound server

into a rack only to discover that it has a bad system board and needs to be
taken out for servicing or return.
I want to discuss the steps I take when installing a new server. These are
not the steps advocated by the exam objectives; however, in my day-to-day
real life application, they work. So, I advise following the previous steps listed
for the purposes of the taking the exam but consider the steps I’m listing here
as a real-world reference.
Always, always, always test equipment on the bench to make sure it is

working before putting it into the rack.
Because of this, the order of these steps should be like this:
1. Take the server out of the box.
2. Add hardware as needed.

3. Turn it on and test it.
4. Install software.
5. Mount it in the rack.
6. Turn it on and test it again.
If your staging area has a network connection to the server room, it may
even be best to finish the entire configuration—operating system, applica-
tions, everything—on the workbench. There is generally no real advantage

to hurrying the machine into the server room, and the disadvantages include
sitting in the cold and having to enter the key code for the server room 20+
times a day while testing the system.
Regardless of when you decide to do the power-on test for your server, it
is the first real test of your skills. Hopefully all the hardware is compatible
and has been configured properly. The server should come up with BIOS
readings about the RAM and drive configuration, and it is likely that on first
boot you will be required to enter the BIOS configuration utility, so that
boards can be configured and hardware levels recorded.
Summary
I n this chapter, you learned about how to plan a project, and about
the different types of server roles. You also were given a quick overview
of the technologies and tasks that will be considered in the next few chapters.
If you have time, browsing some of the Internet sites listed in this chapter
can be invaluable in helping you to learn about the state of the industry.
They will also give you some idea of what is similar, and what is different,
among the companies producing servers for PC networks.
Exam Essentials
Know how to plan an install. Know how to define a project goal,
examine current configurations, budget a project, and set a timeline
for completion.
Know how to set a time frame for completion of a project. This
includes prioritizing, deciding which tasks are independent, setting
incremental delivery times, and setting time aside for dealing with
problems.
Know the three elements in verifying an installation plan. This includes
people, hardware, and software.

Key Terms 65
Know what the HCL is. Microsoft uses a Hardware Compatibility List
to ensure that hardware will run as expected with their operating systems.
Know what a UPS is. A UPS or uninterruptible power supply allows
you to run a server for a short period of time in the event of an AC power
failure.
Know what KVM switches are and how they are used. A KVM (or
keyboard/video/mouse) allows you to use one monitor, keyboard, and
mouse to control several computers.
Know the term ESD. Be able to explain what ESD is and how to prevent it.
Know the server form factors. Know the common server form factors
of towers and rack mount servers.
Key Terms
B efore you take the exam, be certain you are familiar with the
following terms:
backup drive static strap

drive bay switchbox
form factor tower
HCL (Hardware Compatibility UPS (uninterruptible power
List) supply)
KVM (keyboard/video/mouse) user forums
newsgroups VRM (voltage regulator module)
rack

Review Questions
1. Which of the following is not a step in planning an installation?
A. Defining project goals

B. Examining current configuration
C. Budgeting the project

D. Researching hardware
2. When defining project goals, is it better to be detailed or focused?
A. Detailed
B. Focused
3. What should be done before performing any install?

A. Format the hard disks.
B. Plug in the new server.
C. Perform a backup.
D. Shut down the network.
4. Which of the following is not a factor to consider when working out

the final cost of an upgrade?
A. Reduced initial productivity caused by unfamiliarity with the
upgrade components
B. Software training of users
C. Resources
D. Downtime caused by the upgrade
5. What part of the upgrade process is commonly neglected?

A. ESD
B. Creating a list
C. Training
D. Informing users of the upgrade

Review Questions 67
6. If costs of an upgrade must be reduced, where should the reduction

come from?
A. Training
B. Software
C. Delivery methods
D. A little from everywhere
7. When setting a timeframe for completion, which of the following is

not a basic rule?
A. Prioritize start times.
B. Decide which tasks are dependent on others.
C. Address training timelines.

D. Set aside time for problems.
8. Which of the following is not a resource to consider at the “Verify the

installation plan” stage?
A. People
B. Hardware
C. Software
D. Installation Instructions
9. What does HCL stand for?

A. Hardware Compatibility List
B. Hardware Control List

C. Hot Component List
D. High Circuit List
10. Which of the following is a trait of trial software?
A. It requires registration in order to work.
B. It commonly has limited functionality or usage time.

C. It is more expensive than the full version software.
D. It can always be obtained for free.

11. What does KVM stand for?
A. Keyboard/video/mouse
B. Keyboard/video/monitor
C. Keylock/video/monitor
D. Keyboard/video/machine
12. What does UPS stand for?
A. Unstoppable power system

B. Uninterruptible power system
C. Uninterruptible power supply
D. Under powered supply

A. Electronic safety device
B. Electrostatic discharge
C. Environmental static device
D. Electronic security device
14. What is a static strap?
A. A means of connecting you to the computer
B. A metal rod to ground the computer during operation

C. A component within the server to control static
D. A device to remove charge from your body during an install
15. What is a VRM?
A. Voltage regulator module
B. Virtual resource manager

C. Voltage resource manager
D. Virtual regulator monitor

Review Questions 69
16. What is a server form factor?
A. A model of a computer
B. A term defining the type of case that houses a server
C. A class of server
D. A component within a server
17. What is a benefit of a rack server?
A. It optimizes server space.

B. It runs cooler.
C. It can house more components.
D. It is more affordable.
18. What is a drawback of a monitor switchbox?

A. It is bulky and takes up a lot of space.
B. It only works on rack form factor servers.
C. It is not powered and doesn’t maintain an active connection.
D. It is not compatible with all operating systems.
19. What is the most common problem encountered in SCSI

configuration?
A. Incorrect drivers
B. Incorrect SCSI ID
C. Incorrect termination
D. SCSI component failure
20. What is POST an acronym for?
A. Power-on safety test

B. Pre-operation system test
C. Power-on self test
D. Program-on self test


1. D. Researching hardware is not a specific step in planning an
installation.
2. B. When defining project goals, it is better to be as focused as
possible.
3. C. Before performing an upgrade or installation, a backup should
be performed—even if the installation is not on the computer with the
data, a clash or conflict between the data computer and the new instal-
lation can still occur.
4. C. Resources are not a factor involved in determining upgrade costs.
5. C. Commonly the training of users is an area that is overlooked both
in planning and in calculating costs.
6. D. If you must slash costs, then it should be evenly distributed from
each area to ensure that there is not one area taking a major setback
or change.
7. C. Addressing training issues should be done at a later time, not at
this stage of the installation.
8. D. At this stage of the installation plan, the installation instructions
should have been thoroughly read and understood.
9. A. The HCL or Hardware Compatibility List is a component of
Microsoft operating systems that ensures that the hardware being
installed will work with the operating system as expected.
10. B. Trial software provides a limited use or time to explore the
software and see if you like it.
11. A. A KVM (keyboard/video/mouse) box allows you to control more
than one computer through the use of one keyboard, video monitor,
and mouse.
12. C. A UPS (uninterruptible power supply) provides battery power to
a computer when there is an AC power failure.
13. B. ESD (electrostatic discharge) is the transfer of static electricity
between you and a computer component.

14. D. A static strap is used during an install. It contains a resistor that

will bleed static charges away form your body and protect computer
components.
15. A. A VRM (voltage regulator module) is used to control the voltage
sent to the processor through the motherboard.
16. B. Form factor describes the size and shape of a device, such as a
computer case or a circuit board.
17. A. Rack-mounted servers are smaller and therefore optimize server
space as compared to a tower server.
18. C. Monitor switchboxes are not powered and will not maintain an
active connection to devices. They will not work well for keyboards
and mice.
19. B. Although termination is a major issue in SCSI installation, the
most common problems are due to incorrect SCSI ID configuration.
20. C. The POST (power-on self test) occurs at system startup and can
help with troubleshooting improper installations and hardware failures.

Hardware PART
Configuration
II

Chapter Motherboards and
Processors
THIS CHAPTER:
2.1 Check/upgrade BIOS/firmware levels (system board, RAID,

controller, hard drive, etc.)
3.2 Add processors

On single processor upgrade, verify compatibility
Verify N1 stepping
Verify speed and cache matching
Perform BIOS upgrade
Perform OS upgrade to support multiprocessors
Perform upgrade checklist, including: locate/obtain latest
test drivers, OS updates, software, etc.; review FAQs,
instructions, facts and issues; test and pilot; schedule
downtime; implement ESD best practices; confirm that
upgrade has been recognized; review and baseline;
document upgrade.
3.4 Increase memory

Verify hardware and OS support for capacity increase
Verify memory is on hardware/vendor compatibility list
Verify memory compatibility (e.g., speed, brand, capacity,
EDO, ECC/non-ECC, SDRAM/RDRAM)
Perform upgrade checklist including: locate and obtain
latest test drivers, OS updates, software, etc.; review
FAQs, instructions, facts and issues; test and pilot; schedule
downtime; implement using ESD best practices; confirm
that the upgrade has been recognized; review and
baseline; document the upgrade

Verify that server and OS recognize the added
memory
Perform server optimization to make use of
additional RAM
3.5 Upgrade BIOS firmware

Perform upgrade checklist including: locate and
obtain latest test drivers, OS updates, software, etc.;
review FAQs, instructions, facts and issues; test and
pilot; schedule downtime; implement using ESD
best practices; confirm that the upgrade has been
recognized; review and baseline; document the
upgrade

Verify appropriate system resources (e.g., expansion
slots, IRQ, DMA, etc.)
obtain latest test drivers, OS updates, software, etc.;
review FAQs, instructions, facts and issues; test and
pilot; schedule downtime; implement using ESD best
practices; confirm that the upgrade has been
recognized; review and baseline; document
the upgrade

M ost server motherboards are like those of regular PCs, and
they serve similar functions. Server motherboards, however, usually contain
a few special differences. These differences include added components, as
well as advanced support for server-specific computing, which you would
not normally see on a standard PC. Before diving into specifics, though, let’s
look first at motherboards in general.
This chapter focuses on motherboards and processors. The chapter begins
with a look at the major form factors and components of a motherboard.
Focus is also given to expansion slots and RAM because they interact closely
with the motherboard. The chapter then switches focus to processors, begin-
ning with an exploration of processor interfaces with motherboards, and
then the different available processors and their specifications. Finally
you will find an exploration into some of today’s pressing issues with
processors—cooling and overclocking.
Please see Chapters 2, 7, 9, 10, 11, and 12 for additional coverage of the “Add
Processors” objective.
The Motherboard
T he motherboard is the backbone of a computer, providing connectivity
between all the components of the computer. All computer components plug
into the motherboard in one way or another. With increased demand for
computer power, designers have had to adapt motherboards accordingly.
New processors, bus speeds, RAM types, data transfer speeds, and com-
ponents have together pushed the evolution of the motherboard forward
at a steady pace.

78 Chapter 3 Motherboards and Processors
Integrated Versus Non-integrated

Motherboards are classified as either integrated or non-integrated. Inte-
grated motherboards contain built-in components that are normally
expansion features. For example, a motherboard might have video and net-
work capabilities built right into the board, so you don’t have to purchase
a separate video card and network card. The obvious downside to this
arrangement is that if the video or network component ceases to function, you
will either have to replace the entire motherboard or disable the malfunction-
ing on-board component. In the worst-case scenario, the malfunctioning on-
board component can damage other components on the motherboard, neces-
sitating replacement of the motherboard.
With a non-integrated motherboard, initial cost is higher because more
individual components need to be purchased. In case of component failure,
however, replacement of the entire motherboard can be avoided. Another
issue that arises with non-integrated motherboards is the availability of
expansion slots to support the multiple components.
In server motherboards, it is common to find integrated components such
as SCSI and RAID controllers in addition to the video and network cards
already mentioned. With large amounts of RAM installed in servers, com-
bined with the fact that there is no need for enhanced video, servers often
contain some integrated components. Component failure resulting in a
smoked motherboard is still an issue though. To support these components,
a non-integrated motherboard would require a minimum of four expansion
slots, and this is the main reason components such as video and network
cards are integrated into the motherboard of a server.
Resources within a computer usually refer to memory, IRQ, or DMA. Memory

can be either physical memory (such as RAM) or virtual memory. Virtual
memory is actually hard disk space pretending to be extra RAM. IRQs are
interrupt requests. DMA is direct memory access. A DMA allows a device
within the computer to have direct access to the computer’s memory
(RAM) without having to go through the processor.
Many motherboard manufacturers offer both integrated and non-

integrated motherboards. The specific components used in integrated
motherboards vary among manufacturers, but they commonly include
on-board video, audio, modem, and network cards. Some manufacturers
will integrate all of these components; others will provide a selection.

The Motherboard 79
Form Factors
Another motherboard classification is the form factor. Essentially, form
factors define the layout of components on the actual motherboard. There
are three broad categories of form factors: AT/Baby AT, ATX, and NLX.
The AT was the original IBM form factor design, on which the processor,
memory, and expansion slots were all arranged in a straight line. This posed
a problem for full-length expansion cards because the height of the processor
interfered with proper card installation. In addition, heat dissipation from the
processor sometimes caused problems for the expansion card. The Baby AT
was a smaller version of the AT with newer, smaller components. It was a more
compact board, but had the same drawbacks as the AT. In a home PC this is
rarely an issue, but in the server world many expansion cards are full-length.
Traditionally, servers are not designed around the Baby AT form factor.
The ATX component layout is different from the AT. In the ATX form
factor, the processor and memory are arranged at a right angle to the expan-
sion slots, allowing room for the use of full-length expansion cards. In
the newer computers, the combined height of the processor, heat sink, and
cooling fan make it impossible to insert full-length cards in any other form
factor, and most new computers (including servers) are built around the
ATX form factor. New ATX motherboards also offer advanced power
management features that make them even more attractive to computer
builders. For example, ATX motherboards offer a soft shutdown option,
allowing the operating system to completely power down the computer
without the user’s having to press the power switch.
NLX has been a form factor in use with desktops for quite some time. It is
a compact form factor, often referred to as a “low-profile application.” NLX
motherboards are easily distinguished by the riser card to which the expansion
cards connect. The riser card allows from two to four expansion cards to be
plugged in. These expansion cards sit parallel to the motherboard.
Servers with this form factor offer power similar to the larger traditional
servers, but in the size of a VCR. The obvious benefit of NLX is that the bulk
of a traditional server is reduced to a space-saving smaller server. Addition-
ally, servers assembled in a rack mount case can be secured to a rack, which
can itself be secured to the floor, providing better equipment safety.
Beyond these three principal categories of form factors, some companies
have created their own motherboard layout. For the manufacturer, this
proprietary design allows for specific and custom creation of servers. For
the end user or technician, however, it can be a nightmare, often requiring
special training by the manufacturer before the custom equipment can be
serviced. There is also the possible difficulty of locating the specialty parts.

Components of a Motherboard
Regardless of the form factor, motherboards all contain similar essential
components, including processor slots, expansion busses, RAM banks, inte-
grated controllers (either IDE or SCSI), power connectors, and peripheral
connectors. It is these essential components that work together to provide
the connectivity and communication within the computer. The diagram in
Figure 3.1 is a structural overview of a typical server motherboard.
FIGURE 3.1 Dual socket 370 motherboard
A PCI expansion bus H Power supply connector

B Integrated RJ-45 network card I Floppy disk controller
C Serial port J IDE controllers
D Parallel port K Integrates SCSI controller
E PS/2 mouse and keyboard ports L CMOS battery
F Primary processor socket 370 M RAM banks
G Secondary processor socket 370 N ISA expansion bus
A B C D E
F
N
H
L
K J I

The Motherboard 81
Let’s take a closer look at each of these components. The following

sections should provide you with just enough information so that you
feel comfortable applying your knowledge of these components in a
server environment. We’ll cover the types of expansion busses, memory
types, processor slots, and firmware.
Expansion Busses
Expansion busses provide a means of adding additional components to
your computer, such as a video card, network card, SCSI controller, RAID
controller, or others. Integrated motherboards have less need for numerous
expansion busses than non-integrated boards. In the history of computers,
eight major expansion busses have been developed, but only three of these
busses are commonly used in modern servers: AGP, PCI, and ISA.
AGP
The Accelerated Graphics Port (AGP) bus is for advanced video. Only
one expansion card, the video card, is made for an AGP port or interface.
The AGP port is easily identified by its brown color and offset alignment
(as compared with the other expansion bus slots). Motherboards contain
only one APG port.
The first AGP release was a 64-bit data bus that ran at 33MHz (a measure
of the speed of information flow). New releases of AGP include 4XAGP,
which runs at 133MHz—four times the standard 33MHz! Although numer-
ous servers on the market include AGP video, either as an expansion port or
an on-board video card, it is unlikely that a dedicated server would need the
advantage of advanced video—how often do you play graphics-intensive
games on a server? Some “gaming servers” provide connectivity for other
gaming computers, but the server is rarely used as an actual gaming machine.
The risk of corruption or configuration problems outweighs the benefits
of the AGP bus.
PCI
First released at the inception of Pentium-generation processors, Peripheral
Component Interconnect (PCI) cards are the major expansion card type
in use today. PCI is popular due to its transfer speeds (32- or 64-bit busses)
and ease of installation. PCI also supports bus mastering (a means of
allowing a device such as a hard disk to communicate directly with another
device without the input of the CPU) and speeds up to 66MHz. Installation
and configuration are dramatically easier than for earlier busses, with
resources for the card being determined by either the operating system or

the BIOS—commonly referred to as Plug and Play technology. To install a

PCI card, you simply open the computer case, locate a free PCI slot (they
are off-white), remove the blank cover, and install the card. Resources (IRQ
and DMA) are configured automatically. As you will learn in the next
section on ISA, PCI configuration is a huge step forward in simplifying
expansion-card installation.
ISA
Industry Standard Architecture (ISA) is the oldest of the three types of
expansion bus. This bus preceded PCI and was extremely popular in its
time. Today it has been nearly phased out, but some motherboards still
have one or two ISA slots for use with older expansion cards. Most new
motherboards, however, have no ISA slots.
This bus is 16-bit and allows transfer speeds of 8MHz, with some models
running in turbo mode at 10MHz. ISA, at times, is difficult to configure
because it requires jumpers and/or DIP switches to be manually set. The
technician must be aware of which resources are in use and which are
available. Should the technician configure the new expansion card with
the IRQ or DMA of another device, a conflict occurs. In days gone by, it
was not uncommon to have the mouse freeze on your 486 computer when
you tried to dial up your modem because the mouse and modem were
often misconfigured with the same resources. The ramifications of this
particular conflict were minimal, but more serious situations can occur—
for example, conflict with a hard disk controller.
Table 3.1 lists the IRQ (interrupt request lines) usage for the ISA bus.
Table 3.2 lists the DMA (Direct Memory Access) assignments.
TABLE 3.1 Default IRQ Assignments for the ISA Bus
IRQ Default Assignment
0 System timer
1 Keyboard
2 Cascade to IRQ 9
3 COM 2 and 4
4 COM 1 and 3
5 LPT2

The Motherboard 83
TABLE 3.1 Default IRQ Assignments for the ISA Bus (continued)
IRQ Default Assignment
6 Floppy controller
7 LPT1
8 Real-time clock
9 Cascade to IRQ 2
10 Available
11 Available
12 Bus mouse
13 Math coprocessor
14 Hard disk controller
15 Available
TABLE 3.2 Default DMA Assignments for the ISA Bus
DMA Default Assignment
0 Available
1 Available
2 Floppy controller
3 Available
4 Second DMA controller
5 Available
6 Available
7 Available

As shown in Tables 3.1 and 3.2, available resources are limited. Normally
IRQ 5 is available because it is rare to have and use both LPT ports. It is
also rare to use a bus mouse today. Normally a PS/2 or USB mouse is used
today, leaving IRQ 12 as a free resource. This leaves five IRQs available for
expansion cards. Typically, IRQ 5 is used for a sound card and IRQ 10 for a
network card. This is not a computer law, but rather an unwritten rule that
technicians generally follow. The sound card can be configured with any
available IRQ, but many programs take for granted that the sound card is on
IRQ 5. That leaves three open IRQs for other devices such as a network card.
Mixed Environment Expansion Busses
Most computers in use today are not the latest, greatest technology.
Many motherboards contain several different expansion busses. Brand
new motherboards will contain an AGP and several PCIs. Motherboards
that are a couple of years or more old will contain an AGP, PCI, and most
likely two or three ISA. The question is, what expansion cards do you pur-
chase for which bus? Obviously, if you have an AGP bus, then you should
try to purchase an AGP video card. This not only takes advantage of the
capabilities of the AGP, but also allows another expansion card to use the
PCI slot that the video card may have taken.
What do you do, though, if you have to choose devices to fit in PCI and ISA
busses? What if you need to install a network card and a sound card but
have just one PCI and one ISA bus left? How do you decide which expansion
card to purchase for which bus? The rule is to select the card that will be
under the most stress for the fastest bus. This will ensure that the faster
transfer rate of the bus will be put to good use. Odds are, if your computer
is to be networked, then the network card would be under more stress, so
it should be installed in the PCI bus. The sound card, although available in
a PCI format, would be the better choice for the ISA bus.
Memory
Inside the server are several different forms of memory. Each plays a
significant role in typical operation of the server. Memory in any form is
the means of storing information, either temporarily, semi-permanently,
or permanently.

The Motherboard 85
RAM
Random access memory (RAM) is the most common memory within a
computer. RAM is physical memory, a collection of chips on a small
circuit board that attaches to the motherboard via a slot called a bank.
Most motherboards contain several banks for RAM installation. RAM
is volatile memory. When power to the computer is lost, the information
stored in RAM will be lost.
RAM has seen constant evolution over time. Early forms of RAM were
known as static RAM or SRAM. SRAM didn’t need constant refreshing
from the computer. Information was stored in a series of transistors that
made static RAM rather slow in sending and receiving information from
the processor. Newer RAM is called dynamic RAM (DRAM). DRAM
requires constant refreshing, and information is stored as electrical charges
within small capacitors. DRAM, due to its components, allows for high-
density packaging. This in turn creates RAM with larger capacities in much
smaller chips. Examples of DRAM are EDO, SDRAM, DDR SDRAM,
and RAMBUS.
EDO RAM
Extended data output RAM (EDO RAM) emerged in 1995. It provided a
performance increase of 10 to 15 percent over traditional memory. The
major downside to EDO RAM was that it had to be installed in pairs. If
you wanted 32MB of RAM, you had to install two 16MB modules. This
limited the number of available banks for RAM installation on a mother-
board, as well as options for RAM expansion. Six available banks on a
motherboard really meant three. Many motherboards of this era also had
specific sequencing for installing EDO RAM. For example, a computer
with 16MB installed could add another 16MB (two 8MB modules) or
32MB (two 16MB modules). EDO RAM is not in use today as a result
of these limiting factors.
SDRAM
This is the most common RAM in use today. Synchronous dynamic
RAM (SDRAM) runs at system bus speeds that translate into 66MHz,
100MHz, and 133MHz. These improved speeds over previous types of
RAM eliminated wait states between the system and RAM, which was an
issue in the past. A wait state is the time when the processor is waiting for

a response from the RAM. Everything is synchronized to the clock speed

(discussed in a later section).
Another improvement over EDO RAM is that SDRAM is installed one
module at a time. SDRAM is also available in large sizes on one module.
If you want 512MB of RAM, you can get it on a single module, leaving the
other banks available for future RAM upgrades.
You can mix higher-bus-speed SDRAM in a slower-bus-speed motherboard;

for instance, 133MHz SDRAM will work in a 100MHz-bus motherboard. The
RAM will simply run at the slower speed of the motherboard. Some mother-
boards offer a dual speed option. This allows the installer to select the bus
speed using a jumper setting on the motherboard. Remember from your
A+ Complete Study Guide that the processor, motherboard, and RAM must
match in bus speeds. Bus speeds are a measure of the speed at which the
processor, RAM, and motherboard send and receive information and instruc-
tions. These bus speeds include 66MHz, 100MHz, or more commonly the
133MHz bus speed.
DDR SDRAM
Double data rate synchronous dynamic RAM (DDR SDRAM) is an
enhancement of SDRAM. DDR SDRAM provides double clock speed by
performing read and writes on both sides of the clock cycle (as opposed to
only working on one side). This translates into twice the memory executions,
and therefore increased system performance. A system with 100MHz mem-
ory bus speed will perform at an amazing 200MHz.
RAMBUS RAM
Direct Rambus RAM is the newest RAM available on the computer market.
It is extremely fast, with speeds up to 800MHz, and operates like DDR
SDRAM, working on both sides of the clock cycle. Rambus RAM is often used
in advanced, resource-intensive gaming systems, and is increasingly being
used in desktop computers.
ROM
Read-only memory (ROM), another important memory component, is used
to store permanent information for easy and quick retrieval. ROM chips,
much like RAM, have seen broad evolution, beginning at PROM and
moving to EPROM and EEPROM.

The Motherboard 87
PROM Programmable read-only memory (PROM) was the first ROM

design. It was programmed at the factory with the necessary information
burned in as a configuration of transistor ons and offs. The PROM chip
is permanent, so making any change means replacing the PROM chip or
possibly the entire motherboard. This is very limiting in terms of oppor-
tunity to upgrade or alter the computer’s configuration.
EPROM Erasable programmable read-only memory (EPROM) stored
information as binary programming through electrical charges. Erasing
the information required shining an ultraviolet light through a special
window that wiped out all the information on the chip. This was an
improvement from the PROM but still not user friendly. You had to
disassemble your computer and then remove and replace the protective
sticker—a labor-intensive and risky task.
EEPROM Electrically erasable programmable read-only memory
(EEPROM) is the current standard for ROM. The CMOS chip, which
contains the BIOS (basic input/output system) information, is an
EEPROM chip. The chip is kept alive by the CMOS battery and,
when needed, can be flashed. Flashing is a process by which software
erases and updates the programmed information contained within
the BIOS. Unfortunately, the CMOS battery does eventually fail, and the
information saved in the BIOS program is lost. It is strongly advised that
you manually record the information found in the BIOS and then attach
it to the inside cover of the computer. Eventually, when the battery does
fail months or years later, you’ll have access to the information and can
reenter it after replacing the battery.
Many brand name computers have a proprietary BIOS; generic computers
rely on a BIOS chip made by Award, American Megatrends, or Phoenix.
Figure 3.2 illustrates a generic EPROM chip.
FIGURE 3.2 An EPROM chip
An EPROM chip

Cache Memory
Cache memory is located on all motherboards and operates much faster than
RAM. Cache memory stores information that is requested frequently, allowing
for faster access and response. L1 (level 1) cache memory is actually located
within the processor chip itself. L2 (level 2) cache memory is located on the
motherboard. Both L1 and L2 cache are designed to be used by the processor.
Cache memory is often found on other components as well, including
RAID cards and network cards. This cache memory provides functions to
these devices just as cache memory does for the processor: rapid storage of
and access to information.
Processor Slots
With the constant evolution of computer processors has come a change in
the way the processor connects to the motherboard. Selecting the right
processor to match a motherboard, or vice versa, is often a confusing and
difficult task. To make that task a bit easier, we have included a listing
that describes the common processor connection interfaces in detail.
Socket 1 Used with the 486 chip, often called a PGA (pin grid array) or
ZIF (zero insertion force socket). It has 169 pins and operates at 5 volts.
Socket 2 An upgrade of socket 1. Has 238 pins and runs at 5 volts. Used
for the original Pentium processors.
Socket 3 Contains 237 pins and operates at 5 or 3.3 volts, controlled by
a jumper on the motherboard. Supports all socket 2 processors as well as
the 5×86 chips.
Socket 4 With 273 pins, this socket was designed for Pentium-class
machines running at 5 volts. Beginning with the Pentium 75MHz, how-
ever, Intel dropped the voltage to 3.3 volts, so this socket had limited use.
Socket 5 Operates at 3.3 volts and has 320 pins. Supports Pentium chips
from 75MHz to 133MHz; socket 5 was replaced by socket 7.
Socket 6 Designed for the 486 at a time when the industry was moving
into the Pentium class; never really came into mainstream use.
Socket 7 The most widely used socket; contains 321 pins and operates
between 2.5 and 3.3 volts. Supports all Pentium-class chips from 75MHz
and up, and MMX chips. Also supports chips from AMD and Cyrix.
Incorporates a voltage regulator.
Socket 8 Designed primarily for the Pentium Pro chip. It has 387 pins
and operates between 3.1 and 3.3 volts.

The Motherboard 89
Socket 370 A socket 7 with an additional row of pins on all four sides.
Used by Celeron processors as well as Celeron II and some Pentium III
processors (FC-PGA models).
Slot 1 A radical change in design, this was Intel’s “processor in a box.”
This boxed processor interfaces with the motherboard through what
appears to be an expansion bus, called a Slot 1. This design eliminated
the risk of bending processor pins, an all-too-common problem with
other socket interfaces. Inside the box was the same processor chip, but
preinstalled on a separate daughter card along with the L2 cache. This
was then shrouded in a heat sink and fan assembly box. Having the
processor in this format allowed for better air flow and cooling, but it
was bulky—standing on edge, it created spatial issues within the case.
Slot 2 Similar to Slot 1, but with a larger 330-contact connector slot.
This connector allowed the CPU to communicate with the motherboard
at full CPU clock speed. Slot 2 was designed for the newer Pentium chip
sets, including the Xeon processor.
Slot A Similar to Slot 1, Slot A uses a different protocol (EV6) and is
custom designed for the AMD Athlon processor. Using this protocol, the
processor-to-RAM communication can achieve speeds of 200MHz.
Socket A Using 462 pins, this socket is designed solely for the AMD chip
sets, including the Athlon and Duron processors.
Slockets A slot 1-to-socket 370 adapter. Allows a chip designed for a
socket 370 application to be used in a Slot 1 motherboard. Slockets are
not well received by many technicians. The modification between the
two interfaces is done with jumper settings and digital circuitry. Slocket
configuration is often compared to ISA expansion card configuration—
there can be serious consequences if it’s misconfigured.
In a dual processor environment (a motherboard that allows two processors

to be present), there will be a pair of processor interfaces. If these interfaces
are Slot 1, and only one processor is present, a dummy card is plugged into
the empty slot. Leave it inserted until the computer is upgraded to dual
processors. Some servers even support multiple processors. Dell, for exam-
ple, offers a single box server with four Xeon processors working together.
Some rack-mounted servers can actually link many small servers to work
together, making one large server with numerous processors.

Power Connectors
Electrical power interfaces with a motherboard in several ways. Main power
attaches to the motherboard through a single plug on an ATX board, or
through two smaller plugs on an AT/Baby AT. If your motherboard is of the
AT form factor, these two small plugs must be orientated correctly with
the black wires of each plug meeting in the center.
With the main power attached to the motherboard, the control of system
power is now given to the motherboard. Cooling fans, processor fan,
and startup/shutdown can all be electrically controlled and monitored by
the motherboard’s use of the electricity. For example, ATX motherboards
offer the soft shutdown feature. When you select Shut Down in the Windows
operating system, the computer will actually power down. This can be
combined with a boot initiated through a mouse movement, keyboard
hot key, or even a request through the network (called Wake up on LAN).
Most motherboards also have power connectors (2-pin or 3-pin) for cooling
fans. The fans plug directly into the motherboard where the RPMs and
airflow are controlled through the motherboard. This allows the mother-
board to maintain a consistent temperature within the computer case.
In a server environment it is very common to see more than one power
supply. This redundant power supply acts as a backup to the first one.
More time will be spent on redundant components in Chapter 5, “Fault
Tolerance and Redundancy.”
On-Board Disk Controllers

On-board disk controllers provide the interface between the disk sub-
systems and the motherboard. Typically on a motherboard there will be
one floppy disk controller. This 34-pin plug accepts a ribbon cable that
allows a floppy disk (or two) to communicate with the computer. In some
new legacy free computers, the floppy disk has been eliminated. In the
server world where items such as boot disks are often needed, it is not
advisable to get a legacy free computer to act as a server.
Hard disk controllers are also located on a motherboard. Desktop PCs
primarily use IDE controllers. Servers, although they may contain IDE
controllers, rely more often on SCSI controllers. Some higher-priced
motherboards do include an on-board SCSI controller, but traditionally
SCSI is used through a separate expansion card. With the number of
devices needed, as well as performance differences, SCSI is often the only
viable choice. Both SCSI and IDE controllers will be discussed in depth in
Chapter 4, “Storage Devices.”

The Motherboard 91
Keyboard/Mouse
Every motherboard needs a means of interfacing with the user. This is often
done through the keyboard and mouse. Once the server is up and running,
many administrators will remove the keyboard and mouse for safety and
security of the server. Access to the server is then done remotely through the
network. However, for operating system installation, a keyboard and mouse
are needed. Again, depending on your motherboard, a legacy free mother-
board may have only a few USB ports where a mouse and keyboard would
plug into. The problem is that some operating systems (Windows NT for
example) do not support USB ports. Typically, a server will have PS/2 ports
for a mouse and a keyboard. Older servers may still require a serial mouse
(which would use a DB-9 connector) and a DIN 5 keyboard connector.
Peripheral Port Connectors

Peripheral port connectors provide the interface for other devices that
will connect externally to your computer; these include printers, external
modems, and scanners. Standard peripheral ports are two DB-9 male ports
and a DB-25 female. The DB-9 male ports on a server are often used as
communication ports for an external modem or for communication to a
UPS or network connectivity device such as a switch. Again, legacy free
computers have USB ports rather than parallel or serial ports.
Jumpers and DIP switches

Depending on the type of motherboard, the setting for the processor voltage,
speed, and other system settings may be controlled by small switches that
need to be manually configured on the motherboard. Many new mother-
boards have moved away from this type of configuration for the same
reasons as the ISA bus. A simple misconfiguration can lead to serious
consequences. On a motherboard, the jumpers often control CPU voltage.
Too high of a voltage setting could permanently damage the CPU (see
Figure 3.3).
FIGURE 3.3 Jumpers

33
33
22
22
11
11

Firmware
Firmware is defined as any software that is stored in read-only memory
(ROM, EPROM, EEPROM) and that maintains its contents when power is
removed. Inside the server are several components that will contain ROM
chips and therefore firmware. This list includes the previously discussed
CMOS chip, but also SCSI controllers and RAID controllers.
Firmware is commonly upgradable. This process normally requires
downloading the file from the manufacturer’s website. Although tempting, it
is extremely dangerous to download such files from third-party websites.
The validity and integrity of the file may be compromised. A failed firmware
update can leave you in a difficult situation. Once the correct file is down-
loaded (this will require careful matching of your hardware to the correct
download file), it can be run. The firmware update is extracted onto a floppy
disk. When the disk creation is complete, you simply reboot the computer
with the disk in and the update will occur automatically. In essence, the
firmware disk is a boot disk that runs a specific program that reprograms
the chip when the computer is booted.
Firmware updates are performed to provide new updated features and
support for the latest hardware or to repair problems with hardware. For
example, Asus Network Technologies released a firmware update for their
motherboards that will repair an issue with the soft shutdown. This firm-
ware update relates to the CMOS chip. Another example would be a firmware
update for a SCSI controller, which would provide advanced support for
new hard disk technology. No one can forget the Y2K issue—the fear that
computers would not be able to calculate the year 2000. Many systems
were repaired through a simple firmware update.
In a typical server there can be several components with firmware. It is
good practice to document each component, firmware revision number,
date, and manufacturer. Many manufacturers maintain a mailing list and
will notify you via e-mail when a new release is available. At that point,
you decide whether to update or not. The benefits of the update must be
useful to your specific application. Keep in mind that there are risks with
every update. The possibility of the device not working properly because
of conflicts with other devices, other software, or the operating system
are realistic consequences. Always perform a backup of all data as well
as a full compatibility check before performing any update to a server.

Processors 93
Processors
Processors have seen the most rapid change over the last couple of
decades. In the server environment, processors can face incredible stresses.
Selecting the right processor to meet your needs is therefore critical. Before
looking at the current processor types, you need an understanding of the
important features.
Clock speed is the main element on which most people focus when they
talk about processors. Clock speed is measured in millions of cycles per sec-
ond—megahertz (MHz). Instructions are carried out based on clock speed,
analogous to a musician playing to a metronome. Clock speed is not the only
factor in processor performance but it is a major factor. The faster the clock
speed, the faster instructions can be carried out. Latest releases of processors
have exceeded the megahertz classification and moved into the gigahertz
range. Currently processor speeds have reached 2GHz.
L1 cache, as previously mentioned, provides fast access for the processor.
Therefore processors with larger quantities of L1 cache will perform better.
Higher cache is also directly proportionate to increased price. Server proces-
sors will commonly have higher L1 cache than desktop processors.
Voltage is another consideration. Lower voltages in processors will
generate less heat, and lower heat will allow for smoother and more stable
operation. Old processors ran at 5 volts, and this generated a steady amount
of heat; however, due to the slower clock speeds, the small heat sinks were
able to handle heat dissipation. With newer processors, the heat generated
from the faster clock speeds combined with the 5 volts of direct current
electricity made the processor unstable. Most of today’s processors run
at 3.3 volts to combat this problem.
Intel Processors
It is common knowledge that Intel has had a strong hold on the computer
processor market for a long time. Today there are several other manufac-
turers of quality computer chips on the market, but Intel still has a dominant
hold on the server market. Table 3.3 defines the major Intel processor
classes, speed ranges, and specifications as seen today.

TABLE 3.3 Current Intel Processor Family Line
Processor Voltage Clock Speed
Pentium 3.3–5V 60MHz to 200MHz
Pentium Pro 2.5V 60MHz to 200MHz
Celeron 3.3V 266MHz to 1.2GHz
Pentium II 3.3V 233MHz to 450MHz
Pentium III 3.3V 450MHz to 1.1GHz
Pentium 4 3.3V 1.3GHz to 2GHz
P2 Xeon 3.3V 400MHz to 450MHz
P3 Xeon 3.3V 350MHz to 1,000MHz
Itanium 3.3V 733MHz to 800MHz
Any of the Intel Pentium-class processors works well within a server

environment, but Intel designed the Xeon line specifically for the high-
performance environment of workstations and servers. Xeon processors
come equipped with a larger cache, and greater flexibility while running
in a multiprocessor environment. In its latest release, Intel has touted the
Itanium processor, running with synchronous clock signaling and a 64-bit
architecture, as the ideal match for a server environment.
Intel is constantly releasing new and improved processors. The changes
most often are in the speed category, although Intel also has several new
processor lines in development. They are referred to by code name and
feature the latest in technological advancements. For more information,
visit Intel.com.
AMD Processors
AMD processors, as related to servers, are rather new on the market. AMD
(Advanced Micro Devices) only recently introduced their server line chip,
the MP, to compete with the Intel server line. The MP chip is available in
a 1.2GHz and 1.0GHz clock speed and fits onto a socket A motherboard.
Standard AMD processors include the Athlon and Duron, designed to

Cooling 95
compete with the Pentium and Celeron, respectively. The benefit of the AMD
processor line is the fast bus speeds discussed previously in the socket A
description. When matched with an appropriate motherboard, the AMD
processor performs efficiently. (See Table 3.4.)
TABLE 3.4 Current AMD Processor Family Line
Processor Voltage Clock Speed
Athlon MP 2.5V 1.0–1.2GHz
Athlon 3.3V 1–1.4GHz
Duron 3.3V 950MHz–1.1GHz
Alpha Chips
DEC (Digital Equipment Corporation) introduced a 64-bit processor in
1992 called an Alpha chip. Recently Compaq released a series of servers
featuring the Alpha chip, which has a superscalar design allowing the pro-
cessor to execute more than one instruction per clock cycle. It has both
an 8K data and an 8K instruction cache, and a floating-point processor.
Compared to the other processors that calculate on one side or two sides
of the clock tick, Alpha processors have a definite advantage. This has
obvious benefits in a server environment where a CPU is often required
to process a multitude of requests at a time.
Cooling
B ased on the previous information on processors, it is easy to under-
stand that cooling in a server environment is critical. Regardless of the
manufacturer or model of your CPU, it will need a way to deal with heat
buildup. The faster the clock speed of the CPU, the more heat it generates,
and server processors tend to run at a high clock speed. Remember that some
servers have several CPUs. Most servers have numerous cooling fans to
assist with heat dissipation. With the dangers of overheating, fans are often
clustered together in groups with cowlings to channel air through the server.
It is also advisable to have multiple fans to allow for redundancy—should
a fan fail, another will maintain the airflow.

Besides cooling fans, consider other factors in maintaining proper temper-

atures within the server case. Motherboard form factors dramatically influ-
ence cooling. The ATX form factor has the processor near the power supply
fan. This allows the processor to take advantage of the cool air drawn in from
the power supply. In the AT form factor, the processor is not near this fan.
Heat sinks and processor fans are another consideration. All processors,
including dated ones (such as the 486), require at least a heat sink and cool-
ing fan. The heat sink, which rests directly on the processor, is made of alu-
minum, which dissipates heat easily. On top of the heat sink is a cooling fan.
This cooling fan assists in moving the heat that radiates off the heat sink
away from the area. After-market products are advancing dramatically to
assist in running the processor cooler. Larger heat sinks and fans that will
run at higher RPMs are available. These products are obvious favorites of
the overclockers (see “Overclocking” section, below), but should also be a
consideration for server builders.
Another option (although it can be costly) is a Peltier device (also known as
a thermoelectric [TE] module), which is a small solid-state device that func-
tions as a heat pump. This ingenious device works like a small air conditioner,
moving hot air away from the processor side and replacing it with cool air.
Peltier devices do not work well in all applications and can be difficult to
install and operate effectively.
Regardless of which form of cooling you decide on, it is mandatory that
in a server there is some form of monitoring. This monitoring watches the
temperatures and fans for any problems (fan failure, temperature threshold
reached) and then alerts the system administrator. Modern servers can send
alerts via e-mail, on-screen messages, or audible alarms. If there is no response
within a given period of time, some servers will even shut themselves down,
thus preventing any physical damage to components. Monitoring agents can
be software, hardware, or a combination of the two.
An area that is often overlooked is the server environment. With the
constant demands on a server, maintaining a consistent temperature as
well as safe environment for the computer to operate in is a must. Many
companies will create a dedicated room for the server(s). This room prevents
dust and other contaminants from disrupting the server. Many times these
server rooms have dedicated cooling facilities, such as air conditioners,
and dedicated power sources.
Another environmental concern to be aware of is the location of the
server. As you learned in the A+ Complete Study Guide, by David Groth and
Dan Newland (Sybex, 2001), it is not acceptable to have a computer in a

Summary 97
location where it will face direct sunlight. Besides sunlight, other potential
concerns would be location of water pipes and electrical wires (electrical
fields). All of these could compromise server safety.
Overclocking
I n the world of desktop computers, overclocking is the latest rave.
Overclocking involves forcing your computer (usually the processor) to
run harder and faster than the manufacturer intended. All processors per-
form within a specific range. There is a window by which this range can be
extended and the processor made to work at the upper levels of its capabil-
ities. This is comparable to athletes who use steroids. Performance is better
but there are serious side effects. With increased processing capabilities
comes increased heat. Overclocking demands improved processor and case
cooling. Some users who have overclocked their systems go so far as to create
custom fan and heat sinks to deal with the heat issue. Before you decide to
overclock, make sure you carefully weigh the possible consequences: short-
ened life of the CPU, overheating, and damage to other components such as
the motherboard.
When related to servers, overclocking is frowned on. The processor in a
server is responsible not only for the running of the server but also shared
applications, printers, file security, authentication, Internet, and e-mail, so
the processor is working very hard already. Forcing it to work faster can lead
to catastrophic consequences. Remember, you can get along without a desk-
top for a while, but can you remain productive without your server?
Summary
T his chapter began with an exploration of motherboards. Integrated
motherboards have several common components built into the motherboard
that would otherwise be on expansion cards. These include video, audio,
modem, and network cards. Non-integrated motherboards require separate
expansion cards for each component. Benefits of integrated motherboards
include lower price, while the major drawback is the danger of component
failure that would result in replacing the entire motherboard.

Motherboards are available in three form factors. The less commonly

used AT boards were the original design created by IBM. Baby AT was a
smaller version of the AT created around the desktop structure. The major
problem with the Baby AT was compatibility with full-size expansion cards.
Due to the orientation of the processor, RAM, and expansion cards, the
Baby AT motherboard made it difficult if not impossible to use full-length
expansion cards. ATX is the second motherboard form factor. ATX moth-
erboards do not have the same issues as the Baby AT. Most computers today
are built around the ATX form factor. The final form factor discussed in this
chapter was NLX. This design of motherboard was created for low-profile
systems. This includes small desktops as well as rack mount systems.
We also took an in-depth look at common motherboard components.
Expansion busses provide a means of connectivity for your computer to
expand on. Today there are three major expansion busses commonly used.
These are AGP, PCI, and ISA. The AGP bus (Accelerated Graphics Port) is
designed for video cards only. PCI (Peripheral Component Interconnect)
is the major expansion bus in use today. It has a transfer speed of up to
66MHz. PCI bus resources are configured through software (including the
computer’s operating system). ISA (Industry Standard Architecture) busses
are the oldest of the three. Currently ISA busses are being phased out, but
many computers in use still have a couple of ISA expansion busses on their
motherboards. ISA busses can be difficult to configure, requiring that the
installer know about used and free resources and then be able to configure
the expansion card through jumpers.
Memory takes on several forms within a computer. RAM (random access
memory) is volatile memory used to store information temporarily while the
computer is in use. RAM has seen an evolution from Static to Dynamic
RAM. Dynamic RAM currently in use is Synchronous Dynamic RAM
(SD RAM). SD RAM is available in bus speeds of 66MHz, 100MHz,
and 133MHz. This bus speed must be matched to the motherboard and
processor. New enhanced RAM includes DDR SDRAM and Rambus RAM.
Much like RAM, ROM (read-only memory) has evolved over time, begin-
ning at PROM, then EPROM, and finally EEPROM. EEPROM chips are
the current ROM in use and can be updated (flashed).
Processor sockets were the next topic of information. Processors take on a
key role within any computer, and with changes in processors come changes
in processor interfaces with the motherboard. Other motherboard features
include on-board disk controllers, keyboard and mouse interfaces, and
peripheral port connectors (including serial and parallel interfaces).

Exam Essentials 99
Intel and AMD designed processors especially for the stressful environ-
ment of a server. With these advanced processors comes the need for added
cooling. This discussion led into a section on overclocking—a risky practice
that can result in overheating.
Exam Essentials
Know the differences between integrated and non-integrated mother-
boards. Make sure to have a strong understanding of the differences,
advantages, and disadvantages of both motherboard styles.
Be able to identify the differences between motherboard form factors.
Identify AT/ Baby AT, ATX, and NLX form factors and their limitations
and benefits.
Be able to label the common components of a motherboard. This
includes expansion slots, RAM banks, processor socket, CMOS battery,
CMOS chip, power connector, and on-board controllers.
Understand the differences between common expansion busses. Be able
to identify the busses by speed, configuration, and use.
Know the IRQ and DMA resources for the ISA bus. Know what
resources are in use for what devices, as well as what resources are
available.
Know the different types of RAM memory. Know the differences
between EDO, SDRAM, DDR RAM, and Rambus RAM. Be aware
of performance differences between the types of RAM.
Be able to explain the different types of ROM. Understand the
different levels of ROM, including PROM, EPROM, and EEPROM.
Know the different processor slots and supported processors. This
includes all sockets, slots, and slockets for Intel chips as well as the AMD
processors.
Know what firmware is and which common components have
firmware. Be able to identify a firmware chip as well as its purpose.
Know the processors that are available for use within a server. Be aware
of voltages, speeds, and common names for processors from both Intel
and AMD.

Key Terms
ing terms:
Accelerated Graphics Port (AGP) integrated

AT NLX
ATX non-integrated
Baby AT overclocking
cache memory Peripheral Component
Interconnect (PCI)
Direct Rambus RAM Plug and Play
double data rate synchronous programmable read-only
dynamic RAM (DDR SDRAM) memory (PROM)
electrically erasable programmable random access memory (RAM)
read-only memory (EEPROM)
erasable programmable read-only read-only memory (ROM)
memory (EPROM)
expansion busses riser card
extended data output RAM synchronous dynamic RAM
(EDO RAM) (SDRAM)
Industry Standard Architecture (ISA)

Review Questions 101
Review Questions
1. What is the difference between integrated and non-integrated
motherboards?
A. Integrated motherboards have built-in components normally
found on expansion cards.
B. Non-integrated motherboards are newer technology.
C. Integrated motherboards are more expensive than non-integrated.

D. Non-integrated motherboards are rarely used today.
2. Which of the following components are not normally integrated in an

integrated motherboard?
A. Network card
B. Video
C. Modem
D. SCSI controller
E. Hard disk
3. Which of the following is not an example of motherboard form

factor?
A. AT
B. ATX
C. MCA
D. NLX
4. Which of the following is a common component of an NLX mother-

board?
A. PCI expansion slot
B. VESA expansion slot
C. Riser card
D. ZIF processor socket

5. Which of the following is not a common expansion bus?
A. PCI
B. AGP
C. ISA
D. IDE
6. What does AGP stand for?
A. Accelerated Graphics Port

B. Accelerated Graphics Post
C. Advanced Graphics Port
D. Advanced Game Port
7. What is the bus speed for an AGP bus?

A. 64-bit at 33MHz
B. 32-bit at 33MHz
C. 32-bit at 66MHz
D. 64-bit at 66MHz
8. What does PCI stand for?
A. Personal Component Interface
B. Peripheral Component Interconnect

C. Personal Computer Interconnect
D. Peripheral Computer Interface
9. What is the speed of the PCI Bus?
A. 16-bit or 32-bit
B. 32-bit or 64-bit
C. 32-bit or 32-bit
D. 64-bit or 64-bit

10. How are resources configured on a PCI bus?
A. Jumpers
B. Software
C. Automatically through the BIOS

D. Manually through a boot disk
11. What is the speed of an ISA bus?
A. 8/10MHz
B. 6/8MHz
C. 10/12MHz
D. Varies, depending on motherboard
12. What is the default IRQ for LPT1?

A. 5
B. 7
C. 3
D. 9
13. What does RAM stand for?
A. Random access module
B. Repetitive access memory

C. Random access memory
D. Repetitive access module
14. What type of RAM is installed in pairs?
A. SD RAM
B. EDO RAM
C. RD RAM
D. Rambus

15. What does the abbreviation SD RAM stand for?
A. Synchronous dynamic RAM
B. Standard digital RAM
C. Synchronous digital RAM

D. Standard dynamic RAM
16. Which type of ROM can be flashed?
A. PROM
B. EPROM
C. EEPROM
D. ROM
17. Which type of cache is located on the processor?

A. Level 2
B. Level 3
C. Level 1
D. Level 4
18. Which socket is used for Pentium processors that run at speeds
up to 75MHz?
A. Socket 3
B. Socket 4
C. Socket 7
D. Socket 5
19. What is the most widely used socket today?
A. Socket 7
B. Socket 5
C. Socket 4
D. Socket 3

20. What is firmware?
A. Software for a hardware component
B. A program that changes the configuration of an expansion bus
C. A software update for a PCI card

D. A digital representation of a system driver


1. A. Integrated motherboards contain components that are found on
expansion cards. These include video, audio, network cards, SCSI
controllers, and modems. Integration frees up expansion slots for
other devices.
2. E. Hard disks are not integrated on motherboards.
3. C. MCA is an expansion bus. AT, ATX, and NLX are motherboard
form factors.
4. C. The riser card is used to install expansion cards within a low-
profile NLX motherboard.
5. D. IDE is actually a hard disk technology. PCI, ISA, and AGP are
expansion busses currently in use.
6. A. AGP is the Accelerated Graphics Port. It is used for video only.
7. A. The transfer speed of the AGP (first release) was 64-bit

at 33MHz.
8. B. PCI stands for Peripheral Component Interconnect. It is the most
popular expansion bus in use today.
9. B. The PCI bus can communicate at either 32-bit or 64-bit.
10. C. Resources for a PCI bus are configured automatically through the
BIOS settings.
11. A. An ISA bus can transfer at speeds of either 8 or 10MHz.
12. B. LPT1 is assigned IRQ 7 by default.
13. C. RAM stands for random access memory.
14. B. EDO RAM is installed in pairs. This was a major limitation for
this type of RAM.
15. A. SD RAM is short for synchronous dynamic RAM. This RAM
works to a synchronous clock cycle.
16. C. Electronically erasable programmable read-only memory can be
digitally erased, or flashed, as it is often called.

17. C. Level 1 cache is always located on the processor.
18. B. Intel designed the socket 4 to support Pentium-class chips up to

75MHz; in subsequent Pentium chips, they changed the voltage and
socket.
19. A. Socket 7 is considered to be the most widely used socket today.
20. A. Firmware is software that runs a hardware component—

sometimes referred to as the operating system of a hardware
component.

Chapter Storage Devices

THIS CHAPTER:

delivered

processors, memory, internal cable, etc.)
Install UPS
2.4 Configure external peripherals (UPS, external drive

subsystems, etc.)

3.3 Add hard drives
For ATA/IDE drives, confirm cabling, master/slave and
potential cross-brand compatibility
Add drives to array
Integrate into storage solution and make it available to the
operating system
Perform upgrade checklist, including: locate and obtain
the latest test drivers, OS upgrades, software, etc.; review
FAQs, instruction, facts and issues; test and pilot; schedule
downtime; implement ESD best practices; confirm that the
document the upgrade.

S torage devices are arguably the most important type of device
in a server. Of course, the server couldn’t run without a motherboard, pro-
cessor, and memory, and a server without a network card is pointless. But
when you think about what a server really does—stores files and databases
and provides other services—the hard disk holds everything that’s dear to
clients. Every time a client accesses the server, the client accesses the server’s
storage device.
There are a variety of storage devices that can be employed in a server.
They include hard disk drives, optical drives, CD-based drives, tape drives,
and others. This chapter will focus primarily on hard disk drives, since they
are the most common online storage devices used in servers. (Others, like
tape drives, are typically offline storage devices.)
The hard disk drives that we will concentrate on fall under one of two
major categories: IDE and SCSI. There are others, but these are the two
most common hard disk technologies. Before we get into the details about
these technologies, however, we need to understand how hard disks are
structured.
Physical and Logical Disks

A hard drive is a hunk of metal and plastic. Inside are platters that spin
rapidly, and heads that move back and forth along the surface to read and
write information. You can think of a hard drive much like a record player,
but one that can write as well. That’s pretty much all a hard drive is, at least
physically. But how the computer deals with the disk is a totally different
story. When discussing hard disks from the computer’s perspective, there are
two types of designations: physical disks and logical disks.

112 Chapter 4 Storage Devices
When talking about a physical disk, we are referring to the actual device
located within a server, or connected to the server externally. For example,
a computer with two hard disks will have two physical disks. If you can hold
it, it’s a physical disk. Physical disks can refer to a variety of devices other
than hard disk drives, such as floppy disks, compact discs, and tape drives,
to name a few. The number of physical disks that your computer can have
is based on the interface type. As an example, SCSI technology allows for
more disks per controller than IDE.
A logical disk is not quite as straightforward as its physical counterpart.
One of the most common ways to define a logical disk is any space of a hard
disk (or other storage unit) that has its own disk letter.
As you learned while studying for your A+ exams, a hard disk can be par-
titioned, or divided into smaller sections. Each partition receives a drive let-
ter and therefore can be considered a logical disk. It is not uncommon for a
computer to physically have one hard disk but logically have two. This often
leads to considerable misunderstandings for those who are new to the com-
puter world. Many times people purchase a new computer assuming there
are two hard disks included in the system. After all, in the Windows envi-
ronment, they see two hard disks labeled C and a D. Later on they discover,
by either removing the cover themselves or having someone inform them,
that they actually have only one physical hard drive.
Windows-based systems can support up to 23 logical disks each. After
that, we run out of letters in the alphabet. Yes, the English alphabet has 26
letters, but remember that A, B, and C are reserved for two floppies and the
first hard disk. NetWare and Unix do not use drive letters. They name their
logical disks (called volumes) by referring to the logical unit by machine and
then a volume name. For example, on a NetWare server, there is always a
SYS volume. If your NetWare server is named NW1, the volume name (log-
ical disk name) would be NW1/SYS:.
In a network environment, you will frequently work with multiple logical
disks. You will often find network mapped paths, which also qualify as a
logical disk. These mapped paths are given a unique drive letter and for all
intents and purposes act as another hard disk for the end user. The difference
is that these disks do not reside on the end user’s computer but rather on the
server, or other computer, and are accessed through the network. Network
mapped paths are a logical pointer to a physical resource. This tricks the cli-
ent computer into thinking that it has another hard disk, which in actuality
is a part of a hard disk on another computer. Your computer may think it has
an H disk, and it’s right. The trick is, the information is physically located
somewhere else.

Physical and Logical Disks 113
Should the host computer lose connection to the network, the mapped
path will not be accessible. Figure 4.1 illustrates the view of a mapped path
through the My Computer icon in Windows 2000. Notice how the mapped
path icon for disk F is similar to that of the hard disks, but has a small
network wire connector visible below the disk picture. This small network
wire connector is there to remind you that this is a mapped drive. If the
network-mapped disk is unavailable, it will have a red X on the network
wire connector.
FIGURE 4.1 A mapped path displayed in Windows Explorer
Also on a network, you may run into multiple physical devices that form
one logical disk. A good example is a RAID 1 or RAID 5 array. There will
be at least two physical hard disks (three for RAID 5) that appear as one
logical unit.
So with all this talk of physical versus logical disks, what’s the real deal?
It seems slightly confusing. Just remember that if you can hold it, it’s a
physical disk. However, logical disks are all about how you define them.
A physical hard disk may have multiple logical disks, and at the same time
multiple physical hard disks can make up one logical disk. It all depends on
how you set it up. Last but not least, logical disks can also be physically
contained on another machine, but you have a drive letter on your machine
representing it.

Storage devices interface with the computer through two possible means:
either an IDE or SCSI interface. Because the connectors are so different,
IDE devices cannot be on a SCSI controller, and vice versa. However, some
computers do have connectors for both types of disk. Depending on costs
and requirements, choosing one over another is sometimes difficult in the
desktop/workstation environment. In the server environment SCSI is the
dominant storage device because it is much more extensible, it is compatible
with a wide variety of devices, and it has evolved to operate at many different
levels and speeds. Basically, it’s faster and more expandable. However, it is
also more expensive. In the next two sections, we will explore each option,
for a means of comparison and also for configuration purposes.
IDE Technology
IDE (Integrated Drive Electronics) technology was first created as a simple
means of adding components to a computer. Today, this technology is more
commonly associated with ATA (Attachment Interface) technology. The
controller circuitry is located right on the device itself. The device is then
attached to the motherboard or expansion card with a short 40-pin ribbon
cable. Most cables are keyed so they will fit on only one way. If the cable is
not keyed, then the rule is that the red stripe on the cable connects to pin 1.
Closely examine the cable and you will see that one side of the ribbon has
a red line (although sometimes it’s blue). Also a close examination of the
device will reveal that the connector is labeled with a pin 1. If you can’t
locate pin 1, it’s always on the side of the connector closest to the power con-
nector on the hard disk. A simple jumper configuration (discussed later in
this chapter) provides a means of configuration, and the IDE device is
installed and running.
The original release of this technology supported disks up to 528MB in
size and transferred at a speed of 3.3MBps. With increased disk size ATA-2
(version 2) was released that supported several gigabytes of disk size as well
as increasing speed to 11.1MBps. This release was commonly known as
EIDE or Enhanced IDE technology. The latest release is Ultra DMA/33
(Ultra Direct Memory Access 33) IDE. It can transfer at speeds of 33MBps.
Newer versions of Ultra ATA IDE can support 66MBps and 100MBps. They are
called Ultra ATA/66 and Ultra ATA/100, respectively.

Regardless of the release or version, IDE has one major limitation, which
is that it can support only two devices per controller. In the days of its incep-
tion this was not seen as problematic because hard disks were the only
devices supported. However, with the creation and widespread use of CD-
ROMs, DVDs, and CD-RWs, the need to support multiple devices grew. All
new motherboards tried to meet this demand with support for two separate
IDE channels, often referred to as IDE controllers (primary and secondary).
This would then allow for four devices (two on each channel). In today’s
world of multiple physical disks, burners, and DVD drives, IDE technology
is not the most flexible. Also, 33MBps may seem wonderfully fast, but
compared to SCSI it takes a back seat. And because of overhead associated
with the technology, you will only get about 75 percent of the theoretical
maximum transfer rate with IDE hard disks.
In the server environment speed is essential. Access time to server hard
disks when multiple requests are incoming can add up to rather long wait
periods. If the request is from an application such as a database, the possi-
bility of a time-out error is real. A time-out error happens when the program
gives up waiting for a response from the server. IDE devices have tried to deal
with wait state issues by increasing hard disk spin rates (the same holds true
for SCSI). Typical hard disks spin at 5,400 RPM (revolutions per minute,
referring to the speed at which the platters spin). New releases in IDE
hard disks include 7,200 RPM and 10,000 RPM. Theoretically the faster
the hard disk can spin the faster that the actuator arm and read/write head
can get to the data stored on the platters. This has improved performance in
hard disks but still doesn’t deal with the primary issue with IDE technology:
support for only two devices.
Configuring IDE Devices

Configuration of IDE devices, as previously mentioned, is rather simple.
Jumpers are located on each device and allow for three possible configura-
tions. The first configuration is MA, or Master setting, and it is used if
the device is the only one on the channel or if it is the primary device when
two devices are present on the same channel. The second possible configu-
ration is SL, or Slave, and it is configured only if the device is the secondary
device on a channel. Thirdly, CS, or cable select, is used if the devices can
auto-configure for master and/or slave. Jumper configurations for IDE are
illustrated here for you in Figure 4.2.

FIGURE 4.2 IDE configuration
Setup Jumpers
Jumpers- Style A
ATA Hard Drive, Rear View
ATA Cable Key ATA Cable Pin 1 Jumpers
An extra spare (horizontal)

jumper may also be
present. This does not
Master Enabled Slave Enabled Cable Select affect the drives use.
Enabled
(CLJ) Capacity limitation jumper.
The CLJ jumper is used together
with the Master, Slave, or Cable
Select setting.
Most administrators avoid using CS on their hard disks because it slows down
the boot process. This is because during the boot process the computer has
to scan the IDE cable to detect if devices are present and then determine which
is to be master and which slave.
Practical experience has shown technicians that certain combinations

work best. For example it is recommended that the boot hard disk be
attached to the primary IDE controller in the master position. This will assist
in faster boot. Many motherboards include one Ultra DMA controller (the
other controller is standard IDE to keep costs down) in the primary IDE

position to further assist with speed to the primary boot disk. If you have a
CD-ROM and a CD-RW it is advisable to connect both on the secondary
channel. This will help to prevent buffer under run errors that can occur
when the CD-ROM is on a different IDE channel from the CD-RW.
Once the jumpers are configured for the master and slave settings, the IDE
devices can be installed into the computer case. The final step involves enter-
ing the setup utility when the computer is booting. In your BIOS setup is an
option to manually specify what is connected to each of the master and slave
positions for both IDE controllers, or you can have the BIOS autodetect
these devices each time the computer is booted. If you choose to have the
BIOS autodetect these devices, expect the boot process to become slower.
An option that can be very helpful when installing a hard disk is the Auto
Hard Drive Detect. This utility, found within the BIOS setup program, will
scan the IDE channels and try to identify the hard disks and appropriate
settings for you. After the utility scans the disks, it will present you with its
findings for you to accept or reject. If you accept, they will be automatically
set in the BIOS.
Older BIOSes did not have the ability to autodetect hard disks. You had
to enter in configuration information manually. Even though it may be a
bit slower to have your computer autodetect the hard disks, it’s still a
valid option.
Common IDE devices used today include hard disks, tape drives, CD-
ROM, DVD, CD-RW, and internal Iomega Zip drives. Combinations of
these devices are found in every computer from laptops to servers. Each uses
the previously mentioned jumpers and master/slave settings.
With the limitation of two available devices per channel, IDE is not
common in servers. Many servers contain more than two hard disks alone,
which would leave no connectivity options for a CD-ROM drive or a backup
drive. Transfer speed is another concern. Although IDE speeds seem impres-
sive in a stand-alone computer, when placed in a server environment where
the speed is shared among many client computers, IDE struggles at times
under the demands. More common in a server is the SCSI structure for stor-
age devices. This is not to say that there is no IDE at all in servers. Server
motherboards normally contain at least one onboard IDE slot.

Getting IDE Drives to Play Nice
Some years ago, I was working as a consultant for a small insurance office.
They only had four computers, and no servers. It was a simple configura-
tion, and they didn’t require a lot of maintenance.
They came to the point where they needed additional storage space in the
workstation that held their database. So, they bought an additional hard
drive, and called me to put it in.
I arrived at the office, powered the machine down, and removed the case. I
grounded myself properly (notice, good ESD safety being practiced), and
removed the existing drive. Sure enough, the drive was not jumpered as a
master. So, using the diagram on the drive itself, I set the jumpers to mas-
ter. Looking at the new drive, I jumpered it as a slave. I put both drives back
in the machine, and powered it up.
It didn’t boot. So I checked the system BIOS, and manually configured the
master and slave settings based on the drive parameters. We rebooted
the machine, and still nothing. Just as a test, we changed the jumpers
on the new drive to make it a single, changed the BIOS, and sure enough,
the drive booted. So we knew that the new drive was good. And the old
drive had been working a few minutes ago. So what could be the problem?
We set it back up again with the old drive as the master, and the new drive
as the slave, and got the same results. It didn’t want to play. Looking at the
drives again, I noticed that the old drive was a Seagate, and the new one
was a Maxtor. Puzzled, I switched the master/slave relationship of the
drives, changed the BIOS, and the system booted fine.
The moral of the story is this: sometimes when dealing with multiple
IDE drives, they may not work in a specific master/slave relationship. Try
switching them to see if that helps. It’s not necessarily a Seagate versus
Maxtor thing, but it is more common when you use drives made by differ-
ent manufacturers. So if you can, stick to using drives made by the same
company. It’s also somewhat common for older drives to not work as mas-
ters to newer drives. Again, change the master/slave relationship, and you
should be okay.

SCSI TECHNOLOGY
SCSI (Small Computer Systems Interface) is far more robust than the IDE
structure. Unfortunately it is also far more complex in configuration and
setup, and more expensive. When you talk about SCSI devices, the discussion
is not limited to hard disks. Available SCSI devices include a broad range
of internal and external components. In the server environment, the range is
often dominated by hard disks, tape backup drives, and CD-ROM drives.
However, there are also SCSI scanners, optical devices, and others. The fol-
lowing section focuses on the fundamentals of SCSI hard disks.
The SCSI standard was put into effect in the mid-1980s and specifies a
universal, parallel, system-level interface for connecting up to eight devices
(including the controller) in a chain on a single shared cable. This grouping of
devices is called a SCSI bus. SCSI busses are extremely flexible in design. The
SCSI controller card controls the devices, so you can be confident that, as long
as the card works in the computer, then the SCSI devices will also. Therefore
SCSI devices will perform equally well in a PC, a Mac, or a Sun Microsystems
workstation, as long as the controller card itself works with the operating
system and other hardware. The SCSI controller card contains its own config-
uration as well as firmware. SCSI supports many more devices than available
in the IDE technology, and also transfers information at much faster speeds.
All SCSI configurations require termination at both ends of the chain.
If there is no termination, the signal will bounce back and forth along the
chain, causing the devices to fail. SCSI adapters have a terminator built in,
and you must supply the terminator at the other end. SCSI devices are iden-
tified by a SCSI ID number. The controller typically takes ID 7, and the
devices get 0 through 6.
SCSI Signaling Types

There are three distinct SCSI signaling methods. Careful consideration must
be given to the signaling method chosen because all devices, cables, and
adapter cards on one chain should be of the same signal type, and must be
of the same signal type if you are using HVD (High Voltage Differential).
The three signaling methods are:
SE Most SCSI devices use single-ended (SE) signaling. This method has
a maximum bus length of 1.5 meters, and uses a 50-pin narrow SCSI
connector, such as the Ribbon IDC 50 connector. SE signaling requires
termination. (See the “SCSI Termination” section below for details.)

HVD High Voltage Differential (HVD) (also known as differential)

is used to provide reliable signals in a high-noise environment over a
long bus length (up to 25 meters). The HVD signaling method cannot be
mixed with other signaling methods, and requires a differential (HVD)
terminator.
LVD Low Voltage Differential (LVD) supports a bus length of 12 meters
and supports downward compatibility with single-ended signaling devices.
LVD-compatible equipment is required for the Ultra SCSI standards. LVD
requires termination.
SCSI Types
SCSI technology has seen a constant and dramatic change since its incep-
tion. The first release of SCSI technology was rather awkward and limiting.
Still, the potential was clearly evident. Later releases improved on predeces-
sors in areas of speed and reliability. The following is a brief look at the
essential elements of each major SCSI release.
SCSI-1 The first true implementation of SCSI was SCSI-1, created in
1986. It had a 5MBps transfer rate and used a Centronics 50-pin cable or
a DB-25 female connector with an 8-bit bus width. SCSI-1 was based on
single-ended transmission and used passive termination. Passive termi-
nators had only resistors to terminate the bus, as opposed to active ter-
minators that have voltage regulators for added reliability. The original
release of SCSI was not without problems. While there were standards,
there was inconsistent implementation of the standards by vendors.
SCSI-1 is now obsolete. If you mix SCSI-1 devices on a bus with other SCSI
devices, performance will degrade.
SCSI-2 The goal of SCSI-2 was to improve on performance and reliabil-
ity, and to enhance features. SCSI-2 was also needed to standardize the
commands used with the technology. SCSI-2, which was backward com-
patible with SCSI-1, introduced a higher-density connector and both an
8-bit and 16-bit wide bus. The 16-bit bus was known as Wide SCSI-2.
SCSI-2 also introduced a faster speed release called Fast SCSI-2, which
used the 8-bit bus but at a speed of 10MBps. It was also possible to com-
bine the best of both Wide SCSI and Fast SCSI to get SCSI-2 Fast-Wide
(16-bit at 40MBps). SCSI-2 also used active termination, which is more
reliable than the passive termination used in SCSI-1.

Wide Ultra-2 SCSI Wide Ultra-2 is a step up from SCSI-2. This release
provided LVD or HVD signaling, a 16-bit wide bus, transfer speeds of
80MBps, LVD or HVD termination, and used a 68-pin connector.
Ultra-3 SCSI Ultra-3 is the latest SCSI standard. Ultra-3, also called
Ultra SCSI, operates at a faster 20–40MBps, which was a definite
improvement over previous SCSI releases. Ultra-3, however, addressed
another problem: cable length. With SCSI-3, LVD was introduced. Low
Voltage Differential increased the possible length of the cable to 25 meters
with a possible transfer speed of 160MBps. Ultra-3 SCSI operated at a
16-bit wide bus, with LVD signaling and termination. Ultra-3 used a
68-pin connector.
Ultra 160 This release is a subset of Ultra-3. It is a parallel interface that
uses a 16-bit wide bus and LVD signaling and termination, and has a
maximum transfer speed of 160MBps. Although similar to Ultra-3, Ultra
160’s faster transfer speed and LVD addition warranted the creation of
this new SCSI category to prevent compatibility issues between device
vendors. Ultra 160 also used a 68-pin connector.
Ultra 320 SCSI Ultra 320 is the next generation of parallel SCSI inter-
face. At one point it was called SCSI Ultra-4. It is a 16-bit wide bus that
uses LVD signaling, LVD termination, a 68-pin connector, and has a
transfer speed of 320MBps.
Table 4.1 helps to clarify the various releases of SCSI and their speeds and
cable specifications.
TABLE 4.1 Common SCSI Standards
Transfer Cable
Type Bus Width Rate (MBps) Connector Length
SCSI-1 8 5 DB-25 6m
SCSI-2 8, 16 5 C-50 6m
Fast SCSI 8 10 C-50 3m
Wide SCSI 16 20 C-68 3m
Wide Ultra-2 16 80 C-68 3m

TABLE 4.1 Common SCSI Standards (continued)
Transfer Cable
Type Bus Width Rate (MBps) Connector Length
Ultra SCSI 8 20 C-50 3m
Ultra 160 16 160 C-68 12m
Ultra 320 16 320 C-68 12m
SCSI Controller Card

The SCSI controller card is the heart of the SCSI system. Unlike IDE tech-
nology, where the controller circuitry is located within each IDE device, SCSI
control resides on the adapter card solely. The SCSI adapter card contains a
firmware and an EEPROM chip similar to the motherboard. It is on this chip
that the SCSI adapter card maintains the configuration information for the
individual components installed on the SCSI bus. SCSI adapter cards can
support internal or external devices. Depending on the SCSI standard imple-
mented, the connectors and supported cabling to the adapter card will vary.
Figure 4.3 illustrates a typical SCSI adapter card.
FIGURE 4.3 SCSI controller card
50-pin connector
Ultra160 LVD connector
50-pin connector
32-bit PCI

SCSI adapter cards can vary from a simple controller card that is
packaged with SCSI scanners to very expensive multichannel models.
The type of card you choose will depend on your budget as well as needed
performance.
SCSI Installation and configuration

Installing a SCSI device is substantially different from the previously dis-
cussed IDE technology. Rather than a simple master/slave jumper setting,
there are several key configurations that must be carefully selected. Each of
these configurations plays a significant role in the SCSI operation. Once the
SCSI card and devices are purchased, they need to be configured, usually
though a bank of jumpers located on the device itself. Configuration
includes setting the SCSI ID, LUN (logical unit number), and termination;
within each of these configurations, care must be taken to ensure proper
operation. These configurations will be examined in detail later in this
section. Be sure to document all settings and configurations during the
installation and configuration process to assist in future upgrades,
additions, and troubleshooting.
The following section will look at the fundamentals behind SCSI config-
uration, such as SCSI IDs, SCSI connectors and cables, and SCSI termina-
tion. Server administrators will almost definitely encounter SCSI devices
and should therefore have a basic understanding of these fundamentals.
This topic is covered in great detail on the Server+ Exam.
SCSI IDs and LUN

Each device, including the controller card, must have a unique SCSI ID num-
ber because this number is used to identify each component on the SCSI
chain. The available numbers are 0–7 on an 8-bit SCSI bus, and 0–15 on a
16-bit SCSI bus.
The boot hard disk is normally set to ID 0. This is because the controller
card starts its configuration at 0 and thus will find the boot disk first, theo-
retically resulting in a faster boot. Also, some host adapters will not boot if
the hard disk is not set to ID 0. SCSI ID numbers are configured through a
jumper setting on the device or, in the case of the SCSI adapter card, through
a software utility. Figure 4.4 shows the jumper bank on a SCSI hard disk.
Note the possible settings are for an 8-bit bus.

FIGURE 4.4 Jumper configuration
SCSI ID= 0
SCSI ID= 1
SCSI ID= 2
SCSI ID= 3
SCSI ID= 4
SCSI ID= 5
SCSI ID= 6
SCSI ID= 7
Oftentimes a single SCSI device will perform multiple functions. In this

case, the device will need a means of identifying each function through an
address (similar to the unique SCSI ID). This is where the LUN (logical unit
number) steps in. A good way to grasp the LUN concept is to compare it to
a shopping mall. The building as a whole has one street address but each
shop within the mall has its own separate address. These separate addresses
are analogous to the LUN. In the SCSI-2 standards the LUN numbers can be
from 0 to 7. A practical example of this is a tape changer. The tape drive
would require one LUN number while the changer would require another.
This is one SCSI device that performs two separate functions and would
therefore require two LUN numbers.
Most SCSI cards are configured to ID 7 by default, but you might sometimes
need to reconfigure your adapter card to a different ID. You do this through
the software configuration utility.

SCSI Termination
SCSI termination seems simple enough. Place a terminator at the beginning
and at the end of the SCSI chain (just as you learned while studying for your
A+ exam) and everything should work. However, the majority of configura-
tion problems with SCSI occur with termination or ID numbering. SCSI
termination can be a difficult task because of the many variables you must
consider.
First, termination must occur at the ends of the SCSI chain. Most internal
devices are terminated through the use of a jumper. Be sure to locate the cor-
rect jumper and apply it appropriately. Each manufacturer has a specific
sequence in which to properly apply or remove termination. If the SCSI
controller card is to be terminated, it is normally done through software con-
figuration. During system bootup you will see an option to enter the SCSI
configuration utility, in which adapter card termination can be enabled or
disabled. Where termination takes a much more difficult turn is when exter-
nal SCSI devices are introduced. When both internal and external devices are
present, the termination is removed from the SCSI adapter card and then
configured on the device at the end of the internal and external chains. With
external termination, a secondary device is often needed. Depending on the
type of SCSI bus, the terminator will vary. There are five basic types of SCSI
termination.
Passive Termination consists of a 220-ohm resistor that connects to the
terminator and a 330-ohm resistor that connects the signal line to the
ground. Passive termination is less expensive but can lead to issues with
line noise and dirty signals. Passive termination is not recommended for
SCSI-2 configurations. HVD SCSI, however, does use passive termination.
Active Termination was created to eliminate signal problems experi-
enced with passive termination. Active termination is based around a
voltage regulator, which reduces fluctuations. Active termination uses
a single 110-ohm resistor. SCSI-2 uses active termination.
FPT uses diode switching and biasing to fill any fluctuations between
the cable and devices. FPT (Force Perfect Termination) is a more
advanced form of active termination.
LVD is based on a form of active termination. Low Voltage Differential
(LVD) is based around the higher speeds of SCSI Ultra-2. Special LVD/SE
(single-ended) terminators can be used on busses that have both LVD
and SE devices.

HVD High Voltage Differential (LVD) is based around a form of active

termination. HVD devices require HVD termination, and should not be
mixed with LVD or SE devices.
As you can now see, there is ample opportunity to create problems in ter-
mination. Each terminator must match the appropriate SCSI type. If an inap-
propriate terminator is used, the SCSI bus will not function properly and the
termination could damage devices on the SCSI bus. Considering the cost of
SCSI devices and adapter cards, care should be taken before powering on
your system. For the best information, refer to your SCSI device
manufacturer.
After you have completed all of the configuration steps, you can install the
devices in the same way as IDE devices. The SCSI cable connects between
each device and the adapter card. A power connector also connects to each
device. Figure 4.5 illustrates the connectors at the back of a SCSI hard disk.
FIGURE 4.5 SCSI hard disk connectors
68 pin Centronics Connector Jumpers Power Connector
After all the devices are attached and installed, review each device to con-
firm proper cabling and termination. When you are sure that installation is
complete, you can start the server and enter into the SCSI utility. Depending
on the manufacturer, this can be done in several ways. Normally access is
gained during the bootup of the computer. A line of text will appear on the
screen telling you to press a specific key or sequence of keys to enter the SCSI
setup utility, where you can confirm that each device is identified by the SCSI
adapter (based on the SCSI ID and LUN) and is functioning properly.
Most SCSI cards are terminated by default. If you are connecting internal
and external SCSI devices to your chain, be aware that you will have to
disable the termination on the adapter card. Figure 4.6 is an example of an
external terminator.

FIGURE 4.6 SCSI terminator
SCSI Cables
SCSI cables play an important role in the SCSI chain. SCSI cabling today
comes in many different forms. Remember that SCSI devices can be internal
or external. Internal cabling differs significantly from external cabling in
terms of durability as well as reliability. Consider that cable connectors also
vary depending on the SCSI standard being implemented, and it becomes
easy to see that there are numerous possibilities.
Internal cables follow two different forms:
Standard ribbon cable (similar to IDE and floppy cable) is commonly
found within the server case. This cable normally is 68 wires wide (to
accommodate the 68-pin connector) but can also come in a 50-pin form.
Newer internal cable is twisted-pair cable and looks a little like spa-
ghetti. This cable is round, not flat like ribbon cable, and has twisted
pairs of wires for each pin. The idea behind using the twisted pairs is
to reduce signal degeneration. This cabling costs more than traditional
ribbon cable, but does improve signal stability. It is often used in
longer SCSI bus implementations. Twisted-pair cable can also be
found with metal braided shielding surrounding the twisted pairs,
which protects further against signal interference.
External SCSI cables need to be more durable than internal cables. Being
exposed to the environment and environmental hazards, these cables have a
strong external sheathing to protect internal wires. Many external SCSI cables
also contain ground shielding, which protects against signal interference.
SCSI Connectors
SCSI connectors physically attach the drive to the cable. Several different
types, such as Centronics connectors, are available to meet the demands of

bus width and speed. Figure 4.7 illustrates some common connectors that
you may encounter.
FIGURE 4.7 Common SCSI connectors
DB-25 Connector used with Centronics 50 Connector

SCSI-1 standards used with external SCSI devices
Internal and External 68-pin connector Internal 50-pin ribbon cable

used by most hard drives connector for SCSI-2
Very High Density Centronics 68-pin 80-pin connector used by Ultra 160
used on SCSI-3 and Ultra 2
Benefits of SCSI over IDE

Now that we have compared and contrasted both technologies in detail, you
are probably realizing that there are several reasons why SCSI implementa-
tion is preferred over IDE technology. Even though configuring the SCSI bus
can be a painful task, and the initial cost of SCSI devices is higher than that
of IDE devices, SCSI is still preferred in many applications. As a rule of
thumb, if you have a server, go with SCSI. Here is a summary of SCSI
benefits over IDE.
Speed The transfer speed of SCSI is dramatically faster than IDE. A
server will face a barrage of requests at once, and SCSI technology can
better meet this stress load.
Number of Devices Servers contain multiple hard disks, especially in
RAID configurations, where disk arrays provide redundancy (discussed in
Chapter 5, “Fault Tolerance and Redundancy”). IDE technology without
special accommodation will support only four devices. A single 8-bit SCSI
channel can support seven devices (remember, the controller needs one).

It is common now to see an adapter card with numerous SCSI channels

providing you with nearly limitless device capacity.
Controller Card All SCSI devices are controlled by the SCSI controller
card. This takes the stress away from the processor and motherboard.
Remember that in the IDE environment the devices each have their own
controller circuitry, which is controlled by the BIOS program, which is
located within the CMOS chip, which is on the motherboard. Placing this
burden on a separate card frees up resources for other uses.
Multiple SCSI Controllers Server capacity is limited only by cost. If you
need more SCSI devices and your current bus is full, simply install another
SCSI adapter card! As long as there are available PCI slots, you can install
another SCSI bus.
Internal and External Support IDE technology is limited to the space
within the computer case. SCSI on the other hand will support internal
and external devices. Many SCSI controller cards have external 68-pin
connectors for adding on external devices.
Although initially SCSI devices, cables, and adapter cards cost more than
comparable IDE devices, their speed and flexibility more than make up for it.
Hard Disk Administration

Hard disks are electronic components, and like all electronic components,
their performance will degrade over time until eventually they need to be
replaced. It is usually better to replace the disk drive before it fails rather than
after. You will know a disk is failing if performance drops off drastically
without any new strains being imposed on the device.
When replacing an existing disk, it’s a good idea to upgrade it at the same
time. Newer, faster, bigger, and cheaper disks are always coming onto the
market, so expand your storage capacity if you can. Before replacing a hard
disk, remember to shut off power to the server, and remember to practice
proper ESD safety procedures.
Disk Arrays
If you have multiple disks in a RAID configuration, you should first check
with your manufacturer’s documentation. If software is controlling the
array, it may be difficult to expand. As an example, in Windows NT and
Windows 2000, if you have RAID 1 or RAID 5, you cannot expand it

without deleting the existing array and creating a new one. Of course, if
you do this, please make sure to back up (and test) your existing data first.
(See Chapter 5, “Fault Tolerance and Redundancy” for more information
about RAID.)
Many manufacturers provide external disk arrays for use with servers.
The disk arrays connect to the server through a proprietary expansion card.
These devices are often very expensive, but have some major benefits. Most
of these external storage units contain their own processor and memory,
which makes them very fast, and they do not drain excess resources from
your server. They are also very expandable. Also, most of them use hot-
swappable disks. If one fails, you will get a red indicator light next to it.
Simply pull it out and put a new one in, and the unit will integrate the
disk automatically for you. Technology is a beautiful thing.
Disk Installation Notes

Always remember that disks must be formatted for the operating system they
will work with. A Windows NT machine will not be able to read a disk
formatted for Unix, and vice versa.
Whenever you upgrade your disks, or modify your storage structure in
any way, make sure that you perform your upgrade checklist.
Summary
T his chapter covered essential details for using hard disks as storage
devices. First, we talked about hard disk structure, differentiating between
physical and logical disks.
We then discussed IDE hard disk drives. While IDE may not be as fast as
SCSI, it’s very commonly used because of its lower cost. IDE devices are eas-
ier to configure, but you are limited to two IDE devices per IDE controller.
When using two devices on one controller, you need to set one device as
master and the other as slave.
SCSI is the most popular hard disk technology used in servers. It’s fast,
and allows for large numbers of hard disks per machine. SCSI has many dif-
ferent standards, but all are based on backward compatibility. SCSI devices
are somewhat harder to configure than IDE devices, are more expensive, and
require termination. The benefits of SCSI over IDE include greater perfor-
mance, flexibility, and support for internal and external devices. Last, we
looked at some administration tips for managing your disk storage solutions.

Exam Essentials 131
Exam Essentials
Know the difference between a physical and logical disk. The actual
device located within a server, or connected to the server externally, is the
physical disk. A logical disk is defined by its drive letter.
Know what a mapped disk is. A mapped disk is a path on a client
workstation pointing to a network disk or network share. In Windows
Explorer it appears to the client as a physical disk although it is actually
a path to a logical disk or share on another computer.
Know the three configurations for IDE hard disks. Using jumpers, you
can set IDE devices in one of three configurations: master, slave, or cable
select. You can choose cable select if the devices are capable of performing
automatic selection of correct master/slave configuration.
Know the major limitations of IDE in a server environment. One of
the first limitations of IDE is its support for only two IDE devices per
channel. It also lacks the transfer speeds often needed within a server.
Know the three SCSI signaling methods. There are three different sig-
naling methods: single-ended (SE), High Voltage Differential (HVD), and
Low Voltage Differential (LVD).
Know the common SCSI standards. The various SCSI standards also
have varying bus widths, transfer rates, connector types, and cable length
requirements.
Know the key SCSI configurations. Configuring SCSI devices includes
setting the SCSI IDs and LUNs, and ensuring proper termination.
Understand SCSI IDs and LUNs. Each device must have a unique SCSI ID
that uniquely identifies each component on the SCSI chain. For a SCSI device
performing multiple functions, the LUN is used to identify each one.
Understand SCSI termination. SCSI termination must occur at both ends
of the chain. Usually the controller is terminated at the last device in the
chain. The four basic types of termination are passive, active, FPT, and LVD.
Know the various SCSI cables. Depending on the device, SCSI cabling
can be internal or external. Internal cables follow two forms: standard
ribbon and twisted-pair.
Know the benefits of SCSI over IDE. SCSI provides the following
benefits: faster transfer speeds, support for more devices, and decreased
processor load.

Key Terms
ing terms:
Centronics 50 physical disk

DB-25 SCSI ID
FPT (Force Perfect Termination) SCSI (Small Computer
Systems Interface)
High Voltage Differential (HVD) SCSI-1
High Voltage Differential (LVD) SCSI-2
IDE (Integrated Drive Electronics) single-ended (SE)
logical disk termination
Low Voltage Differential (LVD) Ultra 160
LUN (logical unit number) Ultra 320
mapped paths Ultra-3 SCSI
partitioned Wide Ultra-2 SCSI

Review Questions
1. You are the network administrator for your company. One day, your
boss walks in beaming about a new technology she read about called
IDE. However, your boss forgets what it stands for. What does IDE
stand for?
A. Industrial Drive Electronics
B. Integrated Device Electronics

C. Integrated Drive Electronics
D. Internal Drive Electronics
2. You have three servers on your network. Because the company

wanted to save money, they decided to implement IDE hard disks in
all servers. Each server motherboard has two IDE connectors. What is
the maximum number of hard disks that each server will support?
A. One
B. Two
C. Three
D. Four
3. The current IDE device specifications are based on what industry

standard?
A. Attachment Interface
B. American Transistor Association

C. Analogue Terminal Attachment
D. A-Terminal Attachment
4. You are configuring a new server for your company. One of the junior
employees wants to know what types of devices are going to be plugged
into the IDE controllers on the motherboard. Which of the following
is the least likely device you will plug into an IDE controller?

A. Printer
B. Hard disk
C. CD-ROM
D. DVD
5. You have just installed brand new Ultra ATA/100 hard disks in your
server. However, when you monitor the disk performance, you notice
that you are only getting approximately 25MBps throughput. What is
the most likely problem?
A. The hard disk is defective and must be replaced.
B. The system BIOS needs to be properly configured to recognize the

new hard disk.
C. The motherboard only supports Ultra ATA/33.
D. Nothing. The maximum throughput for an Ultra ATA/100 device

is approximately 25MBps.
6. One of your junior network administrators is trying to configure a

new IDE hard disk. This person does not have much hardware expe-
rience, and is frantically searching for some sort of configuration
method. What do you tell him to use to configure the hard disk?
A. Pins
B. Jumpers
C. Software
D. DIP switches
7. You have just installed a second hard disk into your server. You are
using IDE devices. However, when you boot the machine, it hangs up
during the hard disk detection portion of the POST. You quickly place
the disk into another machine, and it boots fine. What is the first thing
you should check to get the hard disk working properly in your server?

A. Check the system BIOS to make sure that Ultra DMA parity
checking is enabled.
B. Check the system BIOS to ensure that LBA is enabled for the
hard disk.
C. Check the back of the hard disk to make sure it is properly
terminated.
D. Check the back of the hard disk to ensure that you have the proper
master/slave configuration.
8. You are installing an old SCSI-1 adapter in a test machine to demon-

strate the original technology to your boss. How many devices will
that SCSI-1 chain support (including the adapter)?
A. Five
B. Six
C. Seven
D. Eight
9. What three types of SCSI signaling have been officially standardized?
A. SE, HVD, LVD
B. SE, HVS, LVS
C. HVD, LVD, DVD
D. ES, HVD, LVD
10. Your SCSI chain is composed of devices that all use LVD signaling.
You have an older SCSI device that you want to add to the chain,
but you are not sure what type of signaling it uses. What should you
do and why?
A. Do not install it because if it’s an SE device it could ruin the system.
B. Do not install it because if it’s an HVD device it could ruin

the system.
C. A and B are both correct.
D. Go ahead and install it because mixing signaling types does

not matter.

11. You are the junior network administrator at your company. The
senior administrator is in a rush to fix the server, and tells you to get
a SCSI connector out of the parts box. When you ask what kind, she
tells you to get a connector for an SE device. What type of connector
do you grab?
A. 50-pin narrow
B. DB-35
C. Centronics 68-pin
D. DB-9
12. You are installing a new SCSI hard disk into your server to act as the
boot disk. The only SCSI ID you have available is 5. You configure
the disk for that ID and boot the server. However, the system is boot-
ing from the old disk, not the new one. What could be the problem?
A. The new disk is malfunctioning.
B. The SCSI adapter will only boot from a disk with a SCSI ID of 0.
C. The SCSI adapter will only boot from a disk with a SCSI ID of 7.
D. The SCSI adapter is malfunctioning.
13. What connectors does SCSI-1 use (pick two)?
A. Centronics 50
B. Centronics 68
C. DB-25
D. High-density 68-pin
14. How many devices can be supported by Wide Ultra-2 SCSI?
A. 8
B. 16
C. 12
D. 4

15. You are in the process of upgrading your SCSI controller in your
server to SCSI-3. You tell your boss that it’s because of the enhanced
bus speed of the newer technology. What bus speeds does SCSI-3
operate at?
A. 10–20MBps
B. 20–30MBps
C. 20–40MBps
D. 30–40MBps
16. You install a new SCSI hard disk into your server. After rebooting the
machine, the new hard disk is not detected. You place the disk in
another machine that has no other SCSI devices, and it responds prop-
erly. What could be the problem?
A. The disk is malfunctioning.
B. The SCSI ID that the disk is using is already being used by another
device in the first machine.
C. The SCSI ID on the disk is set to an invalid number.
D. The LUN ID that the disk is using is already being used by another
device in the other machine.
17. You are using narrow SCSI technology in your server. You already
have maxed out the number of possible devices in your SCSI chain.
You need to expand the server by adding an additional three hard
disks. What do you do?
A. There is nothing you can do, as computers can only have one SCSI
adapter each.
B. Add the hard disks to your IDE connector on the motherboard.
C. Add the devices to the existing SCSI adapter, and place the termi-
nator at the end of the new chain.
D. Add an additional SCSI adapter to your server, and attach the
disks to it.

18. You are in the process of adding SCSI devices to a new SCSI adapter.
When you attempt to set the first device, you are not sure which ID to
use. You have not changed the default configuration of the SCSI adapter.
What is the most likely SCSI ID assigned to the SCSI adapter cards?
A. 0
B. 9
C. 7
D. 3
19. Your boss has instructed you to create a fast new server for your net-
work. Cost is not an issue, but speed is, and you need to ensure nearly
100 percent uptime. The boss would prefer to be able to expand the
storage capabilities and replace failed disks without taking the server
down, if possible. What type of solution should you implement?
A. Use internal IDE hard disks for the new server.
B. Use internal SCSI hard disks for the new server.
C. Use an external third-party storage solution with hot-swappable

disks.
D. The solution your boss wants is impossible to obtain.
20. Which of the following devices is the least likely to be found connected
to a SCSI controller?
A. Hard disk
B. Modem
C. CD-ROM
D. Scanner


1. C. IDE stands for Integrated Drive Electronics (and sometimes Intel-
ligent Drive Electronics), and was developed as a hard disk standard.
2. D. A single IDE controller will support two devices, and each server
has two controllers, so each server will support four devices.
3. A. IDE devices are based on the ATA (Attachment Interface) standard.
4. A. Of the devices listed, the printer is least likely to use an IDE port.
All of the other devices are commonly connected to an IDE controller.
5. C. Ultra ATA/100 is a fairly new standard, and not all motherboards
support it. In a case like this, the motherboard’s slow link will slow
down the system.
6. B. IDE devices are configured using jumpers. The jumpers are used
to configure the master/slave relationship between IDE devices.
7. D. When using multiple IDE devices, ensure that you have the proper
master/slave relationship or the disks will not function properly.
8. D. A SCSI-1 chain will support a maximum of eight devices. Each
must have a unique SCSI ID number, from 0 to 7.
9. A. There are three different types of SCSI signaling: single-ended (SE),
high voltage differential (HVD), and low voltage differential (LVD).
10. B. You can mix SE and LVD devices on the same chain, although you
need a terminator that can handle both signaling methods. Never mix
HVD with the other two signaling methods.
11. A. SE signaling uses a 50-pin narrow connector.
12. B. Some SCSI adapters will only boot to a disk if it is set to ID 0. In

the case above, reconfigure the SCSI IDs and you should be okay.
13. A, C. SCSI-1 uses a Centronics 50 or a DB-25 connector.
14. B. Wide Ultra-2 SCSI supports a maximum of 16 devices.

15. C. SCSI-3 operates at bus speeds of 20–40MBps.
16. B. Each SCSI device on a chain must have a unique SCSI ID.

17. D. Computers can have more than one SCSI adapter. If the first one
is full, add a second to accommodate the additional devices.
18. C. Generally speaking, SCSI adapter cards are by default assigned
SCSI ID 7. This makes the card the highest priority item in the SCSI
chain.
19. C. Internal SCSI and IDE disks are not hot-swappable. Although
third-party storage solutions can be expensive, they are also very fast,
and often have built-in fault tolerance and redundancy as well.
20. B. A modem is not considered a SCSI device.

Chapter Fault Tolerance
and Redundancy
THIS CHAPTER:
2.2 Configure RAID

Plan for redundancy (e.g., hard disks, power supplies, fans,
NICs, processors, UPS)
Use the technique of hot swap, warm swap, and hot spare
to ensure availability
Use the concepts of fault tolerance/fault recovery to create
a disaster recovery plan
Develop disaster recovery plan
Document and test disaster recovery plan regularly, and
update as needed

I t is amazing how many businesses rely heavily on their server
yet invest so little in making sure that the server is highly available. High
availability and redundancy go hand in hand. In its essence, redundancy
is having multiples of the same device present in a computer so that if one
device fails there will be another to take over. The obvious benefit of pro-
viding redundancy is to ensure that your server stays up, which translates
into your company being able to go about its daily business.
This concept of redundancy has expanded over the last several years to
include a wide array of components and services. By including redundancy
within your server configuration, you are increasing the availability of the
server. When a component within the server fails, the redundant component
will take over and provide a seamless transition. Because the server is nor-
mally the heart of a network, great care should be taken to ensure that it is
highly available.
Throughout this chapter we will discuss the various ways that you can
prevent system failure by practicing common redundancy techniques and by
taking advantage of clustering and RAID technology. We will also spend
some time evaluating the various levels and forms of RAID.
Managing Fault Tolerance

W hen an error occurs within a computer, it can be a result of numer-
ous variables. You will remember from the earlier chapters that a multitude
of components and processes are working within the computer case. When
resources are low or shared, computer systems can become unstable and
even stop responding. This often results in system failure and the need for a

Managing Fault Tolerance 143
reboot. However, this is not the only type of problem that can occur within
a computer. These are the three broad fault categories you might see:
Computer Hardware Faults occur when a hardware component fails.
For example, a network card fails, resulting in no access to the server via
network communication. Hardware fault tolerance can provide redun-
dancy by supplying several (or at least two) network cards. The network
cards can be configured to monitor each other. When the primary net-
work card fails, the secondary card can take over.
Software Faults can also bring a server to a halt. By providing mecha-
nisms to support operation despite possible software errors and/or
failures, you increase your availability. These mechanisms can include
monitoring tools to assess system resource utilization or redundant
programs to ensure data access and manipulation.
System Level Faults occur in areas that are not computer based, such as
sensors, lights, diodes, etc. These components, although they may not be
as critical as computer hardware and software, still play an important
role in system operation. Another example of system-wide fault tolerance
would involve monitoring other network components, such as switches
or routers.
Maintaining fault tolerance is maintaining the ability to accept a fault
within one component of a subsystem without losing services to another.
That said, the primary objective in fault tolerance is eliminating any single
point of failure (SPOF). Depending on the server function, SPOFs can vary.
For example, a high-availability web server will have multiple possible Inter-
net connections, so that if the primary Internet connection fails, then a sec-
ondary and or tertiary connection can take over. In contrast, a print server
will not commonly have a web connection but could have several printer
connections and/or multiple links to remote printers.
Depending on the demands of the server at hand, redundancy offers sev-
eral possibilities. At the planning stage, it must first be decided at what level
the server needs to be available. Hot site servers, such as those in hospital and
police networks, must be available always, regardless of any possible disaster
or problem. Hot servers are the most expensive and fault tolerant. Warm
servers are designed to be fault tolerant most of the time. They contain sev-
eral redundant components, usually in what is deemed the likeliest areas of
possible faults. Warm servers cost more than cold servers but not nearly as
much as hot servers. These servers will be fault tolerant most of the time but

144 Chapter 5 Fault Tolerance and Redundancy
still can go down from time to time. Cold servers contain few if any redun-
dant components. Cold servers can and often do fail; pricewise, they are the
most affordable. What you want to do is achieve a balance between cost and
reliability. Ask yourself, “What is the use of the server? What key compo-
nents are in use and stand a chance of failure?” These are the components
that should be part of your fault tolerance plan.
Eliminating every possible SPOF and having maximum availability would
be excellent—but expensive and nearly impossible to implement. If you
think about all the possible SPOFs within a single server, this would mean
installing multiples of each key component. Then, to ensure that there would
be full system protection, you would have to use a backup server (you will
learn more about this clustering of servers later in this chapter).
Consideration must also be given to electrical requirements. An uninter-
ruptible power supply (UPS) is a must, but what if the power fails for more
then the expected battery life of the UPS? Many high-availability systems
employ an electrical generator to provide power in case of a lengthy outage.
Now you might want to provide a backup generator for the first generator.
As you can see, this becomes expensive and can get carried away very quickly.
Instead, most companies will implement a warm server.
In the real world, where the value of a dollar is taken into consideration,
redundancy focuses on the commonly used components as well as those that
might be susceptible to failure. These common components, as well as the
reason for their redundancy, are explained in the next section.
Common Redundant Components

Within a server are several components that, due to their importance or
stress load, should have redundancy. By providing redundancy to these
components, you can improve availability. We will take a closer look at
them within this section.
Network Cards
Network cards within a server play an integral role in the network. Without
a NIC, your server is still operational but it suddenly becomes a stand-alone
computer. All the files and resources that are shared become inaccessible to
client computers. Current network cards are, for the most part, inexpensive.
Many servers will contain two network cards; most hold several. The bene-
fits of more than one card are numerous. In terms of redundancy, more than
one connection from the server to the switch or hub provides redundant

paths. If one network card were to fail, then a secondary or tertiary card
would be available to take over the requests. This is referred to as adapter
fault tolerance. Configurations can include all network cards working
together as a team (adapter teaming) and handling requests as one, even
though there are several cards working together.
The benefits to this are obvious. First of all, should the primary card fail,
the second card can take over without any intervention. Adapter teaming
can also provide a certain level of load balancing as network requests can be
distributed evenly between the cards (in turn eliminating the possibility of a
single network card becoming a bottleneck).
Power Supplies
Redundant power supplies are becoming increasingly common within
servers. It is fairly common to have a power supply fail. Remember, the con-
version from AC (alternating current) to DC (direct current) occurs within
the computer’s power supply. Component failure and/or fan failure is a con-
cern. Servers containing multiple power supplies are configured to monitor
the primary power supply; if needed, the secondary power supply will take
over from a failing or failed primary supply. However, if the problem is poor
AC power entering the server, then redundant power supplies will not solve
your problem.
Hard Disks
Hard disks are one of the most common components to be seen in a redun-
dant configuration and one of the most common components within a server
to fail. If you can afford to provide only one area of redundancy, then it
should be the hard disks. Remember, your hard disks take the brunt of the
daily stress in a server environment. The hard disks also contain all of the
information that is stored on your network. If any other component within
the server fails, it can be changed out with nothing more than some lost pro-
ductivity time. If the hard disk fails, then all the data and information that
was stored on the disk is also lost. This is why backups are so important.
Backups allow you to restore in the event of data loss. But think of the time
it may take to perform a restore. This is lost productivity time. By imple-
menting hard disk redundancy, you can greatly reduce the time it takes to
bring a server back up in the event of hard disk failure—in some instances,
no downtime at all will be experienced. Hard disk redundancy raises a whole
new concept called RAID. We will be looking at RAID later in this chapter.

Cooling Fans
It goes without saying that cooling is critical within a computer. A server
will generate even more heat than a standard desktop, so cooling is a more
serious consideration in servers. Running several high-spin-rate hard disks,
multiple adapter cards, high-performance processors, and multiple power
supplies generates large quantities of heat. Cooling fans are available in a
variety of forms today. Dynamic fans that are dedicated to a specific com-
puter component, such as a hard disk, are available at minimal cost and are
well worth the investment.
Many server environments contain numerous fans, as well as groups of
fans working together. This form of redundancy ensures that when a fan fails
(and being a mechanical component, it will fail at some point), the failure
will not result in rapid overheating and eventual system instability. Most fan
speeds (RPMs) are also controlled. If needed, the fans can be speeded up or
slowed down to control the temperature.
Internet Connection
Where would we be without the Internet? Most businesses rely on the
Internet for their daily operations more than they realize. If daily operations
are reliant on the Internet, then precautions should be taken to ensure con-
nectivity. Precautions include providing multiple connections and different
forms of connectivity. This means that if the T1 connection fails due to issues
with the provider, then Internet access can be gained through another pro-
vider, another service (such as DSL), or—if all else fails—through the good
old dial-up modem. As much as we complain about slow modems, it is better
to have dial-up than nothing.
Clustering Technology
Reliability of network servers has become critical to the success of many
businesses. Most businesses today have resources, applications, and services
hosted on network servers that are crucial for their day-to-day operations.
This means that these resources need a high level of availability. One of the
key technologies available to meet this requirement is clustering. Clustering
servers so they operate as a single server can increase the availability of
resources, applications, and services to an impressive 99.999 percent. Not
only does it provide an economical solution for fault tolerance in the event
of server failure, but it also makes planned outages more convenient.

What Is a Cluster?
A cluster is a group of computers that work together as one and logically
appear to be a single system to users on the network (see Figure 5.1). It is a
combination of both hardware and software solutions. Clustering allows
you to link two or more systems together so that if one should fail the other
is ready to automatically assume its workload. In the event of server failure,
applications, services, and resources are migrated to a remaining cluster
member by the cluster software and are restarted.
FIGURE 5.1 Clustering
Public network Public network

connection connection
Server 1 Server 2
C:
Shared disk
Private network connection
Clustering can be a viable solution for mission critical servers, whether

they are transaction servers, database servers, or mail servers. The cost of
implementing a cluster configuration can be far outweighed by the cost of
lost data and server downtime. The benefits of such a configuration include
fault tolerance and increased availability, load balancing, and scalability.
The benefits you achieve by implementing a cluster will of course depend on
how you configure it (for example, active/active or active/passive).
Fault Tolerance and Increased Availability In a cluster configuration,
at least one system is on standby should the primary fail. When the
primary system fails, or a component on that system fails, the cluster
software responds by moving the resources from the failed system to
the standby. Downtime can be decreased to just a few seconds, thereby
providing fault tolerance and increased availability.

Load Balancing By implementing a clustering solution, multiple servers

can run the same services. When clients make a request for the service, the
requests can be balanced among the different servers. The servers appear
to the clients as a single logical server and the clients are unaware of which
physical server actually responds to the request.
Scalability Depending on the clustering software you are using
and the operating system you are running it on, you may have some
level of scalability with your cluster. For example, if you are running
Microsoft Windows 2000 Datacenter Server and Microsoft Cluster
Service, you can add up to four servers to a single cluster. Scalability
can also be achieved within a cluster by adding more resources and
components to a system.
The availability of a cluster and its resources is dependent on the configuration

of the network environment. So, when setting up a cluster, you also need to
identify any single points of failure that might impact the resources’ availability.
You can configure an active/active cluster or an active/passive cluster.

The model that you choose will have an impact on how the cluster operates.
In an active/active configuration, each of the servers has its own workload
but is also ready to assume the workload of another cluster member in case
of failure. For example, you might have a database application running on
one cluster member and an e-mail application running on another member.
Should either one fail, the other is ready to assume the failed server’s work-
load while still maintaining its current load. In an active/passive configura-
tion, one server assumes the workload while another server sits idle, ready to
assume the workload should the active server fail.
Clustered servers have to have access to the same data. Looking at the
previous examples, if the database application fails over to the second
cluster member, that member will need access to the actual data to continue
servicing client requests. This is achieved using shared storage. The cluster
members will all be connected to a shared storage device that they all have
access to. In most cases, this will be an external disk or multiple external
disks. The cluster software is responsible for determining which cluster
member has access to the data on the shared disk.
Failover
The servers in a cluster provide fault tolerance through failover and failback.
In the event of server failure, component failure, or service failure, the

workload of the failed cluster member will automatically be assumed by

another server. The applications and services running on the failed member
will be restarted on another cluster member, which will assume the respon-
sibility of servicing client requests; this is known as a failover. The cluster
members use heartbeat messages to monitor one another’s online status and
the status of clustered resources. Once the failed member is back online, the
workload can be configured to be automatically transferred back to the now
operational server, a process known as a failback. The only downtime that
will be experienced is the amount of time it takes for the workload to be
automatically transferred between cluster members. The end user sees the
cluster as a single system, and in the event of failure, user requests are trans-
parently redirected to another server.
What Is RAID?
A server’s disk subsystem is one of the most common components to fail.
With this in mind, you will want to implement some form of disk subsystem
fault tolerance when building a reliable network server. RAID (Redundant
Array of Independent [or Inexpensive] Disks) is a group of hard disks that
collectively acts as one storage system, providing tolerance to failure of a
disk within the array.
There are many benefits to using RAID within a server. Providing a means
for high availability within the server is always the primary objective. RAID
allows for data to be highly available regardless of disk failure. In a complex
disk array, one hard disk or more could fail and the server will still run seam-
lessly to the end users. This ability of combining multiple hard disks into a
fault tolerant array is what makes RAID so appealing to server technicians.
Another benefit is speed. Having data stored on multiple disks allows for
the disks to all write information at one time. This speeds the writing process
considerably over a single-disk system.
The main disadvantage of RAID is the cost of implementation. The cost
will vary between implementations depending on factors such as the number
of disks required, the amount of disk space required, and the level of RAID
you choose to implement. Keep in mind as well that RAID does add a level
of fault tolerance to your network server disk subsystem and data but does
not provide a 100 percent fault tolerant solution because most levels of
RAID can recover from failure of only a single disk.
There are two forms of RAID: hardware based and software based.
Hardware based RAID uses a controller card (similar to the SCSI card) that

connects to the motherboard through an expansion slot, or can also be an

integrated component of the motherboard. In hardware based RAID the
controller card contains a BIOS chip that maintains the disk information.
Hardware based RAID is often preferred to software based RAID because
the responsibility of controlling the disks is taken on by the controller card
rather than the operating system and processor. This frees valuable resources
within the server. Software based RAID relies on the network operating
system to configure and control the information being sent and accessed on
the disks.
Later in this section, we will discuss both forms of RAID in great detail,
but before we look at the levels of RAID, an understanding of RAID terms
must first be established.
Array An array is a grouping of disks contained within a single imple-
mentation of RAID. Different levels of RAID will require a different
number of disks within an array. For example, implementing RAID level 1
requires 2 disks within the array while RAID 5 requires a minimum of 3
with a maximum of 32.
Striping Striping is a method of spreading data across several disks.
There are tremendous performance gains with striping because data is
written and read from the disks simultaneously. The performance of strip-
ing is measured by the size of the stripe. Different levels of RAID offer
different sizes of stripes, such as bits, bytes, and blocks. The larger the
data stripe, the better the performance of the stripe.
Mirroring Mirroring is a simple concept: Data is duplicated on two sep-
arate hard disks. Should one of the disks fail, then the second disk will
take over seamlessly. The controller card does this changeover between
disks should a failure arise. Write performance is not very good in a mir-
rored array because all data has to be written twice (once for each disk).
Duplexing Duplexing is similar in concept to mirroring. Data is dupli-
cated on two separate disks but duplexing adds an extra level of fault
tolerance through the use of separate controller cards.
Parity Parity is added to certain levels of RAID. The parity bit is used as
a form of error checking for the array. Each data byte written to the array
is given a parity bit. The controller card uses the parity bit to validate the
integrity of the information being written to the disks. If the data has been
compromised, the controller card will replace the data automatically with
information from the other disks.

Volume In terms of RAID, the volume is the total amount of logical disk
space within the array. For example, if you were to implement RAID 5
using four physical disks, combining 3GB of free space from each one, the
RAID volume would be 12GB (four disks × 3GB). This means that there
is 12GB of free storage space within the array. Keep in mind that this
calculation does not take into account the space needed for the parity
information.
Levels of RAID
There are numerous levels of RAID that can be implemented in a hardware
based RAID array. Each level has its own benefits and drawbacks. The most
common levels are RAID 1 (disk mirroring) and RAID 5 (stripe set with
parity). The Server + exam will test your knowledge on seven of these levels.
First let’s look at the levels in detail, and then we can compare them in a
chart to see the benefits and drawbacks.
Level 0 RAID 0 provides no fault tolerance at all. Data is split across
hard disks, resulting in fast data throughput but no safety. If a disk were to
fail, then the data would become inaccessible. RAID 0 is often referred
to as striping. Level 0 is one of the implementations of software level
RAID, and will be discussed later in the chapter.
Level 1 RAID 1 is called mirroring. In mirroring, two disks are used
and data is copied (mirrored) from one disk onto another. When one disk
fails, there is an identical second hard disk to take over. Most ordinary
servers will use RAID 1 for fault tolerance. Level 1 is a common imple-
mentation in servers and can be used with IDE disks as well as SCSI
hard disks.
Level 3 RAID level 3 is striping bits of data across several disks with
parity information stored on one disk. A major concern with this array
is that the parity disk is a SPOF. Should the parity disk fail, then the entire
array will halt. RAID level 3 requires at least three hard disks (including
the parity disk). There is also an increase in workload placed on the parity
disk because each time a write operation is performed this disk is accessed.
Level 4 RAID 4 stripes data as bytes across several disks with parity
information stored on one disk. Parity data is updated on each write

request, which can hamper performance. The same SPOF issue seen in
level 3 is also a concern in level 4. RAID level 4 also requires at least three
hard disks. The benefit over level 3 is that the data being written to the
disks is in larger units (bytes over bits).
Level 5 RAID level 5 is commonly referred to as striping with distributed
parity. Similar to levels 3 and 4, RAID 5 offers a more advanced parity,
which is striped across multiple disks. This ensures that if the parity disk
were to fail, the array would not fail. On the negative side, because parity
data must also be written to each disk in the array, performance is slower.
Level 0+1 RAID 0+1 (sometimes referred to as RAID 10) is a dual array
that takes the best of level 0 and level 1. Multiple mirror sets are used,
which are then configured in a striped set (requiring a minimum of four
disks). RAID 0+1 offers high data-transfer speed with data protection.
Level 0+5 This level of RAID is composed of multiple RAID 5 sets
connected in a single array. The benefit of this complex structure is that
multiple disks could fail across several sets and still the entire array
would stay active. The cost of such a structure would be mind-boggling.
Now that we have a better idea of each of the main RAID levels, we can
look closely at the benefits and drawbacks of each level and compare them
(see Table 5.1). It will be important for you to know these and be able to
make distinctions between levels, not only for the purposes of the exam but
also for day-to-day hands-on activity.
TABLE 5.1 Levels of RAID
Level Benefits Drawbacks
RAID 0 Fast No data protection
RAID 1 Fast and easy to set up Controller a SPOF and

is slower than 0
RAID 3 Uses parity Parity disk a SPOF and

stripes small data
units (bits)
RAID 4 Uses parity Parity disk a SPOF

and stripes larger
data units

TABLE 5.1 Levels of RAID (continued)
Level Benefits Drawbacks
RAID 5 Best cost/performance Only supports SCSI

disks in hardware level
RAID 0+1 High transfer speeds Expensive and often

difficult to configure
RAID 0+5 Best data protection Extremely expensive
RAID Disks
In most applications SCSI disks are the disks of choice in a RAID config-
uration, but IDE disks can also be used. If you remember from Chapter 4,
“Storage Devices,” IDE supports only two disks per controller, and therefore
IDE is not often used within a RAID configuration. However, with software
RAID, mirroring can be implemented on one or more IDE disks. This will
allow for data protection. Normally SCSI disks are used. Many manufactur-
ers sell combination RAID and SCSI controller cards. These amazing (and
normally very costly) multi-channel devices allow you to select whether the
channels will function as RAID or SCSI controllers. Many mid-range to
high-end servers utilize these controllers.
RAID Controllers
RAID disks are just one component to consider when implementing RAID.
You will also need to consider the RAID controller if you are implementing
hardware level RAID. RAID controllers perform functions such as calculat-
ing the parity information and caching of information. RAID controllers
come with their own processor to perform parity calculations, which means
the RAID system will no longer be dependent on the CPU in the server.
In terms of caching, the controller can cache information that will cache data
that is waiting to be read from or written to the disks in the array. When
choosing a RAID controller, you need to consider the type of disk subsystem
(SCSI or IDE), the type of RAID you plan to implement (not all RAID con-
trollers support every level of RAID), and the size of the on-board cache. The
size of the on-board cache will be determined by the type of data being stored
on the array and the expected workload on the controller.

RAID Cache
Depending on the workload, a RAID controller could become a bottleneck
trying to perform all of the read/write operations. Most RAID controllers
come with on-board cache to eliminate this possibility. If the RAID control-
ler receives a request that it cannot immediately perform, the request can
be temporarily placed in the cache.
Software RAID
Some operating systems allow you to configure RAID without the need for
special hardware. The operating system will come with some utility that
will allow you to configure software level RAID, which is known as software
RAID. For example, using Disk Management, a tool included with Win-
dows 2000, you can implement software RAID through the operating
system. The previous section gave you a brief introduction to the different
levels of RAID that can be implemented. The following section will describe
in more detail the features, benefits, and drawbacks of software level RAID.
Throughout the section we will pause and examine the advantages and the
disadvantages of most of the common software RAID levels. You will find
these highlighted evaluations in shaded sidebars within this section.
RAID 0, also known as disk striping, can be implemented on a server but
it does not offer any fault tolerance. So if your servers are hosting mission
critical data, this will not be an appropriate solution.
With RAID 0, data is broken down into blocks and written across multi-
ple hard disks, which increases performance. Performance is also increased
because there is no parity overhead. However, should a disk within the array
fail, all data is lost and is only recoverable by restoring from a backup copy.
RAID 0 Advantages
Improved performance—because data is spread across multiple disks, I/

O performance in increased.
Minimal hardware—RAID 0 can be implemented on two disks.
Easy implementation—it is easy to implement and can be done using a

tool that comes with the operating system.
Zero disk overhead—because there is no parity information, there is no

disk overhead associated with RAID 0.

RAID 0 Disadvantages
No fault tolerance—if a single disk fails, all data is lost and must be
restored from backup.
Increased single point of failure—most implementations of RAID 0 can

support up to 32 disks. However, the more disks you have, the more
points of failure. If any of the disks within the array fail, all data will
be lost.
Because RAID 0 offers no fault tolerance, it should never be used for data that
is mission critical.
RAID level 1 is also known as disk mirroring. This is one of the most
common implementations of RAID in a server environment. With disk
mirroring, two disks are required so that data from one disk can be copied
or mirrored onto a second disk. Each time a write is made, it is duplicated to
the second disk in the mirrored set. If the first disk fails, the data can be
accessed from the second disk in the mirrored set (see Figure 5.2).
FIGURE 5.2 RAID 1
Disk 1 Disk 2
C: C:'
Disk Controller
RAID level 1 has little impact in terms of performance. You will not
see any increase in performance when reading from the disk and you may see
a decrease in performance for disk writes because the data now has to be
written to two different disks.

In terms of fault tolerance, RAID level 1 can withstand the failure of one
disk without data loss. This implementation however cannot withstand
the loss of a second disk, so when disk failure occurs, it is important to
replace the disk as quickly as possible.
A variation of RAID 1 is disk duplexing. It is similar to disk mirroring but
provides an additional level of fault tolerance. With disk mirroring, the disks
in the array use the same disk controller. Should the disk controller fail, both
disks fail as well. With disk duplexing, each of the hard disks has a separate
controller, adding yet another level of fault tolerance.
RAID 1 Advantages
Easy to implement fault tolerant options. Since data is duplicated on

two disks, it is readily available should one of the disks fail.
Disk duplexing—this process can be implemented to eliminate the disk

controller as a single point of failure.
Fault tolerance for system partition—normally, boot files cannot be

written across multiple disks. RAID 1 allows you to implement fault
tolerance for the system partition.
It offers a relatively low-cost fault tolerant solution because only two

disks are required.
RAID 1 Disadvantage
Disk overhead costs—the major disadvantage of RAID 1 is the disk

overhead or the cost per megabyte. A large amount of disk space can be
consumed mirroring one disk onto another. RAID 1 has the highest disk
overhead of any RAID implementation.
Some implementations of RAID allow you to add a hot spare, which can be
used if one of the disks in the array fails.
The second most common level of RAID is RAID level 5, also known as
striping with parity. It requires a minimum of 3 disks and most implementations

support a maximum of 32 disks. Data that is written to the array is stored

across multiple disks. This level of RAID provides fault tolerance by adding
parity information that can be used to regenerate the data should a disk in
the array fail. The volume size for the array is determined by the smallest disk
(all disks in the array must be the same size). For example, if you have three
disks, 10GB, 20GB, and 40GB in your array, 10GB from each disk will be
used because this is the smallest disk size. The total volume for the array
would be 30GB, with 20GB available for data storage because 10GB is
reserved for parity.
In terms of fault tolerance, RAID level 5 can withstand the loss of a single
disk and use the parity information to recover the lost data. If more than
one disk in the array fails, all data is lost.
Not only does RAID level 5 provide fault tolerance for data, but it can
also increase performance because it is faster to read data from multiple
disks than it is from a single disk. You may see a slight decrease in write per-
formance because the parity information has to be calculated. The trade-off
for fault tolerance is a slight increase in server overhead. A portion of your
disk volume will be used to store the parity information. To calculate the
amount of disk space for the parity information use the formula 1/x where x
is the number of disks in the array. For example, if you have four 20GB disks
in your RAID implementation, the total volume is 80GB but 20GB is
reserved for parity information (1/4 of the total volume space).
Level 5 Advantages
Fault tolerance—obviously, one of the main advantages to RAID 5 is

fault tolerance. It can withstand single disk failure while still providing
access to the data, using the parity information to re-create the data
stored on the failed disk.
Increased performance—RAID 5 offers an increase in performance

because data, including the parity information, is written across
multiple disks.
Replace without shutting down—depending on your server configura-

tion, if it supports hot swapping, you will be able to replace the failed
disk without shutting down the server.
Low disk overhead—the disk overhead for RAID 5 is considerably lower

than that of RAID 1.

RAID 5 Disadvantages
Restrictive array—the system and boot partitions cannot be contained

on a RAID 5 array.
Limited performance—there is a decrease in write performance because

the parity information has to be written across multiple disks every time
a write operation is performed.
Disk Overhead—Even though the overhead is less than that of RAID 1,

one disk space is still lost for parity information.
Software Versus Hardware

As you now know, RAID can be implemented through software and there it
is configured and then managed through the operating system or by using
specialized hardware. When determining the level of RAID to implement,
you will need to look at the benefits and drawbacks of each type as well
as your requirements (costs, performance, capacity, and fault tolerance).
Keep the following points in mind when you are deciding what type of
RAID to use.
Costs Software level RAID reduces costs because it does not require any
specialized hardware.
Performance Software level RAID is handled by the server’s processor,
which can decrease performance. Hardware level RAID takes the load off
the server’s processor with the use of a specialized controller card.
Capacity Software level RAID is dependent on the operating system and
consumes server resources. Hardware level RAID is not dependent on the
operating system.
Fault Tolerance Software RAID does have certain limitations, such as
the system and boot partition being unusable in RAID level 5. Hardware
level RAID can offer faster data transfer rates and can support technolo-
gies such as automatic failover of a failed disk to a spare and hot spares.
You can implement different levels of RAID on a single server. For example
you may choose to use RAID 1 for the system and boot partition while imple-
menting RAID 5 for data.

Unlike hardware level RAID, software level RAID supports both SCSI and IDE
disks in a single array.
RAID for Bargain Hunters
Not long ago I did some pro bono consulting for a small independent school
in Massachusetts, where the administration had become concerned about
data security. Wisely perhaps, the school’s administrative network was
designed to be completely separate from the student labs, so I was spared
from dealing with dozens of wickedly clever teenage saboteurs. Instead, I
had only to deal with one cost-conscious head of school. The administrative
network was running Windows NT on a server with five physical hard disks.
The head wanted me to set up the server so that if one of the disks failed, the
data would not be lost. Oh yes…and it had to cost nothing.
Hardware Level RAID was clearly out of the question unless I could con-
vince somebody’s grandmother to donate a RAID controller. But I had the
solution. By applying software level RAID through an existing NT utility, I
implemented disk striping with parity (also known as software level
RAID 5). Software RAID relies on the operating system to control disk reads
and writes, so the processor takes a bit of a hit and some disk space is
lost to parity information; luckily, these were not major concerns on this
network. In fact, one of the math instructors reported a slight increase in
performance, probably due to faster reads from the multiple disks. I had
delivered a good level of fault tolerance: If one disk in the five-disk array
failed, data could be recovered through stored parity information.
When I explained all this to the head, she graciously thanked me and
assured me that my work was worth every penny.
Hot Plug
Hot plug is an amazing technology that allows you to add disks to a server
while it is running. This technology calls for some special components but is
well worth the added expense. Servers are built with a backplane and rail sys-
tem that allows for the disks to slide in. Once fully inserted the disks come into

contact with the backplane where connectivity is established. This connectivity

can occur through metal electrical connections or through fiber (light) connec-
tions. The operating system should then identify a new disk has been added.
In the modern server with a hot plug backplane, normally each disk con-
tains lights on the front. Much like a traffic light, green means go and red
means stop. These hot plug disks can be monitored through the lights. When
a disk fails or is having problems, the red light will shine, thus giving you a
quick visual note that you should check things out. If the disk has indeed
failed and needs to be replaced, it can be swapped out by sliding it out and
replacing it with your spare. The RAID controller will sense the new disk
and begin to rebuild it with the data from the other disks. This rebuilding
process involves installing the disk as part of the RAID array and transfer-
ring the data over. The length of time that this process will take varies with
the size of the disk, type of RAID configuration, as well as quantity of data.
To the end users this process will be seamless. They will not be aware that
there has been any issue with a disk replacement.
Hot Spare
In RAID configurations it is often advisable to have a hot spare on hand. Hot
spares are extra hard disks (matching those in use within the server), which
can be installed when needed. By having a hot spare on hand, you can be
assured that if and when a disk fails within the server, a replacement can be
installed and integrated into the RAID configuration as quickly as possible.
Unfortunately the hot spare idea is not an effective use of money. There is
a possibility that you may never use the hot spare disk and it will sit in a
storage cabinet until it becomes obsolete.
With a RAID 1 configuration having a hot spare makes sense. After all, in
this implementation of RAID, you only have two disks to work with. When
one fails, you are down to only one disk—and if you recall, RAID 1 can only
recover from a single disk failure. If you then need to send out the failed disk
for servicing and wait for it to return, you suddenly are spending an extended
period of time with no data protection.
Summary
In this chapter we discussed server fault tolerance and the different
options that can be used to increase server availability. Providing redundant
components is one of the simplest ways to avoid server downtime.

Exam Essentials 161
To provide for complete server fault tolerance, not just fault tolerance of
individual components, servers can be set up in a cluster configuration. This
provides a high level of availability for servers as well as the applications and
services they are hosting. In a cluster configuration, two or more servers
operate as one—should one server fail, another is ready to automatically
assume its workload.
The disk subsystem is one of the most common components to cause
server failure. Providing redundancy and fault tolerance for data stored on
a server’s hard disk can be accomplished by implementing some form of
RAID, using the operating system or specialized hardware.
Exam Essentials
Recognize the three general categories of server faults. Faults that can
occur in a server environment include hardware faults, software faults,
and system-level faults.
Common redundant components. There are many ways to provide
server fault tolerance. One way is to implement common redundant
components. Due to their importance in a server environment, you should
consider implementing redundancy for the following components: Net-
work interface cards, power supplies, processors, cooling fans, and
hard disks.
Understand how clustering provides fault tolerance. To provide fault
tolerance for a server and the applications, services, and data it is hosting,
you can implement clustering technology. With clustering, two or more
servers act as one. If one server fails, another server is ready to auto-
matically assume its workload. Clustering provides fault tolerance,
scalability, and load balancing.
Understand RAID. RAID, or redundant array of inexpensive disks, is a
group of hard disks that collectively act as one storage system to provide
fault tolerance for a server’s disk subsystem. RAID can be implemented
through specialized hardware or through the operating system.
Understand the commonly used levels of RAID. The most commonly
used levels of RAID are 1 and 5. RAID level 1, also known as disk mir-
roring, takes data from one disk and mirrors in onto another disk. RAID

level 5, also known as disk striping with parity, writes data across multi-
ple disks and uses parity information to re-create the missing data in the
event of disk failure.
Understand Hot Plug and Hot Spare. With the use of specialized
components, hot plug allows you to add disks to a server while it is
still running. Hot spares are extra hard disks (matching those in use
within the server), which can be installed when needed.
Key Terms
following terms:
adapter fault tolerance mirroring

array parity
availability RAID (Redundant Array of
Independent [or Inexpensive] Disks)
cluster RAID 1
computer hardware faults RAID 5
disk controller redundancy
duplexing single point of failure (SPOF)
failback software faults
failover software RAID
fault tolerance striping
heartbeat system level faults
hot plug volume
hot spare

Review Questions
1. What is the minimum number of disks needed to implement RAID
level 5?
A. 2
B. 3
C. 4
D. 1
2. Your boss is planning on implementing hardware level RAID

because he understands that is more reliable than software RAID.
Which of the following statements is true? (Choose all that apply.)
A. It is not necessarily more reliable but it does provide better
performance.
B. Software level RAID is less costly and provides better overall
performance because the RAID subsystem is controlled by the
operating system.
C. Hardware level RAID will be more costly to implement because
specialized hardware is required.
D. Software level RAID will be more costly because a special version
of the operating system needs to be purchased.
3. Of the following, which implementation of RAID combines data

striping across disks with mirroring?
A. RAID 1
B. RAID 1+5
C. RAID 0+1
D. RAID 5
4. Of the following, which level/levels of RAID offer no fault tolerance?

A. RAID 0
B. RAID 1
C. RAID 3
D. RAID 5
5. You create a RAID 5 array that consists of two 10GB disks, a 20GB
disk, and a 40GB disk. What is the total volume space for the array?
A. 0GB
B. 80GB
C. 40GB
D. 50GB
6. You create a RAID 5 array that consists of two 10GB disks, a 20GB
disk, and a 40GB disk. What is the total amount of space available for
storing data?
A. 40GB
B. 60GB
C. 20GB
D. 30GB
7. Which of the following levels of RAID has the lowest disk overhead?
A. RAID 0
B. RAID 1
C. RAID 3
D. RAID 5
E. RAID 10
8. Which of the following are advantages of software level RAID as

opposed to hardware level RAID?

A. Both SCSI and IDE disks can be used in the same array.
B. Software level RAID provides improved performance.
C. Software level RAID is less costly because it doesn’t require any

special hardware.
D. Software level RAID is dependent on the operating system,
therefore making it more fault tolerant.
9. Your network server is running a business critical database appli-

cation. You want to minimize server downtime and increase the
availability of the application. Which of the following fault tolerant
options will best meet your needs?
A. RAID 1
B. Adding an additional processor
C. Clustering
D. Raid 0+1
10. You have configured your network servers in a cluster. Which

components have you provided redundancy for?
A. Network cards
B. Processors
C. Servers
D. Hard disks
E. RAID systems
11. You set up two servers in a cluster configuration. Each server has its
own workload—one is running a database program while the other
is running a mail service. Each server is also ready to assume the
other’s workload in the event of failure. What type of cluster config-
uration is this?
A. Active/spare
B. Active/passive
C. Passive/passive
D. Active/active

12. RAID stands for which of the following?
A. Redoubtful Array of Inexpensive Diskettes
B. Redundant Array of Inexpensive Disks
C. Redundant Array of Independent Disks

D. A SWAT team action
13. Which of the following solutions combines data striping across disks
with mirroring?
A. RAID 1+5
B. Hybrid RAID 0+5
C. High Performance RAID
D. RAID 0+1
14. Your boss has asked you to implement hardware level RAID because
he understands that it is more reliable. He wants your opinion. What
will you tell him? (Select two.)
A. It is not necessarily more reliable but it does provide better
performance.
B. Software level RAID is less expensive but provides better perfor-
mance because the process is controlled by the network operating
system.
C. Hardware RAID will cost more because he will have to purchase
a special controller and disks.
D. Software RAID will end up costing more because a special version
of the operating system has to be purchased.
15. How does RAID 5 write data to the disk?

A. In bits
B. In nibbles
C. In bytes
D. In binary
E. In blocks

16. Can a hot swappable disk also be a hot spare?
A. Yes.
B. No.
C. It depends on the level of RAID.

D. It depends on the speed of the SCSI devices.
17. You want a RAID solution for your server that will give you redun-
dancy in the event the disk itself or its controller fails. Which RAID
level will you choose?
A. RAID 5
B. Hybrid RAID 0+5
C. RAID 1
D. RAID 0
18. Your boss wants you to implement a level of RAID but he does not
want to incur any additional cost. You are running Windows 2000
on a server that has 4 physical hard disks. He understands that you
can set the RAID up in such a way that if one of those disks fails, the
data will not be lost. What are you going to implement? (Select all
that apply.)
A. Hardware level RAID
B. Software level RAID
C. Disk striping
D. Disk striping with parity
19. Your company is located in a remote area and the nearest vendor who
provides computer repair services is over 500 miles away. Which is the
best solution in a situation where a hard disk or a computer sustains
a fatal hardware failure?

A. Implement a server with RAID 1 so that when a hard disk fails, it

won’t matter to the end users.
B. Keep hot spare disks on the shelf that match the type and config-
uration of the disks in your server. Then when a hard disk fails,
you can replace it yourself.
C. Entirely duplex your server.
D. Back up your data every night so you can still gain access to the
corporate data.
20. You wish to implement a RAID solution where data will be striped
across disks because you want the speed associated with data striping
on disk reads. However, you are concerned that if you lose multiple
disks, you will lose all the data on all disks. How can you protect your-
self against loss of multiple disks?
A. RAID 1+5
B. Hybrid RAID 0+5
C. High Performance RAID
D. RAID 0+1


1. B. The minimum number of disks required to implement RAID level 5
is three. The parity information is spread out among the disks, and
disk space equivalent to one disk is used for parity.
2. A, C. Hardware level RAID does provide better performance
because the RAID controller has its own processor and cache. Soft-
ware level RAID has no special requirements while hardware level
RAID requires specialized hardware making it more costly.
3. C. RAID 0+1 (sometimes referred to as RAID 10) combines data
striping (RAID 0) and mirroring (RAID1). Data is striped across two
disks and mirrored onto another set of disks.
4. A. RAID 0, also known as disk striping, does not offer any level of
fault tolerance.
5. C. The smallest disk size is 10GB so the total volume size for the
array will be 40GB (10GB from each available disk).
6. D. There will be 30GB of space available for data storage and 10GB
will be used for parity information.
7. A. RAID 0 has the lowest disk overhead because there is no space
being used for parity information.
8. A, C. Software level RAID supports both SCSI and IDE disks in a
single array. It is also less costly because there is no need to purchase
specialized hardware such as a RAID controller.
9. C. In order to provide fault tolerance for the database application,
you should implement server clustering. If the server hosting the appli-
cation fails, another server can automatically assume its workload.
10. C. A cluster provides fault tolerance for a server and the applications,
services, and data it is hosting.
11. D. In an active/active cluster configuration, each cluster member
has its own workload so one server isn’t sitting idle while the other
one assumes all the work.
12. B, C. If you answered B, you are showing your age. When RAID
technology was first introduced, it was described as a Redundant
Array of Inexpensive Disks. Now, however, it is commonly called
Redundant Array of Independent Disks.

13. D. RAID 0+1 is a hybrid approach where an entire stripe set without
parity is actually mirrored or duplexed.
14. A, C. Hardware RAID costs more because of the special controller
and disks that need to be purchased but it provides significantly better
performance than Software RAID. In addition it will support hot
swap of disks that fail.
15. E. RAID 5 data is striped at block level across all of the disks in
the chain.
16. A. Whether a disk is hot swappable has nothing to do with its status
as a hot spare.
17. C. Disk duplexing adds a second controller to the second disk, moving
the single point of failure away from the disk subsystem to the main-
board. In RAID 1, if either disk fails, the other disk takes over.
18. B, D. This is called disk striping with parity and can be implemented
via the network operating system. Therefore, it is software level RAID.
You do not need to purchase any additional hardware or software.
19. B. Hot spares can be replaced while the server is down for a minimal
time or the hot spares can be hot plug or hot swappable types.
20. D. RAID 0 is striping without parity, so it will give you the perfor-
mance you are looking for because it doesn’t have to calculate parity.
However, if you lose one disk, you will lose all data. If you use the
hybrid RAID 0+1, the 1 means that the disks will also be mirrored or
duplexed. Therefore even if you lose two or more disks, you will still
be able to get the data back from the mirrored disk.

Chapter Networking

THIS CHAPTER:
2.3 Install NOS

Configure network and verify connectivity
4.4 Perform physical housekeeping
Please see Chapters 2, 4, 7, 8, and 10 for further

coverage of objectives on NOS installation,
physical housekeeping, hardware verification,
and identification/correction of misconfigura-
tions and/or upgrades.

Networks
N etworks, quite simply, are groups of computers connected together to
share resources. This classic definition has stretched over the last few years
and is in need of refinement. Today the realm of networking has expanded
beyond the constraints of wires and simple file sharing to include PDAs and
wireless computer technology.
Networks are used to share resources. These resources can include files,
applications, printers, and Internet and mail connections. The benefits of
resource sharing extend beyond simple fiscal savings and into numerous
other areas. For example, many workers use the little yellow sticky notes
to leave messages for others. The chance of the sticky note becoming lost,
accidentally taken by someone else, or deliberately read by the wrong
person are high. A network facilitates reasonably secure communication
through e-mail, thus eliminating some sticky-note problems.
Network-based software that facilitates simultaneous use by multiple
users is also available. Several web-based products allow for such use
through a website; potential clients can use the website even while the
company is updating and/or redeveloping it. The time and cost savings
can be substantial. Network use has also spread into telephone conferences
and videoconferencing, bringing innovation to the way we conduct business.
This chapter will explain the current network technology, its benefits and
drawbacks, as well as the role of the server within the network environment.
As previously mentioned, the definition of a network has changed over
the last several years to include various new forms. What was originally
a small group of computers linked together with wires has now expanded
into a broad range of network types. Here I will classify seven:
LAN A LAN (local area network) is probably the most common form
of network in use today. LANs are often referred to as private networks.
A LAN is defined as a network located within the physical confines of a

Networks 173
geographical location (such as a building or group of buildings). LANs

have a limited distance of travel that is determined by the cable used.
MAN A MAN (metropolitan area network) is larger than a LAN but
not as large as a WAN. MANs consist of networks that span several build-
ings, city blocks, or even an entire city, providing redundant links and fast
access between these locations. An example of a MAN would be a net-
work between city libraries. Each library is a separate building located
within the geographical location of the city. Access to data between all of
these libraries can be gained through a MAN.
WAN A WAN (wide area network) is a network capable of spanning
large geographical and political boundaries. This includes states, coun-
tries, and continents. The Internet is the largest wide area network in
existence. It is an interconnection of computers worldwide.
SAN A SAN (storage area network) provides a link for multiple users
to a mass storage location. Large corporations that prefer to centralize
their data commonly use SANs. This assists in data safety and backups
because all the file servers can be housed in a secure building with limited
access. SANs normally use high-speed links such as fiber optics to
communicate with their storage facilities.
PAN A PAN (personal area network) is the newest network created.
A PAN is a small network that spans a very short distance (usually only a
few feet). These small networks allow for communication between PDAs
and desktop or laptop computers. PANs often use IR (infrared) or other
wireless technology to send and receive information.
VLAN A VLAN (virtual local area network) comprises computers and/
or resources that are physically on different network segments but com-
municate as though they were on the same segment. VLANs provide a
means of connectivity without the overhead of physically restructuring
several networks.
VPN A VPN (virtual private network) is a way of using public networks
to create private links. Most commonly it is a private connection made
through the public Internet infrastructure. The benefit of this is that the
users do not have to lease private lines or purchase expensive equipment.
A VPN is a secure tunnel created through an existing connection.
WLAN A WLAN (wireless local area network) eliminates the need
for cabling by using other communication media. These may be radio
frequency (RF), infrared (IR), or laser communication. The obvious

174 Chapter 6 Networking
benefit of a wireless network is flexibility in structure. If you are not

limited by wires, the computing environment can take on almost any
form, shape, or location. Taking your laptop along on a nice day and
working outdoors, while maintaining network connectivity, is a reality.
Besides the types of networks available, there are also network topologies.
Topologies are the layout of the network. This can include both physical
layout (the way in which the network is actually installed and appears) and
logical design (the way in which information flows through the network).
Here we will classify five main topologies:
Bus In a bus topology all the computers are connected to one main cable
that runs the length of the network. This structure is often compared to a
string of Christmas lights. There is a beginning and an end, and between
these two points each computer connects to the wire. There are concerns
with the bus topology in that, much like a string of Christmas lights, if
there is a break in the cable or connection with a computer, then the entire
network can go down. Another problem with bus topology is locating
the fault when one occurs, because when the entire network fails, there
is no way to locate the fault besides starting at one end and working your
way to the other. This can be an extremely tedious—and often painful—
process, considering the network can span several floors and the wire is
often located within walls, drop ceilings, and crawl spaces under floors.
Figure 6.1 illustrates a bus topology.
FIGURE 6.1 Bus topology
Notice how there are special devices at the beginning and end of the bus
wire. These are actually 50-ohm terminators. Terminators are installed at
the beginning and the end of a bus network to eliminate signal bounce. If
a terminator is not present, is not working, or is not connected properly,

Networks 175
network signals will reach the end of the wire and bounce back (much like
an echo). With time, the entire bandwidth of the wire will be consumed
with signal bounce, thus bringing the network down. Bus connectors,
terminators, cabling, and cable standards will be discussed in more detail
later in this chapter.
Star A star topology is based around a central device such as a hub
or switch. Every computer is connected through its own cable directly
to this central device. This is an improvement over the bus topology, as
a cable failure will bring down only the one computer directly connected
to it. Star topologies are the most commonly used topology in small- to
medium-sized business environments today. Benefits of the star topology
are ease of installation and troubleshooting. Most central connectivity
devices have lights to indicate whether a cable segment is active or down.
Upgrading to add more devices to the network can be done without shut-
ting down the entire network. Figure 6.2 is an example of a star topology.
FIGURE 6.2 Star topology
A major concern with the star topology is the single point of failure
(SPOF). Having all network resources connected to one hub or switch
makes it a key component. Extra care should be taken in locating this
device in a safe and secure location. Another consideration is that, with
each device needing its own dedicated cable, there can be a multitude of
cables merging at the point of the central connectivity device. Cable
management becomes a focus. The cable used within a star topology
needs to be carefully routed throughout a building to avoid areas of
possible EMI (electromagnetic interference). As the number of cables
increases, this task can become increasingly difficult. Fortunately the
cost of cable used in a star topology has dropped, making it an afford-
able option. If longer cable runs need to be made to avoid possible EMI
interference, it will not be a major financial stress.

Ring The ring topology features all devices connected in a circular for-
mation. There are two different ring topologies to be aware of: logical and
physical. Logical ring topologies move information in a circular ring for-
mat but are physically a star topology. What this means is that there is a
central connectivity device and all other devices connect to this central
device thorough dedicated cables—it looks like a star topology. However,
information flows in a circular format throughout this network. Physical
ring topologies actually look like a ring. All networked devices are con-
nected in a circle. The advantage of a physical ring is that there is very
little cable in use, making installation easier. Since fiber optic networks
work on the principle of a ring, another possible advantage is speed. A
possible disadvantage of some ring topologies is that a single failure in
either the computer or in the cable can result in the entire network failing.
This is not the case in a true ring topology such as FDDI (fiber distributed data
interface). FDDI (described in more detail below in the “Fiber Optics” section)
“implements a dual ring so that it remains functional should one station die
or drop off the ring.”
Another disadvantage is that diagnosis of problems in a ring topology is

also difficult: Any service or updates on the network need to be done during
off-work hours because one system being shut down for service will halt the
entire network until the service is completed and the system is brought back
online. Figure 6.3 is an example of a physical ring topology.
FIGURE 6.3 Physical ring topology
Mesh A mesh topology is the most complicated and expensive topol-

ogy to integrate. However, it is the most resistant to failure from a cable
fault. In a mesh network every device is connected to every other device
through a dedicated cable. Should one cable fail, there will be other

Networks 177
paths that could be taken to reach the target resource. Although this
may seem like the ideal situation, mesh topologies can be a wiring night-
mare. The quantity and complexity of wires can become overwhelming.
Mesh topologies use by far the most cable and are the most complex to
install and troubleshoot. It is rare to see a mesh topology in use today.
Figure 6.4 is an example of a mesh topology.
FIGURE 6.4 Mesh topology
Hybrid A hybrid topology takes components of other topologies and

combines them in a mixed environment. The advantage of this is to use
the best features of each topology. For example, it is not uncommon to
see a mixture of a bus and a star topology. The bus structure is used as
a backbone link between servers within a building, and the star is used
to provide connectivity for all the other resources to the servers. Using
a high-speed cable option (such as fiber) as the backbone allows for fast
connectivity to the devices that will face the highest demands, such as
servers, while allowing for more affordable cabling between the end users.
Figure 6.5 is an example of a hybrid topology.
FIGURE 6.5 Hybrid Topology
Servers
Backbone
Hub
Client
Computers

Now that we have an understanding of the possible layouts of a net-

work, we can move on to explore the components of a network. Each
component within a network must meet specific industry standards. The
Server+ Exam will test your knowledge on the following standards.
IEEE 802 Standards

The IEEE (Institute of Electrical and Electronics Engineers) committee
created and released the 802 standards listed below to assist with industry
development of components as well as communications. When you consider
the complexity of components, as well as sheer quantity, there definitely is
a need for standards to maintain consistency as well as interoperability.
802.1 Bridging and Management Internetworking
802.2 Logical Link Control
802.3 CSMA/CD LAN
802.4 Token Passing Bus Access Method
802.5 Token Passing Ring Method
802.6 DQDB Access Method, MANs
802.7 Broadband LAN
802.8 Fiber Optics
802.9 Isochronous LAN, Integrated voice/data networks
802.10 Network Security
802.11D Wireless Networks
802.12 Demand Priority Access
802.15 Working groups for WPANs
802.16 Wireless MAN
802.17 Resilient Packet Ring
Each of these standards focuses on a specific area of networking technology.
Full explanations of these standards as well as present and future developments
can be located at the IEEE website http://standards.ieee.org. For the
Server+ Exam we will focus on the standards in common use.

Networks 179
802.3
This standard defines a bus topology, using a 50-ohm coaxial baseband
cable with a transmission speed of 10Mbps. This was the original specific-
ation of Ethernet. It used CSMA/CD (Carrier Sense Multiple Access with
Collision Detection) to put data on the cable. CSMA/CD monitors the cable
for data traffic. When it senses that there is no traffic, it will attempt to send
data packets. If a collision occurs, then it will pause for a random period of
time and then attempt to retransmit. The problem with this type of network
is that the larger the number of clients and resources on the network, the
greater the number of collisions. This leads to slower network speeds.
Several new releases to this standard have emerged, providing new
cable options, connectors, and speeds of 100Mbps—and now 1000Mbps.
These newer standards of Ethernet will be discussed in detail later in this
chapter.
802.5
Token Ring is another standard (based on the IBM PC Token Ring standard)
that has been frequently used. This standard specifies a physical star/logical
ring topology using twisted-pair wire. A special data carrier, called a token,
circulates through the ring from computer to computer picking up data
packets and delivering them to the destination. Each computer acts as a
repeater, boosting the signal of the token so it can travel to the next com-
puter. Only one computer can control the token at a time. When the data
packet and token reach their destination, the token unloads the packet
and takes a successful-reception acknowledgement to the sending computer.
If the sending computer has no more packets to transmit, the token then
becomes available to the network and the next computer waiting to trans-
mit. The advantage of this method of data transmission over the Ethernet
is that there are no collisions. Although there is only one token on the ring,
a Token Ring network can reach hundreds of systems and still perform
adequately.
802.8
Fiber optics has taken on a strong role within the computer network envi-
ronment. Traditional hybrid networks used a coaxial cable backbone for
data transmission. This proved to be limiting in terms of transmission speed
as well as signal degeneration due to outside interference. Fiber cabling is

now actively replacing the coaxial cable as a backbone. The fiber allows
for faster transmission speeds, as well as immunity to EMI (electromagnetic
interference) and RFI (radio frequency interference). There are numerous
releases of fiber cabling today, because the best choices and applications are
still being identified. Fiber optics and fiber connectors will be discussed later
in this chapter.
802.11D
Wireless technology has become the latest craze over the last few years. With
transmission speed and range increasing, wireless becomes an attractive
alternative to network environments that physically change on a regular
basis. Consider, for example, a network that needs to be set up in a historical
building, where drilling holes in walls and running cables is rarely an accept-
able practice. A wireless LAN is a much more acceptable option. Without
the installation of cables, a wireless network can be installed in a matter of
minutes. Wireless can also be integrated within an existing wired network to
provide a new breed of hybrid networks. This is often seen in environments
where laptop computers are used. Due to their nomadic nature, laptops can
remain connected to the network no matter where in the building they go.
Wireless technology is continuing to develop and improve. Handheld devices
also use this technology to communicate with host computers.
Wireless technology today uses an access point that sends and receives sig-
nals from the wireless devices. This access point in turn is wired to the net-
work (usually the switch or hub). Signaling methods on a wireless network
can include infrared, laser, narrow band radio, and spread spectrum radio.
Spread spectrum radio is often preferred to the other methods because the
price is reasonable but also because it does not require line of sight like
the laser technology does. Spread spectrum radio also can travel through
some walls, providing many options for the ever-changing network. Current
transmission speeds for wireless are in the 11Mbps range but steadily
increasing. Concerns with data security are also being addressed. If you are
broadcasting your network information over a radio frequency, it can be
captured by other devices. Wireless technology is still breaking new ground
in its development, both in speed and data security. With time, it will defi-
nitely become a major contender in the LAN arena. Right now though, it is
commonly used for small portable networks that regularly change location
and/or position.

Networks 181
OSI Model
The Open System Interconnection Model is a theoretical seven-layer model
designed to illustrate the flow of information through a network. This
model was designed not only for aspiring network technicians to get a
better understanding of network communications, but also for technology
manufacturers to be able to dissect the elements and processes of informa-
tion flow and development, thus assisting in project development within
their own research departments. For the Server+ Exam you will need to
know the layers of the OSI Model as well as the functions that occur at
each layer.
Application Layer The application layer (layer 7) is at the top of the OSI
Model. At this layer, file and print services operate. This layer controls
data flow and error recovery.
Presentation Layer The presentation layer is responsible for the format
of data, network security, protocol conversion, data compression,
encryption, and translation.
Session Layer The session layer is responsible for establishing, main-
taining, and terminating communication sessions. These sessions are
often called virtual conversations. The session layer identifies passwords,
logons, network monitoring, and recovery from network failures.
Transport Layer The transport layer is responsible for error-free data
frames. It controls data flow and reliable end-to-end communication.
Network Layer This layer translates logical (TCP/IP) addresses into
physical (media access control, or MAC) addresses. The network layer
also determines the best path for information to travel on the network
if multiple paths exist.
Data Link Layer The data link layer is subdivided into two sublayers:
the MAC layer and the LLC (logical link control) layer. The data link
layer arranges data chunks into frames and organizes the frames into
a data stream, marking the beginning and end.
Physical Layer The physical layer, layer 1, is at the bottom of the OSI
Model. This layer describes how data is transmitted on the network cable
(media), including digital, optical, and mechanical interfaces.

The OSI Model is a complex interaction of layers. Information not only

travels up and down the layers but also horizontally, and directly with the
corresponding layer on the other machine. Each layer, as information flows
through the stack, adds or removes its own headers on the data packets. On
the sending computer, information begins at the top layer where the soft-
ware programs interact. The data is then sent down the layers until it reaches
the physical layer, where the data is sent out on the network wire. At the
receiving side the process occurs in reverse.
Ethernet
Of all the numerous standards and network structures, Ethernet has stood
out as the most popular network implementation. Ethernet has evolved
over the years to include several different cable types and topologies, as
previously mentioned. Through this evolution, improvements have been
made in reliability and speed.
Coaxial Based Ethernet The original Ethernet implementation was
based around the bus topology mentioned earlier. Although there were
several disadvantages to the original Ethernet (bus topology based), it was
affordable and easy to install. The cable of choice during this time was
coaxial cable. Coaxial cable consists of a center wire (usually copper)
surrounded by an inner layer of insulation, then a mesh or foil shielding,
and finally a thick outer PVC layer for protection. Figure 6.6 is an
example of coaxial cable.
FIGURE 6.6 Coaxial Cable
There are two common forms of coaxial cable in use with Ethernet:
Thicknet or 10Base5, and Thinnet or 10Base2. Thicknet cable is normally
used for a network backbone, as seen in the hybrid example (refer back to
Figure 6.5). This cable is very difficult to work with due to its thickness.
Many installers refer to it as the frozen garden hose. Trying to bend the cable

Networks 183
around curves can be as frustrating as rolling a frozen garden hose! Com-

puters are not connected directly to this cable; instead, sections of Thinnet
cable tap into the Thicknet cable and then run to the computers. The device
to attach these two cables together is called a vampire tap, which attaches to
the Thicknet wire though the use of a sharp spike that would pierce the PVC
shielding and come into contact with the inner copper core wire. Thicknet
cable can carry a signal for a maximum of 500 meters with a maximum
transmission speed of 10Mbps.
Cable Nomenclature
In the computer realm there has never been a shortage of acronyms, abbre-
viations, and epithets. Networking is no exception. Deciphering this jargon
can sometimes be an overwhelming task. In the example of 10Base2, key
information is presented in the name.
The 10 is the transfer speed, as measured in megabits per second (Mbps).

Transfer speeds have increased from the initial 10Mbps to 1,000Mbps.
Base stands for baseband signaling method. Baseband is a digital signal

over a single frequency. Broadband signaling is the other possible method.
Broadband signals are analog based and can send multiple signals simulta-
neously over the same wire using frequency division multiplexing (FDM)
or time division multiplexing (TDM). FDM and TDM are means of sharing
the same signal path by using the unique characteristics of analog signals
and either intermeshing where possible or sending one signal slightly
before another.
The 2 stands for an approximation of maximum allowable cable distance

represented in meters. Specifically, in a 10Base2 implementation the cable
cannot exceed 185 meters, but it is rounded off to 200 meters.
This makes sense until you reach 10BaseT. Now there is a letter instead of
a number representing the maximum cable distance. With this standard the
letter represents twisted-pair wiring. This includes both unshielded twisted-
pair and shielded twisted-pair (both of these will be discussed in detail later in
this chapter). Next comes the 100BaseF. The F, as you might have figured out
already, stands for fiber. This implementation would therefore provide
100Mbps transfer speed over baseband signaling with fiber cable.

Thinnet cable is much more flexible and is used for bus topologies and
cable runs from the backbone to the computer. Thinnet wire is classified as
RG58U cable. It can transfer data at a distance of 185 meters with a speed
of 10Mbps. Thinnet uses a BNC connector that attaches to each device on
the bus network. Figure 6.7 is an example of a BNC connector.
FIGURE 6.7 BNC connector
Depending on the location, a BNC tee connector may also need to be

used. This device allows for separate cable runs to connect at each side while
the center connects to the network card. At each end of a Thinnet bus there
must be a 50-ohm terminator installed. Figure 6.8 illustrates the proper com-
ponents in a Thinnet bus network.
FIGURE 6.8 Thinnet Network Components
Coaxial Cable
BNC T Connector
50-ohm Terminator
Network Card
Twisted-Pair Ethernet
Since that original implementation, Ethernet has expanded to include new
devices, cabling, and speeds. Current Ethernet is based on twisted-pair
cabling. Twisted-pair cable has opened the door to a whole new level of
Ethernet technology. Improved transmission speed and flexibility in instal-
lation, as well as new devices, have catapulted this media to the most popular
in use today. Figure 6.9 is an example of a section of twisted-pair media.

Networks 185
FIGURE 6.9 Twisted-pair cable
Notice how the figure shows a solid-shaded wire and a striped wire
twisted together in a pair, and that there are four pairs of wires. The wires
are twisted together to help prevent signal interference. Signal interference,
either from another set of wires or from other devices (such as fluorescent
lighting) can affect performance on data wires. Twisted-pair cable is labeled
by category. Table 6.1 lists the common categories of twisted-pair cables and
their uses.
TABLE 6.1 Categories of Twisted-Pair Cable
Category Specifications
1 Voice only transmission, two twisted-pairs
2 Data grade at 4Mbps, four twisted-pairs
5e Data grade at 1,000Mbps, four twisted-pairs
Twisted-pair is often referred to as UTP (unshielded twisted-pair). UTP is

the most commonly used twisted-pair wire, although STP (shielded twisted-
pair) is also available. STP is more expensive, but offers higher resistance
to electrical interference by offering a foil layer that surrounds the twisted-
pairs. The first UTP Ethernet transferred at speeds of 10Mbps and changed
the topology from a bus to a star. Later improvements increased the speed

to 100Mbps. In order to operate the network at 100Mbps, all the components

in the network must be supportive of the new speed. This includes cabling,
network cards, and connectivity devices. For a period of time, network
devices were released that supported dual speeds of 10 and 100.
Twisted-pair cable has a maximum transfer distance of 100 meters from
the computer to the connectivity device. When installing a UTP network, this
maximum cable distance includes all sections of wire—such as patch cables,
main cable runs, and wall drops. Patch cables connect computers to wall
plates, as well as patch panels to the switch or hub. The main cable run is the
actual cable that is located within the walls or floors. The drop is the section
of cable that comes down the wall or through a pipe and ends at a wall plate
or patch panel. The cable distance is calculated from the back of the com-
puter through all these points and ending at the switch or hub.
Due to the eight wires, UTP cables require a registered jack or RJ con-
nector. In telephone wire (which also uses UTP) an RJ-11 connector is used.
With network cables an RJ-45 connector is used. Figure 6.10 is a close-up
of an RJ-45 connector with UTP installed.
FIGURE 6.10 RJ-45 connector
Plastic Edge
Gold Connectors
Notice how the connector is pressed down on the outer layer of the UTP
cable. This process of installing the cable into the connector and securing it
is called crimping. Crimping requires a special tool called a crimper. The end
of the UTP cable is cut, and the PVC outer layer is trimmed back. Next, the
individual wires within the UTP are carefully rearranged into the proper
order (to match the standard being used). The wires are then slipped into the
RJ-45 connector, and the crimper forces small gold connectors into the ends
of the wire and also pinches a plastic edge onto the PVC jacket to hold the
end onto the wire. It is imperative that the plastic edge contacts the PVC
jacket and not the wire. Otherwise, the twisted-pairs could be damaged or,
over time, the end could slip off.

Networks 187
STP connectors are identical to UTP connectors except for one added feature:
a metal shield. The exterior of the RJ-45 connector has a metal shield that
connects to the metal shielding of the STP wire. This ensures proper grounding
of the shielding throughout the entire length of the cable.
UTP cable can be crimped by either the A standard or the B standard.

The different standards determine the crimping order of the colored wires.
If you are crimping cable based on the A standard, make sure that your other
devices along the way are also based on the A standard. Table 6.2 lists
the A and B standards.
TABLE 6.2 UTP Cable Standards for Wire Crimping
A Standard B Standard
Green White Orange White
Green Orange
Orange White Green White
Blue Blue
Blue White Blue White
Orange Green
Brown White Brown White
Brown Brown
Network cable is often housed in plenum spaces, which are those areas
(usually above the ceiling or under the floor) used to circulate air. Running
cable in these areas poses a hazard in the event of fire because the cable can
give off toxic gases if it burns. Both twisted-pair and coaxial cable come in
plenum versions—these are coated with a fire-retardant material (usually
Teflon).

Most networks today are either running UTP cabling or changing from
coaxial to UTP cabling. The benefits of a UTP network, combined with the
ease of installation and troubleshooting, make it a smart choice.
Gigabit Ethernet
The latest Ethernet standard, which is becoming mainstreamed, is gigabit
Ethernet. These extremely fast implementations of Ethernet support data
transfer rate at 1,000Mbps. Currently hardware supportive of this standard
(including switches and network cards) is still very expensive. Implementa-
tion of gigabit Ethernet is often limited to backbones and server-to-server
connections.
Nearly all network cable sold today meets current fire and health codes.
However, some older cables may not. Before you upgrade or restructure
your network, be sure to check with your local building codes. Cable that
will be housed in plenum areas must be plenum-rated (must not release
toxic fumes when burned). Cable that is not plenum-rated is not acceptable
to use today.
Comparing the Ethernet Possibilities

Now that we have explored the various Ethernet cabling methods in detail,
a comparison of the essentials for each type may help clarify each standard.
Table 6.3 breaks down the essentials for each cabling type for you.
TABLE 6.3 Ethernet Cable Specifications
Cable Distance Nodes Speed
Thinnet 185 meters 50 10Mbps
Thicknet 500 meters 100 10Mbps
UTP/STP 100 meters 100 10–1,000Mbps
Fiber Optics
The latest technology is the use of fiber optic cabling. The benefits of fiber
cable include speed, transmission distance, and immunity to EMI and RFI.

Networks 189
Initially fiber cabling was extremely difficult to install, requiring a trained

installer and very expensive equipment. This initial fiber cable was made out
of glass, and was therefore rather inflexible in installation. Today however,
improvements in plastics have made fiber cable more affordable and flexible.
Figure 6.11 is an example of fiber optic cable.
FIGURE 6.11 Fiber optic cable
Outer sheathing
Inner sheathing
Glass cable
Notice how the inner glass core is surrounded by several protective layers.
This is to ensure cable safety.
Fiber transmission methods fall under two categories: single mode and
multimode. Multimode uses light emitting diodes (LEDs) to create the signals.
The light produced by the LEDs contains various wavelengths. The diodes
shine light at the fiber, with some of the light wavelengths entering the fiber
and others not. The amount of light actually being used is not efficient and
therefore limits the distance that the signals can be sent. Multimode transmis-
sion fiber optics is the least expensive fiber option. Single mode transmission
relies on a laser as the light source. Laser light is one wavelength, and the
cable is matched with the laser to allow for maximum transmission. Due to
the purity of the laser light, single mode fiber implementations can achieve
transmission distances of 58 kilometers and are often used for long distance
connections.
Fiber cable is measured in microns. Fiber cable measurements are given
with two numbers—the first number is the diameter of the fiber strand and
the second number is the thickness of the cladding. These two numbers are
separated by a slash. The signaling method is also supplied. For example, a
62.5/12.5 multimode cable would contain a 62.5-micron fiber cable with
a 12.5-micron sheathing used only with a multimode signaling method.

Often fiber cable is bound together in multiple strands. This allows

for multiple signals and pathways to be used within one protective sheath.
Commonly there are between 2 and 24 strands, but there can be more.
Fiber connector types are plentiful. With a wide range of cable bundles as
well as interfaces, there have been numerous fiber connector designs. Two
of the most common are the FDDI (fiber distributed data interface) Media
Interface Connector and the SC multimode connector. The FDDI Media Inter-
face Connector is used on all fiber within the MMF-PMD and SMF-PMD
standards. Figure 6.12 is an example of a FDDI connector.
FIGURE 6.12 FDDI connector
The SC multimode connector is based on the LCF-PDM standards.

Figure 6.13 is an example of this style of connector.
FIGURE 6.13 SC connector
Network Devices
Besides topologies and cabling, there must be interface devices within a net-
work. These devices provide network connectivity. Each device has its own
specific use within LAN and WAN environments.

Networks 191
Network Cards A network card provides a means of connectivity for

the computer to the network cable. The type of network card you select
must match the cable and network that you are using. A token ring net-
work card will not work on an Ethernet network, even though both use
the same cat5 cable. Even within the same network, such as Ethernet, care
must be taken when selecting a network card to ensure that it will match
the appropriate speed. If you have a 10Mbps Ethernet network, there is
little sense in purchasing a 100Mbps or 1,000Mbps network card, because
the network will not provide the high speed for you.
For more information on network adapter cards refer back to Chapter 5, “Fault
Tolerance and Redundancy.”
Repeaters Repeaters are used in an Ethernet network when the maxi-

mum cable length needs to be exceeded. A repeater will attempt to amplify
the signal and send it further down the cable. Unfortunately the repeater
will also amplify any noise or interference present on the cable. It is recom-
mended that the network be planned accordingly to eliminate the needing
for a repeater.
Hubs With the initial creation of the star Ethernet topology, the central
connectivity device was a hub. This was basically nothing more than a
multiport repeater. A passive hub simply allowed for connectivity between
all devices. Active hubs actually boosted signals and some even tried to
clean the signals before sending them out on the other ports.
Within a hub, signals are received on one port and then sent out all the
other ports. The hub neither reads the information nor discriminates as to
where the information goes. If information is traveling down a network
cable and encounters information traveling in the opposite direction at
the same time, collisions and resultant bandwidth compromise will slow
connections. In turn, slow network connectivity can lead to serious prob-
lems, including, for example, database crashes.
Patch Cables Patch cables are short cables (no less than one foot) that
are readily replaceable or interchangeable. They are used to connect a

patch panel to a hub or switch, a computer to a network wall plate, a

computer to a hub or switch, or other connectivity devices to each other.
Keystone Connector This is the female connector seen on wall plates
as well as the front side of the patch panel. Patch cables plug into the
keystone connector.
Patch Panels Patch panels are the central wiring point where twisted-
pair cables meet. Your network spans numerous computers across the
network, but each computer needs a dedicated cable that meets at the cen-
tral connectivity device. It is possible, but not advisable, to connect these
cable runs directly to your hub or switch. The potential for one or more
wires to be damaged puts these cables in risk. Should a cable be damaged,
it may have to be replaced, which would entail removing the entire cable
run (through the walls and floor or ceiling). This is a major project requir-
ing that the user connected to this cable run be offline for an extended
period of time. Patch panels connect to the main cable runs in the back,
and in the front use a short, replaceable patch cable to connect between
the patch cable and the switch or hub. Any cable damage normally occurs
as a result of cables being plugged and unplugged from the switch or hub.
Should a cable be damaged, it would be the small patch cable. This can
be easily replaced with a spare in a matter of seconds. Figure 6.14 is an
example of a patch panel.
FIGURE 6.14 Patch panel
RJ45 Ports
Racks Racks are becoming a common sight in networks. These devices

allow network hardware to be securely attached to a stationary object.
Standard racks are 19 in. wide and can have patch panels, switches, rout-
ers, gateways, servers, and cable management devices attached to them.
Attaching these expensive devices to something stationary makes a lot of
sense, unless you have money to spend on stolen devices. Racks that can
be completely enclosed are called cabinets, and those that are open to
airflow are open racks. Figure 6.15 is an open rack.

Networks 193
FIGURE 6.15 Open rack
Bridge Bridges are interesting devices that allow you to virtually divide
your network into two separate LANs. Bridges can be used to connect
LAN segments that do not use the same media type. The benefit of imple-
menting a bridge is to decrease network traffic. When the bridge receives
a packet, it can determine which LAN segment the packet is destined for
and forward the packet to that segment and no others. It forwards packets
based on layer 2 addressing (MAC addresses). Bridges allow for specific
traffic to cross between the two virtual networks. For example, a printer
could be configured to work with both networks. Data packets addressed
to the printer will be acknowledged by the bridge and allowed to cross
over to the other network. In today’s networks, bridges are not often
used; switches and routers have become more common.
Switch A switch is often referred to as an intelligent hub. The benefit of
a switch over a hub is that a switch will read the information coming
inbound and, based on the address located in the data header, the switch
will send the information out on the receiving addressed port. This elim-
inates the network-wide propagation that occurs with a hub. Efficiency

with a switch is often the justification for the extra expense over a hub.
Switches are the connectivity device of choice today in both small and
large networks. Some high-end switches allow for monitoring data traffic
as well as creating VLANs; these are called layer 3 switches and are used
in high-traffic large networks.
Router Routers are intelligent devices that, if given multiple choices,
will select the best path for sending data between networks. WANs often
use routers to connect between locations. Routers can be complicated
devices to set up and maintain.
Routers are responsible for receiving packets and determining the best path
to reach the destination host using layer 3 addressing. Therefore, routers
can only be implemented if the LAN protocol (e.g., IP and IPX) supports
routing. It uses the logical addressing information (such as the TCP/IP
address) within the packet header to determine where to route the packet.
Routers maintain routing tables that contain information about destina-
tion networks. When a packet is received, the router uses the information
in the routing table to determine the best path to send the packet to reach
the destination network. The packet may be forwarded directly to the
destination network or to another router.
Gateway A gateway allows communication between different network
architectures and network environments. It will translate between proto-
cols and allow for dissimilar networks to be connected together and to
communicate.
Piece of Cake
For years a local company provided high-end, low-profile surveillance

equipment to householders. The company managed both production and
business data on a small Linux-based LAN utilizing a star Ethernet topology
on a central hub. The LAN was administered by the business manager in her
spare time, but the company experienced few IT problems. Then business
really picked up, and what had been a small company suddenly found itself
doubling and redoubling its staff—and its network. Users started experi-
encing serious computing problems, including applications that timed out

Networks 195
and brought activity to a crashing halt. The business manager/server

administrator had more discretionary money than time, so she threw dollars
at the problem, purchasing more RAM, faster processors, bigger hard disks.
The problem didn’t go away. Baffled, she called in a consultant and hoped
for the best.
On the morning Joe. T. Consultant showed up, he found the network

down, the staff livid, and the business manager overwhelmed. When he
realized that 43 workstations were communicating through a passive hub,
the problem was as good as solved. A network topology that had been
appropriate for 10 users couldn’t stand up to 43. Data collisions at the hub
were wreaking havoc on the entire network. The solution? A switch was
ordered, a generous installation fee agreed upon, and Joe was home in
time for dessert.
Network Installation
Now that we have a clear understanding of each network component, we
can start putting it all together. There is a logical process of steps from the
planning stage to the finished, up-and-running network.
To begin with, you have to determine which network is going to best
suit your needs. How large is your network? What are the software and
hardware uses of the network? Where will the computers be located? What
is the maximum distance that your network will need to stretch to? Will the
network grow with time? What are the future plans for the business in terms
of software and hardware requirements?
Most small- to medium-sized networks today will install an Ethernet net-
work based on a star topology with a switch running at 100Mbps. This
network will use category five UTP cable and might or might not have a
patch panel attached to a rack. Begin with deciding on the server’s location.
This might be a dedicated room, closet space, someone’s office in the
back corner, or other possible locations. As you will learn in Chapter 13,
“Managing and Securing the Server Environment,” there are numerous
environmental variables to take into consideration when selecting the loca-
tion of your server and networking equipment. Normally the connectivity
devices and server are located within the same setting. The ideal environment
would be within a rack, both for security and to provide a stable mounting
surface.

The first step is the wiring. If you are replacing an existing network, you
can often follow the same wire paths that were in use before. However, if
you are installing a new network, then care must be taken when running the
main cable lengths to ensure that they are routed away from sources of EMI
or RFI. Care when crossing electrical wires must also be taken. It is advisable
to cross electrical wires at 90-degree angles rather than running the UTP
parallel to the electrical wire. When running your network wires, be sure to
label each wire with its source location. Remember that at the switch end
there will be a wire for each computer. If you do not label each wire with its
source, you will have no idea which wire belongs to which location. Special
numbered stickers and tape are available, but they can easily fall off. A
permanent felt marker ensures that your labeling system will not become lost
over time. In small networks that don’t change, you can label each wire with
the user’s name. However, in a larger network or an office that changes staff
regularly, this system is not advisable—for obvious reasons.
Once all wire has been run, the ends can be crimped or attached to the
keystone connectors. It is highly advisable to attach keystone connectors and
wall plates to the UTP at the user’s computer end. This not only creates
a much cleaner installation, but also protects the connection: The cable
between the wall and the back of the user’s computer can, and often does,
take abuse. Becoming tangled in feet under the desk, tension from the com-
puter being moved, and danger from cleaning staff and vacuums are just a
few of the possible dangers that this cable can encounter.
By installing the wall plate and keystone connector, you then use a short
patch cable from the wall plate to the back of the computer. If the cable
becomes damaged, it can be readily replaced with a spare cable, with no
stress or damage to the main cable run. At this time, the UTP can also be
attached to the back of the patch panel. These cables, just like at the keystone
connector side, are attached with a punch down tool. This tool is really a thin
blade that forces the strands of cable, by their color codes, into small gold
connectors that provide the connectivity. Once completed, the labels for the
wires can be transferred to the front of the patch panel and the patch panel
can be installed into the rack or on a wall to ensure that there is no further
stress on the main cable runs.
Now that all of the cables have been run, the next step is to test the cables.
Cable testers come in a variety of forms. The simplest ones test for basic con-
nectivity. A transmitter connects at one side of the UTP through the RJ-45
connector and a receiver connects at the other end. The transmitters send

Networks 197
electrical pulses down each strand of cable within the UTP and the receiver
lights for each wire. If there is a fault with crimping, you can determine
which wire is failing. The most expensive testers will provide the same
function but also test for signal degradation, speed of transfer, and numer-
ous other elements; these testers will also provide a printout of the test
results. Since these testers are expensive, they are often rented.
When you are testing network cables, ensure that there are no devices
attached to the other end of the cable. The electrical impulses sent by the
testers can transmit enough charge to damage your expensive network
components.
Once the cables have been installed and tested, the connectivity device can
be installed. Depending on your budget and network size, you will have to
choose either a hub or a switch. As previously mentioned, hubs will propa-
gate information through every wire on the network and can lead to slow
network performance. If your network has more than 12 users and tends
to send and receive a large amount of network traffic, then you will want to
purchase a switch. Whether you buy a hub or a switch, you must select
carefully. Many hubs and switches allow for stacking. Stacking is the ability
to link devices together. So, should your network grow beyond the number
of available ports on your switch or hub, you can simply buy another hub or
switch and link it to the first one. However, when purchasing the initial hub
or switch, you should have a clear idea of the number of current and future
computers that will be connecting to the network. Then purchase a hub or
switch that will meet this need.
Switches and hubs commonly come with 4, 8, 16, or 24 ports. If you need
13 ports, then you will have to purchase a 16-port switch. Once you have
decided on a switch or hub that will meet your needs, it can be installed into
the network. If you are using a rack system, the switch or hub will be
installed below the patch panel. This will ensure that the wires from the
patch panel to the switch will not interfere with other devices installed in
the rack. When installing any components in the rack, care should be taken
with electrostatic discharge. ESD can cause damage to components even if
you don’t open the case. Use an ESD wrist strap or other suitable ground
methods to ensure that you are not going to cause a potential fault in your
new components.

Finally the network cards can be installed and configured. If your com-
puter does not have a network card installed, the first step is to perform a
safe shutdown of the server and take the cover off the computer and examine
the available expansion busses. Hopefully you have a free PCI slot and can
then purchase a PCI network card. Since you are installing a 100Mbps net-
work, the card would have to support the 100Mbps transfer speed. While
wearing an ESD wrist strap, you can then install the PCI network card. If you
are using a PCI card and Windows, the card should be Plug and Play so that
the operating system will identify the network card when you turn the com-
puter back on. Insert the manufacturer-supplied disk when prompted and
the installation of the network card will be completed.
Connect patch cables between the computers and the wall plates, and
between the patch panel and switch. (Remember to test your patch cables
before installing them.) Connect patch cables to the servers network cards
and the switch.
The network hardware is now installed. Next comes the operating system
and software configuration. This will be covered in detail in Chapter 7,
“Network Operating Systems,” and Chapter 8, “TCP/IP.”
Summary
T his chapter began with an exploration of major network types. The
most common types of networks seen today include the LAN, WAN, SAN,
VLAN, VPN, and WLAN. Network topologies are the physical layouts that
a network can have. This includes the bus, star, ring, mesh, and hybrid.
Networks are governed by standards to ensure compatibility between
vendors. IEEE created the 802 standards to subdivide the various network
areas into 17 different areas. Of these the most commonly implemented ones
are 802.3 Ethernet, 802.5 Token Ring, 802.8 Fiber Optics, 802.11 Wireless.
The OSI Model is a layered approach to understanding the flow of infor-
mation through a network. The layers from top to bottom are Application,
Presentation, Session, Transport, Network, Data Link, and Physical.
Of the various networks available, Ethernet is the most common imple-
mentation in use today. Initially a bus topology using coaxial cable and
transmitting at 10Mbps, Ethernet has grown to a star topology and uses

Exam Essentials 199
UTP cabling at speeds of 100Mbps. UTP cable is available in six different

categories; today, category 5 cable is the most widely used and can transmit
data at 100Mbps. It uses four pairs of copper wires. The next generation of
Ethernet will use category 5e cable and transmit at 1,000Mbps. This is called
gigabit Ethernet.
Fiber optics fall under two categories: multimode and single mode.
Multimode fiber optic systems use LEDs to transmit light through the cable.
Single mode fiber optic systems use a laser as the light source, which is more
efficient and capable of transmission of greater distances than multimode.
Network devices include all the common components used within a net-
work environment. This can include network cards, repeaters, hubs, switches,
routers, gateways, bridges, patch panels, patch cables, racks, and keystone
connectors.
Exam Essentials
Know the different types of networks. Be able to identify the differ-
ences between LAN, WAN, and MAN networks.
Know the different network topologies. Identify and understand
the benefits and drawbacks of the bus, star, ring, mesh, and hybrid
topologies.
Be able to identify the IEEE 802 standards. Pay special attention to
802.3, 802.5, 802.8, and 802.11. Know the details of each of these four
levels. Be familiar with identifying all the 802 standards by function.
Know the layers of the OSI Model. Be able to list, in the proper order,
the layers and functions of the OSI Model.
Know the Ethernet standards. Make sure to understand the differences
in Ethernet evolution from coaxial bus topologies to UTP star topologies.
Understand how a bus network works. Be familiar with Thinnet,
Thicknet, backbone cables, terminators, tee connectors, and the bus
layout.
Understand how a star network works. Be familiar with UTP, STP,
central connectivity devices, crimping, and patch cables.

Know the categories of UTP cable. Be able to identify the categories by

speed, pairs of wires, and use.
Know the different fiber optic signaling methods. Be able to decipher
the differences between multimode and single mode fiber optic signaling.
Know the functions of common network devices. Identify and under-
stand the uses of hubs, switches, repeaters, brides, routers, gateways,
patch panels, racks, keystone connectors, and patch cables.
Key Terms
B efore you take the exam, be certain you are familiar with the follow-
ing terms:
10Base2 OSI Model

10Base5 PAN (personal area network)
10BaseT ring topology
802.11 RJ-45
802.3 SAN (storage area network)
802.5 single mode
802.8 star topology
bus topology switch
hybrid topology UTP (unshielded twisted-pair)
LAN (local area network) VLAN (virtual local area network)
MAN (metropolitan area VPN (virtual private network)
network)
mesh topology WAN (wide area network)
multimode WAN (wireless local area network)
network card

Review Questions
1. What are networks?
A. Groups of computers to share resources

B. Connections between computer parts
C. Links between printers

D. Groups of computer components for a user
2. Which of the following is not a commonly shared resource?
A. Monitors
B. Files
C. Printers
D. Internet connections
3. Which of the following is physically the largest type of network?
A. LAN
B. WAN
C. MAN
D. VLAN
4. What will happen if a device fails on a bus topology?

A. Nothing.
B. That device will not work.
C. The entire network will fail.

D. Part of the network will fail.
5. What will happen if the central connectivity device fails on a star

topology?
A. The entire network will fail.
B. Only the central device will fail.

C. Nothing.

6. What topology uses the most amount of cable?
A. Star
B. Ring
C. Bus
D. Mesh
7. Which 802 standard is Ethernet?
A. 802.5
B. 802.11
C. 802.3
D. 802.7
8. Which 802 standard is Token Ring?

A. 802.5
B. 802.3
C. 802.11
D. 802.7
9. Which 802 standard is wireless technology?
A. 802.3
B. 802.5
C. 802.7
D. 802.11
10. Which layer of the OSI Model is responsible for logical (TCP/IP)
addressing?
A. Network
B. Transport
C. Physical
D. Data link

11. Which layer of the OSI Model is responsible for describing how data
is sent on the network media?
A. Transport
B. Physical
C. Network
D. Session
12. Thinnet cable is also referred to as which of the following?

A. 10Base5
B. 10BaseF
C. 10BaseT
D. 10Base2
13. Thicknet cable can transmit data to what distance?
A. 100 meters
B. 185 meters
C. 200 meters
D. 500 meters
14. In category 5 UTP, how many pairs of wires are there?
A. Two
B. Four
C. Six
D. Eight
15. Category 5 UTP can transmit at what maximum speed?
A. 10Mbps
B. 10,000Mbps
C. 1,000Mbps
D. 16Mbps

16. UTP can transmit at what maximum distance?
A. 100 meters
B. 185 meters
C. 200 meters
D. 500 meters
17. What light source does multimode fiber optics use?
A. Laser
B. LED
C. Natural light
D. Impulse
18. What is the light source for single mode fiber optics?
A. Laser
B. LED
C. Natural light
D. Impulse
19. What is the benefit of a switch over a hub?
A. Switches have fewer ports.
B. Switches transmit data to the receiving port only.

C. Switches propagate incoming data to all outbound ports.
D. Switches are more affordable.
20. Which of the following network connectivity devices uses layer 3

addressing?
A. Hubs
B. Bridges
C. Switches
D. Routers


1. A. Networks are groups of computers connected together to share
resources.
2. A. Monitors are not a shared network resource.
3. B. WANs are the physically largest network.
4. C. On a bus topology a single device failure will halt the entire

network.
5. A. Trick question. If the central device fails, then the entire network
will not be able to communicate.
6. D. Mesh topologies use the most cable.
7. C. The Ethernet standard is 802.3.
8. A. The Token Ring standard is 802.5.
9. D. The wireless standard is 802.11.
10. A. The network layer is responsible for logical network addressing.
11. B. The physical layer is responsible for network media.
12. D. Thinnet is also called 10Base2.
13. D. Thicknet can transmit up to 500 meters.
14. B. There are four pairs of wires in category 5 UTP.
15. C. The maximum transmission speed of category 5 UTP is 1,000Mbps.
16. A. UTP can transmit at a maximum distance of 100 meters.
17. B. Multimode fiber uses LED as the light source.

18. A. Single mode fiber uses a laser as the light source.
19. B. Switches will transmit data only to the receiving port.
20. D. Routers use layer 3 addressing to route packets between network

segments.

Software PART
Configuration
III

Chapter Network Operating
Systems
THIS CHAPTER:

delivered
2.3 Install NOS

Configure network and verify network connectivity
2.4 Configure external peripherals (UPS, external drive

subsystems, etc.)
2.5 Install NOS updates to design specifications

Please see Chapter 9, “Upgrading and Mainte-

nance,” and Chapter 10, “Hardware Updates,”
for further coverage of the first exam objective
above: “Conduct pre-installation planning
activities.”

I n this chapter you will learn about a number of common operating
systems available for use on network servers. CompTIA seems to have a
relatively uncomfortable relationship with this part of the Server+ Exam,
because their policy is to strive for “vendor neutrality” but this is pretty
much impossible when dealing with server software. As such, the exam
instead incorporates questions that test a candidate’s knowledge of the basic
functionality and commands of a number of different operating systems.
In this chapter the three main network operating systems (NOSs) that are
specifically named in the exam objectives will be dealt with individually,
allowing you to get a very basic sampling of the tools and options available
in each. Others will be mentioned in name and briefly described to inform
you of the options, but the primary emphasis will be on these:
NetWare
Unix/Linux
Windows
A number of these operating systems have multiple versions/flavors/dis-
tributions, and those will be discussed later, but because we are not going
very deep into any of these operating systems (large books have been written
on each of them), only factors that are common to all versions of the OS, and
of importance to the Server+ exam, are likely to be considered.
NOS Options
W hen getting ready to purchase any software for your server, a
number of considerations come into play. When purchasing the NOS,
these choices become even more complex.
In choosing your network OS, you are also determining which applica-
tions you will be able to purchase, how your network will be managed, and

NOS Options 211
what types of advanced functionality will be available to you. Because of

this, it is important that you understand the basic advantages and disadvan-
tages of each NOS available.
First off, there is one simple but true rule that you should always keep
in mind: Whatever your needs, it is generally best if possible to stay with a
single hardware and software vendor for your servers. There are cases, of
course, where particular applications only run on Windows 2000, and so to
use that app you will need to add a Windows 2000 server to your NetWare
network. Or you may be migrating from OS/2 to a Linux environment, but
one application you need does not have a Linux equivalent, so at least one
OS/2 server will survive the changeover.
When designing a new network server environment, though, it may be
best to look for the NOS that best fits your overall network needs, and then
try to plan out a network structure that allows for most—if not all—of
your network servers to run on a consistent platform. This makes training,
upgrades, security, bug fixes, and a host of other administrative tasks
easier because there is a smaller range of documentation and changes
to keep up with.
This sort of practical info may go against the “feel” of CompTIA
vendor-neutrality, so there is the possibility they will disagree and recom-
mend that you use the “best OS for each job.” That is the problem with
questions that have no “right” answers. Because the Server+ Exam is
based on the consensus of a number of SMEs (subject matter experts), and
because even experts are rarely unanimous on how to do any computer
task, it is difficult to know for certain what the correct choice is.
In this book, we will present you with the data needed to answer the factual
elements of the exam, and we will also give you the mental framework from
within which you can make the logical decisions that are such a big part of the
test. As you answer the questions, though, remember that the question is not
asking you how you think something should be done—it is asking how you
think the majority of experts would recommend it be done.
The following is a basic list of things to consider when choosing a network

operating system:
Application compatibility
Hardware requirements
Features
Cost

212 Chapter 7 Network Operating Systems
Application Compatibility
Application compatibility concerns are generally pretty straightforward.
Usually a particular software package is either written to run on a particular
OS, or it isn’t. Even so, there are times when the software is only compatible
with certain versions of a NOS, or where the application is more full-
featured on one platform than on another.
The simple fact is that the easy way out here is to pick Windows 2000
Server as your NOS, because just about anything you could need is written
for the Windows OS family. That doesn’t make Windows the automatic
choice for compatibility, though. At times, security, stability, or other key
elements of an operating system influence your choice. For example, e-mail
servers often use a Unix flavor for their operating system. With the mul-
titude of viruses on the Internet, and e-mail being the most common
transport method for a virus, Unix operating systems provide the best
tolerance to virus infections.
Other applications are designed to operate within a specific operating
system environment. This is in part due to resource management, but more
commonly due to shared files such as drivers. The best way to eliminate
possible problems is to clearly research the programs and software that you
are installing to ensure that they will support installation on the operating
system you are using as well as the version. Each NOS manufacturer has
released several versions and update patches. Each change will result in an
impact on the software that you wish to run on the server. This also raises a
concern when you decide to perform an operating system upgrade or patch.
Consideration of the applications installed must be taken.
Hardware Requirements
Not all operating systems are the same—most obviously in their installation
and user interface, but also in their hardware requirements. Hardware
requirements include both physical hardware installed within the server as
well as available resources for operation (such as RAM and virtual memory).
Selecting an operating system that will best meet the hardware requirements
(or vice versa) is an important planning step.
Novell NetWare
The latest Novell NetWare release is NetWare 6. The following hardware
requirements are the minimum installation and operation requirements for
NetWare 6:
Intel Pentium II or higher processor

NOS Options 213
VGA or higher resolution display

DOS partition of at least 200MB with 2GB System volume
(4GB recommended)
256MB RAM (512 recommended)
CD-ROM drive
Novell operating systems have traditionally run on minimal RAM
requirements, due in part to the way in which devices are installed and
configured through NLMs. Netware Loadable Modules allow you to
install only the components that are needed. This frees up space and
resource use tremendously.
More information on the newly released Novell NetWare 6 can be

found at http://techupdate.zdnet.com/techupdate/stories/main/
0,14179,2813097,00.html.
Windows NT
Windows NT preceded Windows 2000. Hardware requirements between
the two operating systems remained similar, with Windows 2000 requiring
a bit more in the resource area. The new .NET server (Windows Whistler),
due to be released later in this year, will continue the same trend. The fol-
lowing requirements should continue to serve:
Intel 80486 processor or higher
VGA display
125MB free hard drive space
16MB RAM
At least one network card
CD-ROM
Keyboard
Mouse

Windows 2000 Server

As previously mentioned, Windows 2000 hardware requirements are similar
to those of Windows NT. The obvious change occurs in the amount of hard
drive and RAM required:
Intel Pentium 133MHz or higher
128MB RAM (minimum) recommended (4GB maximum)
1GB available hard disk space
VGA or higher-resolution monitor
Mouse
Keyboard
Network card
CD-ROM
More information on Windows 2000 can be found at http://www.microsoft.

com/windows2000/server/evaluation/business/overview/datasheet.asp.
Unix/Linux
With the multitude of flavors of Unix available, it is impossible to give a clear
list of resources that must be met to have the Unix-based operating system
function on a server. With the source code for Unix open to public alteration
and tweaking, the variations of this operating system increase and grow on
a regular basis. The following is a general hardware requirement list for
Mandrake Linux (one of the many Unix distributions).
Intel Pentium processor
64MB RAM
500MB hard drive space
CD-ROM
VGA
More information on Linux can be found at www.linux.org.

NOS Options 215
OS/2 Warp
OS/2 Warp is a server operating system designed by IBM for their server
line. It is a scalable OS with support for numerous business solution prod-
ucts. In the words of IBM, “IBM solutions target today’s heterogeneous,
open computing environment.” This server solution is often installed and
configured upon arrival from IBM and requires little further configuration.
For more information on OS/2 Warp go to http://www-4.ibm.com/software/

os/warp/warp-server/.
Features
Features of an operating system are often a major element in making your
decision to purchase one OS over another. In the past, the features were
dramatically different between the operating systems. Windows NT came
with a graphic user interface, while older versions of Unix and NetWare 3
did not—they were command-line-based, much like old DOS. This feature in
itself led to increased sales for Microsoft because the GUI eased the daily
chores of installing users, printers, mapped paths, and security.
Other features to consider include ease of installation and setup. Will
there be a steep learning curve involved in implementing this server opera-
ting system? What are the desired uses for the server on the network? We
previously mentioned the e-mail server and e-mail viruses. If the server is
to be an e-mail server, then the use of a Microsoft server operating system,
even with virus protection, is still a risk.
Another area of consideration is interoperability with the rest of the
operating systems within the network. What are the clients using, both
as hardware/operating systems and also software? Will it be compatible
with the new server operating system? Will there need to be adjustments
made to the clients’ computers? Will this server operate in an environment
with other servers using different NOSs? What network protocols will be
used as communication between devices on the network as a result of the
server operating system selected?
Windows historically has relied on NetBEUI as its protocol of choice
(up until Windows 2000), Novell has favored IPX/SPX (until NetWare 5),
and Unix prefers TCP/IP. Today all three manufacturers have agreed upon
using TCP/IP, but you will probably work in a heterogeneous environment
because it is a rare company that has the fiscal resources to purchase the

latest hardware and software as soon as it comes out. This leaves you often-
times in an environment with dated Novell or Microsoft servers, or both
operating together.
Key features of each operating system will be discussed within the next
few sections. The thing to remember is that an assessment of your network
needs will reflect heavily on the operating system and version that you
decide to use.
Costs
Cost is always a concern. As much as we would like to have the best of every-
thing in the world, the reality is that few of us can financially do it. Server
operating systems will range in price dramatically as the issues of licensing is
brought up.
Unix/Linux is by far the least expensive operating system. In many circles
it is free for distribution or a nominal fee is charged. Due to its open archi-
tecture, it can then be reengineered to best meet your business needs. The
concern with Unix, at times, has been support for third-party drivers. You
might not be able to locate a driver for your video card or network card, for
example. Driver manufacturers, as of late, have seen the demands and trends
toward using Unix as a common operating system and have been busy
playing catchup, designing Unix-specific drivers.
Windows servers come in several forms. Each was designed to meet a
specific business need. Windows NT Server could be purchased as well as
Windows NT BackOffice Server 4.5; the latter provided an entire suite of
software programs that were designed to control everything from Internet
proxy to database sharing. Windows 2000 also offers a few different
options, including Windows 2000 Server and Windows 2000 Advanced
Server. Windows 2000 has been rather expensive; current price for Win-
dows 2000 Server and a five-client license is $1,344.99. The expense
increases dramatically with licensing additional users. Not only do you
have to pay for the operating system but a license fee must also be paid
for each computer that will be connecting to the server.
Before purchasing client access licenses, you must determine which
licensing method your server will use. The two choices are Per Seat and
Per Server. You can only use one licensing method in the server. If you
choose Per Server, you can switch to Per Seat at some point in the future,
but once you are licensed Per Seat, the decision is permanent. Microsoft

NOS Options 217
recommends that if you are unsure of which mode to choose, you should
choose Per Server, since that allows you the flexibility to change modes
later on.
Licensing Per Seat means that it is the client end of the connection that
holds the license, and that license can be used to connect to any server on the
network. Licensing Per Server means that it is the server end of the connec-
tion that holds the license, and there must be an available license in order
for each client to connect. There are two factors that tell you which is the
cheapest option for your server:
Number of servers on the network
Number of concurrent connections that clients will make to the
server(s)
If you have only one server on your network, it will most likely be best to
choose Per Server, because you will only have to purchase enough licenses
to equal the number of concurrent client connections. In this scenario, you
could potentially have many fewer licenses than client PCs. This is particu-
larly true if the clients connect to the server, use the server resources, and
quickly disconnect. If client PCs will maintain a connection for a long time,
then the number of licenses will probably equal the number of clients, which
is the same cost as licensing Per Seat in the case of having only one server. An
example where this strategy would work well would be in a remote access
server. If clients are connecting into the server remotely to check their mail
(for example) and then disconnecting, there is no need for a license for every
computer: Per Server is the best option.
If you have more than one server on your network, it will most likely be
best to choose Per Seat. The only way it wouldn’t be the best way is in the
peculiar case of having very few concurrent client connections. When licens-
ing Per Server, each server contains a pool of licenses, so that if one server
has 25 licenses, and another server has 10 licenses, you can only legally
connect 25 clients to the first server and 10 to the second. In this same
situation, if you licensed Per Seat, you could have 35 clients connect to
either server or both servers simultaneously.
In the real world, there are very few situations that will warrant Per Server
licensing. Only if you have a single server or very brief server connections
will Per Server be cost effective. In contrast, Per Seat licensing allows for
client PCs to connect to as many servers as are available on the network, with
no thought for other clients’ concurrent connections.

Major Network Operating Systems

As we previously discussed, three major operating systems are in
extensive use today. Although a multitude of others are available, those from
Microsoft, Novell, and Unix distributors have really dominated the field.
Throughout this next section we will explore the major releases, features,
and tools of each one.
Novell NetWare
Originally known as Share Net, Novell’s NetWare NOS has been evolving
for nearly 20 years, making it the dean of the three NOS platforms we will
be discussing.
Share Net debuted in 1983, and became NetWare shortly after. Early ver-
sions of NetWare were extremely successful in competing with Microsoft’s
LAN Manager and Banyan Vines. Both of these products have followed the
evolve or die motto, with LAN Manager evolving into Windows NT/2000,
and Banyan Vines dying.
NetWare has a bit of both of these possibilities in its past. In the mid
1990s it seemed as though NetWare was everywhere (most estimates showed
that over 80 percent of all LANs ran on NetWare in 1995). When Novell
brought out NetWare 5.x with a distributed network directory based on
the x.500 standard, they appeared certain to crush all other competitors.
Their NOS was better technologically than any of their competitors’, they
had terrific market share already, and their customers were dedicated to the
company and the product.
Oddly, that was about the time the wheels came off.
Four things seem to have occurred, more or less at the same time, that
caused Novell serious problems:
1. The Web started reaching corporate networks around 1995.
2. Microsoft brought out Windows NT 4 in 1996.
3. Novell purchased WordPerfect, with the intention of matching

Microsoft with an OS/Productivity suite pairing.
4. The hardware explosion began. PCs went from 486/66MHz in 1995
to Pentium 4/2GHz as of Fall 2001.

Major Network Operating Systems 219
In short, here is the reading of one analyst about how this affected the
company: Even as the most important technological revolution of the decade
was going on around them, Novell spent its resources developing a word pro-
cessor, and neglected to market their superior NOS. Microsoft, meanwhile,
took advantage of the fact that faster hardware allowed their GUI servers
to compete (somewhat) with Novell, and hit the advertising/marketing trail
hard for NT. Microsoft quickly standardized on TCP/IP, and rode the
wave of the Internet. NetWare did not switch to all TCP/IP for another
four-plus years.
Because of this, much of Novell’s market share has evaporated, and the
company has a number of bridges to repair. Even so, there are significant
reasons for optimism. They still have a great NOS, they have dumped
WordPerfect, and they have a new management team.
Here are some of the specs you will want to know about NetWare for
the exam. These are generally written with an eye toward giving you “just
enough NetWare.” The same practice will be followed for the other OSs.
If you want detailed knowledge, check out the links and books mentioned.
Major Versions of Novell NetWare

You will not encounter a multitude of NetWare versions—either on the
Server+ Exam or in the real world. Novell (unlike Microsoft) has not
released a dizzying array of products over the years.
NetWare 3.x
NetWare 3.x included NetWare 3.11 and 3.12, based around the product
known as NetWare 386 having been introduced concurrently with Intel’s
386 chip. NetWare 3 supported multiple cross-platform clients (Microsoft,
Apple) and had minimal hardware requirements (4MB RAM, 74MB hard
disk space); this allowed for NetWare to be installed in low-cost environ-
ments. NetWare 3.x used a database called the Bindery to maintain groups’
and users’ accounts. The three major utility programs used (through a
command line interface) to control a NetWare 3.x server were Syscon,
PCONSOLE, and FILER.
Syscon was used for user administration of the Bindery.
PCONSOLE was used for printer setup.
FILER was used for file operations.

The simplicity and stability of NetWare 3.x made it a favorite among

network administrators. The downside was that you had to switch between
each of the three utility programs to perform all the required tasks. This
meant exiting one program and starting another.
NetWare 4.x
NetWare version 4.x was released in 1994 and offered a new centralized
administration service called NDS (Novell Directory Service). NDS not only
eliminated the need for the three separate programs of NetWare 3 (Syscon,
PCONSOLE, and FILER) but also allowed for administration of numerous
servers through one console. Prior to version 4, changes had to be made indi-
vidually on each server in the network. This was both a time-consuming and
cumbersome task.
The first release of NetWare 4.0 was fairly buggy and soon was replaced
with 4.1 and then 4.2, which was stable. Version 4.2 was released as a step-
pingstone toward version 5. It is worth noting that during the release of
version 4 Novell changed the name of the product to IntranetWare. Some
believe that this was a marketing ploy to take advantage of the Internet craze
that was forming at this time. The name was subsequently changed back
to NetWare in version 5.
NetWare 5.x
NetWare version 5 made a radical change in network communication for
Novell. Up to this point the Novell network protocol of choice was IPX/
SPX. With the release of version 5 Novell switched to TCP/IP as the protocol
of choice. This change was in part due to the sweeping support for TCP/IP
caused by the constant expanding Internet. The protocol of the Internet
is TCP/IP. NetWare 5 also included support for a multiprocessor kernel.
Previous versions of NetWare supported multiprocessors, but with the
addition of another NLM. Other added features included a five-version
license of Oracle 8 (a relational database software) and the inclusion of
Z.E.N.works, which provided for management on the workstation side.
NetWare 6.x
A major improvement in the just released NetWare version 6 is the eDirectory,
an upgrade to the NDS structure introduced in Netware 4x. Although
eDirectory can be installed, maintained, and supported on non-NetWare
platforms, including Windows NT/2000 and Linux/Unix servers, NDS
runs only on NetWare servers. You no longer have to create and maintain

separate user accounts across platforms; instead, eDirectory automatically

updates user policies, profiles, and privileges across eDirectory-accessible
systems. This proves advantageous in multiserver environments where
having to update information across several different servers with different
operating systems can be problematic as well as time-consuming.
NetWare 6 also offers IPP (Internet Printing Protocol). As expected by its
name, this protocol allows for remote printing though the Internet.
Finally, version 6 introduces iFolders, which offers a connection between
locally stored data and server stored data that is synchronized. This allows
remote access to files along with data security implementation though
synchronous backup.
Because NetWare 6 was released just recently, there is still a lot of explo-
ration and learning happening. Within a year the good and bad will surface
and a clearer understanding of the power of the operating system will allow
for a clearer judgment on its effectiveness.
NetWare Architecture
All operating systems are modular to a degree. Key components make up a
core, which is the operating system. On this core other modules or programs
are added. Novell is a classic example of this design idea in practice. The
major component of NetWare is the kernel or core OS. Built on the kernel
are NLMs (NetWare Loadable Modules). By creating a structure such as
this, disk space can be conserved by selecting which components to load and
which to not load. There are four key NLMs: disk drivers, LAN drivers,
name space modules, and utility NLMs.
Disk drivers provide access to disks and disk resources. NetWare version 3
used a .DSK extension to allow access to IDE drives. With the release of
newer versions, this extension changed to .HAM or .CDM.
LAN drivers interface between the NetWare kernel and the network
card. This is an obviously important area, because the server must have a
connection to the network. These drivers typically have a .LAN extension.
Name space modules control how files look and are stored on the server.
By default NetWare stores files using the old DOS naming convention.
This is a file name of eight characters long, a period, and then a three-letter
extension. Because different client operating systems that are accessing the
server will use different file storage and naming conventions, the name space
modules act as a buffer to mediate between the different files. The extension
for a name space module is .NAM.

Utility NLMs basically contain all the other items that do not fall into any
of the previously mentioned categories. More then 70 percent of NLMs
fall into the utility category, including print drivers (Novell Distributed
Print Services).
Each module is selectively loaded and linked to the NetWare kernel.
This creates the Netware operating system.
NetWare Administration
Administration for a NetWare server is actually done remotely. A separate
client utility called Novell’s NetWare Client for Windows 95/98 must be
installed on a client machine in order to control a NetWare server. This
allows the server to be physically locked up and secure. In NetWare version 3,
access is gained to the Bindery through a client machine running the Net-
Ware client software. You must then log into the server as an Admin or
a user with administrator rights. From this point you can gain access to cre-
ate users and manage the server. In NetWare versions 4, 5, and 6, use the
NDS rather than the Bindery. A Java applet can also be used rather then
the command line utility or menu-based monitor starting in version 5.
NetWare Interoperability
Novell NetWare supports Windows 95/98, Windows NT, Mac OS, VMS,
OS/400 Unix, and OS/2 clients. Prior to NetWare version 5, Novell ran
IPX/SPX natively. Starting with version 5, TCP/IP is the protocol of choice.
Windows
In comparison to the other major vendors, Microsoft is the new kid on the
block. And in being the new kid, Microsoft has taken a lot of heat over
the years due to the glitches and the number of repair software patches
that have been released to fix known problems.
Over the recent years Microsoft has released a multitude of operating
systems. The majority have been OSs for desktop computing but there have
been releases for network operating systems too. Windows NT was the first
Microsoft network operating system. It saw major changes and then was
replaced by Windows 2000. Repair of known issues as well as advanced
features and support for modern hardware are some of the key benefits
of Windows 2000.

Major Versions of Windows

Microsoft originally focused their efforts on the desktop operating system
environment. However, wanting to expand into the growing network field,
they created a network operating system. Much like Novell’s NetWare, the
Microsoft product has seen rapid change and several versions released.
Windows NT
Microsoft first attempted to create a network operating system with the
release of Windows NT (New Technology). Version 3.1 was the first release
to the public and it came out in 1993. Much like the original release of Win-
dows 95, NT 3.1 was quite buggy and problematic. In the world of servers
that is a cardinal sin. For this reason NT 3.1 was really not taken very seri-
ously. NT 3.51 was released about a year later. Better stability, support for
new hardware, and a familiar interface (built with the Windows 3.1 GUI)
placed Microsoft into the network operating system arena that was previous
dominated by Novell and Unix. With time Microsoft released Windows 95
as well as NT 4, which was based around the Windows 95 GUI. The clever-
ness of Microsoft marketing shone through again. Using the GUI from an
operating system that the public was familiar with ensured less of a learning
curve in using NT 4 as well as eliminating some intimidation.
Stability issues and concerns from version 3 had been dealt with before
the release of Windows NT 4 in 1996, and NT 4 became increasingly pop-
ular. The gamble of creating a network operating system with a familiar
interface paid off and NT 4 vaulted Windows past Novell in network oper-
ating system sales as well as third-party programs being written for the OS.
Added components in version 4 included IIS (Internet Information Server), a
web server, and the Internet Explorer web browser. Windows NT 4 became
widely accepted as an OS for an enterprise server but not for a backbone
server—possibly due to fears dating from version 3’s instability, or possibly
the newness of this operating system compared to Novell or Unix.
Windows 2000
Windows 2000 Server was developed to address the fears in using Win-
dows as a true server operating system in large environments. With the
release of Windows 2000, a change in protocol use also occurred. Prior
to Windows 2000, Net BEUI was the native protocol of choice. Win-
dows 2000, much like NetWare, switched to TCP/IP as its main protocol
to be better supported with the Internet. Previous versions of Windows

Server used NTDS (NT Directory Services) to control user accounts and
groups security. Windows 2000 switched to AD (Active Directory). This
new service was more in line with Novell and followed the X.500 standards,
using a hierarchical approach to naming conventions. Windows 2000 also
improved on network and system performance monitoring by creating a
management utility called Administrative Tools. Figure 7.1 is a screen shot
of Administrative Tools. Administration is now done centrally through the
MMC (Microsoft Management Console) in Windows 2000.
FIGURE 7.1 Windows 2000 Administrative Tools
Windows Interoperability
A server never operates in an isolated environment. Clients and other serv-
ers connecting to the server come from various sources and platforms such
as versions of Windows, NetWare, Unix, and Apple. Windows NT offers
client and print services for Novell, Apple, and Unix. The Novell services
are called GSNW (gateway services for NetWare), CSNW (client services
for NetWare), and FPNW (file and print services for NetWare). Macintosh
clients can also access a Windows server, but client software will have to be
installed. All Microsoft operating systems are also natively supported
(including DOS and Windows 3, 95, 98, and Me).

Windows Administration
Both NT and Windows 2000 are administered through the User Manager
for Domains. It is located in the Administrative Tools folder. Through this
utility you can create both users and groups for the local computer or for the
network. This simple utility gives a clear visual of the users on the network.
Unix/Linux
It is claimed that the first version of Unix was invented in 1969 at Bell Labs.
Regardless of the date, Unix is definitely the oldest network operating system
in use today. Even though there has been constant change in the appearance
and even function with each new flavor, the core of the operating system
remains the same.
Unix Architecture
Unix uses a 32-bit command-line-based core capable of supporting a GUI
(often called X Window). Unix natively supports TCP/IP as its primary
protocol. The Server+ Exam does not cover Unix operating systems very
much, but be aware of some of the essential flavors of Unix as well as
their benefits.
Major Versions of Unix

As previously mentioned, there are countless versions of Unix available.
The open design architecture combined with low cost of ownership has
encouraged the development of the many versions of Unix in active
use today.
Linux
Linux is a Unix flavor that has been receiving a lot of attention over the
last few years. Linux version 1 was released in 1994 and has been updated
constantly since that point. Linux prefers to be run on an Intel platform, but
successful attempts have been made with RISC processors as well as on a
Macintosh.
Two releases of Linux should be mentioned: Red Hat Linux and Slack-
ware. Red Hat Linux is a portable version that will run on an Intel, Alpha,
and Sparc processor. Slackware was designed for the Intel platform only and
will support up to 16 processors, as well as Ethernet networking.

For more information on Linux distributions go to www.linux.org.
SCO Linux
Santa Cruz Operation Linux makes OpenServer and UnixWare. Open-
Server is robust and scalable and is used with Intel equipment. UnixWare
was obtained by SCO Linux from Novell in 1997. UnixWare provides
interoperability with Novell-based networks as well as being easy to
administer and install.
Sun Solaris
Sun Microsystems created its own Unix called Sun Solaris. It was designed to
run on a SPARC platform, rather than an Intel. Sun sells both the server
hardware and operating system together designed for Internet servers.
Unix Administration
Unix administration is most commonly done through a GUI called X Win-
dow or through a command line utility called a shell. There are three major
shells used: Bourne, C, and BASH. New accounts are made through modi-
fication of the /etc/passwd file. Normally administration is done through
the X Window utility, where the User Configurator is used.
Installing a NOS
I nstalling a network operating system can be a confusing process.
If you have ever formatted and reinstalled a desktop PC you will remember
that there are many processes and steps that have to be followed in a
specific order. Drivers and disks that support items such as video cards,
network cards, and SCSI cards will have to be installed with the assistance
of manufacturer-supplied drivers. At times, patch files and firmware will
have to be used as well. (Refer to Chapter 11, “Managing and Securing the
Server Environment,” for more information on patch files.)

Installing a NOS 227
Verify Hardware Compatibility

The first step in installing a network operating system is to confirm that the
OS supports all the hardware. This will especially include the expansion card
devices such as video, SCSI, RAID, and network cards. Remember from
the previous section, some NOSs (such as Unix) are designed to run on
non-Intel-based machines. All connected hardware should be confirmed
as compatible before any attempt to perform an install is done. This also
includes external devices such as the UPS and UPS monitoring tools.
Verification at this stage will also include drivers for the software. Most
hardware will come with a CD or floppy disk containing drivers for common
operating systems. Oftentimes though the driver on the manufacturer disk
will be outdated—having been created at the time that the product was
made, these drivers can be several years old. It is always best to check with
the manufacturer’s website for the latest drivers. Other times the disk
may not contain drivers designed for the operating system that you are
installing. This also requires a trip to the manufacturer’s website to locate
new and suitable drivers. This is often the case today as people begin the
upgrade to Windows XP. The driver disks that came with their hardware
do not contain drivers for Windows XP. Although you can try to use an
NT or 98 driver, they probably will not work as expected.
Once all the proper drivers have been located and the hardware has been
confirmed with the operating system’s compatibility list, then the installa-
tion can occur. It is at this time that you will also have to deal with licensing
the server and determining the number of clients that are accessing it. Along
in the installation process the server will want to know how many client
licenses you have purchased. NOS installation is fairly straightforward:
NOSs are normally found on CDs that have an executable file that will begin
the installation process. Installation wizards then will guide you through the
installation process step-by-step. The Server+ Exam does not test you on
the details of each NOS install. Expect, with the multitude of configurations
(such as RAID), that the NOS installation will take a few hours to complete.
Once the network operating system has been installed, the system should
be rebooted (it will most likely want to reboot several times during the instal-
lation as well). This reboot will allow you to carefully monitor the computer’s
behavior. You should be looking for signs of trouble through the POST, error
messages, and beep codes.

More on POST and error messages will be covered in Chapter 12, “Perfor-
mance and Hardware Monitoring,” and Chapter 15, “Disaster Recovery.”
Any problems during the installation of the operating system should be

noticeable and dealt with at this point. Windows 2000 offers the Computer
Management utility to help assess any hardware and software problems, and
Novell offers an ABEND.log to record any abnormal endings that the server
may have encountered. Both utilities point to potentially serious hardware
and operating system problems.
Verify Network Connectivity

Before installing any further software or network components, verification
of network connectivity should occur. Verification at this point takes on a
few forms. If you are using an Ethernet connection, there can be a visual
inspection of the link lights on the network card to ensure connectivity. Link
lights are located right beside the RJ-45 plug and they light up (usually green
or red) to indicate that there is connectivity between the network card and
the rest of the network. The next step is configuration of the server to the
network card and rest of the network. This will require naming the server.
The server should be provided with a meaningful name, as it is also the name
that is viewable to the clients on the network. For example, if the server is an
e-mail server, then the logical name should be Email Server. Other configu-
ration includes installing the appropriate domain name and protocol. If this
is a server for a brand new network, then the server might have to fulfill the
role of providing authentication and access to the network. In that sense (and
in accordance with Windows NT standards), it would be called a Domain
Controller. In selecting a protocol to control traffic and communication on
the network, a decision will have to be made as to the purpose of the network
as well as the type of connectivity. To keep things simple here (you will learn
more about protocols in Chapter 8, “TCP/IP”), it is best to use TCP/IP.
Configure External Peripherals

Now that the server is up and running, there are no hardware conflicts, and
the networking is communicating as expected, the time has come to install

Installing a NOS 229
the external peripherals. This includes locally attached printers, modems,

external drives, and the UPS.
A locally attached printer can be used to print from a server or shared out
and used as a network printer. The latter case is commonly seen in small
networks. The server acts as a print server and a printer is locally attached
(or it can be attached through the network to the hub or switch). If you are
networking a printer off the server, the printer will have to be configured as
a network printer. This includes sharing the printer so it will be visible to
the clients, as well as installing a shared driver that will be accessible to the
clients who need to install the printer. Care must be taken to have available
drivers for all the client operating systems that might need the printer. For
example, a Novell server with Windows 98 and NT clients will need to
have printer drivers accessible for the Novell server, Windows 98, and NT
clients—three different server print drivers.
Installation of the UPS monitoring software and central connectivity
device monitoring tools occurs at this time. If you have a Cisco switch or
hub, there are remote management tools that can be installed on the server
to monitor and manage these devices.
Install Network Software

Network software includes items like database programs. Any software that
is installed on the server and will be used by clients is considered a network
software program. An example is an e-mail program. In in-house e-mail
programs, all messages are stored on the server until retrieved by the client.
This places a server in the role of a central storage facility requiring an
authentication method for the messages before releasing them.
After the previous step, confirming that the server hardware and
operating system are functioning properly and network connectivity is
running, all network-based software can be installed. Upon installing each
network program, confirm with the network operating system that the
software is operating successfully. This may be difficult without client
access, but that step can be verified at a later time.
Install NOS Updates to Design Specifications

Over time, updates are released by NOS manufacturers to repair known issues
or provide advanced features. These updates are provided by all manufacturers.

It is a good idea to get on a mailing list with your OS manufacturer to keep

up to date. One of the key elements to remember is that not every update
produced must be installed on your server. Weigh the functionality and
need of the update against the potential risks and possible drawbacks and
see if it is really worth performing the update. Sometime it is best not to
take the chance. Other times, updates are essential. Windows 2000 was
not out very long before a service pack update was released to deal with
serious problems in the running of the operating system. This was an obvi-
ous patch that you would want to install. Windows NT, over the course
of its active existence, had six different service packs created and released
to the public to repair and improve on the operating system. Read the
information on the update carefully before you decide whether to install
or not.
For more information see Chapter 10, “Hardware Updates,” and Chapter 11,
“Software Updates.”
Client Access
Once you are sure that the operating system is running stably with the hard-
ware as well as network software, access can be granted to the clients slowly.
You may have wondered why, a few steps earlier, I mentioned installing net-
work software and partially testing it before there were clients accessing it to
ensure that it was running fully. Granting client access is usually the last step
when installing or upgrading a server. Until you are sure that the server is
fully functional and capable of handling the stress of client requests, you
should not allow access to it. Not only will you have to deal with an improp-
erly running server if you grant access too early, but everyone who has
connected to it will be calling you and letting you know that the server is
down. Clients may also take the liberty of starting to store files or use the
applications on the server, and if you need to restart the server for some
reason, you are going to get caught in the middle of some agitated personnel.
It is therefore best to ensure that everything is running ideally before granting
access.

Summary 231
Getting It All Running
Probably the best situation I have had the chance to work in was a few sum-
mers ago when the school I worked for decided to expand and purchase
a lot of new equipment. When the shipments arrived, I found myself on
the floor surrounded by five IBM Netfinity 5500 servers, five Intel 510T
switches, and 80 Dell laptops—all of which had to be networked. The nice
thing was that I had all summer to perform the task without anyone over my
shoulder asking if it was ready yet because they needed to check their
e-mail. Having the space and time planned out allowed me to carefully and
methodically unpack, inspect, install, and configure all the equipment. All
the hardware and software could be tested and run for days to confirm that
they would perform as expected. When problems did arise, there was
ample time to research and fix each situation.
Whether your project is a simple upgrade or a complete build, always leave

enough time to perform the task as well as any unexpected issues that
may arise.
Summary
C hapter 7 is all about network operating systems. Focus was given to
the major types of operating systems and their differences. We began with
an exploration of network operating system options including application
compatibility, hardware requirements, features, and cost. Each element was
discussed in comparison to the three major network operating systems:
Windows NT/2000, Novell NetWare, and Unix/Linux. OS/2 Warp, IBM’s
server operating system, was also introduced as another alternative.
Novell NetWare was released in 1983. It used a command-line-based
utility that was administered remotely from another computer. Major
releases of NetWare include version 3, which used a Bindery to maintain
usernames and accounts; version 4, which switched from the Bindery to
NDS (Novell Directory Services); version 5; and recently version 6. Novell
natively ran on IPX/SPX until version 5, which changed to TCP/IP.

Windows released its server operating system called NT (New Technology)

in 1993. Version 3.1 was fairly buggy and not widely used. An update was
version 3.51, which repaired the issues in the previous version and used
the familiar Windows 3.1 GUI. NT version 4 updated numerous features,
including the use of the Windows 95 GUI. Windows 2000, released more
recently, included a new feature called the Active Directory to deal with users
and account security. Windows had natively run on the NetBEUI protocol
until Windows 2000, which changed to TCP/IP.
Unix comes in many flavors due to its open architecture and low cost of
ownership. Common releases include Linux, SCO Linux, and Sun Solaris.
Due to the uniqueness of each release, Unix tends to be immune to virus
attack. Natively, Unix runs on the TCP/IP protocol suite.
Steps involved in installing a network operating system include verifying
hardware compatibility. This includes compatibility with the server, external
devices such as modems and printers, and the rest of the network hardware
and software. Installing the network software includes programs such as
database and e-mail software that are used by the clients in the network.
Finally client access is given to the server after all hardware and software
functions are confirmed as operating properly.
Exam Essentials
Know the three main network operating systems. This includes Win-
dows NT/2000, Novell NetWare, and Unix.
Know the variables to consider when selecting a NOS. Application
compatibility, hardware requirements, features, and cost are the main
variables to consider.
Know the basic installation requirements for each major NOS. Novell
version 6 requires an Intel Pentium II or higher processor with 2GB of
hard drive space, 256 of RAM, a CD-ROM drive, and a VGA adapter.
Windows 2000 requires an Intel Pentium 133, 128MB of RAM,
1GB of hard drive space, a mouse, keyboard, CD-ROM drive, and
a network card.

Key Terms 233
Unix requirements vary but generally include an Intel-based processor,

64MB RAM, 500MB hard drive space, a CD-ROM, and a VGA adapter.
Know the major releases of Novell NetWare. NetWare version 3 used
a Bindery and was generally command-line-based.
Versions 4, 5, and 6 used NDS and offered a Java applet for administration.
Know how Windows is administered. Windows NT is administered
through User Manager for Domains, while Windows 2000 is adminis-
tered through Active Directory.
Know the major versions of Unix in use today. These include Linux,
SCO Linux, and Sun Solaris.
Know the steps to installing a server. Be able to verify hardware com-
patibility, verify network connectivity, configure external peripherals,
install network software, install network updates, and give client access
to server.
Key Terms
ing terms:
AD (Active Directory) GUI

BASH iFolders
Bindery IntranetWare
Bourne IPP (Internet Printing Protocol)
C IPX/SPX
command line kernel
eDirectory Linux
FILER NDS
flavors network operating system (NOS)

NLMs (NetWare Loadable shell

Modules)
Novell NetWare Slackware
NTDS (NT Directory Services) Sun Solaris
OpenServer Syscon
OS/2 TCP/IP
PCONSOLE Unix/Linux
Per Seat UnixWare
Per Server Windows 2000
Red Hat Linux X Window

Review Questions
1. Which network operating system is referred to as a Warp Server?
A. NetWare
B. Unix/Linux
C. Windows 2000/NT
D. OS/2
2. Of all the network operating systems that we looked at in this chapter,

which one is the cheapest to acquire?
A. NetWare
B. Unix
C. Windows 2000/NT
D. OS/2
E. Linux
3. According to this chapter, Novell’s eDirectory can be used on which

operating systems?
A. NetWare
B. Unix/Linux
C. Windows NT
D. OS/2
E. All of the above
4. Which network operating system natively supports the Bindery

system?
A. NetWare 3
B. Unix/Linux
C. Windows 2000
D. NT 4

5. Which network operating system (or systems) is not administered with

a graphical user interface?
A. NetWare
B. Unix/Linux
C. Windows 2000/NT
D. OS/2
6. Which network operating system makes use of Active Directory

Services?
A. NetWare
B. Unix/Linux
C. Windows 2000
D. OS/2
7. Which network operating system has been used on e-mail servers

where stability, performance, and virus immunity were mandatory?
A. NetWare
B. Unix
C. Windows 2000/NT
D. OS/2
8. What is IPP an acronym for?

A. Internet Printing Protocol
B. Internet Program Passage

C. Intel Pilot Project
D. Interlaced Protection Program

9. Which of the following is not a Unix shell?
A. Bourne
B. Bash
C. X Window
D. DOS
10. What is the client utility that must be installed to administer a

NetWare server?
A. System 32
B. PCONSOLE
C. User Manager
D. Novell NetWare Client for Windows 95/98
11. Which version of Linux is designed for an Intel platform and will
support networking?
A. SCO Unix
B. Slackware
C. Red Hat
D. Susie
12. Which operating system uses a GUI in common with a desktop

operating system?
A. Windows NT
B. NetWare 5
C. OS/2 Warp
D. Linux

13. What utility is used to administer the Bindery in NetWare version 3?
A. Syscon
B. Administrator
C. Bindery Manager
D. PCONSOLE
E. User Manager
14. Which operating system has been around the longest?

A. NetWare
B. Unix
C. Windows 2000/NT
D. OS/2
15. What is the minimum RAM requirement for Windows 2000?
A. 64MB
B. 128MB
C. 256MB
D. 32MB
16. Which NOS would you most likely find using Visual Basic scripts?
A. NetWare
B. Unix/Linux
C. Windows 2000/NT
D. OS/2
17. Which NLM would be used for network card drivers?
A. Name space
B. Utility
C. Disk
D. LAN

18. Which of the following is not a NOS?
A. Windows 2000 Server
B. Windows NT 4
C. Novell NetWare
D. Windows Me
19. Which operating system uses NLMs?
A. Unix
B. Windows 2000
C. NetWare
D. OS/2 Warp
20. Which of the following network operating systems use TCP/IP as

their preferred transport protocol?
A. NetWare
B. Unix/Linux
C. Windows 2000/NT
D. OS/2
E. All of the above


1. D. OS/2 from IBM is known as Warp Server.
2. E. Linux is available for the price of a download.
3. A, B, C. NDS eDirectory can be ported to Unix/Linux and Win-

dows NT, as well as run on its native NetWare.
4. A. NetWare 3 supports the use of the Bindery.
5. B. Unix and Linux are primarily administered through script or

configuration files.
6. C. Windows 2000 makes use of Active Directory Services.
7. B. As much as proponents of the other operating systems would love

to argue the point, Unix is the operating system of choice for most
mission-critical super-servers.
8. A. IPP is a program in NetWare version 6 that allows for Internet
based printing through the Internet Printing Protocol.
9. D. DOS is an operating system, not a shell of Unix.
10. D. Novell is administered through the use of a client computer with

the Novell NetWare Client for Windows 95/98 installed.
11. B. Slackware Linux was designed for the Intel platform and will
support Ethernet networking.
12. A. Windows NT is based around the Windows 95 GUI.
13. A. In NetWare version 3.X the Bindery was administered through

the Syscon utility.
14. B. Unix has been around for over 30 years.
15. B. Windows 2000 requires a minimum of 128MB of RAM to operate.

16. C. Visual Basic is a Microsoft product and is an integral part of the
Windows 2000 and Windows NT environment.
17. D. LAN NLMs are used to install network drivers for NetWare.
18. D. Windows Me is Microsoft’s home version operating system.
19. C. Novell’s NetWare is based around NetWare Loadable Modules.
20. E. All of the network operating systems mentioned in this chapter

would like your network to run on nothing but TCP/IP.

Chapter TCP/IP

THIS CHAPTER:

Identify common diagnostic tools across the following OS:
Microsoft Windows NT/2000; Novell NetWare, Unix, Linux,
IBM OS/2
Perform shut down across the following OS: Microsoft
Windows NT/2000, Novell NetWare, Unix, Linux, IBM OS/2
Interpret error logs, operating system errors, health logs,
and critical events
Locate and effectively use hot tips (e.g., fixes, OS updates,
E-support, web pages, CDs)
Gather resources to get problem solved: Identify situations
requiring call for assistance; acquire appropriate
documentation
Describe how to perform remote troubleshooting for a
wake-on-LAN
remote alert.

N etworking protocols are one of the most important com-
ponents in a network environment, providing communication capabilities
between network computers. The most commonly used protocol on net-
works today is TCP/IP.
This chapter will introduce you to the fundamentals of the TCP/IP
protocol suite. It will then go on to explain the major concepts behind IP
addressing and introduce you to some of the utilities that can be used to
troubleshoot an IP-based network.
TCP/IP Explained
T CP/IP has is an Internet standard protocol that is implemented on
most networks today. It is a suite of different protocols that provide com-
munication capabilities between network computers. The following section
will provide you with a brief overview of the TCP/IP protocol suite and the
role each protocol plays in network communication.
What Is TCP/IP?
TCP/IP has become the most widely used protocol. It is the protocol used on
the Internet and on routed networks. TCP/IP is a suite of protocols that maps
to a four-layer reference model known as the DoD (Department of Defense)
Model. The Model basically describes how communication between two
hosts on a network occurs.
You may also be familiar with the OSI Model. This model was developed
to implement a standard on how network communication occurs. Vendors

TCP/IP Explained 243
design their products based on the OSI Model. Essentially the OSI Model
enables communication between software and hardware regardless of the
vendor (as long as the network components are designed to the standards of
the model).
The OSI Model divides network communication into seven layers, as
opposed to the four layers used in the DoD Model. Each layer in the DoD
Model maps to one or more of the seven layers in the OSI Model.
The four layers of the DoD Model are as follows: Application, Transport,
Internet, and Network. The following section will discuss the different layers
of the DoD Model and how the different protocols making up TCP/IP map
to this four-layer model.
Application Layer
The top layer of the DoD Model is the application layer. This layer defines
how applications communicate with one another on a network. Application
layer protocols often provide support to client/server applications. A client
application running on one computer will communicate with the server appli-
cation running on another computer using the services of application layer
protocols. Let’s take a moment to review these protocols in detail.
Simple Mail Transfer Protocol SMTP (Simple Mail Transfer Protocol)
is used to send e-mail messages from one mail server to another. SMTP is
usually used to send e-mail messages over the Internet. The e-mail mes-
sages are then retrieved using POP or IMAP. When you configure your
e-mail application, you have to specify the SMTP server that your e-mail
application will be sending mail to.
Simple Network Management Protocol The Simple Network Manage-
ment Protocol is a set of protocols that are used for collecting information
about a network. SNMP agents are network devices such as computers,
routers, and bridges that gather information about themselves and return
the information to a system running a SNMP management program.
File Transfer Protocol The file transfer protocol is used to transfer files
between computer systems. It is a standard protocol that allows files to be
transferred between dissimilar systems. The user transferring files will
usually need a username and password with permission to access the file
unless a guest account is being used on the remote system. FTP uses the
TCP protocol to transfer the files.

244 Chapter 8 TCP/IP
Trivial File Transfer Protocol TFTP is a simple version of the file

transfer protocol described above. It uses the UDP protocol and, unlike
FTP, provides no security. A username and password are not required
for TFTP.
Telnet Telnet is a terminal emulation protocol used on TCP/IP net-
works. A client computer can use Telnet to log onto and connect to
another host on the network regardless of the platform on which it is run-
ning. You can enter commands through Telnet and they will be executed
on the remote system just as if you were sitting at the console. Telnet is
often used for troubleshooting and connecting to and configuring routers.
Hypertext Transfer Protocol HTTP is used for communication between
a web browser and a web server. It is the protocol used on the Internet to
format and send information. HTTP also dictates what actions to take
when certain commands are issued through a web browser.
Transport Layer
The next layer of the DoD Model is the transport layer. The protocols at this
layer define the type of transmission service between two hosts. The trans-
mission services provided by this level can be end-to-end and reliable or
broadcast-based and unreliable. The protocols operating at this level provid-
ing transmission services include TCP and UDP.
Transmission Control Protocol

TCP (transmission control protocol) is a transport layer protocol that
provides guaranteed delivery of packets between two hosts. It provides
end-to-end communication, sequencing, and error control to ensure reliable
delivery of data.
Messages received from the application layer are broken down and
sequenced. By sequencing the packets, TCP on the destination host is able to
reassemble the message in the correct order and pass it to the upper applica-
tion layer. On the sending computer TCP sends a group of packets to the
destination host and waits for an acknowledgment for each one. Any packets
that have gone unacknowledged will be retransmitted.
User Datagram Protocol

UDP (user datagram protocol) is the other transmission protocol that works
at this layer. It is similar to TCP but it does not provide reliable delivery of

TCP/IP Explained 245
data between hosts. It takes the messages from the application layer and
breaks them down into smaller segments and uses sequencing. The difference
is that UDP is not concerned with acknowledgments and does not resend
packets that do not reach the destination host. Reliable delivery and error
checking are performed by protocols working at the upper layers of the
DoD Model.
Internet Layer
Protocols operating at the Internet layer are responsible for things such as
IP addressing and routing. This layer adds addressing information to the
packet before it is placed on the network, resolves IP addresses to MAC
addresses, and determines where a packet will be sent in order to reach the
destination host. The protocols that work at this layer include IP, ARP,
ICMP, and IGMP.
Internet Protocol
IP is by far the most important protocol working at the Internet layer and
is often referred to as the mailroom of the TCP/IP protocol suite. It is here
where packets from the upper layer are broken down into datagrams. IP
adds addressing information to each datagram including the IP address of
the sending computer and the IP address of the destination computer (refer
to the section titled “IP Addressing” for more information). IP also performs
routing functions because it is responsible for determining the best route for
a datagram to be sent to reach the destination host.
Address Resolution Protocol

IP addresses are used for routing a datagram. Before a datagram can be sent
to a host on a network, the logical IP address must be resolved to the physical
address (or MAC address). If IP does not know the MAC address of the
recipient, it is the responsibility of ARP to resolve the IP address to the MAC
address. This is done via broadcast on the local subnet.
ARP maintains a local cache of IP addresses that have been resolved to
IP addresses. Before performing a broadcast, ARP will check the local cache
to see if the IP address has already been resolved. If not, ARP generates a
broadcast containing the IP address of the intended recipient. The intended
recipient may be the actual host the local computer wants to communicate
with or a local router if the destination host is on another subnet. All com-
puters on the local subnet will look at the broadcast, and the host with the
IP address will respond with its MAC address.

BootP
The BootP (boot program) protocol allows diskless workstations to boot up
and send out a BootP request so the workstation can receive an IP address.
The broadcast contains the MAC address of the client. A BootP server picks
up the request and looks to the BootP file. If the BootP file contains an entry
for the workstation’s MAC address, the BootP server responds with the work-
station’s IP address and the name and location of the file it should boot from.
Internet Control Message Protocol

ICMP works with the IP protocol and is mostly a management and trouble-
shooting protocol. ICMP reports any packets containing error, control, or
information messages. It will notify the sending host of any abnormal events
that occur. The PING command, which is discussed later in the chapter, uses
this protocol to test the connectivity between hosts.
Internet Group Management Protocol

IGMP (Internet Group Management Protocol) is used for multicasting on
an IP network. It does this through the use of multicast groups. Hosts on a
network use the IGMP protocol to join or leave a multicast group (host
registration).
Network Layer
There are no protocols and services defined at the network layer but it does
perform some very important functions. Essentially, it takes datagrams from
the network layer and breaks them into bits (1’s and 0’s). Then it adds the
MAC address to the packet before it is placed on the network. Once placed
on the network, it will determine the access method used by the network (for
example, token passing, collision avoidance, collision detection). After it
defines the network’s access method, it shifts its focus to the physical aspects
of the network. The network layer determines the physical aspects of the net-
work, such as the media and connectors.
IP Addressing
N ow that you have an understanding of the protocols that make up
TCP/IP and what each one is responsible for, let’s move on to IP addressing.

IP Addressing 247
There is a good chance that TCP/IP will be the protocol implemented on

your network. In order to effectively implement an IP based network, it is
important to have a basic understanding of IP addressing and subnetting.
Even if you are not implementing the actual addressing scheme, general
knowledge of how IP addressing is implemented can assist in troubleshoot-
ing addressing problems that may arise on the network.
Introduction to IP Addressing
IP addresses are used to identify hosts on a given network. Every host
(this includes computers, routers, and network interface printers) on an IP
network requires an IP address. Each segment on a given network requires
a unique network ID and every host on a segment requires a unique host ID.
An IP address can be seen in two different formats—as a decimal number
and as a binary number. Computers read an IP address as a 32-bit binary
number like the one shown below:
10110111 11101111 10110011 10101011
For computer users, the IP address is viewed in decimal format. The
binary number, like the one shown above, is broken down in four sections
(called octets), each section containing eight bits. Each of the four octets is
then converted to a decimal format by converting each bit to a number value
and adding them up, giving you an IP address like the one shown below:
183.239.179.171
Binary uses 1’s and 0’s. Each bit in a binary number has a corresponding dec-
imal value. The bit values within each octet are converted to a decimal format
and then totaled. Table 8.1 shows the decimal value for each bit in an octet.
TABLE 8.1 Converting from Binary to Decimal
Format Value Value Value Value Value Value Value Value
Binary 1 1 1 1 1 1 1 1
Decimal 128 64 32 16 8 4 2 1
Using this table, the binary number shown below can easily be converted
to the decimal number below it.
11000000 10101000 00011000 10000100
192.168.24.132

Network and Host ID’s

An IP address consists of two parts, one identifying the network and
the other identifying a unique host on that network. The most common
analogy used to describe network and host ID’s is in terms of your own
personal address. Your address will consist of a street and house number.
All houses on the same street have the same street address and each house
on that street requires a unique house number. Similarly, all segments on
a given network require a unique network ID to identify them, and each
host requires a host ID that is unique to their segment. The next section
shows you how to determine which portion of an IP address represents the
network ID and the host ID.
For every IP address a corresponding subnet mask is required. The
subnet mask is used to distinguish which portion of the IP address refers
to the network ID and which portion of it refers to the host ID. When a
computer on a network needs to communicate with another computer, it
must determine if the destination host is on the same network or if it is on
a remote network.
The subnet mask is used to determine what part of the IP address is used
to identify the network ID. This is done by setting all the bits in the subnet
mask representing the network ID to 1’s (the remaining bits used for the
host ID are left as 0’s). For example:
IP Address 192.168.10.2 11000000 10101000 00001010 00000010
Subnet Mask 255.255.255.0 11111111 11111111 11111111 00000000
By looking at the subnet mask in the example above, you can see that the first
three octets of the IP address are used for the network ID (192.168.10.0).
IP Address Classes
Those who designed the Internet also broke the available IP addresses down
into different classes that could be assigned based on network size. The
number of hosts you can have per network address depends on the class
of address that you have been assigned. How you determine the network
and host ID’s within an IP address is also dependent on the address class.
Table 8.2 summarizes the five address classes.

IP Addressing 249
TABLE 8.2 IP Address Classes
First Octet Max Hosts

Class Value Max Networks Per network Subnet Mask
A 1–126 127 16,777,216 255.0.0.0
B 128–191 16,384 65,534 255.255.0.0
C 192–223 2,097,152 254 255.255.255.0
D 224–239 Used for

multicast
E 240–254 Used for experi-

mental purposes
The value 127 is not included in the available ranges; 127 is reserved for test-
ing purposes and cannot be assigned to any computer. 127.0.0.1 is referred to
as the loopback address and can be used to test whether TCP/IP is initialized
on a local computer by typing PING 127.0.0.1. Essentially what the computer
is doing is pinging itself.
Certain IP address ranges from the different classes have been excluded
for use on the public Internet. These are known as private IP addresses and
are only used on private networks. If you implement a private IP address
range on your internal network but still want to access the Internet, you will
have to implement some form of gateway, such as Microsoft ISA Server, that
has an interface with a valid Internet IP address. Table 8.3 lists the private
IP address ranges.
TABLE 8.3 Private IP Address Ranges
Network Range Subnet Mask
10.0.0.0 255.0.0.0
172.16.0.0 255.240.0.0
192.168.0.0 255.255.255.0

The problem with the current address classes is that they are very ineffi-
cient. For example, assigning a network of 10,000 users a Class A address
means that a large number of host addresses are going unused. A network
with 10,000 users being assigned a network address from a class that can
support up to 17 million hosts per network is inefficient. Also, with a typical
network today being essentially an internetwork—a single network made up
of multiple segments—how is routing going to occur if you have only been
assigned a single network ID. The following section will introduce the topic of
subnetting, which has been developed to overcome the current limitations
of the address classes.
Subnetting
Networks today are growing in size, spanning geographical locations, and
often consist of many different segments (networks within networks). You
may be asking yourself why you would want to divide a network into several
different distinct segments. Here are a few reasons:
It allows you to connect different types of networks such as an
Ethernet network with a token ring network.
Remote offices or locations can be made a part of the main network.
Traffic can be limited to a local segment, thus reducing broadcast
traffic.
If a network is to be divided into distinct segments, each segment will
require its own unique network ID. If you have a single network ID that has
been assigned to you by InterNIC, you must take that network ID and divide
it into other network ID’s.
Subnetting overcomes the limitation of a single network ID. Subnetting
involves taking a single network ID and splitting that into multiple subnets
(or multiple network ID’s). Each segment is separated by a router, and a
custom subnet mask is created so there is a way to distinguish between the
different subnets. Essentially what you are doing is taking a single network
ID and dividing it up into smaller subnets.
Since the subnet mask is used to determine the network ID of an IP
address, you will need to create a custom subnet mask. This is accomplished
by taking away some of the bits used for the host ID’s and creating a subnet
address. The bits that you are taking away from the host ID’s are now going
to be used to identify the different subnets within the network (this also
means that you will now have fewer host ID’s available on your network).

IP Addressing 251
Take a look at a simple example to illustrate this: Suppose you have been
assigned a Class B address of 154.123.0.0. The default subnet mask associ-
ated with a Class B address is 255.255.0.0. Computer 1 and Computer 2
have been assigned the following IP addresses:
Computer 1 – 154.123.15.5 255.255.0.0
Computer 2 – 154.123.20.5 255.255.0.0
Using the subnet mask it can easily be determined that the two computers are
on the same subnet (by looking at the first two octets of each IP address to
see if they correspond). Now suppose the default subnet mask for the Class B
address is changed to the following because the network is divided into dis-
tinct segments and Computer1 and Computer2 reside on different subnets:
Computer 1 – 154.123.15.5 255.255.255.0
Computer 2 – 154.123.20.5 255.255.255.0
The custom subnet mask now indicates that these two computers are on
different subnets. Instead of looking at the first two octets of the IP address
(which is the default for a Class B address), the subnet masks now indicate
that the third octet is used to identify unique subnets. Since the decimal value
of the third octet does not correspond between the two IP addresses, the
computers are on different subnets.
Implementing a custom subnet mask may seem like a complex process but
it follows a very logical process. Use the steps outlined below to plan for your
subnetted network.
1. Determine the number of subnets or the number of network ID’s that
will be required taking into account future growth. A unique network
ID is required for each subnet and each WAN connection.
2. Determine the maximum number of host ID’s you are going to need
for each subnet. A host ID is required for each network card using
TCP/IP, any network interface printers running TCP/IP, and for each
router interface.
3. Create a custom subnet mask based on the above information that
provides the necessary number of subnets and hosts per subnet.
Let’s take a look at another example to illustrate the process of creating
a custom subnet mask. Suppose you have been assigned the network address
of 131.107.0.0 and a subnet mask of 255.255.0.0 (Class B). Normally the
first two octets would be used for the network ID and the last two octets for
the host ID’s.

To create a custom subnet address to differentiate between the different

subnets on the network, you take away some of the host bits from the third
octet. The number of bits you take away for the subnet mask will depend on
the number of network ID’s you need. If you require six subnets, you may
end up with a custom subnet mask as shown below:
Decimal 255.255.224.0
Binary 1111111 11111111 11100000 00000000
Notice that the binary value for the subnet mask has now increased by three
bits as compared to the default subnet mask.
Use the following steps to create a custom subnet mask:

1. Determine the number of network ID’s.
2. Convert the number of subnets (network ID’s) to binary format.

3. The number of bits represents the number of subnets required and this
is the number of bits that you need to add to the default subnet mask.
4. Once the required bits have been added to the subnet mask, convert
the number back to decimal value.
Let’s take a look at another example. Suppose you are assigned the Class
A address of 110.0.0.0 and you need to create eight subnets. Your first step
is to convert 8 into binary format, which gives you 00001000. All bits to the
left of the leftmost one are ignored. The required number of bits then is 4 and
4 bits needs to be added to the default subnet mask, giving you a binary num-
ber shown below.
11111111 11110000 00000000 00000000
Convert this binary number back to a decimal format (255. 240.0.0)
to get your custom subnet mask that will be assigned to all hosts on each
distinct network.
IP Version 6
Since the Internet has grown in popularity, there is a shortage of IP
addresses. The discussion so far has been focusing on IP version 4. The
next version of IP, version 6 (IPv6), will overcome the addressing limitations
of version 4 by using a 128-bit address. It will no longer be expressed as a

TCP/IP Utilities 253
four-octet decimal number, but rather as hexadecimal digits, with colons as

separators between the sets.
Assigning IP Addresses
Each host on a network requires an IP address. You can assign IP addresses

statically or dynamically. The option you choose will depend on the size of
your network. In a small environment, the administrative overhead of going
around to each computer to assign an IP address as well as any optional
parameters may be minimal. In a large environment, this may be impossi-
ble. In such cases you can install a service such as DCHP on one of your net-
work servers and give it a range of IP addresses that it can automatically
assign to clients. In terms of administration, it can all be done from a central
location; the IP address range and parameters need to be typed in just once,
and there is less chance for human error.
When assigning IP addresses, network servers should always be config-

ured with the same IP address. By creating a client reservation on the
server assigning IP addresses, your network servers can still have dynamic
IP addresses—but with a client reservation, they will always be assigned
the same one. On the other hand, having your servers dependent on
another server for their IP addresses does create a single point of failure.
If the server assigning IP addresses is unavailable, your servers may not
be able to acquire an IP address.
TCP/IP Utilities
There will be instances in a network environment when you experi-
ence TCP/IP connectivity problems, such as a client is unable to see a server
on the network. TCP/IP comes with several utilities that can be used to trou-
bleshoot connectivity problems that do arise. You should be familiar with
these tools if you administer an IP-based network or if your internal network
is connected to the public Internet.

Some of the common TCP/IP utilities that are used for troubleshooting
include the following:
ARP
PING
Tracert
Ipconfig
Netstat
Telnet
Nbtstat
Many of these utilities can perform various functions depending on the
switches you use with the command. The switches available may depend on
the operating system you are running. The following section will outline
each of these utilities and how they may be useful in troubleshooting com-
munication in a server environment.
ARP
ARP stands for address resolution protocol. When a host on an IP-based net-
work wants to send data to another host, the host name must be mapped to
an IP addresses and the IP address mapped to a MAC address. ARP is the
protocol responsible for mapping IP addresses to MAC addresses. It does
this by sending out a broadcast packet containing the IP address of the
intended host. The host owning the IP address responds to the broadcast
with its MAC address.
Each host also maintains an ARP cache containing IP-to-MAC address
translations. Before a broadcast is made to resolve a MAC address, the ARP
cache is examined to see if there is an entry. The main purpose of this is to
cut down on the amount of broadcast traffic on a network. The syntax for
viewing the ARP cache on a local computer is as follows:
Arp -a

By default, entries stored in the ARP cache are dynamic, meaning they are
not permanent and are deleted within two minutes if not referenced. Using
the -s command you can add in a static entry that will not be flushed out.
This is useful for frequently accessed hosts. When adding the entry you must
include the IP address of the host as well as the MAC address. Once the entry
has been added it is listed as static. Table 8.4 summarizes some of the other
switches that can be used with the ARP command.
TABLE 8.4 ARP Command Line Switches
Switch Function
-a Displays the current entries in the ARP cache
-s Adds a static entry to the ARP cache for the Internet address
and physical address specified
-d Deletes an entry in the ARP cache
-n Displays the ARP entries for the specified Internet address
PING
One of the most commonly used utilities when troubleshooting connectivity
problems on an IP-based network is the PING (Packet Internet Groper) util-
ity. It is a command line utility that is primarily used to see if another host
on the network is reachable and responsive. It works by sending out packets
to another host on the network and waits for a reply.
Most TCP/IP stacks that come with the different network operating sys-
tems come with a PING utility. They function the same, with some small
variations such as the confirmation message that is received.
The general syntax of the PING utility is as follows:
Ping w.x.y.z
where w.x.y.z is the IP address assigned to the host that you are testing
connectivity with. If the host is reachable and responding, you will receive a
confirmation message (see Figure 8.1).

FIGURE 8.1 PING statistics indicating no packet loss
If the host is unreachable or is not responding, you will receive a request timed
out message or a destination host unreachable message (see Figure 8.2).
FIGURE 8.2 PING statistics indicating request timed out
Once TCP/IP is installed and configured on a server (or client), you can
use the PING utility to determine if some of the parameters, such as the
default gateway, are correctly configured. If your network is subnetted and

connected via multiple routers, you can use this utility to ensure that remote
networks are reachable. For example, if your network configuration is sim-
ilar to the diagram shown in Figure 8.3, you can use PING to make sure that
TCP/IP is correctly configured on Server1 and that your server can commu-
nicate with servers on remote subnets using the steps outlined below.
FIGURE 8.3 Sample network configuration with two routers
Server 2
192.168.15.10
192.168.22.11
192.168.2.15 192.168.15.15
192.168.22.10 Router 2
Router 1
Server 1
192.168.2.25
1. Open the command prompt on Server1 and PING the IP address of

Server2 (ping 192.168.15.10). If you get a reply message, then TCP/IP
and its parameters are correctly configured. If the PING to Server2
fails, you can continue using PING to determine where the connectiv-
ity problem is.
2. Next, PING the IP address of Server2’s gateway. If you receive a reply,
you can determine that there is a connectivity problem with Server2.
If you are unsuccessful, proceed to the next step.
3. From Server2 PING the IP address of the remote gateway (ping
192.168.22.10). If you receive a reply, you can then determine that
Router 2 is where the connectivity problem lies. If the PING fails, you
need to determine which side of the router is not functioning.
4. PING the IP address of Server1’s default gateway. If you are unsuc-
cessful, Router 1 may be experiencing problems, but also check that
the TCP/IP parameters (such as the subnet mask and default gateway)
are correctly configured on Server1.

Tracert
Tracert is another TCP/IP command line utility that can be used to trace
the router interfaces that a packet must pass through to reach a destination.
The number of routers that a packet must pass through is displayed as a
hop count. Each router that forwards the packet is one hop. Tracert can be
useful for troubleshooting if you are unable to reach a destination host—for
example, if a router between your server and the destination host is having
problems. Using the utility will allow you to easily determine the router on
the network that is failing to forward packets (see Figure 8.4). Tracert can
also report the time it takes for a packet to reach its destination, which
can be useful in determining how efficient a specific route is.
FIGURE 8.4 Tracert helps you pinpoint traffic problems
Ipconfig
Ipconfig is a command line utility that can be used to view the TCP/IP
parameters assigned to a host, such as the IP address, subnet mask, and
nameservers. Ipconfig is very useful on Microsoft operating systems but will
not work on NetWare or Unix systems. To use the utility, type ipconfig
from a command prompt. To view more detailed TCP/IP parameters
assigned to a host, use the /all switch along with the command. This com-
mand can be particularly useful if dynamic addressing is being used. For
example, you can use the command to view and troubleshoot the parameters
that have been assigned.

Netstat
Netstat can be used to view the current TCP/IP inbound and outbound
connections on a computer. It can also provide you with information on
listening ports, TCP or UDP connection stats, Ethernet stats, and it can
display the contents of the routing table. Figure 8.5 shows the output of the
Netstat command using the -n switch. Table 8.5 lists the switches available.
FIGURE 8.5 Output of Netstat command
TABLE 8.5 Netstat Command Line Switches
Switch Function
-a Displays all connections and listening ports
-e Displays Ethernet statistics
-n Displays addresses and port numbers in numerical form
-r Displays the routing table
-s Displays per protocol statistics

Telnet
Telnet is a remote terminal emulation program that is most often used for
troubleshooting on TCP/IP networks. The Telnet program runs on a work-
station and is used to connect to another host such as a network server. Once
you establish a session with a host using Telnet, you can enter commands
within the Telnet console that will be executed on the remote host or server.
Telnet is often used in Unix environments as well as for configuring and
troubleshooting devices such as routers and switches.
Nbtstat
The Nbtstat utility is used to view NETBIOS over TCP/IP statistics, such
as any current connections using NETBIOS over TCP/IP, protocol statistics,
and any NETBIOS names that have been resolved to IP addresses. Table 8.6
summarizes the switches available with this command line utility.
TABLE 8.6 Nbtstat Command Line Switches
Switch Function
-c Displays the local NETBIOS cache
-n Lists local NETBIOS names
-r Lists the NETBIOS names resolved via broadcast and WINS
-R Purges and reloads the cache
Summary
In this chapter you learned about the fundamental concepts underlying
the TCP/IP suite of protocols. Since TCP/IP plays such an important role in
networking and server environments, it is important to have some under-
standing of it. TCP/IP maps to the four-layer DoD Model and provides com-
munication services between hosts on a network. Each of the protocols
included in the suite operates at one of the four levels performing a specific
function.

Exam Essentials 261
The chapter also covered the concepts of IP addressing and subnetting.

Even if you are not setting up the addressing scheme, it is important to under-
stand how IP addressing works for troubleshooting purposes. All hosts on
a network require an IP address and a subnet mask. The IP address is made
up of a network ID and a host ID. The subnet mask is used to determine
whether two hosts are on the same network. To overcome some of the
limitations of IP addresses, you can implement subnetting.
Finally we looked at some of the utilities that can be used on an IP-based
network. There will be times when you experience communication problems
on an IP network. The utilities discussed can be useful in troubleshooting
and determining the source of the problem.
Exam Essentials
Understand the DoD Model. TCP/IP maps to a four-layer conceptual
model known as the DoD (Department of Defense) Model. It defines
four layers, each layer performing specific functions enabling network
communication.
Understand the TCP/IP protocols. TCP/IP is a suite of protocols. Each
of the protocols has a specific role and operates at one of the three upper
levels of the DoD Model. Each protocol plays a role in network commu-
nication between two hosts.
Know the difference between TCP and UDP. TCP and UDP work at
the transport layer providing transmission services. TCP is an end-to-end
connection-based protocol that provides reliable delivery of information
between hosts. UDP is broadcast based and does not provide reliable
delivery of information.
Understand IP addressing and subnetting. Every host on an IP network
requires an IP address and a subnet mask. This is a 32-bit logical number.
It is made up of a network ID and a host ID. To overcome the limitation
of IP addressing, you can implement subnetting. This allows you to take
host bits away for a subnet ID.
Understand the function of the different TCP/IP utilities. TCP/IP
supports many different utilities that can be used in troubleshooting
an IP network.

Key Terms
ing terms:
ARP POP
default gateway SMTP (Simple Mail Transfer Protocol)
IMAP subnet mask
IP TCP (transmission control protocol)
Ipconfig TCP/IP
Nbtstat Telnet
Netstat UDP (user datagram protocol)
PING

Review Questions
1. Which of the following TCP/IP protocols provide end-to-end reliable
communication between hosts?
A. IP
B. UCP
C. TCP
D. ARP
2. Which of the following utilities can be used to view the TCP/IP con-
figuration parameters on a Windows based computer?
A. PING
B. Ipconfig
C. Netstat
D. Nbtstat
3. What TCP/IP utility will display a list of all routers a packet must pass
through to reach a destination host?
A. Telnet
B. PING
C. ARP
D. Tracert
4. What is TCP/IP?
A. A protocol used in network communication
B. A troubleshooting utility
C. A datagram sent from one host to another

D. A suite of protocols for network communication

5. You have just installed TCP/IP on one of your network servers. You
want to test to make sure that it is initialized on the server. What
command can you use?
A. Ping 127.0.0.1
B. Tracert hostname
C. PING hostname
D. Ipconfig 127.0.0.1
6. What Internet layer protocol is used by the PING utility?
A. TCP
B. IGMP
C. ICMP
D. UDP
7. What TCP/IP protocol is used to resolve logical addresses into

physical addresses?
A. IP
B. ARP
C. ICMP
D. TCP
8. What is the default subnet mask for a Class B IP address?

A. 255.0.0.0
B. 255.255.0.0
C. 255.255.255.0
D. 255.255.255.255
9. You are a network administrator for a medium-size company. One of

your responsibilities is to administer mail servers. One of the depart-
ments reports it is unable to receive and send e-mail. At which layer in
the DoD Model is the problem occurring?

A. Network
B. Internet
C. Transport
D. Application
10. Your computer is assigned the IP address 131.107.54.221. Which of

the following represents this number in binary format?
A. 10000011 01101011 00110110 11011101
B. 10000011 01110111 00110110 11011101
C. 10000001 01101011 00110110 11011101
D. 01000001 10010001 01110111 10001010
11. Which of the following utilities can be used for remote

administration?
A. Nbtstat
B. Telnet
C. Netstat
D. Tracert
12. What is the default subnet mask assigned to an IP address of

129.10.115.120?
A. 255.0.0.0
B. 255.255.0.0
C. 255.255.255.0
D. 255.255.255.255
13. What DoD layer is responsible for taking datagrams and breaking
them up into bits, before adding the MAC address and placing the
data on the network media?
A. Network
B. Application
C. Internet
D. Transport

14. Which protocol performs the same function as TCP except it is

connectionless?
A. UDP
B. SNMP
C. PPP
D. NDP
15. Which of the following protocols is responsible for message address-

ing and routing functions?
A. TCP
B. IP
C. UDP
D. ARP
16. By default, what is the host ID for the IP address of 192.168.10.220?
A. 192.0.0.0
B. 0.168.10.220
C. 0.0.10.220
D. 0.0.0.220
17. By default, what is the network ID for the IP address of 129.158.221.15?
A. 129.158.221.0
B. 0.0.221.15
C. 129.0.0.0
D. 129.158.0.0
18. What utility allows you to display all the current connections for a
server?
A. FTP
B. Netstat
C. Nbtstat
D. PING

19. Which decimal value represents the binary number 11100000

11111110 10101011 00011010?
A. 224. 254.171.26
B. 240.254.171.26
C. 224.255.171.26
D. 224.254.171.16
20. Which of the following TCP/IP utilities will allow you to view statis-
tics on NETBIOS over TCP/IP?
A. Netstat
B. NetBIOSstat
C. Nbtstat
D. Nbstat


1. C. The Transmission Control Protocol provides end-to-end reliable
delivery of packets between hosts through session establishment,
sequencing, and error control.
2. B. The Ipconfig utility can be used to see the IP configuration param-
eters that have been assigned to a computer, such as the IP address,
subnet mask, and default gateway.
3. D. The Tracert utility can be used from a command prompt to trace
the router interfaces a packet must pass through in order to reach a
destination.
4. D. TCP/IP is a suite of protocols for network communication. It is
made up of several protocols that perform specific functions enabling
network communication.
5. A. PING 127.0.0.1 is used to test if TCP/IP is initialized on a local
computer.
6. C. The Internet Control Message Protocol is used by the PING utility.
7. B. The address resolution protocol is used to map logical addresses

into physical addresses.
8. B. The default subnet mask for a Class B network is 255.255.0.0.
9. D. SMTP and POP are responsible for the sending and receiving of
e-mail messages. Therefore the problem would lie at the application
layer.
10. A. When 131.107.54.221 is converted to binary, the correct binary
number is that of answer A.
11. B. Telnet will allow you to connect to a remote device such as a server
or router and perform remote administration tasks.
12. B. 129.10.115.120 is a Class B address. Therefore the subnet mask
will be 255.255.0.0.
13. A. Datagrams are broken up into 0’s and 1’s and addressed at the
Network layer of the DoD model. The data is correctly addressed with
the MAC address before being sent out on the media to its destination.
14. A. UDP performs the same function as TCP only it is a connectionless
protocol.

15. B. IP is the protocol responsible for addressing messages and routing

functions.
16. D. The host ID for the Class C address of 192.168.10.220 is 0.0.0.220.
The first three octets are used for the network ID.
17. D. The network ID for the Class B address of 129.158.221.15 is
129.158.0.0. The first two octets identify the network and the remain-
ing two identify hosts.
18. B. The Netstat utility will allow you to view all current connections
for a server (or workstation).
19. A. The binary number represented in decimal format is
224.254.171.26.
20. C. The Nbtstat utility can be used to view statistics on NETBIOS
over TCP/IP.

Upgrading PART
IV

Chapter Upgrading and
Maintenance
THIS CHAPTER:

processors, memory, internal cables, etc.)
Install UPS

3.3 Add hard drives
Add drives to array
operating system

latest test drivers, OS updates, software, etc.; Review FAQs,
that the upgrade has been recognized; review and baseline;
document the upgrade.

latest test drivers, OS updates, software, etc.; review FAQs,
document the upgrade


Verify appropriate system resources (e.g., expansion slots,
IRQ, DMA, etc.)
3.8 Upgrade system monitoring agents


3.9 Upgrade service tools (e.g., diagnostic tools, EISA

configuration, diagnostic partition, SSU, etc.)
3.10 Upgrade UPS

I n a network environment, servers play one of the most important
roles. If a server is down or if it is performing poorly, it has a direct impact
on the rest of the network. Network servers are expected to be up, running,
and meeting the demands placed on them almost 100 percent of the time.
With these points in mind, your servers will need to be upgraded at some
point in the future, whether it is a software upgrade, a hardware upgrade, or
both, to continue to meet the demands being placed on them.
Once a server is installed and running, it can’t be forgotten. All too often
servers are set up and then ignored under the motto, “If it is running fine,
then leave it alone.” Much like a car, servers need to be maintained. This
maintenance includes monitoring, assessment, and—over time—upgrading.
Through this process, hardware, software, and operating systems will be
upgraded, changed, and even retired as they age. If this process is carried out
properly, then unpredictable changes and financial strain can be avoided.
This chapter explores the process of assessing and maintaining a server
once it is up and running. This process can be carried out through several
means, including establishing baselines and reviewing monitoring agents
and log files. Based on gathered information, server performance can be
monitored. Over time with added client stress the need for an upgrade can
be determined, through this monitoring, before server performance degen-
eration results in either client frustration or server failure. The following
chapter will also introduce you to the procedures that should be followed
any time you are performing an upgrade to a server. Reviewing the infor-
mation discussed in the chapter can help to ensure that your upgrade is
successful and that you are prepared for any glitches that can occur.

Assessment 277
Assessment
One of the first steps in beginning to upgrade a server is to determine
exactly what needs to be upgraded. This of course will depend on the role the
server plays on the network and your reasons for performing the upgrade.
If a server has become a bottleneck, you will need to determine what server
component needs to be upgraded. Not performing an assessment can lead
to an unnecessary upgrade being performed and money being misspent. The
following section will look at performing an assessment of your server to
determine when to upgrade and how to determine what component to
upgrade.
Assessment should not be a one-time process; instead, the information
gleaned from constant monitoring can be useful for planning preventative
maintenance and determining upgrade paths.
Monitoring tools provide a means of watching and assessing server
performance. Windows 2000, for example, offers a program called System
Monitor, which is located in the Administrative Tools folder within the
Control Panel. Figure 9.1 is a screen shot from the System Monitor.
FIGURE 9.1 Windows 2000 System Monitor

278 Chapter 9 Upgrading and Maintenance
Notice how the System Monitor offers a visual graph to represent current
performance of the computer. The information represented in the graph is
user-selected. In the screen shot example, processor time is the option
selected. To select an option simply click the plus button and choose the
counter you want to monitor. Figure 9.2 illustrates the Add Counters screen.
FIGURE 9.2 Add Counters screen in Windows 2000 System Monitor
With the System Monitor numerous counters can be used at one time.
This allows data to be collected and compared on several areas at once. The
data accumulated can then be analyzed to locate patterns in system behavior.
For example, does the processor time increase affect the interrupts-per-
second counter?
Besides the System Monitor, the Windows 2000 Performance utility also
shows Performance Logs and Alerts, including Counter Logs, Trace Logs,
and Alerts.
The Counter Logs Monitor allows you to set a period of time during
which the information gathered in the System Monitor will be recorded in a
text file on the hard drive. This allows you to maintain a record of perfor-
mance. This record can be reviewed at a later date or used to compare to data
gathered at another time.
The Trace Logs Monitor lets you trace changes and actions occurring on
a computer. This information is useful in locating the source of potential
problems. If a program action is responsible for server stress, then the Trace

Assessment 279
Log will assist in tracking the program through its utilization of server
resources.
The Alerts utility provides a means of setting a threshold on counters.
For example, the processor utilization seen in Figure 9.1 can have an alert set
so an action is performed should the number exceed a user-set value. This
action can include logging a message, sending a network message, starting
a performance data log, or running a program. With an alert set, server
stress can be properly handled before it leads to a bigger problem such as
system failure.
Regardless of the monitoring tools that are used (numerous third-party
software packages are also available), the idea is to seek out potential bot-
tlenecks. Bottlenecks are locations where the performance is hindered due
to poor performance. This can include processor speed, amount of RAM,
and hard drive speeds. System monitoring will assist in locating these prob-
lem areas. Monitoring tools used over a period of time will also assist in
locating areas in which performance is slowly decreasing. This is a common
problem that often goes unnoticed until it has become a serious issue.
Assessment also takes on the form of analysis of both the need to upgrade
as well as the upgrade procedure itself. With the assistance of Performance
Logs and Alerts, the decision to upgrade computer hardware or software can
be planned and carried out before poor server performance becomes critical.
This saves you the hassle of dealing with an emergency upgrade at a less than
opportune time. Since most servers are extremely expensive and complex
devices, it requires careful planning and assessment before deciding on an
upgrade.
Why Upgrade
As time goes on, networks change, and changing networks have a direct
impact on servers. Whether it is an increase in size or the use of a new net-
work service, these changes have a direct impact on the workload placed on
the server. To meet the demands of a changing environment and to be able
to perform under the expected workload, servers will need to be upgraded at
some point. This upgrade may be a hardware upgrade, a software upgrade,
or both.
You may think that the only reason you would upgrade a server is because
a component is failing or becoming a bottleneck, but there are several other
reasons as well. The following topics describe a few of the reasons why you
might need to upgrade a server.

Server Role
As you saw in Chapter 1, a server can play many different roles in a network
environment. The type of a role that a server is playing will determine its
hardware and software requirements. For example, one of the most impor-
tant components in a file server is the disk subsystem, but the most important
component in an application server is the processor. Changing a server from
one role to another may require that the server be upgraded.
New Applications and Services

Introducing new applications and services into a network environment can
mean that the servers on which they will be running need to be upgraded.
Most applications and services come with a list of hardware and software
requirements. Meeting the requirements might mean upgrading a server.
For example, if you plan to install Microsoft Cluster Service on a server,
you might need to first upgrade the operating system (to Windows NT 4
Enterprise Edition or Windows 2000 Advanced Server) and add the latest
service packs.
The same holds true for Novell and Unix applications as well. Always
make sure that the network operating system supports the software that you
are trying to install. Also, it’s critical to make sure the hardware you have
supports the software you are trying to add. Generally speaking, the stated
minimum hardware requirements are not sufficient. Always try to have more
hardware than the application or service requires, for better performance.
Network Growth
An increase in the size of a network will directly impact the workload being
placed on your servers. An increase in the number of users means an increase
in the number of users accessing network servers, whether it is for logon
validation, accessing shared resources and applications, or other services.
A server that was once capable of handling the workload might now need to
be upgraded to meet this increase in demand.
Hard Disk Space

One of the most common components to be upgraded in a server is the hard
disk. For example, if your server is acting as a file server, hosting shares and

Assessment 281
storing user data, you may quickly run out of available storage space and
find yourself needing to upgrade.
What to Upgrade
The examples given above describe just a few of the possible reasons for
upgrading hardware components and software on a server. Regardless of the
type of upgrade you are performing, preplanning is a must.
Determining what server component/components need to be upgraded
can be a difficult task and will depend on your reason for performing the
upgrade. If you are changing the role the server plays, you will need to assess
what components are most important for that given role. If you plan to make
an existing server a file server, you will probably be most concerned with
upgrading the server’s disk subsystem. If your reason for upgrading is poor
server performance, you will need to take some time assessing the server to
determine which component is causing the bottleneck. This is where a server
baseline becomes important (which also falls under the category of server
maintenance).
Server baselines can be used by network administrators to gauge the per-
formance of a server over time. The baseline helps to establish what normal
or acceptable performance for a server is. Using the information gathered
over time, you can monitor the different server components to see if they are
functioning individually and as a whole.
You’re not going to spend all of your time establishing baselines. You will
want to establish one when you first get the server running properly, and
then each time you add a component or make a major change, you will want
to re-establish new baselines as necessary. This will allow you to see how the
performances of different components change over time (establishing server
baselines will be covered in much more detail in Chapter 12, “Performance
and Hardware Monitoring”). Once you see deterioration in server perfor-
mance, you can monitor your server, compare it to your baseline of accept-
able performance, and use the comparison to determine what component (or
components) has become a bottleneck and what may need to be upgraded.
Once you’ve determined what needs to be upgraded within a server, you
can then begin planning for the actual upgrade. The tasks that need to be
completed before doing the upgrade will be covered in the following section.

What to Upgrade
Monitoring the real-time performance of a server on a regular basis can give

you a really good idea of how your server performs throughout the day
under various workloads. The information you gather and log can be valu-
able when trying to determine the source of a bottleneck and then what
server component needs to be upgraded. Be careful though when you are
using this information to determine the source of a problem. Upgrading one
server component that you think is causing a bottleneck can inadvertently
cause another bottleneck. When determining the source of a bottleneck, it is
important to take a holistic approach. You can analyze the performance of
server components individually but it is also important to analyze the server
as a whole and how the different components work together. For example,
suppose you run a performance-monitoring tool and determine that you
have a high number of I/Os. So you think the hard drive is the bottleneck and
upgrade it. Once the upgrade is complete, the number of I/Os does not
decrease and you determine through further analysis that there is actually
insufficient amount of RAM in the server. Not only have you spent dollars
on an unnecessary hard drive—now you have to spend more to upgrade
the RAM.
Upgrade Procedures
As previously mentioned, carrying out an upgrade on a server is not some-
thing to be decided on lightheartedly. A careful plan of the upgrade, includ-
ing a timeline, due dates, and milestones, must be established. During this
planning stage, consideration of compatibility between the upgrade and
existing hardware, software, and operating system must be dealt with, as
well as the clients who access the server. Will their hardware, software, and
operating systems be compatible with the server’s upgrade?
In order to properly and successfully perform a server upgrade, it is
important to follow some sort of procedural checklist. These are just some
basic but important steps that should be followed any time an upgrade
procedure is performed on a server, regardless of whether it is a hardware
upgrade or software upgrade. Preplanning may seem like a tedious task to do
for an upgrade but, when dealing with network servers, it is always better to
be safe than sorry. Take for example an operating system upgrade. This
is one of the most important upgrades that can be performed on a server

Assessment 283
and considerable preplanning is required. You may think the upgrade is

as simple as putting the CD in the CD-ROM, but what happens if the
upgrade fails? What about the availability of the server’s resources during
the upgrade? What about the applications installed on the server? Will the
server’s hardware be compatible with the new operating system? Preplan-
ning and completing the tasks outlined below will provide you with the
answers to these kinds of questions before the upgrade takes place.
Upgrade Nightmare
I remember a few years ago being called out to an office where an operating
system upgrade was performed and they had some problems. Upon arrival
I learned that the office was originally using Windows 98 and wanted better
security and file safety so they chose to upgrade to Windows NT. After the
upgrade, several computers had hardware problems, especially with mice
and keyboards. As it turns out, the hardware in question was interfacing
with the computer through the USB port. Unfortunately, Windows NT does
not support USB interfaces. Had this company researched carefully into the
upgrade, it would have realized this problem before deciding on performing
the upgrade.
Planning the Upgrade

Prior to upgrading a server, you should perform the following tasks:
Review any technical documentation.
Choose components.
Schedule the upgrade.
Perform a full backup of the server.
Document the server’s current settings.
Create a backout (rollback) plan.
Test the upgrade.
Schedule for server downtime.

Reviewing Technical Documentation

Most upgrades will come with some form of technical documentation
outlining the upgrade process. Reviewing this information will help you
familiarize yourself with the upgrade process before it is actually performed
and alert you to any issues that you need to be aware of. This includes all
manuals, last minute notifications, and all Readme files that were supplied
with the upgrade components. Within this documentation will be informa-
tion regarding installation processes, possible issues, and customer support.
Depending on the type of upgrade being performed (software, hardware,
or operating system), specific steps will have to be followed to ensure proper
operation and the desired outcome.
Most websites will provide information on upgrade procedures. Take
the time to browse through the information as well as check to see if there
are any newsgroups available or known issues or forums pertaining to the
upgrade. Most hardware manufacturers and operating system manufactur-
ers will have some area on their website where users can share information
or post questions. Chances are you are not the first network administrator to
perform the upgrade and others may have posted information or advice.
Choosing Components
In deciding on an upgrade, be sure to take the time to research numerous
vendors and manufacturers. The multitude of products and manufacturers
may seem overwhelming, but it will give a clear idea of the options and price
range available. During this time, comparison to the components currently
installed in the server will prevent any incompatibility. Most hardware and
software manufacturers have extensive documentation on their websites and
will share potential problems as well as incompatibility and known issues.
Once components have arrived, the next step is to confirm all parts are
accounted for and are not damaged. Copies of invoices and order forms
should be verified and then filed into a documentation folder. Should a time
come when confirmation or verification of parts is needed, referral to these
invoices will be of great assistance.
Schedule the Upgrade

Once the upgrade compatibility is confirmed and all known issues are
dealt with, a timeline on the upgrade can be estimated. This will include the
process of ordering the proper equipment, shipping, installing, testing, and
configuring the upgrade. This process will also include any “red tape” that

Assessment 285
may have to be taken care of. For example approval of the upgrade from
management or a board of directors may have to take place before the
go ahead.
Scheduling the upgrade entails determining what upgrade steps are going
to be completed at what times and who is responsible for performing them.
The plan that is developed will of course depend on the type of upgrade that
is being performed. A simple upgrade can be scheduled to occur during a
span of a few hours while a more elaborate upgrade may be scheduled to
occur over a span of several days (even months in some cases). Either way,
a schedule of an upgrade organizes the procedures so technical staff—and
maybe nontechnical staff—know what is going to occur and when it will
occur. Depending on the business policies and how relaxed they are, your
schedule may just include the date and time that the upgrade will occur or it
may include details such as when the hardware and software will be pur-
chased, when the testing phase will begin, and when users will be notified of
server downtime.
Backup
Talk to any experienced network administrator and one of the first things
they will recommend before making any changes to a server is to perform a
full backup. This means backing up the entire server. Your backup should
include a backup of the operating system, any applications, and all data
stored on the server.
Once you’ve performed a full backup, you may think that you are ready
to upgrade, but there have been many instances where a network adminis-
trator has backed up data only to find that it cannot be restored. So once
again, to be on the safe side, do a trial run and test the restore. You will want
to have a test machine on which to run the restore, just to make sure the
whole thing works. If you do not have a test machine available, it’s time to
get one.
Document the Configuration Settings

Chances are that your server has unique configuration settings, whether it is
OS settings or application and service settings. Documenting this informa-
tion can save you hours of work. If by chance the upgrade fails and you are
unable to restore your server from a backup tape, your only option will be
to perform a clean install. Having this information documented will make
your job easier when it comes time to reconfigure.

Create a Backout Plan

You may often hear a backout plan referred to as a rollback plan. A backout
plan is exactly that. Knowing when the upgrade has failed and how to get the
system back to its previous state. The backout plan should define at what
point in the upgrade process you need to stop and begin attempting to
recover the server. It should also outline the steps that will need to be com-
pleted to bring the server back to its original state. Again depending on the
type of upgrade, the plan may be as simple as replacing the new hardware
with the old.
Test the Upgrade

In an ideal world you should be able to test the upgrade plan in a controlled
test environment before performing the upgrade in the production environ-
ment. In that ideal world, you could test the upgrade several times. The test
environment should mirror the actual production environment. If at all pos-
sible, the test server should be configured exactly the same way as the server
to be upgraded, with identical hardware and the same configuration settings,
applications, and services. Doing a test run of the upgrade will determine
first of all whether or not it will succeed and also alert you to any minor (or
major) problems that might arise and how they can be remedied. Again,
unless the server is an exact replica of the server to be upgraded, the results
of your test run might not be quite accurate. However, it will give you some
hands-on experience with the upgrade process.
Always Read the Instructions
It is interesting how, after performing many expansion card upgrades,

we fall into the trap of thinking that they are all the same. The usual process
involved removing the cover, installing the card, replacing the cover,
turning on the computer, and finally letting the Plug and Play wizard locate
and install the card and the software. The reality is that this is a common
routine, but not the rule. I have encountered expansion cards that required
the software to be installed first, then the actual hardware installed second.
If you installed the hardware first and the software last, the card would
not work.

Assessment 287
Scheduling Server Downtime

Server availability is very important. During the upgrade you want to make
sure that server downtime is minimal. Again, the type of upgrade that you
are performing will determine the length of time that a server will be unavail-
able. In an ideal situation, there should be another server to take the place of
the one being upgraded while it is offline, but in instances where you have
a small office with a single server, this may not be feasible. However, if the
server is running services that are critical to the operation of the network, a
stand-in server may be necessary.
Both ways, server downtime still needs to be scheduled and users notified.
Users tend to understand that upgrades need to be performed as long as it
does not cause too much of a disruption to their workflow. When planning
to take a server offline, try to schedule it during non-peak hours; generally
this means performing an upgrade in the evening or weekend. This way the
impact on users will be lessened.
Scheduling server downtime also includes notifying users. This can be in
the form of an e-mail message telling users when the server will be down,
how long it is expected to be down, and any impact this might have on them.
You may also want to send a message to all users connected to resources on
the server just before the outage occurs so they have time to save their work
and disconnect from the server. Figure 9.3 shows an example of a console
message sent from a server running Windows 2000.
FIGURE 9.3 Windows 2000 console message
It’s a good idea to send out multiple messages to your clients warning
them that the server is coming down. Invariably though, after you bring the
server down, you will get a dozen phone calls from frantic employees that
either didn’t pay attention or didn’t save their files.

After the Upgrade
Obviously, if you are performing an upgrade you are making changes to the
configuration of a server. Preplanning is of the utmost importance, but what
about after the upgrade is complete? It is generally good practice and com-
mon courtesy to document any changes that have been made to the server
and keep the information in a log somewhere secure. If you are the only net-
work administrator, then obviously you are the one who monitors changes.
But if you are not, it is good practice to document the exact changes that
were made. Nothing can unnerve an administrator more than sitting down
at a server only to find significant changes and not know when they were
performed or what was done. Not only is providing documentation a com-
mon courtesy, but it also aids the next administrator in troubleshooting any
problems that may occur after the upgrade has been completed.
Risk Assessment
Any time you perform a server upgrade, there are risks involved that
you need to be aware of beforehand. So during the preplanning phase, one
of the tasks you need to complete (and this can be done when creating a
backout plan) is to perform a risk assessment. A risk can be defined as a
potential problem that may arise during the upgrade. A risk assessment
entails identifying the possible risks of the upgrade and having a contingency
plan in place should they occur. As an example, what would happen if you
upgrade Windows NT to Windows 2000 and the server’s NIC isn’t on the
Windows 2000 HCL? Your overall goal in performing a risk assessment is to
identify the risks, eliminate them if possible, or find ways to eliminate their
impact should they occur. Part of your risk assessment plan should be to
determine how critical the server is to the day-to-day operation of the busi-
ness and how much downtime can be afforded if a problem does arise.
Part of addressing the potential risk factor is determining if the upgrade is
necessary. Do the benefits of the upgrade outweigh the potential risks? It is
not only unnecessary, but also unwise, to install every available update that
you can find. At times, upgrades will conflict. It is very common to see
numerous versions of the same update released over time. Always check the
date on the upgrades to ensure that you are not downloading an outdated

Risk Assessment 289
version. Other updates are designed specifically for an operating system,

network type, or version. If you are not using that specific network type
(for example), then the patch will not be useful.
In dealing with risks to operating system functionality, Microsoft intro-
duced a new feature with Windows 2000 called driver signing. Driver
signing identifies drivers that have been tested and certified to work properly
with Windows 2000. When drivers are installed that are not part of the Win-
dows 2000 driver signing, you will be prompted that they may not perform
as expected. This feature helps to eliminate the potential for unexpected
results with driver operations and potential risks to the operating system.
Microsoft also uses an HCL (hardware compatibility list). This list includes
vendors and products that were certified to operate within the Windows
operating system trouble free. Other devices may work, but there is a poten-
tial for resource or driver issues. Driver signing improved on the HCL by
alerting the installer to the potential risk.
Resource conflicts are another potential area of risk. In a mixed expan-
sion card environment, both PCI and ISA cards can be used. ISA card
resources are configured through jumpers while PCI card resources are
controlled through the BIOS and operating system. The potential for
resource conflicts becomes high in this environment. As discussed earlier,
Windows 2000 offers a view of shared resources and forced hardware
resources in the Computer Management utility. This will assist in locating
and dealing with resource problems.
With any upgrades, the potential for security holes and breaches also
becomes an area of risk. Careful planning during the installation and assess-
ment process will help prevent these potential risks. For example, the instal-
lation of a dedicated Internet connection exposes the server and network to
Internet-based threats such as hacking. Installing protective software such as
a firewall will reduce this risk.
Your risk assessment should include the following information:
Identify the risk factors associated with the upgrade—the type of
upgrade you are performing will obviously determine the number of
risks involved and their potential impact (high or low impact).
Determine the impact the risk factors may have. Once the potential
problems have been identified, assess each one to determine what may
happen if it occurs. What impact will it have on the users’ workflow
and the upgrade schedule? Are there any costs associated with the
risk and what effect will it have on the server?

Determine the likelihood of each risk factor occurring—Ask yourself

or any other IT staff involved in the upgrade what the chances are of
the risk actually occurring.
Develop a mitigation strategy—Once all the risks have been identified,
your last step in performing your assessment will be to determine what
steps can be taken to eliminate the likelihood of a potential problem
occurring or finding ways to lessen the impact (especially for those
problems that are likely to occur).
This is one instance where being a little on the paranoid side can be a positive
thing. Always plan for the worst, even though the chance of the worst actually
occurring is minimal. In the end you will feel much more confident when it
comes time to perform the upgrade.
Server Availability
Your ultimate goal is to make network servers available 100 percent
of the time (this is referred to as server uptime) or when users need to have
access to them. If a business is up and running 24 hours a day, 7 days a week,
your network servers will need to be available 100 percent of the time.
Although the goal is 100 percent uptime, in some cases this may be impos-
sible to achieve (take for instance a business with a single server). Obviously
the uptime required by businesses will vary depending on the applications,
services, and data being stored on the server and how critical they are to the
company’s day-to-day operation.
How Much Downtime?

This is a question you will need to ask yourself, other IT staff, and users on
the network before performing an upgrade (particularly if it is a major
upgrade). How much server downtime can the business actually afford? This

Server Availability 291
will depend on the role the server plays on the network and how critical it is.
Take for example a file server that is accessed occasionally by users on the
network. In this case, taking the server offline will have little impact on the
users. If another server is available on the network, the files can easily be
duplicated and made accessible during the time the server is offline. What if
the server you are upgrading is a domain controller? Taking this server
offline for any amount of time can have a profound effect on the network
and will mean configuring another server to take its place in the meantime.
When determining how much downtime can be afforded, begin by assess-
ing what role the server plays on the network. Document all the services,
applications, and resources hosted on the server and how they apply to the
operation of the business. Anything that is critical to its operation may have
to be duplicated onto another server while the upgrade is done. Consider a
server that is leasing IP addresses to users on the network. If this server were
to be unavailable for a period of a week while an upgrade is performed, it
would have a major impact on what users could do on the network. The
service would then need to be duplicated onto another network server.
Increasing Availability
Increasing the availability of a server will depend on the environment in
which you are working. If you have access to multiple servers, then it is a
matter of duplicating those services or applications onto another one. The
following list includes some suggestions for minimizing the impact of server
downtime, thereby increasing server uptime.
Schedule upgrades to occur during off-hours making the server
available when users need access to it.
If possible, configure a server to take the place of the one being
upgraded while it is offline.
Take advantage of clustering technology for critical servers.
Take the time to complete the pre-upgrade tasks so you are prepared
for any potential problems that might cause the upgrade to take longer
than predicted.

This is one instance where clustering servers plays an important role. As you
recall, when servers are in a cluster configuration, one is waiting to take over
the workload of another if it goes offline. This includes any planned outages
for upgrade and maintenance procedures. The resources on one server can
failover to another server if the cluster and downtime is decreased to a matter
of seconds (users probably won’t even notice). You can then take the server
off the network and perform the necessary upgrade. Once the upgrade is
complete, the server can reassume its workload and all is well. Clustering is
probably not necessary for servers that play a minimal role on the network.
But for businesses that rely heavily on web servers for e-commerce, it can
essentially mean millions of dollars.
Performing the Upgrade

Once you have verified that all the parts for the upgrade have arrived, you
can begin the process of performing the upgrade. Based on the plan devel-
oped earlier, steps toward performing the upgrade can be carried out in the
carefully preplanned order. This will include a final reminder to all affected
clients that an upgrade will be performed. This is also the stage where a full
backup should be done. Performing a full backup will ensure that if a prob-
lem should occur, the data would be safe. Remember to also verify the
backup before continuing with the install.
Backups and verification are covered in depth in Chapter 14, “Backups.”
If the upgrade to be performed is hardware related then ESD (electrostatic

discharge) best practices must be adhered to. This includes the use of
antistatic bags, ESD wrist straps, and mats to prevent static charges from
damaging delicate hardware components. ESD damage is a serious threat to
computer hardware and can lead to hardware operation problems.
ESD best practices are covered in Chapter 15, “Disaster Recovery.”
Depending on the hardware upgrade being performed, there may be

an impact on the system’s power consumption. For example, installing
redundant components within a server could require upgrading of the power

supply and/or the UPS. All servers should be connected to a UPS (uninter-
ruptible power supply). A UPS is nothing more then a battery system that
will maintain power to the server in the event of an electrical failure. The bat-
tery is connected between the server and the electrical outlet. When there is
a power failure, the battery system will run the server and any other devices
connected to the UPS for a period of time. Depending on the size and strength
of the battery system, a UPS may support minutes to hours of power.
Software is also available that will interface between the UPS and server
allowing for alerts and remote notification that the server is running off bat-
tery power. Another key feature that UPS software provides is a shutdown
option for the server. If the electrical power is not re-established before the
battery runs out, the software will alert users, close all software programs
that are running, and then power down the server operating system. This
prevents the hard shutdown that occurs when power fails and all open
programs including the operating system are abruptly shut down. Hard shut-
downs can cause loss of data as well as program corruption. If the UPS that
the server is currently using is underpowered, then an upgrade to the UPS
will also have to be made. UPS software also monitors the power load being
placed on the UPS battery. If the load exceeds the recommended battery
load, then the UPS should be upgraded. Anytime a hardware upgrade is
performed, the UPS load should be checked to confirm that it is capable
of handling the stress of the added component.
Working in conjunction with a UPS should be a surge protector. Some
manufacturers combine both a UPS and surge protector in one, but it is
advisable to purchase a dedicated surge protector. A surge protector has a
built-in circuit breaker that will trip should a spike of electricity arrive. This
prevents the momentary increase in electricity from damaging the computer.
Many surge protectors offer modem and network protection along with elec-
trical protection. This insures that any potential damage traveling down a
telephone or network line will be caught before it can reach the computer.
All sensitive equipment should be protected by a surge protector (including
computers, printers, fax machines, and networking products).
Software upgrades include patches, new software, upgrades to existing
software, and firmware. Patches are small programs that are installed to
repair or add features to existing software. An example would be a patch for
a database program to repair a known problem. Normally patches are sim-
ple to install, using an executable file that does all the work, but at times
patches will require you to manually install files or overwrite existing files.
New software includes any program, driver, or file being installed to the

server that has not previously been installed. Research to ensure compatibil-
ity with other software and the operating system is a must. Firmware (as
discussed in Chapter 3, “Motherboards and Processors”) is software that
controls hardware. Firmware updates on a server include SCSI controllers,
RAID controllers, tape drives, and CMOS BIOS. Although other hardware
devices have firmware, these four are the most common firmware updates.
When installing firmware updates, be sure to obtain the software from the
product manufacturer. The potential risks of component damage or inoper-
ability should be a deterrent enough to not download firmware updates from
just any Internet site. Manufacturer’s sites design and verify firmware updates
specifically for their products. By downloading from the manufacturer’s site,
you can be reasonably certain about the reliability of the firmware.
Operating system upgrades and updates normally require purchasing the
update on a CD-ROM or downloading it from the operating system website.
Similar to software updates, operating system updates include repairs to
known problems as well as enhancing features. Again, before installing any
update, confirm that it will be compatible with your existing hardware and
software. Windows 2000, for example, offers updates called service packs.
Two service pack updates have been released to deal with known operating
system problems. Operating system updates are available for Windows,
NetWare, and Unix based systems. Frequently, visiting the operating system’s
website will help keep you up to date on the current releases as well as their
role. New operating systems such as Windows 2000 also offer notification of
new patches and service packs. This alert can come in the form of an e-mail
or a popup notification in the system tray.
After the Upgrade

Once the upgrade has been performed, as outlined in your predetermined
plan, the server should be restarted (if needed) and observed. Observation
will include visually checking for problems. This includes the POST (power-
on self test), any beep or visual error codes that appear, or error messages
generated. Any abnormalities noted at this point will need to be immediately
addressed. Even if the error message generated does not appear to have any
immediate effect on the server operation, it does point to a misconfiguration.
With time this misconfiguration might cause a problem.
Windows 2000, for example, has a computer management feature, which
is accessed by clicking the right mouse button on the My Computer icon on
the desktop and selecting Manage. Figure 9.4 is a screen shot of the com-
puter management utility.

FIGURE 9.4 Windows 2000 Computer Management
With this management feature you can verify software and hardware
operations. The event viewer will assist in identifying potential problems with
applications, Internet Explorer, security, and system. Figure 9.5 shows errors
generated by the system log. Notice how errors are shown as an X in a circle
graphic in the right pane, while warnings are an exclamation point in a triangle.
FIGURE 9.5 Windows 2000 Event Viewer

Computer Management also will analyze and display system informa-

tion. This includes a system summary, hardware resources, components,
software environment, Internet Explorer, and applications. System infor-
mation provides a clear picture of how the computer is currently running.
Any potential issues can be identified. Figure 9.6 shows the hardware
resources tab expanded. Here information on system resources (IRQ,
DMA, I/O, and system memory) can be seen as well as conflicts/sharing
and forced hardware. Forced hardware is hardware that has resources set
by the user rather than letting the operating system or BIOS determine the
resources.
FIGURE 9.6 Windows 2000 Hardware Resources
A final area in Computer Management, which will assist in upgrade

monitoring, is the Disk Management tab. Disk Management will provide
you with information on hard disks, optical drives, and removable storage
(such as a Zip drive). Information on drive status, size, free space, percentage
used, drive letter, file system, layout, volume, and type can be identified here.
Figure 9.7 shows the Disk Management tab.

FIGURE 9.7 Windows 2000 Disk Management
A final step to performing an upgrade includes removing any old drivers

or software to prevent potential conflicts. Although obvious, the replaced
hardware should also be removed. At times this simple step is overlooked.
Upgrading a 28.8 modem with a faster 56K modem should include removing
the old 28.8 modem. Not only will removing the old modem prevent poten-
tial conflicts with the new modem, but also free up system resources. Remov-
ing old software and drivers will also free up hard drive space.
Once the upgrade has been performed and verified as successful, access to
the server can be restored. This process should be done selectively to ensure
that a smooth transition occurs, as well as verifying that the upgrade has also
been successful from the client side. Ideally, access to the server should be
granted to one group at a time and verified. For example, if there is a sales
group, management group, supplies group, and administration group, access
should be given to one group at a time and confirmed that the upgrade has
been successful before granting access to the second group. Through this
process any potential problems can be isolated and dealt with accordingly. If
access to the entire network is given all at once, any group-related problems
will be more difficult to isolate—and you can expect a bombardment of calls
from all the affected groups.

Documentation
Once everything is returned to normal and the server is fully functional
again, a detailed documentation of the upgrade should be created. This
information can assist at a later date should the need to retrace steps occur.
Also, any issues that came up as a result of the upgrade should be outlined.
This documentation should be kept in a safe location and include the plan-
ning stage as well as all shipping and order invoices. Be sure to outline the
upgrade procedures clearly, including screen shots of error messages and
detailed steps to rectify the errors.
Unsuccessful Upgrades
F or those of you who have experience performing server upgrades,
you know that there are times when the upgrade will fail, regardless of how
much time and preparation went into planning. Hardware and software
upgrades can be unpredictable and when it comes to performing upgrades,
sometimes failure is an option. So at some point you may have to stop trying
to fix a failing upgrade and begin the recovery process.
The effects of a failed upgrade can certainly be minimized by your pre-
planning tasks. This is when you can refer to the backout plan that you
developed. The backout plan is going to tell you how to recover from the
failed upgrade and restore the server to its original state (this maybe through
restoring from a backup tape or reverting back to the original hardware).
The backout plan should also give you an indication as to when it is time to
stop the upgrade and begin restoring the server. For example, if you have
scheduled the server to be unavailable for a specific amount of time and are
reaching the time when it should be brought back online, it is probably time
to stop trying to fix the upgrade and start trying to bring the server online
again. As difficult as it may be, especially after the time and effort that is put
into planning for the upgrade, at some point you will need to make the deci-
sion to cut your losses and start your restore.
One of the most important steps you can take after a failed upgrade is to
document the entire process. All is not lost from a failed upgrade and it
should be looked upon as a learning experience. Document as much of the
upgrade process as possible, such as when it failed, the steps you took to fix
the problem, error messages that were generated, and any other information
that will help you to determine why the upgrade failed. Chances are you will

Maintenance 299
attempt to perform the upgrade again in the future and this information
will useful for troubleshooting.
Planning Future Expansion and Availability

The hardest thing to do is predict the future. When designing and building a
server, you have to try to look to the future. What will the requirements be?
What software will be required? What stress will the software place on the
hardware? A server should be built with the room for hardware expansion,
including expansion slots, room for hard drives, and redundant components.
Even if current financial situations prohibit purchasing of redundant com-
ponents, purchase a server case that will support the addition of redundant
components. Later, when finances are available, redundant components can
be purchased and added.
A key component to build on is the motherboard. Server motherboards
(as covered in Chapter 3) should support multiple processors, large amounts
of RAM, and expansion cards. Having a motherboard that will allow you to
expand will pay off in the long run with ease of expansion and upgrading.
Server upgrading oftentimes is a consistent process. From the beginning
point of assessment, through the component research, compatibility veri-
fication, ordering and installing, and finally returning access back to the
users, it often takes a great deal of time. By the time the process is complete,
there is another area that will require upgrading attention (software, hard-
ware, or operating system).
Maintenance
R egular maintenance on a server ties in closely with upgrading.
Regular maintenance includes monitoring server functionality as well as
performing regular routines to maintain server operations.
Proactive Maintenance
Proactive maintenance is performed to prevent problems from occurring. An
example of a common proactive maintenance activity is cleaning backup tape
drives regularly. By doing this simple activity you can prevent backup failures
due to dirty or magnetized heads on the tape unit.

Other forms of proactive maintenance include monitoring environmental

conditions such as climate (heat and cold) and dust. No computer will per-
form well in environments that are too hot. By monitoring and maintaining
a favorable temperature for your server to work in, you can prevent issues
associated with overheating and premature hardware failure. Dust will accu-
mulate over time in any environment. As these particles collect, they form a
blanket on computer components, which in turn will increase the tempera-
ture within the computer. Dust particles will also, over time, collect on cool-
ing fans and can cause premature fan failure. This has often been the reason
for power supply failure. As the fan in the power supply turns, it draws air
into the power supply and computer. Dust is also drawn in, which accumu-
lates on the fan motor spindle. This will cause the fan motor to squeal and
eventually fail. How to prevent this issue is to use compressed air regularly
to clear dust from the computer. Compressed air comes in cans with a straw-
like attachment. This attachment allows you to position and direct the
high-pressure air into areas that are not easily accessible.
You should only use compressed air designed for computer use. Air compres-
sors will use pressurized air that may contain contaminates such as oils.
Using suction devices such as vacuum cleaners can cause harm by actually
ripping delicate parts off.
Air filters can also be installed over the fan intake grill. These filters trap
the dust particles before they can enter the fan assembly. Since servers nor-
mally contain several fans that move air throughout the server, the use of fil-
ters can be a good idea. These inexpensive devices can prevent dust buildup,
especially in areas that are not readily accessible for cleaning. However, if
you’re going to use them, make sure to change them frequently. The last
thing you want is for them to get clogged up, causing the system to overheat.
Probably the most common known area of proactive maintenance is in
virus protection. Viruses are a threat to any computer, and with new viruses
emerging weekly, they should be taken seriously. Virus protection in a net-
work can be based individually on each computer, or server-centric. Server-
centric virus program are called a virus protection suite. This software offers
centralized protection and updates. The real benefit of a virus protection
suite occurs when the time to update the virus definition comes. A virus
definition is a list of the known viruses that is used by the virus protection
engine to monitor your computer. If the virus program is individually based,

Maintenance 301
this definition will have to be updated on each computer in the network

individually. Virus protection suites are updated on the server, which then
monitors the rest of the network. Depending on the size of your network,
having to update just the server as opposed to every system on the network
can be a huge difference in time. Regardless of the type of virus protection
that you use, it is essential that there is some form of protection in place
and that it is updated regularly. A virus on a server can lead to severe con-
sequences, including data loss and loss of productivity. Imagine a company
such as eBay losing a few days of business because a virus brought its servers
down. It would be a financial nightmare.
Baselines, Monitoring, and Thresholds

Another element of proactive maintenance involves carefully monitoring
your server’s performance. At the beginning of the chapter we discussed the
use of monitoring tools for server performance as it relates to the need for
upgrading hardware and software. Server monitoring is also an effective
means of maintaining a server. Monitoring can provide advanced warning of
performance issues before they lead to larger problems.
Baselines
Baselines are measurements of server performance. This measurement is
taken over a period of time to determine how well a server will handle appli-
cation and stress loads. Based on the information gathered, a baseline of
performance can be set. This will help distinguish acceptable server perfor-
mance from unacceptable performance when the server is operating under
normal and heavy loads.
One of the key tools used in creating baselines in Windows 2000 is the
System Monitor. As discussed earlier in this chapter, the System Monitor
provides a means of visually monitoring how a server is doing. Using the Sys-
tem Monitor to record server performance a baseline is easily created. This
Computer Management feature will even alert you if the performance dips
below the established baseline.
Thresholds
Thresholds are set values similar to baselines; however, with thresholds,
there is an acceptable range of values. This set minimum and maximum
range conforms to a safe operating limit for the computer component.

Thresholds are used to monitor temperature and electrical signals in a UPS.

Should the electricity coming in from the outlet spike or dip below the
threshold ranges, then the UPS will react accordingly. Thresholds can also
be set to monitor resources within the server. CPU load, RAM usage, and
free hard drive space are a few of the commonly monitored areas.
Summary
T his chapter began with defining assessment. Understanding the need
to assess, both as it relates to the need for upgrading as well as system mon-
itoring, is the key to this chapter.
Assessment in the Windows 2000 environment is done through the use
of Computer Management program. Computer Management provides a
means of assessing hardware and software and their interactions with the
operating system.
Upgrades can take on the form of software, hardware, or operating
systems. Although each upgrade is unique, the stages involved in performing
the upgrade can be broken down into three key areas: planning the upgrade,
performing the upgrade, and managing the system after the upgrade. Plan-
ning the upgrade includes determining due dates; researching products and
vendors; confirming compatibility with existing hardware, software, and
operating systems; verifying component delivery; and thoroughly reading all
documentation. Performing the upgrade includes performing a full backup,
being aware of ESD, and actually doing the upgrade as planned. Managing
the system after the upgrade covers making sure that the upgrade was per-
formed successfully, verifying that there are no negative effects as a result
of the upgrade, removing any old hardware or software, returning access to
clients, and finally documenting the details of the upgrade.
Server availability and upgrade failures also need to be considered before
performing an upgrade. When planning for an upgrade, you will need to
assess the business requirements as well as the role the server plays on the
network to determine how much downtime can be afforded. Upgrade fail-
ures are bound to happen, and this is where your preplanning will be useful.
Creating a backout plan prior to the upgrade will help you to recover the
server if indeed the upgrade is unsuccessful.

Exam Essentials 303
Windows 2000 Computer Management also offers a means of visually

monitoring forced hardware and resource conflicts, which are potential risks
to stable server operation.
Planning for future expansions and availability focuses on building a
server to grow with. If planned correctly a server should be upgradable to
meet current as well as future demands. This includes support for redundant
components, multiple processors, and more RAM.
Maintenance is an important element of stable server operation.
Proactive maintenance involves performing tasks to reduce the possibility
of a problem. This includes tasks such as regular tape drive cleaning, using
compressed air to clear dust off internal components, and filters to prevent
dust from accumulating on fan motors.
The use of a surge protector and UPS will protect against potential elec-
trical issues.
Virus protection suites also fall under proactive maintenance. Using a
regularly updated virus program will ensure that the threat posed from
viruses can also be minimized.
Baselines are set values by which performance can be measured. Using the
performance monitor in Windows 2000’s Computer Management program
will assist in creating and monitoring server performance. With an estab-
lished baseline of performance, potential bottlenecks and problem areas can
be identified before they create a serious problem.
Thresholds are similar to baselines, but they monitor more than one
variable. Thresholds identify a range of acceptable performance. Should this
range be exceeded (either higher or lower), an alert is sent out.
Exam Essentials
Know the benefit of monitoring tools. Monitoring provides a means of
watching and assessing server performance.
Know how to use Windows 2000 System Monitor. Be familiar with
the available counters in System Monitor as well as how to add counters
and how to monitor performance.
Know the difference between counter logs, trace logs, and alerts.
Counter logs record information gathered by the performance monitor,
trace logs track changes and actions, and alerts send out a notification
when a threshold is reached.

Know what a bottleneck is and be able to identify where a bottleneck is

located. Bottlenecks are areas where performance is hindered by poor
performance. Windows 2000 offers Computer Management software to
assist in locating bottlenecks.
Perform a risk assessment. A risk assessment identifies all the potential
problems that may occur during the upgrade, the likelihood of them
occurring, and the steps you will take to alleviate their impact.
Be able to determine the requirements for server availability. Server
availability is the amount of time the server is available when users need
access to it. Business requirements and the role the server plays will deter-
mine the required uptime for a server.
Know the steps to planning an upgrade. These include developing an
upgrade plan, researching vendors, verifying compatibility, confirming
parts on arrival, and reading all documentation.
Know the steps in performing an upgrade. Be aware of ESD issues,
perform a full backup, and alert users to the upgrade time.
Recover from a failed upgrade. At some point you will have to stop
trying to fix a failed upgrade and begin the recovery process. Use the
backout plan that you created during the preplanning phase to restore
the server.
Know what a UPS is and how it works. Assess the stress load on a UPS
after an install and determine if it will require an upgrade also.
Know the use of a surge protector. Be able to identify the benefit of
using a surge protector to protect against electrical, telephone, and
network threats.
Know what a software patch and firmware update are. Software
patches help fix issues with software problems; and a firmware update is
an update to software that is specifically embedded in the hardware.
Know the steps to confirming a problem in an upgrade. This includes
identification of the POST, error codes, and error messages.
Know how to create documentation after the install is complete.
Include all steps performed, any problems encountered as well as steps
and solutions taken to resolve them.

Key Terms 305
Know how to assess potential risks both to computer and business.

Risks include any threat that may cause a problem including resource
management, upgrades, Internet connections, and virus.
Know steps in proactive maintenance. This includes regular cleaning,
dust removal, controlling environmental variables, and using a virus
protection suite.
Be able to establish baselines and thresholds. Baselines are measure-
ments of server performance; thresholds are a set range of values. Both
can be set within the computer management feature of Windows 2000,
or through the use of third-part software.
Key Terms
following terms:
alert monitoring
assessment monitoring agents
baseline patches
bottleneck POST (power-on self test)
Counter Logs Monitor server performance
driver signing surge protector
ESD threshold
firmware Trace Logs Monitor
hard shutdown upgrading
HCL (hardware compatibility list) UPS (uninterruptible power supply)
log files virus protection suite

Review Questions
1. Which of the following is not a means of assessing and maintaining
a server?
A. Establishing baselines
B. Reviewing monitoring agents

C. Reviewing log files
D. Visual cues
2. How often should assessment be carried out?
A. Once
B. Weekly
C. Monthly
D. Constantly
3. What Windows 2000 program allows you to assess computer

performance?
A. Diagnostic Monitor
B. Device Monitor
C. System Manager
D. System Monitor
4. What is an alert?
A. A notification of software shutdown

B. A means of setting a threshold on a counter
C. A visual reminder of a problem
D. An error code used by servers

5. What is a bottleneck?
A. A blockage within a software program
B. Locations where performance is hindered due to poor performance
C. The funneling effect of data into one program resulting in software

freezing up
D. A type of virus
6. Which of the following is not one of the three main types of upgrades
that can be performed?
A. Hardware
B. Software
C. Operating system
D. Virus
7. What does the acronym ESD stand for?
A. Electrostatic discharge
B. Electronic system damage
C. Electrical system damage
D. Electron static discharge
8. What does the acronym UPS stand for?
A. Unserviceable power system

B. Uninterruptible power supply
C. Unusable power supply

D. Unstable power system

9. What type of backup should be performed prior to an upgrade?
A. Differential
B. Partial
C. Incremental
D. Full
10. What is a hard shutdown?
A. An abrupt, unplanned loss of power

B. Manually shutting down a computer
C. Completely shutting down a computer
D. Forcefully shutting down software that is not responding
11. What are patches?

A. Small programs that repair or add features to programs
B. Programs that are installed on a server
C. A type of virus
D. Updates to hardware components
12. What is a firmware update?
A. A type of patch
B. Software updates for hardware components

C. A branch of software used on a server
D. A dedicated software program for hard drives
13. Operating system updates are available for which of the following
server operating systems?
A. Windows
B. NetWare
C. Unix
D. All of the above

14. What is the purpose of establishing a server baseline?
A. A baseline will help to determine what is a normal level of perfor-

mance for a server.
B. A baseline will assist you in determining if the planned upgrade
will actually work.
C. A baseline will determine how long the server will be down during
an upgrade.
D. A baseline will determine the amount of server availability that a
business requires.
15. Mike is doing a software upgrade to a server. He’s done installing the
software and testing the server and is just about ready to put the unit
into production. What one last item should he take care of before
making the server a production server?
A. Download and apply any service patches.
B. Download and apply any NOS upgrades.
C. Obtain a baseline of the computer.
D. Add any necessary service tools that weren’t initially installed.
16. What is one way you can ensure that you will be able to recover a
server from a failed upgrade attempt?
A. Read the technical information associated with the upgrade.
B. Back up the server before beginning the upgrade.
C. Test the upgrade in a controlled environment.

D. Identify all the associated risks.
17. Users on the network have been complaining that one of the servers
has been very slow lately and seems to be getting worse as the weeks
progress. What is your first step in alleviating the problem?

A. Perform an upgrade at once.
B. Leave the server as it is and see if the problem persists.
C. Take the server offline immediately.
D. Start monitoring the server’s performance and comparing it

against your baseline.
18. How do you access Computer Management in Windows 2000?
A. Through control panel

B. By right clicking on My Computer
C. Through the My Documents folder
D. In the Program Files folder
19. What does POST stand for?

A. Pre-operating system test
B. Power-off system test
C. Power-on self test
D. Pre-on self test
20. What is the final step in upgrading?
A. Turning the server back on
B. Granting user access to the server
C. Verifying that the install was successful

D. Documenting the install


1. D. Visual cues are not a commonly used method of assessing and
maintaining a server as normally there is no user constantly sitting at
a server.
2. D. Assessment should be an ongoing process by which server perfor-
mance is monitored. This will ensure that any gradual performance
degeneration can be dealt with.
3. D. System Monitor is the Windows 2000 based program that allows
you to assess computer performance.
4. B. Alerts are a means of establishing a threshold on a counter. When
the threshold is reached an alert is sent out to notify of the problem.
5. B. Bottlenecks are spots where performance is hindered due to
poor performance. This can commonly include RAM, processor,
or software.
6. D. Hardware, software, and operating system are the three major
types of upgrades that are performed.
7. A. ESD is the acronym for electrostatic discharge. In this context it
is the transfer of static electricity from human contact to computer
components.
8. B. A UPS is an uninterruptible power supply. It provides battery
backup in case of electrical failure.
9. D. A full backup should be performed before undertaking any
upgrade. This will ensure that, if there is a problem, all the data is still
safe on a backup.
10. A. A hard shut down is an unexpected, unplanned loss of power. It
can result in both data and software errors and should be avoided.
11. A. Patches repair or add features to existing programs. They are
located at software manufacturers’ websites.
12. B. Firmware updates are updates for hardware that contains a BIOS.
This includes RAID, SCSI, and motherboards.
13. D. Updates are available for all operating systems. They can be
located at the manufacturer’s website.

14. A. A server baseline is used to track server performance over time

and is later used for comparison to pinpoint bottlenecks.
15. C. Mike should run a baseline on the computer so he has a feel for its
pristine state characteristics. He will run performance-monitoring
software and capture the performance statistics off to a file for later
retrieval and review. This will aid him greatly should there be a prob-
lem with performance when the server goes into production.
16. B. Backing up the server’s operating system, applications, and data
will ensure that the server can be restored in the event that the upgrade
does fail. Remember to test the restore process before doing the
upgrade.
17. D. There is a fine line between a computer being slow and a com-
puter being broken. Compare it to the baseline and see if the users are
correct or are just thinking it’s slower. Once you have data, then you
can act.
18. B. You access Computer Management by right-clicking My Com-
puter and selecting Manage.
19. C. POST is the power-on self test. It is performed at system startup.
20. D. The final step in any upgrade should be documenting all the
details of the installation.

Chapter Hardware Updates

THIS CHAPTER:

processors, memory, internal cables, etc.)
Install UPS
subsystems, modem, rack, etc.)
3.3 Add hard drives

Verify that drives are appropriate type
Add drives to array
operating system
latest test drivers, OS updates, software, etc.; Review FAQs,
that the upgrade has been recognized; review and
baseline; document the upgrade.

obtain latest test drivers, OS updates, software,
etc.; review FAQs, instructions, facts and issues;
test and pilot; schedule downtime; implement
using ESD best practices; confirm that the upgrade
has been recognized; review and baseline; document
the upgrade.

the upgrade.

Verify appropriate system resources (e.g., expansion
slots, IRQ, DMA, etc.)
the upgrade.

the upgrade.

3.10 Upgrade UPS
the upgrade.

A s network environments change, so must servers. Situations
will change and servers will need to be upgraded to meet the new demands
being placed on them. All too often servers are installed and configured and
then forgotten. The common phrase “if it is running fine then leave it alone”
does not apply to all situations, especially servers. As a server administrator,
you will undoubtedly need to perform a hardware upgrade to a server.
Chapter 8, “TCP/IP,” looked at the general steps to take when performing
any upgrade—hardware or software. Now we will look more closely at com-
mon hardware upgrades. Knowing how to upgrade hardware is important
for the Server + Exam and for your on-the-job success.
Before Upgrading
B efore you perform a hardware upgrade, you need to do a little
planning:
Research the proposed upgrade to determine whether it is, in fact,
what is needed to improve the network performance.
Read the documentation thoroughly before beginning the upgrade.
Make sure you are familiar with each step in the process.
Make sure the hardware you choose is supported by the operating
system running on the server.
Be prepared to comply with ESD (electrostatic discharge) best prac-
tices, including the use of antistatic bags, and ESD wrist straps and
mats to prevent static charges from damaging delicate hardware com-
ponents. ESD damage is a serious threat to computer hardware and
can lead to hardware operation problems.

Adding a Processor 317
If the upgrade requires taking the server offline, plan a convenient time
to do this and notify your users in advance.
Adding a Processor
O ne of the most common components to be upgraded in a server is
the processor, whether you are upgrading a single processor or upgrading to
multiple processors.
In some cases you might be better off upgrading to a new server rather than
just upgrading the processor. This will depend largely on whether or not your
server’s motherboard supports current technologies.
The first thing to determine is whether a processor upgrade is going to

solve the performance problem—whether it’s the component that actually
needs to be upgraded. Using a tool such as Microsoft’s System monitor,
assess the processor’s performance under the current workload.
If you determine that a processor upgrade is necessary, you’ll need to do
some research on the motherboard itself. The type of processor you upgrade
to will depend on what your current motherboard can support. You can’t
just take any CPU and place it in the slot or socket on the motherboard
expecting it to work. Motherboards are limited to certain versions of CPUs.
So before you go out and spend the money on a faster processor, make sure
that the motherboard can support a faster processor. Examine the mother-
board documentation to determine the maximum speed the motherboard
supports.
The physical layout of the board (socket or slot) will also impact the CPU
upgrade. For example, you wouldn’t be able to use a socket 7 design with a
socket A design. Or if you plan to upgrade to Intel’s P4 chip, which comes
with a 423-pin design, the motherboard might have to be upgraded as well
(a 387-pin design will obviously not support a 423-pin chip). Supporting a
new processor might require a BIOS upgrade too (BIOS upgrades are dis-
cussed later in the chapter). Some motherboards will not work reliably with
the new processor until a BIOS upgrade is done.
Another aspect to consider is the cooling fan and heat sink currently used.
If you plan to upgrade the processor, make sure that the cooling fan and heat
sink will provide sufficient cooling. A processor upgrade will usually come

318 Chapter 10 Hardware Updates
with a new fan and heat sink, but even if you need to buy them, the cost will
be small compared to possible losses from overheating. Fans and heat sinks
tend to have a short life span. Check with the manufacturer as well because
using a fan and heat sink that have not been tested with the processor may
mean that your warranty on the new CPU becomes void.
As with any other upgrade, begin by reviewing the documentation that
comes with the hardware for procedures on how to add the component and
perform a full backup of your server.
Performing the Upgrade

The following steps outline the general process in upgrading to a new
processor—the specific steps you take will follow the manufacturer’s
documentation. Make sure you adhere to ESD best practices.
1. After you’ve performed a full system backup and verified that it was
successful, turn off and unplug the server.
2. Remove the cover from the server and unplug and remove the CPU fan
and the heat sink (make sure you are properly grounded).
3. How you remove the old processor will depend on whether it has
a socket or slot design. With a socket design, release the lever to
remove the old processor. A slot design will probably use some form
of release mechanism on either side or both sides of the processor.
Either way, if you are unsure of how to remove the processor, consult
the documentation.
4. Install the new processor according to the documentation and attach
the CPU fan and heat sink.
5. After the new processor has been installed, a newer motherboard
should automatically detect its speed. An older motherboard might
not, so you will have to manually configure the BIOS or the jumper
settings.
Make sure that you correctly insert the processor. Be very careful to seat the
pins correctly before applying pressure; the pins bend easily. Make sure pin 1
on the new chip is plugged into the pin1 socket. Turning the server back on
while the chip is inserted incorrectly can permanently damage both the
motherboard and the processor.

Adding a Processor 319
Troubleshooting
The most common problem you will face when troubleshooting a newly
installed processor is the server’s failure to start. If this is the case, you will
need to put your troubleshooting skills to work and determine where the
problem lies. Start with these procedures:
Check to see that the newly installed processor is properly seated in
the socket or slot.
Check the documentation to verify that the jumper settings are prop-
erly configured.
Remove the processor to make sure that none of the pins are damaged.
Check whether a BIOS upgrade needs to be performed.
Check the manufacturer’s support site to see if there are any known
issues.
If all else fails, you still have the old component to fall back on. Reinstall
the old processor—if the server starts, then the new processor is probably
faulty and needs to be returned to the manufacturer.
After you determine that the upgrade has been successful, start baselining
again to ensure that the new processor is meeting your performance expec-
tations as well as the required demands.
Multiple Processors
A processor upgrade might very well include upgrading from a single pro-
cessor to a multiprocessor or upgrading multiple processors in a system.
In today’s server environments, most servers are indeed multiprocessor sys-
tems. Your first consideration will be whether or not your operating system
and motherboard support multiprocessors.
The chip itself must also support symmetric multiprocessing (SMP).

Stepping
Another consideration in multiprocessor upgrades is processor stepping.
Stepping is similar to version numbers: as updates are made to chips, the
version numbers change. You’ll want to consider processor stepping partic-
ularly when upgrading a single processor system to a multiprocessor one.
Mixing processor steppings does not always work well if it works at all. The
general rule of thumb is one stepping (revision) between CPUs is acceptable.
Information on stepping compatibility can be located from the manufac-
turer’s website. Try to purchase a chip with the same stepping, although if
you are dealing with an older chip this may be difficult. Some operating sys-
tems will be more tolerant when mixing steppings than others will be.
CPU Speed and L2 Cache

Two other considerations when upgrading a server to a multiprocessor sys-
tem are the CPU speed and L2 cache. The speed of the new chip must match
the speed of the existing chip. A CPU running at 200MHz cannot be paired
up with a CPU running at 700MHz. Also, the size of the L2 cache must
match. If the current CPU has a 250L2 cache, the processor to be added
must match this.
Adding Hard Disks

M ost servers can support multiple hard disks (also commonly called
hard drives), which are frequently upgraded in a server. One reason for
upgrading a hard disk is to gain increased disk space. A file server or a print
server can quickly run out of hard disk space, making an upgrade to a larger
hard disk or multiple hard disks necessary. An upgrade also could be done
to take advantage of faster data transfer speeds in newer hard disks. What-
ever the reason for the upgrade, there are certain steps that will need to be
performed.
Your first step in upgrading will be to determine whether you are dealing
with SCSI or IDE hard disks because this will impact which type of disk
you purchase and the procedure for installing it.

Adding Hard Disks 321
Upgrading SCSI Hard Disks

Several things need to be considered when upgrading or adding a SCSI
disk. Be aware that SCSI disks can give off plenty of heat; if you are installing
multiple SCSI disks, appropriate cooling needs to be considered. Make sure
that your system can provide adequate cooling for the number of disks you
install. Also, before going out and purchasing new SCSI disks, keep in mind
that they should match the speed of any existing SCSI disks in the system
(your slowest RPMs are also your fastest).
As with any SCSI device, a hard disk must be assigned a unique SCSI ID
(different from all other SCSI devices on the bus). The SCSI ID can be set
using the jumpers on the hard disk (refer to the manufacturer’s documenta-
tion). If there are already SCSI devices in the server, you will need to deter-
mine which IDs are available. If there is already a primary disk within the
server, set the SCSI ID to a number that is higher than that of the boot disk.
If you are replacing an existing SCSI disk, the new disk can usually be con-
figured with the same SCSI ID as the one being replaced.
Some SCSI IDs will not be set using the jumper pins. For example, if you are
adding a SCSI disk to an existing hardware RAID implementation, the RAID
system itself will assign the disk an ID.
Termination also needs to be considered. Most SCSI devices are now self-
terminating but you will need to consult the manufacturer’s documentation
to determine this (there may be a termination jumper pin that needs to be
set). Usually the SCSI adapter and the last disk on the chain are terminated.
Troubleshooting SCSI Disks

The following are some general troubleshooting tips for when problems arise
with the installation of a SCSI disk. Consult the manufacturer as well
because they will more than likely have an extensive knowledge base of
known issues.
Verify the SCSI ID has been set correctly. If you encounter a problem
referred to as phantom disk, where the disk can be seen but not read
from or written to, then the new disk was probably configured with
the same SCSI ID as another device.

Verify that the devices have been properly terminated.

Verify that the cables have been properly connected. Also verify that
the cables are not defective.
In some cases the installation may actually have a driver problem as
opposed to a hardware problem.
Pinpointing the Problem
I remember setting up two servers in a cluster configuration, where both

servers were connected to a single external SCSI hard disk. A process that
should have taken a few hours turned into a few days because only one of
the servers could see the external disk. After verifying that the SCSI IDs
were set properly (several times over), not so carefully examining the
cables, and removing and reinstalling the drivers, I finally detected the
problem that had caused days of stress and headaches—a pinhole puncture
in the controller cable.
Upgrading IDE Hard Disks

Configuring IDE devices tends to be simpler then SCSI devices, but you are
more likely to be working with SCSI disks in a server environment. In any
case, you should still be familiar with the IDE upgrade process for the exam
and for on-the-job success. As with all hardware upgrades, you will use the
specific procedures outlined by the manufacturer. The following steps are
intended as a general outline of the things that need to be considered during
the upgrade process.
One of the most important considerations when upgrading IDE disks is
the master/slave relationship. If a single IDE disk is being upgraded, the new
disk will be configured as a master. If a second disk is being added to the sys-
tem for storage purposes, the original can be left as the master and the new
one designated as a slave. If the new disk will function as the main disk, then
it will be designated as the master and the existing one as the slave. Before

Increase Memory 323
physically installing the disk, set the jumpers to establish the master/slave
relationship using the manufacturer’s documentation.
If you are installing a second drive from a different manufacturer, verify its
compatibility with the existing drive. Also, to save yourself some headaches,
make sure there is adequate cabling before actually beginning the upgrade.
Once the jumpers are set, the drive can be mounted into an empty bay and
the IDE cable attached to the new drive, making sure that pin 1 of the cable
is matched up with pin 1 on the drive. Once the drive has been installed, the
server can be restarted. Most servers will autodetect the drive, but you
should enter the system’s BIOS to ensure that the new drive is listed. The
drive should also be listed during the bootup process if it has been installed
correctly. Your final step will be to format and partition the drive; how you
do this will depend on the operating system installed.
Troubleshooting
Troubleshooting an IDE upgrade can usually be resolved by answering these
questions:
Does the current BIOS support the size of the hard disk? (If not, a
BIOS upgrade will be necessary.)
Has the master/slave relationship been properly configured?
Is the cable properly connected? Has pin 1 on the cable been matched
to pin 1 of the hard disk?
Is the power connected?
Increase Memory
Operating systems and software applications have RAM (random-
access memory) requirements that must be met before the software will run
properly. It seems as though each new software release needs more memory

than the one before. This is probably the main reason to upgrade the server’s
RAM. Fortunately, memory is one of the easier upgrades to perform. The
first things you want to check are the available space in the server to add
more RAM and the type of RAM currently installed. For example, if the sys-
tem supports up to 512MB of RAM and there is already 256MB installed,
obviously the maximum you can add is another 256MB. Before purchasing
RAM, answer the following questions:
How much more RAM can the server support? This can quickly be
determined from the server’s documentation or from the manufac-
turer’s website.
What type of RAM (SIMMs [single in-line memory modules]
or DIMMs [dual in-line memory modules]) is currently installed
in the server? (Do not mix EDO and non-EDO RAM or ECC and
non-ECC RAM.)
What is the speed of the existing RAM? (The RAM that you add to
the computer must match the speed of the existing RAM.)
What type of contacts are used? (DIMMs use gold for all contacts but
SIMMs can use tin or gold. Be sure the new RAM uses the same metal
as the existing RAM.)
Once you have determined the amount of RAM that can be added and
the specifications of the installed RAM, you are ready to make the purchase.
When purchasing new RAM, it is always recommended that you buy from
a reputable manufacturer. If you do decide to purchase off-brand RAM,
make sure you read the server’s documentation first to ensure that doing so
will not void your warranty. Keep in mind that some servers require the
RAM (usually SIMMs) be installed in pairs, but you can verify this through
the server’s documentation.
Make sure to check off-brand RAM for compatibility with your current system.
When you are ready to install RAM in the server, power off the server and
disconnect the power to the motherboard (you may need to disconnect a few
cables to get to the socket). Remove the existing RAM and install the new
memory module. It is fairly straightforward to do since the module can fit in
only one way.

BIOS/Firmware Updates 325
After you perform the RAM upgrade, you may get an error message during
the POST informing you of a mismatch error. Don’t panic yet: Simply go
into the BIOS and verify that the new RAM is recognized, restart the server,
then save the changes and exit. This should clear the error message.
Troubleshooting
The following are some general things to consider when troubleshooting a
RAM upgrade:
Is the RAM properly seated and inserted all the way into the socket?
Try placing the RAM into a different socket.
Does the server boot with the old RAM alone?
Does the server boot with the new RAM?
Does the new RAM meet all the requirements to co-exist with the
original RAM?
Consider that the RAM may be faulty.
Once the RAM is successfully installed, server performance can be tuned

through the operating system or applications.
BIOS/Firmware Updates
Firmware (as discussed in Chapter 3, “Motherboards and Proces-
sors”) is software that controls hardware. Firmware updates on a server
include SCSI controllers, RAID controllers, tape drives, and CMOS BIOS.
Although other hardware devices have firmware, these four are the most
common firmware updates. When installing firmware updates be sure to
obtain the software from the product manufacturer. The potential risks of
component damage or inoperability should be a deterrent enough to not

download firmware updates from just any Internet site. Manufacturer’s sites
design and verify firmware updates specifically for their products. By down-
loading from the manufacturer’s site, you can reduce your risk.
One of the most common upgrades will be to the CMOS BIOS. Most
mainboards now use a flash ROM that can be reprogrammed countless
times using a flash utility. This means all you have to do is run an update util-
ity to upgrade the BIOS and the software will make all of the necessary mod-
ifications. You will need the make and model of the mainboard and the
revision number to locate the correct flash update and utility from the man-
ufacturer’s website. The download should contain data files, a flash utility,
and a Readme file. Flashing is not the only way to upgrade the BIOS but this
is the most common method with newer servers.
Make sure you download the correct BIOS update for your server. Flashing
the BIOS with the incorrect upgrade can leave your server unbootable.
A firmware upgrade can potentially leave your server unbootable so, like
any other upgrade you perform, a full system backup should be done before
proceeding. Also before upgrading the firmware, make sure to document
the current CMOS settings. Since some flash utilities clear the CMOS RAM,
you may need to restore some of your CMOS settings after the upgrade
is complete.
Applying a CMOS Upgrade

The following steps outline the general procedures for upgrading a system’s
BIOS. The exact procedures you follow will be guided by the manufacturer’s
documentation and may therefore vary slightly from those outlined below.
1. Download the upgrade from the manufacturer’s website. It’s a good
idea to download the current version as well if you don’t already have
it in case you need to go back to it. Some flash utilities will have an
option to back up the current BIOS. If the option is there, use it.
2. Most BIOS upgrades will include a Readme file. Review the contents
to determine how to upgrade the BIOS. Keep in mind that each man-
ufacturer will have its own procedures.
3. Create a bootable floppy disk (if required) and download the BIOS
update onto the floppy. In most cases it will be a zipped file and will
need to be decompressed to your floppy.

BIOS/Firmware Updates 327
4. Restart the server using the floppy and start the upgrade as outlined in
the manufacturer’s instructions.
5. Once the upgrade is complete, remove the floppy and restart the
server. The new BIOS version should be displayed on the screen.
Proceed to the CMOS settings and reconfigure your parameters.
Again these steps are going to vary by manufacturer. Some may require the
CMOS settings to be cleared and others may require power to be removed
from the motherboard after the upgrade for a short period of time. This is why
it is important to carefully review the Readme file. If the upgrade is carried out
incorrectly, your server may be unbootable in the end.
Troubleshooting a CMOS Upgrade

If the upgrade was unsuccessful, you might hear one or more beeps as your
server starts up. Refer to the manufacturer’s website for error messages asso-
ciated with the beeps.
If the flash process was interrupted, your BIOS will only be partially
programmed or may now be corrupt. If this is the case you will need to con-
tact the manufacturer for a replacement BIOS chip (you may even be
replacing the entire motherboard).
If the BIOS update appeared to be successful but the system behaves errat-
ically and error messages appear, the wrong BIOS version has been installed
or it is corrupt. In either case, repeat the process to restore the original ver-
sion. If this restores the system to normal, verify that you downloaded the
correct BIOS for your server and repeat the upgrade.
If the system performs poorly after the new BIOS is installed, verify the
CMOS settings and make the necessary adjustments (you should have writ-
ten down the CMOS settings prior to performing the upgrade).
The motherboard is not the only hardware component with a BIOS. Other
components such as SCSI cards and tape drives have firmware that at some
point might need to be upgraded as well. Although there is a good chance an
upgrade of these components will never be necessary, you should still be
aware that they do exist. An upgrade might need to be applied to correct a
firmware bug, improve performance, or take advantage of new features.
Check the manufacturer’s website for the latest BIOS upgrades and proce-
dures on how to include them.

Replace the UPS

Depending on the hardware upgrade being performed, there might be
an impact on the system’s power consumption. For example, installing
redundant components within a server might require upgrading of the power
supply and/or the UPS. All servers should be connected to a UPS (uninter-
ruptible power supply). A UPS is a battery system that conditions incom-
ing power and maintains power to the server in the event of an electrical
failure. The battery is connected between the server and the electrical outlet.
When there is a power failure the battery system will run the server and any
other devices connected to the UPS for a period of time. Depending on the
size and strength of the battery system, a UPS may support minutes to hours
of power.
Software is available that will interface between the UPS and server allow-
ing for alerts and remote notification that the server is running off battery
power. Another key feature that UPS software provides is a shutdown option
for the server. If the electrical power is not re-established before the battery
runs out, the software will alert users, close all software programs that are
running, and then power down the server operating system. This prevents
the hard shutdown that occurs when power fails and all open programs
including the operating system are abruptly shut down. Hard shutdowns can
cause loss of data as well as program corruption. If the UPS that the server
is currently using is underpowered, then an upgrade to the UPS will also have
to be made. UPS software also monitors the power load being placed on the
UPS battery. If the load exceeds the recommended battery load, then the UPS
should be upgraded. Any time a hardware upgrade is performed, the UPS
load should be checked to confirm that it is capable of handling the stress of
the added component.
Working in conjunction with a UPS should be a surge protector. Some
manufacturers combine both a UPS and surge protector in one, but it is
advisable to purchase a dedicated surge protector. A surge protector has a
built-in circuit breaker that will trip should a spike of electricity arrive. This
prevents the momentary increase in electricity from damaging the computer.
Many surge protectors offer modem and network protection along with elec-
trical protection. This ensures that any potential damage traveling down a
telephone or network line will be caught before it can reach the computer.
All sensitive equipment should be protected by a surge protector (including
computers, printers, fax machines, and networking products).

Upgrading Adapters 329
Upgrading Adapters
Upgrading adapters can include network interface cards, RAID con-
trollers, and SCSI cards. The upgrade may be in the form of a firmware
upgrade or replacing the old adapter with a new one. Either way, the pro-
cess of upgrading an adapter is fairly straightforward. If it is relatively
new hardware you are dealing with, you will probably be looking at a
software upgrade. If you are dealing with legacy hardware that is becoming
a bottleneck and performing poorly, chances are you will be looking at a
hardware upgrade.
Network Adapters
One of the most common adapters to be upgraded is the network adapter. In
most cases it is a fairly straightforward process, except of course when the
card is installed and doesn’t work. Then your troubleshooting skills once
again come into play.
When upgrading your network adapter, begin with a visual inspection of
the server and determine the type of slots available. Chances are you will be
using a PCI network card so you need a PCI slot available. You also want to
avoid resource conflicts, so determine what IRQs, I/O addresses, and mem-
ory addresses are available. Tools such as Microsoft’s Device Manager can
be used to determine what resources are available.
Install the network adapter (using ESD best practices) by removing the
metal plate if necessary and inserting the card. Once the card is seated all the
way into the slot, it should be secured using a screw. Not doing so may result
in the card creeping out of the slot and no longer working (or worse, causing
a short inside of the server). Once the NIC is installed and the server is reboo-
ted, you should verify that the link light on the card is lit.
Some NICs will come with diagnostic software that you can use to test that the
NIC is functioning correctly. The software can verify that the different compo-
nents on the NIC are functioning and can also provide diagnostic reports. The
software diagnostics can test network connectivity. If you don’t have diagnos-
tic software, one of the simplest tests to make sure the NIC is functioning is to
log onto the server from a client desktop or, if you are running TCP/IP as the
protocol, you can use the PING utility. If you are unsuccessful in pinging a
host, check the IP address, the speed the network card is set to, and verify that
it is not having a resource conflict with another device.

Summary
In this chapter you learned about some of the common hardware upgrades
that are often done to a server. CPUs, hard disks, and memory are the three most
common components to be upgraded in a server to improve performance.
All motherboards have limitations so, when upgrading a processor, con-
sult your documentation to determine the maximum speed supported by the
board. Also consider the design of the board—determine whether it is a slot
or socket design; this will impact on the type of chip your purchase. If you
are upgrading to multiple processors, keep in mind that the recommended
stepping between processors is one step.
When upgrading hard disks, begin by determining whether you will be
dealing with IDE or SCSI disks. If you are dealing with SCSI, you need to pay
attention to termination issues and the SCSI ID assigned to the new device.
With IDE disks you need to pay attention to the master/slave relationship.
Before going ahead and increasing the memory in a server, you need to
first assess the RAM that is currently installed. Consider how much memory
can be added and the type and the speed of RAM already present. The type
of RAM you choose should be supported by the manufacturer; some war-
ranties will be void if RAM from another manufacturer is used.
Firmware updates are applied to fix bugs and to take advantage of new
technologies. Two most important things to keep in mind are to download
the correct BIOS version for your system and to make sure not to interrupt the
flash process; interruptions can leave your system unbootable.
A UPS upgrade can involve upgrading the UPS battery, upgrading the UPS
software, or replacing the entire system with a new one.
Once a server has been installed and configured, it needs to be monitored
and maintained on a regular basis to ensure it continues to perform optimally
over time.
Exam Essentials
Know the general procedures to use when upgrading hardware. There
are some best practices (such as ESD) that should be adhered to when per-
forming the upgrade of any hardware component.
Know what to look for when upgrading a processor. Understand the
different things to check for when upgrading a processor or adding an
additional processor to a multiprocessor system.

Key Terms 331
Know how to upgrade a hard disk. Understand the difference in

upgrading an IDE disk as opposed to a SCSI disk. Each type of upgrade
has specific issues that you must consider.
Know how to perform a memory upgrade. Understand the general
steps involved in performing a RAM upgrade and what things to check
for before purchasing RAM for a server.
Know when to apply a BIOS update. BIOS updates can be applied to
fix known bugs or to take advantage of new technologies; not all revisions
need to be applied.
Know how to locate a BIOS update. BIOS updates can be located from
the manufacturer’s website. Make sure the BIOS applied is the correct
revision for your server.
Know how to apply a BIOS upgrade. Understand the general steps in
performing a flash upgrade.
Key Terms
following terms:
BIOS SCSI (small computer system

interface)
contacts SCSI ID
firmware slot
flash utility socket
hard shutdown stepping
IDE (intelligent drive electronics) surge protector
jumpers termination
master/slave relationship UPS (uninterruptible power
supply)
RAM (random-access memory)

Review Questions
1. It has become clear that your server needs a firmware update. You are
debating when to apply this update. Which is your best option?
A. During lunch when very few users are accessing the server.
B. During the middle of the workday.

C. The Friday night before you leave on vacation.
D. During the weekend.
2. A colleague comes to you, the lead technician, and says she noticed on
the hardware vendor’s website that there is a new firmware upgrade
available for your server. She thinks you ought to apply it. What will
you do? (Select all that apply.)
A. Apply the upgrade at once.
B. Check out the Readme that comes with the upgrade.
C. If your system is suffering symptoms, apply the update.
D. If your system is not suffering symptoms, keep the upgrade handy

but don’t apply it yet.
3. Name some limitations that you may encounter when considering

converting a server from a single processor to a multiprocessor system.
A. Lack of enough SCSI IDs
B. Lack of open IRQs
C. NOS limitations
D. Bus limitations
4. Which of the following are considerations when deciding whether

to implement multiprocessing? (Select all that apply.)
A. Will the OS support multiprocessing?
B. Will the motherboard support multiprocessing?

C. The maximum processor speed can’t exceed 1.2GHz.
D. The processor(s) must support symmetrical multiprocessing.

5. When applying a firmware upgrade, which of the following should

you do? (Select all that apply.)
A. Make sure you have all software and hardware components
necessary to perform the upgrade.
B. Download the upgrade.
C. Make sure you know how to reverse the procedure in case some-
thing goes wrong.
D. Read the Readme to find out what is involved with the upgrade.
E. Keep the server online throughout the entire procedure so users
have access to their data.
6. Monica is a network administrator who has been assigned the task of

upgrading the hard disks in an older server that has been running for
two years now. There is little documentation available for this server.
What two things must Monica immediately determine before she can
go forward with her hard disk replacement?
A. The number of disks in system
B. The serial number of the hard disks
C. The SCSI IDs of all the hard disks
D. The master/slave relationship
E. The type of hard disks that are in the computer
7. You’ve recently changed out your server’s IDE hard disk with a new
one but you can’t seem to get the hard disk to come up and be recog-
nized. There is an IDE CD-ROM in the system as well. What could be
the problem? (Select all that apply.)
A. BIOS doesn’t recognize the correct cylinders and heads.
B. CD-ROM is set to be master.
C. CD-ROM and hard disk are both set to be slave.
D. Termination jumper on hard disk isn’t set.

8. You need to upgrade the firmware in your server. What is the most
likely scenario for you to proceed with your upgrade?
A. Power the server off and upgrade the firmware.
B. Upgrade the firmware with the server operational.

C. Disconnect all users, but leave the server running to upgrade the
firmware.
D. Power the server off, replace the motherboard, and then bring the
server back up.
9. What is likely to be your best source of information about the tasks the
firmware upgrade will accomplish and how long it will take?
A. The website at www.firmware.com
B. The documentation that came with the server
C. The documentation that came with card
D. The documentation that came with the rack
E. The Readme file that came with the firmware upgrade
10. What are the hardware considerations when upgrading a computer to

a multiprocessor (SMP) system? (Select all that apply.)
A. The processor stepping.
B. The CPU clock speed.
C. The motherboard support for SMP system.

D. L2 cache on both the existing and new processor.
11. Which of the following should you consider when troubleshooting the
installation of a SCSI disk?
A. Master/slave relationship
B. SCSI IDs
C. Termination
D. Cables

12. Bonnie is attempting to add some system memory to a server. The

system’s bus accepts 72-pin DIMMs. Bonnie is attempting to add one
new DIMM to the existing system. After she adds the new memory she
gets no errors, but the computer doesn’t recognize the new memory.
What could be causing the problem? (Choose all that apply.)
A. Incorrect speed on new DIMM.
B. Brand of DIMM isn’t compatible with rest of architecture.
C. Incorrect capacity of new DIMM.

D. Current DIMMs aren’t ECC.
13. Suzanne is working on a server that has four slots in it for DIMMs.
Two of the slots have 64MB DIMMs in them already. Suzanne wants
to add a 128MB DIMM, giving the system 256MB of total system
memory. When she adds the DIMMs, the power-on self-test memory
count shows the full 256MB but she now gets an error telling her to
adjust the BIOS. What could be the problem?
A. Nothing’s wrong.
B. Can’t pair DIMMs of different capacities.
C. First two DIMMs are ECC DIMMs, new one’s not.
D. First two DIMMs are silver-tipped, new one’s not.
14. You have a server that is RAM-starved. You purchase a DIMM from
a reputable memory manufacturing company, install it, and find that
the system won’t boot up. What could be the problem? (Choose all
that apply.)
A. The type of memory you bought isn’t supported by the computer
manufacturer.
B. System requires DIMMs to be installed in pairs.
C. You’ve exceeded the system’s memory capacity with the DIMM

you’re adding.
D. System BIOS needs to be adjusted.

15. When you are upgrading a system to a multiprocessor system, what is

the acceptable level of stepping between processors?
A. One step
B. Two steps
C. Three steps
D. Four steps
16. Which of the following should be considered when performing a

RAM upgrade? (Choose all that apply.)
A. Type of RAM installed
B. Amount of RAM supported
C. RAM stepping
D. Motherboard design
17. One of Wendy’s file and print servers has a very old Future Domain
SCSI I adapter in it and she thinks that by replacing the adapter she
can enhance the throughput of the disks and speed up the computer’s
operation. What are some concerns that Wendy must keep in mind as
she considers the upgrade?
A. Updated cabling
B. IRQ issues
C. Memory I/O concerns
D. Updating new card’s BIOS
E. PCI slots in server
18. How will you know when your computer needs a firmware update?
(Choose one best answer.)
A. Keep an eye on the hardware vendor’s website for release of
updates.
B. The hardware vendor will notify you by mail.
C. Your server will notify you via a message during a cold system
restart.
D. The server’s log file will indicate that firmware is out of date.

19. Luigi is going to add a second IDE hard disk to his server. He has a
Seagate 7.6GB hard disk in the system now and intends to install a
Maxtor 14.2GB to the computer. Besides the master/slave relationship
he has to be concerned about, what are some other issues?
A. Compatibility of vendors
B. Checking for adequate cabling
C. Other IDE devices already in the system
D. Termination jumpers
20. You suspect that your server is RAM-starved so you order some more
RAM sticks and add them to the system. You’re startled to find out
that the OS doesn’t report the additional memory. What could be the
problem? (Select all that apply.)
A. Incompatibility in the RAM chips.
B. RAM is faulty.
C. OS can’t work with that much RAM.
D. CMOS hasn’t been updated with new RAM numbers.


1. D. Even if you think it will take just a few minutes to apply a firm-
ware upgrade, you should leave yourself plenty of time. Don’t rush off
when you are done. Stick around and make sure the server is operating
within specifications and nothing unexpected is occurring.
2. B, C, D. You will want to check out the Readme for relevant infor-
mation. Then, if you decide that your system is suffering symptoms,
apply the update. If your system seems unaffected, keep the upgrade
handy but don’t apply it yet.
3. C, D. You don’t have to worry about SCSI IDs or IRQs when
considering upgrading a single processor system to a multiprocessor
unit. However, you do have to concern yourself with the question of
whether you have another processor slot in the system and whether
your NOS will work with the second processor when you install it.
Not all NOS systems are multiprocessor-aware.
4. A, B, D. In order to have a server support multiprocessing the
operating system, motherboard, and processor(s) all must support this
feature. This will ensure that full advantage of the multiprocessor
environment can be achieved.
5. A, B, C, D. In order to conduct a firmware upgrade, you must down
your server, so it will be out of service, at least for a short period of
time. Make sure you do all four procedures (A through D) before
scheduling the outage.
6. A, E. Monica must first determine how many hard disks she’s replac-
ing and what type they are—SCSI or IDE. Once she knows what type of
disks she’s dealing with, she can ascertain their SCSI IDs or the master/
slave relationship. She should also ascertain the speed of the disks, if
SCSI. Most disk and schematic information is available on the manu-
facturer’s website.
7. A, C. Typically, new IDE hard disks are set for slave, not master. This
is something you’ll routinely want to check when you purchase new
IDE hard disks. Also, on a computer with an older BIOS, you may have
to key in the number of heads and cylinders that the hard disk came
with so that the BIOS can recognize the disk. Since you’re replacing the
hard disk, chances are remote that the CD-ROM was set for master.
You don’t have termination worries with IDE—that’s a SCSI thing.

8. A. Upgrading firmware will require the server to be powered off,

firmware changed, and the server to be restarted. It is best to take the
server out of service temporarily to perform the upgrade.
9. E. Consulting Readme files can save you hours of frustration spent
trying to figure things out yourself or waiting on hold with customer
service.
10. A, B, C, D. All of these options are important considerations when
upgrading a computer to a multiprocessor system. If hardware con-
flicts the system may experience problems ranging from unexpected
performance to physical component damage.
11. B, C, D. If you are trying to troubleshoot the installation of a SCSI
disk, begin by verifying that the SCSI IDs are properly set, the SCSI
devices are properly terminated, and the cables are properly connected
and not damaged.
12. A, B, C, D. If Bonnie is trying to put a 100ns DIMM in a system
that has 70ns DIMMs currently installed, she could run into trouble.
Also, if the server she’s trying to upgrade has proprietary memory
in it, she could create some problems by not buying manufacturer-
recommended DIMMs for the system. Additionally, it’s not a wise
idea to match ECC with non-ECC memory and so forth. Generally
it’s a good idea to ascertain what’s currently in the system and match
accordingly.
13. A. In almost all cases, after you add memory to a system, you have to
go into the system BIOS and acknowledge that the current memory
count is correct.
14. C. The RAM purchased is overpowering the existing RAM. RAM
must be installed in order from the largest size to the smallest.
15. A. The acceptable stepping between processors is one step.
16. A, B, D. Before proceeding with a RAM upgrade, begin by

determining the form factor of the motherboard, the type of RAM cur-
rently installed in the server, and the maximum amount of RAM that
is supported.
17. A, D, E. The new card should ultimately be set to use the old card’s
IRQ and memory I/O, so there shouldn’t be an issue there. She may
have to have different cabling for the new card. If you buy a new
SCSI adapter, generally you get a cable that allows one, or at most

two, devices to be added onto the chain. But Wendy might have sev-
eral devices and will have to provide an additional cable. Also she’ll
probably want to consider verifying the card’s BIOS version and
updating it if it’s older than the current one. The most important
concern she should have will be verifying if there are available PCI
slots in the server. The Future Domain adapter is likely to be an ISA
or EISA card but most of today’s cards are PCI. This could be a big
concern if the server is an older pre-PCI unit.
18. A. Check the hardware vendor’s website regularly to see if any
upgrades have been posted. If so, you should start your investigation:
Read the Readme to see what the upgrade fixes. Determine if your
system is having any symptoms that might indicate a need to apply the
upgrade. Then make your decision.
19. A, B, C. Often overlooked, but important, is the need to make sure
the disparate vendors’ disks will play in the sandbox with each other.
Also check to make sure the cabling is adequate and doesn’t need
replacement and whether there are other IDE devices in the system.
Finally, it might be important to figure out if you’re going to lose
your IDE CD-ROM because you’re adding a second disk and you’re
working with an older IDE bus that only supports two devices. You
don’t need to worry about termination jumpers with IDE devices.
20. A, B, C. Even if the BIOS hasn’t yet been updated with the new
RAM numbers (most BIOS utilities today won’t let you exit without
updating their configuration), the OS should report the new amount.
You’ve either got a bad RAM stick, an incompatibility, or the OS can’t
handle that much RAM.

Chapter Software Updates

THIS CHAPTER:
3.8 Upgrade system monitoring agents

Perform upgrade checklist including: locate and obtain latest
test drivers, OS updates, software, etc.; review FAQs, instruc-
tions, facts and issues; test and pilot; schedule downtime;
implement using ESD best practices; confirm that the

implement using ESD best practices; confirm that the upgrade
has been recognized; review and baseline; document the
upgrade
3.10 Upgrade UPS

implement using ESD best practices; confirm that the upgrade
has been recognized; review and baseline; document the
upgrade

I n addition to managing the server hardware upgrades, you will
also be responsible for managing the software upgrades on the servers in
your network. Sometimes the two upgrades will be very closely linked. For
example, if you decide to upgrade the network card on a server, then you will
also have to acquire and install the new driver for the network card. If you
decide to install a new UPS, you may have to upgrade the UPS management
software.
More often, however, updating the software on your servers is completely
separate from performing a hardware upgrade and is likely to happen much
more frequently. When a new service pack comes out for your server, and it
addresses a problem that you have experienced on your network, you are
likely to apply that service pack without any associated hardware upgrade.
Of the several possible varieties of software upgrade, the most significant
would be a complete OS upgrade. In this scenario, the manufacturer has
released a completely new OS and you decide to deploy the new OS in your
environment. Other software upgrades include service packs or software
patches; in this case, you are not upgrading the entire OS, but you are making
some changes to the OS. The changes are almost always bug fixes, and
occasionally they provide additional functionality to the OS. Another type
of software upgrade is the installation of a new driver; in this case, you are
not making any changes to the core OS, but you are making changes to one
or more software drivers that control how the OS connects to the hardware
devices on the server. The final type of software upgrade we will discuss is
upgrading applications running on the server, including UPS management
tools and server or network monitoring tools; in this case, upgrading the
software is not likely to directly affect the OS.

Operating System Upgrades 343
An essential component in all software upgrade procedures is risk man-

agement. Whenever you make a change to a production environment, you
are taking a risk that your change will cause something on the network to
stop working. This makes risk management and risk mitigation an essential
component in any software upgrade. Before you deploy any software upgrade
into the production environment, you must test the upgrade thoroughly to
make sure that nothing will break. As well, you have to prepare a backout
plan that defines what you will do if you run into unexpected problems in the
software upgrade. If the upgrade is unsuccessful, you must be able to quickly
get your servers back to where they were before you attempted the upgrade.
Operating System Upgrades

T here are many reasons why you might decide to perform an operating
system upgrade on your servers. In some cases, you are forced to perform the
upgrade because a required business application runs only on a new version
of your OS. Or you need to upgrade because you can no longer buy licenses
for the older version. In other cases, you have a choice about whether you
want to upgrade. Almost always the new version of the OS provides addi-
tional functionality—it is more secure, more scalable, or provides additional
features that will benefit your organization. In that case, you might choose
to perform the upgrade to realize those benefits. Whatever the reason for the
upgrade, you are likely to perform OS upgrades every couple of years
throughout your career.
In-Place Upgrade Versus Clean Install

The most significant software upgrade that you can perform is an operating
system upgrade, where you are upgrading your operating system from an
older version to a newer version. When planning an OS upgrade, the most
important question that you must answer is whether you want to perform an
in-place OS upgrade or remove the existing OS from the machine and per-
form a clean install of the updated operating system. In this section of this
chapter, we will help you answer the question of whether performing an
upgrade or performing a clean install is the best option. After you have made
this decision, this section will describe the processes that you have to go
through to perform both types of upgrade.

344 Chapter 11 Software Updates
Justifying an Operating System Upgrade
You are the network administrator for a management consulting firm. Your
network has been running an older version of a network operating system
for about four years. Newer versions are out, and they all have new bells
and whistles that you would love to have: things like integrated manage-
ment tools, better user interfaces, and greater reliability. You know that you
need to upgrade, so what’s the problem? The problem is, management
does not want to spend the money.
Most likely, you are a techie who loves technology and especially enjoys
learning about and working with new technology. If you could make the
decision yourself, you would always upgrade your OS to the latest and
greatest just because of the many new features that are available in the new
OS. However, the problem is that in most companies, you are not going to
be the person who makes that decision, and this is for one simple reason—
you are not the one paying for the upgrade. The people who actually pay for
the upgrade are usually not techies—they are business managers. They
may be very interested in technology and see many benefits in using tech-
nology, but they are not as likely to be impressed by the new features that
techies find so interesting. The business people are usually interested in
technology for one simple reason—technology assists the business in mak-
ing more money.
So what do you do? You need to learn to speak business language. There are
very few companies who will upgrade the operating system on all their serv-
ers just because the new OS is the latest and greatest. In most companies,
the OS will be upgraded only if you can make a very clear argument that the
company will get a return on investment (ROI) on the upgrade. If you think
that the company should adopt the new OS because it is more reliable and
stable, you may have to talk to the business people about the benefits of the
computer system being available all the time, and the cost of any downtime
for the organization. If you think that the new OS provides better security,
then you may need to talk to the business people about the security threats
to their confidential information and how the new OS can help secure essen-
tial data. When talking to the business people about the upgrade, your task
is to demonstrate how the new OS will solve business problems. You know
that the technology is needed, and it will benefit the company. Now your
task is to prove that to the people who handle the money.

If you decide to reformat the hard disk on the server and perform a clean
install of the OS, you will find that almost all operating systems provide
in-place upgrade functionality. Often, you can start an install of the newer
version of the OS on the existing server and the installation process will detect
the presence of the older OS and ask you if you want to perform the upgrade.
When you perform an upgrade, the configuration settings for the old OS are
migrated to the new OS so you do not have to reconfigure many of your set-
tings. The data that is stored on the server and the applications that run on
the server are usually not affected by the upgrade. In many ways, an in-place
upgrade is the easiest option when you need to upgrade your OS.
The alternative to an in-place upgrade is a clean install of the OS. There
are actually two ways to accomplish this. One option is to move all of the
data that you want to keep from the server onto a backup tape or to another
network location and then to format the hard disk on the server and perform
a complete install of the OS. After you perform the install, you can then rein-
stall any applications on the server and restore the data back to the server.
The second clean install option is to use a second computer. In this case,
you would install the new OS on the second computer and then move the
data and resources from the old computer onto the new computer. Users
would then connect to the new computer to get access to the resources. You
can then format the hard disk on the old computer and use it for another
purpose on your network or in your test lab.
It’s important to know the advantages and disadvantages of each type of
upgrade. Since in-place upgrades are the most common, let’s take a look at
them first.
Choosing an In-Place OS Upgrade

In-place upgrades are quite common. Generally, they are less expensive, and
easier to manage. The advantages of in-place upgrades are:
In most cases, the server configurations will be upgraded to the new
OS. For example, if you are running an application on the server, the
application settings will automatically be migrated into the new OS.
Or if you are running a network service like DNS on the server, the
DNS settings and zone information will not need to be reconfigured.
In most cases, applications running on the server do not have to be
reinstalled. If the server is operating as a database server, you should
not have to reinstall the database application after the upgrade.

This is usually the fastest upgrade path. If all goes well, you can have
a new version of the operating system installed within a couple of
hours.
Because all of the server settings such as computer name and IP
address are unchanged by the upgrade, you do not have to reconfigure
any clients that are currently connecting to the server.
Of course, no method of upgrading is perfect. When selecting an in-place
upgrade, be aware of the following potential disadvantages. Not all will
apply to your network, but some may. If the disadvantages are significant,
you may want to choose another method. Disadvantages include:
This process has the highest risk factor. While almost all operating sys-
tems do provide an upgrade path, the chances of something failing
during the upgrade are significant. The OS manufacturer tests the
upgrade thoroughly before releasing the product, but it is physically
impossible for the manufacturer to test all possible situations. If the
in-place upgrade fails and you have not prepared for this, you will
have to deal with a long and painful recovery process that may include
losing some data.
One of the reasons why server upgrades fail fairly frequently is because every
server has a history. This history may include OS upgrades, service pack
installations, application installations and removals, unauthorized and undoc-
umented server configurations, as well as several years of service. There is no
way that the OS manufacturer can perfectly duplicate your server’s history
to test the upgrade path, yet anything in that server’s history may cause the
upgrade to fail.
The server is not available during the upgrade. Even with the smooth-
est upgrade, the server will not be available for client connections for
several hours. If the server is running a business critical application,
you will almost certainly be doing the upgrade after everyone else has
gone home for the weekend.
Upgrading the OS may bring with it a legacy of problems. In many
cases, performing an upgrade of the OS leaves you with a series of
problems. In some cases, the problems are a result of an incorrect con-
figuration in the old OS—upgrading the OS will never fix an incorrect
configuration.

The OS upgrade itself may create problems. For example, if the old OS
used a particular system file and the new OS overwrote that system file
with a newer file with the same name, any applications or services on
the server that depended on the old version of the file could fail.
The old server may not be able to run the new OS. Most of the time,
newer versions of an OS require more hardware to run efficiently than
earlier versions of the same OS. Before starting an in-place upgrade,
ensure that the old hardware is supported in the new OS.
Choosing a Clean OS Install

While the clean operating system install costs more, it can alleviate problems
associated with upgrading an existing machine that may have its own issues.
The advantages to a clean install are significant:
The biggest advantage of performing a clean install is that you can
clean up all of the server’s history. Choosing this option means that
the server is restored to pristine condition, just as if it had never run
any other OS, and you can perform a clean install of all applications.
In most cases, this will result in a more reliable server.
If you choose to install the updated OS on a new server and move all
of the resources to the new server, you will probably be able to restore
service to your users quickly.
Installing a clean operating system fails much less frequently than an
in-place upgrade. Usually, the only reason the install fails is due to
hardware failure or incompatible hardware. These components repre-
sent a much lower risk than the risk presented by doing an in-place
upgrade.
Of course there are disadvantages too:
Performing a clean install takes significantly more time and effort than
performing an in-place upgrade.
If you choose to perform a clean install on the same server, the server
will not be available for clients for an extended period of time. Format-
ting the hard disk, performing a complete OS installation, installing
and configuring all the server based applications, and restoring all the
data to the server can take a long time. In this case, you will not only
wait until everyone has gone home for the weekend, you are also going
to hope that you get everything done before they come back from the
weekend.

Some client applications on your network may require that the server
component be located on a computer with a specific computer name
or IP address. Before you choose the option to install the OS on a new
server and migrate all of the resources to that computer, you must
ensure that these applications can be modified to point to the new
server.
If you choose to install the new OS on a new server, you will require
at least two servers.
Deciding on an Upgrade Method

So what is the best option? Should you perform an in-place upgrade or
should you use the clean install option to upgrade your OS? As you can tell
from the earlier discussion, both options have advantages and disadvan-
tages. In general, we suggest these guidelines:
The first choice when doing a server OS upgrade should almost always be
to perform a clean install. There are two reasons for this. First of all, the
chance of a failure occurring during a clean install is significantly less than
the chance of failure during an in-place upgrade. If the upgrade fails, you will
have to perform a complete server restore in order to get the server back up
and running and you will still have to do the upgrade. The second reason
why the clean install upgrade is preferable is that you do not have to deal
with the legacy issues on the server after the upgrade is complete. In contrast,
a server that has been upgraded from another version of software will almost
never be as stable as a server that has been installed cleanly.
If you choose to perform a clean install, installing the new OS on a second
server and then moving the resources to the new server is preferred over per-
forming the install on the same server. If you are using a new server, you can
install the OS, install and configure any applications, and copy the data to the
new server without affecting the production environment. This means that
the time when the server is not available on the network can be very short.
If you have applications on your network that require a specific computer

name or IP address, migrating to a new server may require some configura-
tion changes.

The in-place upgrade option is rarely the best option. One scenario where
this option would be the first choice is in a small company that has only one
server and cannot afford the downtime to perform a complete installation of
the OS and all applications.
OS Upgrade Procedure
Although an in-place OS upgrade is not usually the best option, there are
situations where you may want to choose this approach. If all goes well,
an in-place upgrade of the OS is the easiest upgrade option. For example,
to upgrade from Windows NT to Windows 2000, you can insert the Win-
dows 2000 CD-ROM, wait for the Autorun screen to appear, and essentially
accept all the defaults. (See Figure 11.1 for an example.) Upgrading a Linux
or NetWare server is almost as easy. However, this perception of ease can be
misleading when you are planning to upgrade a production server. The rea-
son why this perception is misleading is because the in-place upgrade is also
the highest risk upgrade.
FIGURE 11.1 Upgrading a Windows NT Server to Windows 2000

The risk of performing an in-place upgrade is that the upgrade will fail:
You start the upgrade, everything works smoothly, and then the upgrade just
stops. Or the server may not boot into the new OS. If you have not prepared
for this to happen, you are about to spend a long night trying to get your
server back in working condition before everyone else shows up for work the
next morning.
Almost all of the work in performing an in-place upgrade is done before
you ever start the upgrade. You can split the preparatory work into two cat-
egories: first, the work that you will do to try to make sure that the upgrade
will succeed, and secondly, the work that you will do to make sure that you
can recover your server if the upgrade fails.
Ensuring That the Upgrade Will Succeed

Before you begin the in-place upgrade, you need to make sure that the odds
of a successful upgrade are in your favor. Doing so requires several steps
(note that, except for step 3, all of these steps can apply to a clean install
as well):
1. Check the hardware. Obviously, if you are going to upgrade to a new
OS, you have to make sure that the OS can run on the old hardware.
The hardware must meet at least the minimum requirements set out
by the OS manufacturer. Most OS companies set the minimum require-
ments very low, and you will generally need to have significantly more
processing power, disk space, and memory in order to meet client
expectations. Once you are sure that the hardware meets the mini-
mum requirements, the next step is to make sure that all hardware
components are supported by the new OS. You may have to locate
and download all the drivers for the hardware components before
beginning the upgrade.
2. Check for application compatibility issues. The second potential fail-
ure point is application incompatibility. You need to check all of the
applications that are running on the server to ensure that the applica-
tions will run under the new OS. If the applications will not run in the
new OS, check to see if the application manufacturer has a version that
will. Usually the application compatibility information is available on
the application manufacturer’s website. Even if the manufacturer’s
information does not indicate any problems, this is one upgrade com-
ponent that you must confirm in a lab. The manufacturer may have

tested many upgrade scenarios, but they will not have tested the
upgrade on a server with your server’s history or with the particular
combination of applications on your server.
3. Clean up the server. You will increase your chances of a smooth
upgrade significantly if you clean up the server before the upgrade.
Cleaning up the server may include removing unnecessary applica-
tions, removing applications that will not run on the new OS, and
removing data that does not need to be stored on the server.
4. Remove or disable any antivirus software running on the server. Also
disconnect the UPS. Some operating system installs will make certain
UPSs shut down the server. Just make sure you re-enable the antivirus
software and UPS when you’re done.
5. Test the upgrade. Before you perform the upgrade in a production
environment, perform the upgrade repeatedly in a test environment.
The test environment should match the production environment as
closely as possible. If possible, use the same hardware and make sure
that all applications and services running on the production server are
also running on the test server. Performing the upgrade on a test server
first allows you to determine whether the upgrade is likely to succeed,
but it also might give you some experience in troubleshooting minor
issues that appear during the upgrade.
6. Read the instructions. This may seem self-evident, but it is often over-
looked. The first place to begin is to review documentation provided
by OS manufacturer about the upgrade process. This documentation
is usually included with the source files for the new OS in the form of
Readme files. Often the support component of the company’s website
includes additional information in the form of white papers, technical
documentation, and troubleshooting information. A second source of
instructions is the hardware manufacturer’s documentation. There
may be specific issues of running the new OS on your particular hard-
ware—often the hardware manufacturer has experienced the same
problem and may provide a fix or workaround on their website.
7. Learn from other people’s experience. You are probably not the
first person to try this particular upgrade, so try to find out how the
upgrade has worked for other people. All OS and most hardware
manufacturers provide a forum for customers to share experiences

about the products. These are usually accessible through the company
websites. On these sites you can gain access to FAQs and company-
sponsored newsgroups. (See Figure 11.2 for Novell’s collection of
newsgroups for NetWare.) Often there are also public newsgroups
focused on the products that you are working with. These newsgroups
often provide extremely valuable information about what other peo-
ple have experienced and how they managed to get around problems.
FIGURE 11.2 Newsgroups on the Novell website
Newsgroups do contain a great deal of information and only some of it is rel-

evant, so an effective newsgroup search tool is essential to locate the infor-
mation you need. One of the best newsgroup searching tools is located at
http://groups.google.com. From this website, you can perform powerful
searches of almost all public and company-sponsored newsgroups. See
Figure 11.3.

FIGURE 11.3 Searching newsgroups using the Google Groups website
Preparing for Failure

Despite all of the preparation you put into making sure that the OS upgrade
will succeed, experienced network administrators know that anything that
can go wrong will go wrong—and at the worst possible time. This means
that you need to prepare for the in-place upgrade to fail. To do that, follow
these steps:
1. Back up your server. This backup must be a complete backup, including
the OS, the application configuration information, and all the data
on the server. Once you are confident that you have a good backup, per-
form a test restore. Ideally, this test restore should be a complete restore
of the entire computer onto another server in your test lab. Only when
you are completely confident that you can restore your server back to its
current state should you move on to the upgrade process.

One of the best ways to perform a complete backup of your server is to use a
disk cloning application to create a complete copy of your hard disk. Then if
the upgrade fails, you can restore the server back to its previous state quickly.
If the server that you are upgrading is a file server with hundreds of gigabytes
of data on its hard disks, just clone the OS partition and make sure you have
a good backup of the data. Two of the most popular disk cloning applications
are Ghost (www.symantec.com) and Drive Image (www.powerquest.com/
driveimage).
2. Document all of the settings on the server. This documentation should

include all the server configuration settings, services configuration,
and any application settings. If the upgrade fails, and you cannot
restore the system from your backup tape, then you might have to
rebuild the entire server. In this case, the configuration documentation
will save you hours of work.
3. Prepare and test a backout plan. The purpose of a backout plan is to
make sure that the server is available for users when they need it. A
backout plan is a document that defines at which point you need
to back out of your upgrade and begin the process of recovering the
server back to its previous state. The first part of backout planning is
determining how long it will take you to recover the server. For exam-
ple, you may determine that it will take you eight hours to recover the
server. This means that if your upgrade does not go smoothly, then at
least eight hours before your users are expecting the server to be avail-
able, you must stop trying to fix the upgrade and start the recovery
process.
Spending a great deal of effort preparing for something that you really
hope doesn’t happen may seem strange. If you spend days or weeks prepar-
ing for an upgrade to fail and the upgrade goes completely smoothly, you
may feel like you were acting paranoid. However, if the upgrade fails part-
way through, and you can’t get the computer to boot into any operating
system, you will be thankful for all of the effort you spent preparing for failure.
Some experienced network administrators appear to be pessimistic—even
paranoid—but they’re really just preparing. Expect things to fail and prepare
for it, so you can deal with the problems if they happen. Of course, the better
prepared you are, the less likely it is that anything will go wrong.

Other Considerations
As you get ready to perform the upgrade, there are a couple of other issues
that you need to take care of. The first step is to schedule the server down-
time. In most cases, operations like OS upgrades are performed during non–
business hours. The server will not be available to users during the upgrade,
so it makes sense to perform the upgrade when fewer users need access to the
server. Even if you are planning on performing the upgrade when no one else
has to be at work, you should still let users know that the server will be
down. A user who decides to come in on a Saturday to get caught up on some
work will be very disappointed if the server they need is not available.
Some companies have little or no time when the server can be unavailable.
For example, companies that depend heavily on business generated from
their websites or companies with offices in many different time zones might
not want the server to be unavailable at any time. If your company does not
have a time window where you can perform the upgrade without causing a
significant disruption in the business processes, then do not perform an in-
place upgrade. In this case, you should perform a clean install using a second
server to provide the service while the original server is not available.
Another important component to a successful upgrade is to document
everything. As you perform test upgrades in your lab, you should document all
of the upgrade procedures you use. You should also test and document your
recovery plan. It is very easy to miss a step in a complicated procedure if you
don’t have accurate documentation. As you perform the upgrade, document
any errors you encounter and how you resolved the errors. This will become
valuable documentation for any future upgrades that you perform.
Clean Install Procedure

The second option for performing a server operating system upgrade is
to perform a clean install of the OS rather than upgrade the current OS.
Performing a clean install almost always requires more time and effort
than performing an OS upgrade, but the end result is a more stable operating
environment. For this reason, the clean install upgrade is almost always the
best option for doing an OS upgrade. There are essentially two options
for performing a clean install: performing a clean install on the same server,
or performing a clean install on a second server.

Performing a Clean Install on the Same Server

When you perform a clean install on the same server, you will back up all the
data on the server’s hard disk, format the hard disk, install the new OS, rein-
stall all the applications on the server, and then recover all of the data. For
a large server, this process takes a significant amount of time, which means
that this is an upgrade option only if you can afford the server downtime
while you do this work. This is also an upgrade option if you must reuse the
same server and cannot replace the current hardware, even temporarily.
Many of the steps discussed in the previous section on in-place upgrade also
apply to upgrades through clean installs. You still need to configure a test lab
and thoroughly test every step in the process.
To upgrade the OS by performing a clean install on the same server, fol-

low these steps:
1. Back up everything on the server. This is done for two reasons: First
of all, you might have to restore the entire server if the clean install
fails, and secondly, you need the backup to restore the data after the
upgrade. Again, make sure that you can restore the data that you have
backed up.
2. Document all of the server and application configuration settings.
This is also done in case you need to restore the server. As well, many
of the configuration settings on the new server will probably need to
be the same as they were on the old server. For example, if the server
is your DNS server, then you will probably need to configure the new
server with the same DNS server settings.
3. Format the hard disk. After you have double-checked and triple-
checked that your backups worked, and that you have documented
all the server configurations, erase everything on the hard disk by
formatting the hard disk.
4. Install the new operating system.
5. Once the OS is installed and stable, configure the server settings. As

well, configure any services running on the server.

6. If you need any server-based applications on the server, install and

configure these.
7. Restore the data onto the server. Once you are confident that the server
is correctly configured and stable, restore the data onto the server.
Restoring the data is usually the last step because you do not want
to take the time to restore the data until you are sure that the server
is running efficiently and that you will not have to reinstall any
components.
8. Test connectivity to the server. Before putting the server back into pro-
duction, test all of the network resources provided by the server. If the
server is a file and print server, ensure that clients can access the file
resources and print to the attached printers. If the server is a database
or messaging server, confirm that these applications are accessible
from the network.
One of the best practices when configuring a server is to put all of the data on
a separate partition—or even better, on a separate hard disk—from the OS. If
you have followed this best practice, or if the data for the server is on a storage
area network (SAN) or network attached storage (NAS) device, then you do
not need to restore the data. All you have to do is format the partition where
the OS was located, and install the new OS—the data is not affected by the
upgrade and is still accessible.
Performing a Clean Install on a Second Computer

A second option for performing a clean install is to install the new OS onto a
second server. Then move all of the resources from the old server onto the
new server and configure the clients to connect to the second server. This
upgrade option is the best choice when you require close to 100 percent
server uptime. With this upgrade option, you can install and configure the
new server and test it to make sure that it is stable, and then just have the
clients connect to the new server. This is also the best upgrade option if
you need to move the server to a new hardware platform.

Server Uptime
One of the goals of network administration is to provide 100 percent server

uptime. One hundred percent uptime means that the network and servers
are always available whenever any client needs to access a network
resource.
While this is a goal for all network administrators, companies will vary
greatly on how critical it is that you achieve 100 percent uptime. This may
even vary depending on which server you are working on in the company.
If all of the business-critical applications in your company run on a main-
frame, and the small database server that you are upgrading is only used by
five people once a week, then you can probably take that server offline for
a couple of days without seriously affecting any business process. How-
ever, if the server you are taking offline is the primary web server for your
company’s e-commerce site, and you are right in the middle of the busiest
time of year, then taking the server offline for even an hour may cost the
company millions of dollars.
One of the first questions you need to ask when you get ready to upgrade
a server is how much downtime can you afford on this server. Or better yet,
ask the business department that uses the server most heavily what would
happen if the server were not available for 15 minutes, or an hour, or a day?
The reaction you get from the businessperson is usually an excellent indi-
cator of how much network downtime you can afford.
Even though the goal is 100 percent, that will likely never happen. If your
company can hit 99.99 percent (called “four-nines” by the cool network
administrators) or even five-nines, that is extremely impressive. Four-nines
uptime would mean that the server is down for less than 53 minutes per
year. It’s certainly a goal worth shooting for.
To upgrade your OS by performing a clean install on a second server, use

the following steps:
1. Install the new OS on the second server. Configure the server to match
the required specifications and then test the server to make sure that it
is stable.

2. Install and configure the network services and applications on the new
server. In most cases, these services and applications will be config-
ured to be identical to the old server.
3. Move the data and other resources from the old server to the new
server. Because the old server is still in production at this point, you
may have to use a synchronization tool to make sure that the resources
on both servers are identical and that changes made to the resources on
the old server are reflected on the new server. One example of such a
tool is Robocopy from the Windows 2000 Resource Kit. Robocopy
can be used to copy file resources from one server to another and
maintain the folder structure and the assigned permissions. After
the initial copy, Robocopy can also be used to synchronize the file
resources on both servers.
4. Once the server is stable and configured, test the connectivity to the
resources and applications on the new server.
5. If possible, select a small group of users as a pilot group to begin work-
ing on the new server. This pilot group is used to ensure that all of
the server components are correctly configured. Using a pilot group
on the production environment may not be possible if the server must
have the same name or IP address as the original server.
6. Once you are confident that the server is stable and all of the resources
on the server are accessible, configure all clients to use the new server.
7. If the new server appears to be functioning smoothly, remove the old
server from the network. For the first few days, you may want to just
shut down the server and leave it connected to the network. In this
way, if the new server fails unexpectedly, you can bring the old server
back online very quickly.
Upgrading the operating system is usually not a complicated task. How-
ever, it can get quite complicated if there are applications being used on the
network where the old server NetBIOS name or IP address is hard-coded in
the application so that it is very difficult to change. If this is the case, it is
more difficult to manage the upgrade because the two computers cannot
both be used on the production environment at the same time. Often, rewrit-
ing the application to point to the new server is not feasible, so the new server
will have to have the same name as the old server—but two servers with the
same name cannot exist on the same network. To get around this, you can

build and test the new server on a network that is isolated from the produc-
tion environment. Then when the new server is stable and has all of the latest
information, you can remove the old server from the network and connect
the new server.
Service Pack Upgrades

A second type of software upgrade is a service pack install. While this
is a less significant procedure than performing a complete OS upgrade, it is
still an upgrade that must be dealt with seriously. While the service pack
is being installed, the server will not be available for client connections. Often
the server must also be rebooted after a service pack install, which again
results in server outage. Sometimes a service pack install will fail, so you
must be prepared for that. Occasionally a service pack fixes one problem on
the OS but creates another. So installing service packs still takes a significant
amount of planning and preparation.
The term service pack is not consistent across all OS manufacturers.

Microsoft uses the term. However, Novell uses the term consolidated sup-
port pack for its collection of patches and fixes that are released periodically.
Red Hat does not release an equivalent product—they release individual soft-
ware patches for their Linux product, but not collections. IBM uses the term
FixPak for its collection of OS/2 patches. Sun Microsystems provides Patch
Clusters for its operating system. For simplicity, this chapter will refer to an
accumulated collection of software patches as a service pack.
What Are Service Packs?

As an OS is deployed by customers in a wide variety of situations, bugs are
found. While each individual bug can usually be fixed with a software patch,
a service pack usually includes all of the bug fixes that have accumulated
since the release of the OS version. Service packs often include security fixes
as well.
In some cases, service packs are also used to introduce some new features
to the OS. For example, in Windows NT, later versions of service packs
introduced significant improvements to many of the network services such as
DNS, WINS, and remote access.

Service Pack Upgrades 361
Deciding Whether to Install Service Packs

Deciding whether to install a service pack is a source of much debate among
network administrators. Everyone has an opinion on whether you should
install service packs and when to install service packs. There are two extremes
in this discussion. At one extreme are the administrators who say that you
should only install the service packs that fix a specific problem that you are fac-
ing on your network. Supporters of this view argue that if a service pack does
not address any problem you are currently facing on the network, then you
should not install it. This approach says, if it isn’t broken, don’t try fixing it.
The second point of view is to install all service packs regardless of
whether they are specifically required on the servers at that point. Propo-
nents of this view argue that all of the accumulated bug fixes should make
the OS more stable and reliable. Also, the service pack might provide a fix
that will prevent a problem from showing up later. Because many of the
service packs contain the latest security patches, installing the service pack
can increase the security of your servers. As well, these administrators often
want to implement some of the new features provided with the service pack.
In some cases, you may not have an option about whether you want to
install a service pack. Often this is the case when you want to install a
network application or service that requires a certain level of service pack.
For example, to install Microsoft’s messaging server, Exchange 2000 on Win-
dows 2000, you must have installed at least Windows 2000 Service Pack 1.
To install the latest version of Novell’s firewall and proxy server, called
Border Manager, you must install the latest consolidated support pack.
As with all arguments of this type, the best answer (and the one chosen by
most administrators) is to approach the installation of service packs with
caution. If a service pack addresses an issue that is a problem on your net-
work, then you probably want to install the service pack fairly quickly. A
good approach is to wait at least a couple of weeks after the release of a
service pack to ensure that it is stable and does not create additional prob-
lems. If the service pack does not address any concerns on your network,
and your servers are stable, then you might choose not to install it. In most
cases, service packs are cumulative, so you can choose to not install a
particular service pack and just install a later version.
Service Pack Installation

Although installing a service pack does not have as much impact as installing
a totally new operating system, it is still a significant upgrade. Some of the

system files for the OS will be replaced. In most cases, you must also restart
the server after you have applied the service pack. For these reasons, it is
critical that you plan carefully for the installation of the service pack. The
following steps provide a framework:
1. Obtain the service pack from the OS manufacturer. The service packs
are usually available either on a CD-ROM or on the manufacturer’s
website (see “Service Pack Websites” below).
2. Test the service pack in a test lab. Although the install of a service pack
doesn’t fail very often, it can happen and potentially result in an
unbootable server. You need to test the service pack against your
server’s configuration to make sure that the service pack does not have
unexpected results on your particular combination of software and
hardware.
3. Check the documentation that comes with the service pack release.
Often a service pack release will include documentation that details
known problems for the service pack install. Check the documentation
to ensure that none of the known problems apply to your situation.
4. Learn from other people’s experience. Wait a month or so after the
release of a service pack to make sure that it is stable. During that
month, monitor the manufacturer’s support website and monitor all
the relevant newsgroups for how the install is working in other envi-
ronments. Fortunately, there are enough network administrators who
do install the service packs immediately upon release, so let them do
some of your testing for you.
5. Back up your servers. Again, you want to prepare for disaster. If the
service pack upgrade fails, you must be able to get your server back up
and running as quickly as possible.
6. Schedule the downtime. Clients should not be connecting to your
server during the service pack install and the server restart, so let them
know when the server will be unavailable. Ideally, you should perform
the service pack install during non-working hours to insure minimal
effect on the business users.
7. Install the service pack and document the results. If you run into any
problems during the service pack install, document the problem and
how you fixed it. This can be useful information as you install the
service pack on other servers.

Service Pack Upgrades 363
Service Pack Websites

To download the latest service packs, go to the manufacturer’s website. Here
are some sample websites where you can go to download service packs or
software patches:
Microsoft Windows 2000 (www.microsoft.com/windows2000/
downloads/servicepacks)
Novell NetWare (Support.novell.com/tools/csp/
csplist.html) (See Figure 11.4)
Sun Microsystems Unix (sunsolve.sun.com/pub-cgi/show.pl)
Red Hat Linux (www.redhat.com/support)
Links for all Windows and OS/2 service packs
(www.softwarepatch.com)
FIGURE 11.4 Novell’s Consolidated Support Pack download center

Test Labs
As you have seen frequently in this chapter, there is a strong requirement

to test every software upgrade in a lab or test environment before upgrad-
ing the software in production. If things are going to break, you want them
to break in the lab where few people will be affected and where you do not
have the pressure of getting the servers working again immediately.
This requirement means that you must have a lab available whenever you
need to do any testing. In a small company, there may be significant resis-
tance to dedicating even a couple of servers to a test lab and you may have
to create the test lab when you need it from older servers or high-end desk-
top computers. Larger companies often have a dedicated lab environment,
but sometimes the difficulty is getting access to the lab.
If you work in a typical enterprise network environment, you are constantly

testing software in a lab. You may be testing operating system upgrades,
service packs, software patches, and new server or desktop applications. At
the same time, the software developers in the company may also be testing
a new application that they have been working on. Other people may want
to get access to the lab to learn a new technology. In this environment, man-
aging the lab can become almost as complicated as managing the produc-
tion environment. Here are some suggestions for managing the test lab:
Appoint a lab manager: This person must have the authority to

authorize use of the lab, manage the lab schedule, and enforce lab
procedures.
Create a lab that mirrors the production environment: Testing is only

valid if the software is tested in an environment that is similar to the
production environment. This means that the lab should have a similar
hardware configuration, similar logical and physical network configura-
tion, and the same operating systems and applications installed.
Develop lab test case procedures: To make the lab time as efficient as
possible, you should go into the lab with a complete lab test case. This
means that before anyone is given access to the lab, they should have
a detailed description of what they are testing in the lab, how they will
be setting up the lab, and what the expected effects of their testing will be.

Software Patches 365
Develop a way to rebuild the lab efficiently: The point of having a lab is
to be able to test changes to your network without affecting the produc-
tion environment. However, you also need a mechanism to return your
lab back to the current production environment as quickly as possible so
that you can try another test, so someone else can use the lab and not
have to deal with your changes. The most efficient way to rebuild the lab
is to use disk-cloning software so you can build the lab exactly the way
you want it and then take images of all the servers. Then, after someone
has tested their software and made changes to the servers, you can
rebuild the servers back to their original configuration within minutes.
In some cases, you can automate the installation of service packs across
multiple systems. For example, you can use Group Policies in Windows 2000
Active Directory or Z.E.N.works in NetWare to automatically install service
packs on multiple servers in your environment. This can be a great time-
saver if you have hundreds of servers. However, this approach also requires
a high level of testing and disaster recovery planning. If you think having to
recover one server in the event of a disaster is tough, think about what it
would be like to recover hundreds of servers. If you decide to use the auto-
mated deployment tools, then test the deployment thoroughly. Create a pilot
deployment where you will deploy the service pack to a small group of servers.
Even when you are confident that the pilot has gone well, deploy the service
pack to a small selection of servers at one time. The most crucial question
that you need to deal with is disaster recovery time. Never automate this
deployment to more servers at one time than you can recover if the deployment
fails badly.
Software Patches
T he third type of server OS upgrade is a software patch. This upgrade
is less significant than the service pack upgrade because a software patch
usually deals with just one issue. Because a patch usually addresses only one
problem with the OS, it is not uncommon for an OS manufacturer to release
a new patch every few weeks. This means that managing the software
patch upgrades is more of an ongoing management issue than a large-scale
OS upgrade.

What Are Software Patches?

Software patches (also called quick fixes or bug fixes) are small fixes to
the operating system or an application. In most cases, a software patch is
designed to solve one particular problem. In some cases, this is a software
bug discovered by someone and repaired by the OS manufacturer. In other
cases, a software patch is a security fix.
Deciding Whether to Install Patches

The discussion about whether to install OS patches is similar to the discus-
sion on whether to install service packs, but the answer is easier. Because a
software patch is designed to address only one particular problem, you will
usually not need to install the patch unless you need to address that problem.
The patch almost always includes documentation that indicates exactly what
type of problem the patch will resolve. If this problem is not applicable to
your network, then you will probably not install the patch. A patch usually
comes with a recommendation from the OS manufacturer on whether every-
one should install the patch, or whether it should be installed only if you are
faced with the issue that the patch is designed to fix.
This situation may be different when the patch is designed to address a
security issue, especially if your server is accessible from the Internet. Every
server that is accessible from the Internet is likely to come under attack at
some point, and it is essential that these servers are as secure as possible.
However, read the documentation before installing the patch to make sure
that the patch is applicable to your situation. For example, if the patch fixes
a security problem with an SMTP server, there may be no reason to install
this patch on a web server.
In most cases, service packs include all of the software patches that have been
released up to that point. If a software patch does not apply to your environ-
ment, then it is a good practice to not install it until the service pack is released.
This gives more time for people to discover problems with the software
patch. The service pack also contains a variety of patches, all of which have
been tested together rather than individually.

Software Patches 367
Software Patch Installation

Although installing an OS patch is not as significant as installing a totally
new operating system or a service pack, it is still a significant upgrade. Some
of the system files for the OS will be replaced. In most cases, you must also
restart the server after you have applied the patch.
Like service packs, software patches are distributed by the OS manufac-
turer. Because software patches are released on a fairly regular basis, most OS
manufacturers provide some automated method of alerting you when new
patches are released. One option for automated alerts is through e-mail, and
most OS manufacturer websites give you the option of signing up for these
updates. Beginning with Windows 98, Microsoft has included the Windows
Update option on the start menu for all of its operating systems—selecting
this option connects you to the Microsoft websites where you can locate and
install the latest patches. In Windows 2000 and Windows XP, you also have
the option of configuring an automatic notification through the Internet
where you are alerted through a pop-up screen when a new software patch is
available. (See Figure 11.5 for an example of an automatic notification.)
FIGURE 11.5 An automatic notification of software patches in Windows XP

The procedure to deploy a software patch is almost identical to deploying

a service pack:
1. Obtain the software patch.
2. Check the documentation that comes with the software patch release.
Again, you are checking for known issues with the software patch
install.
3. Learn from other people’s experience. Monitor the manufacturer’s
support website and monitor relevant newsgroups for how the
software patch install is working in other environments.
4. Test the software patch in the test lab.
5. Back up your servers. Service pack installs seldom fail, but you must
be prepared for the worst-case scenario.
6. Schedule the downtime.
7. Install the software patch and document the results.
Just as with service packs, you can automate the deployment of software
patches using Active Directory Group Policies, NetWare Z.E.N.works, or
another automated software installation service. The same cautions about
testing, piloting, and managing the deployment apply.
Upgrading Hardware Drivers

U p to this point, this chapter has dealt with software upgrades that
are part of the OS itself. All of these upgrades have actually replaced system
files and have been released by the OS manufacturers.
Another type of software upgrade that you might need to perform is a
hardware driver upgrade. In this case, you are not upgrading part of the OS
but rather you are upgrading the drivers that enable the OS to communicate
with the hardware devices on your computer. While this upgrade may not
appear to be as critical as an OS upgrade, upgrading the drivers is still a
significant procedure. In some cases, installing a new hardware driver can
actually cause serious problems for the OS, including extreme problems such
as not being able to restart the server.

Upgrading Hardware Drivers 369
Many of the same issues apply when upgrading the hardware drivers as
those that applied to working with service packs or OS patches. The first
question that you need to ask is whether you need to install all of the latest
drivers as soon as they come out. Just like OS patches, driver updates are
usually designed to address one or more small bugs that have been located in
the drivers. The documentation that is included with the drivers usually
clearly identifies the bugs that are fixed in the upgrade so you can decide
whether the update applies to your situation.
In some cases, you have little choice about installing the latest drivers for a
particular piece of hardware. When you place a support call to the hardware
manufacturer regarding a problem with their hardware, one of the first ques-
tions they ask is if you have installed the latest driver. If you haven’t, they will
often tell you to install the latest driver and then call back if the problem
persists.
Acquiring and Installing New Drivers

The hardware drivers are produced and maintained by the hardware man-
ufacturers. All hardware manufacturers include a section on their websites
where you can go to locate the drivers that you need and download the
latest drivers. (See Figure 11.6 for an example of one of these sites.) In most
cases, the drivers that you download from the website come as compressed
files that you must decompress before you can use them.
One of the crucial issues that you need to think about when download-
ing a driver is whether the driver has been tested with the OS that you are
using. One important reason why operating systems can become unstable
is because of incompatible hardware drivers. Always check the OS manu-
facturer’s website in addition to the hardware manufacturer’s website to
determine if there are any problems with the drivers. Search the support
component of both websites to determine if there are any problems with
the drivers and your OS.

FIGURE 11.6 Downloading drivers from the Compaq website
A second concern when downloading drivers from the Internet is security.

When you download a driver from the Internet, you want to make sure that
the driver has not been tampered with. For example, if an attacker could
emulate the hardware manufacturer’s website, they could include a Trojan
horse application with the hardware driver that sends all of your keystrokes
to an Internet address. To prevent this, driver manufacturers now have the
option to use digital signatures on their drivers so that you will receive a
warning from the OS if the driver has been modified. Unfortunately, digital
signatures haven’t really caught on yet, and you should always use caution
with downloaded drivers.
You can also order the latest drivers on a CD-ROM from the manufacturers.

Upgrading Monitoring and Management Tools 371
If you work in a network environment where there are many different types of
hardware, you will find yourself needing many different hardware drivers. If
you don’t want to have to download the latest drivers every time you need
them, you should develop some way of maintaining a copy of the latest drivers
on your network. Most companies have a central share on a server where they
store all drivers. If you have access to a CD burner, it is also a best practice to
burn a CD-ROM with all of the most popular drivers for your network. Most
drivers are less than 2MB, so you can store many drivers on one CD-ROM.
The procedure for installing hardware drivers is similar to service pack

or software upgrade installs. Again, you must prepare for disaster, which
means testing the driver upgrade and having a rollback plan in place before
you install the new drivers on the production servers. An essential part of
the rollback plan will be having the old drivers available in case the new
drivers fail.
One of the new features in Windows XP and Windows .NET is the driver roll-
back option. These operating systems maintain a copy of the previous drivers
that were installed on the server. If the new driver is causing problems, you
can choose to roll back to the previous driver.
Upgrading Monitoring and

Management Tools
I n addition to upgrading the OS and hardware drivers, you are also
going to be expected to upgrade the other software on the servers, such as
the monitoring and management tools that you are using on the servers.
Chapter 12, “Performance and Hardware Monitoring,” will describe these
tools in detail. In this chapter we are concerned with the process of upgrad-
ing the management tools.
These tools are used to centralize the monitoring and management of
a large number of servers on your network. For example, if you have

500 servers in three data centers, it is almost impossible to closely monitor

each server. You would like to know how each of those servers is performing
but you would have to have many people monitoring them to get a detailed
picture. Even more importantly, you would like to have some way of receiv-
ing alerts if a server is reaching a critical threshold. If a file server is running
out of disk space, you would like to be notified that this is happening before
the situation becomes critical. This is where the monitoring and management
tools can be very effective. Using these tools, you can monitor multiple serv-
ers and configure alerts from multiple servers from one central location.
Most monitoring and management tools have two components: a server
or management component that is usually installed on one or two servers on
your network, and a client component, which can be installed on every
server in your network. The server component is the management station.
This is where you define which servers you want to monitor and what infor-
mation you want to monitor on each server. This is also where you can con-
figure the alerts or notifications that you can use to get an early warning
when a server is reaching a critical threshold. For most of these applications,
the server component includes a data store where the monitoring data col-
lected from the servers is stored. This data is used for long-term trend anal-
ysis. For example, if you have six months’ worth of performance data on all
of your messaging servers, you can use the data to analyze how the flow of
e-mails has changed in your organization over those six months, and then
extrapolate that data to predict future usage. This performance data is usu-
ally stored in a database. Because this database can get quite large, it is often
stored on a separate, dedicated database server.
The client component (also called an agent) is installed on all of the serv-
ers that you want to monitor and manage. The agent essentially follows the
directions given to it by the server component. For example, if you want to
monitor the CPU usage on all of the servers on your network, you would
configure this setting through the management console. The server compo-
nent then informs the agents on all the servers to collect this information.
The agent collects the information for each server and then sends the infor-
mation to the server component. The same process happens when you want
to monitor each server for alerts. Again, you would configure the alert
through the management console, which would configure the agents on each
server to monitor a particular setting and send an alert when the server’s
performance reaches a critical level.

Upgrading Monitoring and Management Tools 373
Upgrading the Server Component

In most cases, upgrading the server component of a monitoring and manage-
ment application is not difficult. These applications almost always provide
an upgrade path so that when you install the new version of the application,
all of the settings and data from the previous version are imported into the
new version.
Many of the same procedures discussed earlier in this chapter still apply
when upgrading these applications. You still need to test the upgrade proce-
dure in a lab to confirm that the upgrade works, and to confirm that the
application configuration and data are available after the upgrade. The con-
figuration information is usually stored with the application, so before start-
ing the upgrade, back up this information. If the data is stored on the same
server as the management program, back up the data as well. If the upgrade
fails, you will want to restore the previous version of the software without
losing the configuration information or the data.
Upgrading the Client Component

Upgrading the client component is usually even easier than upgrading the
server component. Most of the monitoring and management tools provide
automated processes for installing the agents on multiple servers. Often
when the management program is upgraded, you are also given the option to
upgrade all of the agents. If you select this option, then all of the clients can
be upgraded at one time. Most of the time, the upgrade just overwrites the
current client installation, but some applications actually uninstall the older
client first and then install the new client. Because the client itself usually
does not contain any configuration information or data, you do not need to
be concerned with transferring the client settings during the upgrade. Once
the client upgrade is complete, the management program will reconfigure the
clients to monitor the required server components.
Upgrading the client component requires careful testing. If the server
component upgrade fails, then you have lost just the monitoring application.
However, because the agent is installed on all of your production servers, a
failure in the agent upgrade could potentially affect all of your servers. This
means that you need to test the client upgrade thoroughly in your lab.

UPS Upgrades
Another software component that is often installed on your servers is
the UPS software. The UPS software is used to configure the UPS itself. For
example, you might want to configure alerts on the UPS so that you receive
a notification whenever the power goes out, even if the power outage was
just for a short period of time and the servers were not shut down. The UPS
software is also used to gracefully shut down servers in the event of a long
power outage that exhausts the UPS’s battery power.
Upgrading the UPS software is similar to upgrading the monitoring tools.
In some cases the software includes a server component that is installed on one
server to manage the UPS and an agent that is installed on each server that is
protected by the UPS. Upgrading the UPS software sometimes requires that
you remove the old version of the software first and then install the new
software. In most cases, however, the new version of the software can be
installed over the old version and all of the settings will be retained.
Upgrading the UPS can also include replacing the batteries or updating
the firmware. If you are upgrading the battery in the UPS, disconnect it
from the power source, disconnect the terminals from the battery, and then
proceed with the replacement. Once the battery has been replaced, it will
need to be charged, so it is a good idea to have a second UPS on hand to
protect your servers from a power outage.
Summary
I n this chapter, you learned about the various software upgrades that
you might need to apply to the servers on your network. The first type of
upgrade, and the most significant, is the operating system upgrade where
your entire OS is replaced with a newer version. When planning an OS
upgrade, the most important question that you need to answer is whether
you want to perform an in-place upgrade or a clean install upgrade. You
learned some of the reasons why you would choose either option, as well as
the procedures for performing both upgrades.
The second type of software upgrade that you learned about was the ser-
vice pack and software patch upgrades. In this case, you are applying fixes
to the operating system rather than performing a complete upgrade of the OS.

Exam Essentials 375
You learned when you should apply the service pack and software patch
upgrades, as well as the procedures for performing the upgrades.
The last major topic covered in this chapter discussed upgrading other
software that is installed on the servers but is not part of the OS. These soft-
ware components include hardware drivers, monitoring and management
tools, and UPS software. While these software upgrades may not directly
affect the OS, they must still be planned and managed carefully.
This chapter completes the major section of this book discussing all of the
different upgrades that you may need to perform on your servers. The next
section of the book focuses on proactive maintenance, or all of the things you
can do to make sure that your network is always available to the clients. The
first chapter in the next section discusses monitoring and management tools
and procedures.
Exam Essentials
Know how to prepare for possible failure when performing any soft-
ware upgrades on your servers. An essential component in any
software upgrade is to do everything you can to insure that the
upgrade will succeed, as well as do everything you can to prepare
for a quick recovery if the upgrade fails.
Know which OS upgrade path is best for a given situation. The clean
install upgrade is the best upgrade option because it has the lowest chance
of failure as well as providing the most stable operating system after the
upgrade.
Understand when you need to install service packs and software updates.
Service packs and software updates are primarily bug and security patches
for the operating system. In most cases, you should install these only if they
affect you or if they are recommended by the OS manufacturer.
Understand the procedure for installing service packs and software
updates. Installing service packs and software updates is easy, however,
you must test the installation to insure that the upgrade works smoothly
and prepare a rollback plan in case the upgrade fails.

Understand the procedures for upgrading hardware drivers, monitoring

and management tools, and UPS software. In most cases, upgrading
these types of software is fairly easy and not as risky as upgrading OS
components. However, you must still prepare for potential failures
through testing and backup.
Key Terms
B efore you take the exam, be certain you are familiar with the follow-
ing terms:
clean install server uptime

digital signature service pack
in-place upgrade software patch

Review Questions
1. Which of the following are advantages to performing an operating
system upgrade as opposed to a clean install?
A. All of the previous configuration settings are lost when you
perform an upgrade.
B. Applications do not have to be reinstalled.
C. All of the configuration settings are upgraded with the operating

system.
D. Server downtime is minimized.
2. You are deciding whether to perform an upgrade of your server oper-

ating system or a clean install. Your network administrator has told
you to clean up the server and that server downtime must be minimal.
What would be the recommended way to proceed?
A. Format the server and perform a clean install.
B. Perform an operating system upgrade.
C. Install the operating system on a second server and move resources

to the new server. Then perform a clean install.
D. Install the operating system on a second server and move resources
to the new server. Then perform an upgrade of the operating
system.
3. What is one of the first things you should do before upgrading or

installing a new operating system on a server?
A. Format the hard disks.
B. Document the current server configuration.

C. Take the server off the network.
D. Back up the server.

4. What are service packs?
A. Bug fixes for operating systems
B. Upgraded hardware drivers
C. New versions of operating systems

D. Fixes for computer applications
5. Your network administrator is planning on performing an in-place

operating system upgrade to one of your network servers. During the
past few months you have been experiencing problems with the server
and your network administrator feels that this will fix any existing
problems. You want him to move the server’s resources to another
network server and perform a clean install. What are some of the
disadvantages to performing an upgrade that you could convey?
A. Any existing configuration settings that are problematic will be
migrated.
B. It will take considerably longer to perform an upgrade as opposed
to a clean install.
C. The server’s resources will be unavailable during the upgrade.
D. An upgrade will allow you to reconfigure the server’s settings.
6. What are software patches?
A. Quick fixes to solve a particular software problem
B. Firmware updates for hardware
C. Fixes for a list of operating system problems

D. Feature-rich enhancements for an operating system
7. Which of the following steps are you least likely to perform before
beginning an upgrade of an operating system?
A. Test for application compatibility.
B. Verify hardware compatibility.

C. Test the upgrade in a controlled environment.
D. Document the server’s configuration settings.

8. You have performed a full backup of your server and developed a roll-
back plan. Before doing the upgrade in the production environment,
what should you do first?
A. Notify users that the server will be offline.
B. Test the upgrade plan in a test environment.
C. Move the resources to another network server.
D. Document the server’s configuration.
9. What is a group of operating fixes that can be applied at once

known as?
A. Software patch
B. Service fix
C. Service pack
D. Software fix
10. Which of the following tasks should you do before installing a

new driver?
A. Perform a full system backup.
B. Establish a rollback plan.
C. Ensure the driver is compatible with the operating system.
D. Ensure you have a copy of the old drivers.
11. When should you install a service pack?
A. As soon as it is released.
B. When it will fix a known bug.
C. To take advantage of new features.
D. Service packs should never be installed.
12. Before proceeding with a service pack update on your server, what
tasks should be performed?

A. Back up the server.
B. Document the server settings.
C. Make sure you have the correct updates.
D. Review the documentation.
13. What steps need to be completed when replacing a battery in a UPS?
A. Shut down your servers.
B. Disconnect the battery from the terminals.

C. Disconnect the UPS from the power source.
D. Notify users that the UPS is being upgraded.
14. IBM has just released a collection of software patches. What type of
patch will you apply?
A. FixPak
B. Service pack
C. Consolidated Support Pack
D. Software pack
15. In terms of new drivers, what is a digital signature used for?
A. It verifies that the driver will work with your operating system.
B. It verifies that the driver has not been modified.
C. It verifies that the driver has been successfully installed.

D. It identifies the creator of the driver.
16. You are upgrading the server component of your network manage-
ment software. Before proceeding with the upgrade, what tasks should
be completed?
A. Back up the application data.
B. Uninstall the existing management software.
C. Uninstall the client component.

D. Shut down the server.

17. Once you have tested an upgrade plan in a controlled environment

and are ready to do the upgrade in the production environment, what
should you do before you take a server and its resources offline?
A. Forcibly disconnect users from the server.
B. Notify users of the server downtime.
C. Disconnect clients from the network.
D. Unplug the server.
18. Novell has just released a collection of fixes. What type of patch will
you be applying?
A. Service patch
B. FixPak
C. Consolidated Support Pack
D. Service pack
19. What are some of the disadvantages to performing a clean install of an

operating system as opposed to upgrading?
A. Applications must be reinstalled.
B. Data must be restored.
C. Settings are migrated.
D. Client applications may need to be modified.
20. You are installing Windows 2000 Server as an upgrade to Win-

dows NT 4 Server. During the hardware detection phase, the machine
mysteriously reboots. You start the upgrade again, and again the sys-
tem reboots during the hardware detection phase. What is the most
likely cause of the problem?
A. You have a bad copy of the Windows 2000 Server CD.
B. The UPS needs to be disconnected from the server.
C. The hard drive needs to be replaced in the server.

D. Instead of performing an upgrade, you should wipe the system out
and perform a clean install of Windows 2000 Server.


1. B, C. Two advantages of performing an operating system upgrade
are that the server configuration settings are migrated and that appli-
cations do not need to be reinstalled. Server downtime is not minimized
because the server is unavailable during the upgrade.
2. C. Performing an upgrade would migrate all the server’s configura-
tion settings—you want to clean up the server so you will want to
perform a clean install instead. In order to minimize server downtime,
you should install the operating system on a second server and move
all resources to it, making the second server available to users. Then
perform a clean installation on the original server.
3. D. Before making any changes to a server, including upgrading or
installing a new operating system, the first thing you should do is
perform a full backup.
4. A. Service packs contain fixes for bugs that are found in operating
systems.
5. A, C. Performing an upgrade will not allow you to reconfigure the
server’s settings, so any settings that may have been problematic will be
migrated with the upgrade. Performing an upgrade also means that the
server’s resources are unavailable during this time.
6. A. A software patch is a quick fix for a reported bug or security
glitch. A patch is not as extensive as a service pack. Software patches
are usually released every few weeks.
7. D. Although it is a good idea, documenting the server’s configuration
settings is the least likely step for you to perform since all the settings
are migrated during the upgrade.
8. B. Before you go ahead with the upgrade in the production environ-
ment, you should first perform the upgrade in a test environment.
9. C. Service packs are a group of operating system fixes. Software
patches usually contain quick fixes for a particular bug.
10. A, B, C, D. All of the steps outlined should be performed before
installing a new driver.

11. B, C. Not every service pack released needs to be installed. A service

pack should be installed when it will address a known bug with the
operating system or when you want to take advantage of new features.
12. A, C, D. Making any changes to a server means first performing a
full backup of the system. Before applying the service pack make sure
you have the correct updates and review the documentation that
comes with it.
13. B, C. When replacing the battery in a UPS, make sure the UPS is dis-
connected from the power source and the battery itself has been
disconnected from the terminals.
14. A. IBM refers to a collection of software patches as a FixPak.
15. B. The digital signature is used for security purposes and verifies that
the driver has not been modified.
16. A. Before upgrading the server component of the management soft-
ware, make sure the application data is backed up so it can be restored
in case the upgrade is unsuccessful.
17. B. Before actually taking the server offline, notify users of the outage
so they have sufficient time to save their work and disconnect from
any server resources.
18. C. Novell refers to their collection of fixes as a Consolidated Support
Pack.
19. A, B, D. If you are performing a clean install, any applications that
were running on the server will have to be reinstalled and reconfig-
ured. Data will need to be restored. Client applications may need to
be reconfigured.
20. B. During the installation of Windows NT and Windows 2000, the
operating system will check the serial ports for serial mice. The sig-
nal that the OS sends out can be interpreted by some UPS devices as
a shutdown signal. The UPS will shut down the server. To alleviate
this problem, disconnect the UPS from the serial port.

Proactive PART
Maintenance
V

Chapter Performance and
Hardware Monitoring
THIS CHAPTER:
2.7 Install service tools (SNMP, backup software, system

monitoring agents, event logs, etc.)
4.3 Set SNMP thresholds

M onitoring hardware should be a regular routine that you
get into. Server hardware operates on a constant cycle with no rest. Varying
levels of stress are placed on servers as the workday evolves. This stress takes
on different forms as the day progresses also. In the morning large numbers
of clients may check and send e-mail. This places stress on the Internet access
and resources related to the Internet hardware. As the day progresses the
stress load may turn to printing or database access. Monitoring hardware
and its various stresses is an important element to successful daily server
operations.
Monitoring
Before setting up baselines, performance, and hardware monitoring,
you must first understand what monitoring is, why you should monitor, and
what to monitor. Unless you understand the reason behind a task, and the
expected outcome, you are wasting your time. Monitoring is used to watch
system performance, as well as assist with determining the MTBF (mean
time between failures). If we consider the server as one whole component,
the MTBF will be reliant on the proper operation of each individual compo-
nent. Should one component or software application stop responding, then
a failure will be recorded. The importance of keeping track of MTBF
becomes evident over the lifetime of the server. Trends in product life spans
can be determined to best match components within your server environ-
ment. Normally MTBF is used to track useful life period of hardware com-
ponents such as hard drives. Within a server, hard disks are working in a
stressful pace. Multiple client requests and RAID implementation often
will push hard disks to their limits. Unfortunately, each server’s operating

Monitoring 389
environment and stress loads create unique situations for each hard disk.
A hard disk that operates well in one situation may not in another. Manu-
facturers will often quote MTBF for their hard drives. This information
should be taken in context because your implementation will be different
and therefore your results can and often will be different.
What Is Monitoring?
Monitoring is the process of watching the effects and outcomes of a com-
puter’s actions. This can include hardware, software, and resources. For
example, monitoring resources will allow you to get a clear understanding on
how the computer is using (or not using) resources during its daily operations.
Monitoring is not a one-time task. It should occur on a regular basis and over
a period of time so you can see how the server will perform during all the tasks
that it faces. This will include all the varying stress loads (users, Internet,
extranet, remote access, backups) and situations that the server will face.
Why Monitor?
Through the process of monitoring you are ultimately looking for trends
in server behavior. Is there a time when the server seems to be performing
poorly? What is happening during this time that could be a reason for
this poor performance? What is causing this performance problem? On
the other side of the coin there may be times when the server is performing
extremely well. Documenting the server settings (including resources used
and where) will assist you in creating a baseline. A baseline describes
initial server performance and provides a standard against which you can
compare future performance. Creating a baseline will involve assessing
server performance over a period of time. Based on the varying stress
loads, an expected level of performance, or adjusted baseline, can be
determined.
How to Monitor
Finally a decision must be made on how to monitor. Not only will this
require setting up monitoring times but it will also require deciding on
what monitoring software and resources you will use. There are a multitude
of different monitoring tools available. Some software is included with

390 Chapter 12 Performance and Hardware Monitoring
network operating systems, but other third-party software is also available.

Which to choose will depend on the complexity of the monitoring required,
the operating system, and the desired result. Some of the advanced moni-
toring software will take aggressive action should performance dip below a
baseline. Other software will only record the dip in performance in a log
file. The different options available as monitoring tools will be discussed in
detail later in this chapter.
Third-Party Monitoring
On the store shelves and the Internet are a multitude of third-party utility
programs that will provide hardware monitoring. Norton Systemworks,
and Norton Utilities, for example, will monitor system performance, as well
as data received from the SMART utility (explained below under the “Hard
Disks” section). Unfortunately, using a third-party program can lead to
other issues such as compatibility with operating systems and installed soft-
ware. Running these programs creates even more stress on the resources that
are being monitored!
What to Monitor
Deciding what to monitor will vary depending on the server’s role within the
network environment. For example, if the server’s primary role is a print
server, then monitoring would include the print service, print queue, as well
as the network connection used to give access to the print server.
Generally monitoring involves carefully watching a few key areas within
the server itself, including processor performance, hard disks, memory usage,
and resource usage. These key elements not only provide a core by which
the server operates but also support software and operations for the entire
network.
Processor Performance
Processor performance is obviously a key area of server operation. If the pro-
cessor is taxed to the point that it cannot run programs, even the operating
system will begin to suffer. This can result in an operating system crash or
software failure. At best it will result in an extremely slow operation. Pro-
cessors for high-performance servers generally are unique in their cache size as
well as general structure. As you remember from Chapter 3, “Motherboards

Monitoring 391
and Processors,” there are several server-specific processors, such as the Intel
Xeon and Itanium, or the AMD MP processors. Even with these specialty
processors, problems stemming from too much workload can grind the sys-
tem to a stop. Performance monitoring for the processor will assist in watch-
ing for this trend and dealing with it before it becomes a serious problem.
Monitoring a processor is done through software utilities. Manufacturers
for motherboards also provide monitoring tools that will watch mother-
board performance, including processor voltages and fan speeds. Most pro-
cessor monitoring is done through the use of network operating system
utilities (covered later in this chapter).
New Server Upgrade
When I started my last job, I walked into a room full of new Dell computers
and a shiny new Dell server. The hardware (including the network) was com-
pletely brand new and installed. One month into running the new equipment
we realized that the database-style software used to deliver programs to the
desktop computers was literally killing the server. Performance on the client
side would regularly grind to a halt and even freeze. This would result in lost
data and time. After confirming that the problem was not client-side, I turned
my attention server-side. After running some performance tests I realized
that when the database program was started, the processor utilization would
max out at 100 percent. The memory usage would also reach 100 percent.
The server was using all of its power to run the database program, leaving
none to do anything else. Unfortunately this server was also responsible
for the Internet, e-mail, authentication, file sharing, and printing, but when-
ever the need for another of these services arose, the server would run out of
free resources and lock up.
The solution was painfully evident. The server was underpowered. Through
performance monitoring I was able to determine that the server required
more RAM and a secondary processor. This was painful for the company
because this was a new server. Had the people responsible for ordering that
server better understood the software demands, they might have made a
better choice.

Hard Disk Monitoring

Hard disks contain moving parts. With moving parts comes wear and tear.
Whether it is the tires on a car or the hinges on a door, everything that faces
constant movement eventually wears out and fails. Every time power is
applied to a hard disk, the platters spin up to their set RPM. This process
creates a cushion of air that then lifts up the read/write heads off of the sur-
face of the platter. When the power is shut down, the air cushion is lost and
the heads fall back down to rest on the platters. Normally the heads come to
rest on a specific area called the landing zone. The landing zone is used so the
head will not land on a section of the hard disk that has information stored
on it. However, every time that this start/stop cycle occurs, some wear is
applied to the platters. Normally a hard disk will have a minimum of 30,000
to 50,000 start/stop cycles in its lifetime.
If you charted a hard disk’s service life, the chart would normally indicate
an inverse bell curve: a large number of infant (or new) disk failures, very few
failures in drives that are a couple of years old, and an increase in failures in
drives that are over five years old. With the multitude of moving parts and
the delicate nature of data-storing mechanisms involved, hard disks are nor-
mally expected to last five to seven years. Disks commonly last over seven
years, but in server environments they undergo an incredible amount of
stress (especially in file and database servers).
Several tools are available to help you determine—before catastrophic
data loss—that a disk needs replacement. Using performance and hardware
monitors in assessing your hard disks is not only a good idea but also a must.
Most hard disk manufacturers provide software and firmware updates to
support disk monitoring and assessing. This diagnostic software will allow
you to test and diagnose potential problems with the drives. Most of the
diagnostic software is used through the medium of a boot disk. Once the
software is downloaded from the manufacturer’s website, it is executed and
will create a boot disk containing the disk diagnostics. The computer is then
restarted with the diagnostic software, which will perform tests on the drive.
Figure 12.1 is a screen shot of Fujitsu hard disk drive diagnostics.
Use the diagnostics provided by your disk manufacturer. Attempting to use a

diagnostic program from one manufacturer on a disk from a different manu-
facturer could result in lost data or damage to the drive.

Monitoring 393
FIGURE 12.1 Fujitsu hard disk drive diagnostics
SMART Disks
Beyond diagnostic tools, manufacturers are now incorporating logic into
drives that will constantly monitor the disk and act as an early warning
system against disk failure or damage. This tool is called Self-Monitoring
Analysis and Reporting Technology, or SMART. Available on IDE hard
disks, this feature is integrated into the hard disk’s controller and uses sen-
sors to monitor the disk. In order for the feature to work, you must also have
a BIOS that supports the SMART disk feature. SMART evolved from an
IBM initiative called Predictive Failure Analysis (PFA). Both SMART and
PFA are based around the concept that early warning signs of disk failure can
be found and reported before the disk fails. This will give the administrator
enough time to locate a suitable replacement and copy the data from the
failing drive. Unfortunately not all failures are slow progressions that
the SMART or PFA technology will pick up on. A chip failure, for example,
will be a sudden failure that will occur without warning. This would not be
caught by the SMART or PFA utilities.
Memory Monitoring
With the price of RAM at an all-time low, out-of-memory errors and memory
performance issues are happening less and less. Servers are containing more
memory as motherboard manufacturers develop boards that now support
gigabytes of RAM. Memory usage should still be monitored. This will ensure

that as new software is installed the server will continue to perform its tasks
as well as cope with the stress of operating the new software.
RAM errors fall into two categories: hard and soft. Hard errors are per-
manent physical damage to a RAM module (commonly a damaged chip, or
stuck bit that is returning the same value every time). Hard errors, once they
happen, will continue to happen until the RAM is replaced. Soft errors are
more sporadic. In a soft error, a problem will occur and then vanish for a
period of time. As a result, soft errors are more difficult to diagnose, and they
are more common than hard errors. Soft errors result from failing RAM,
ESD, or RAM that is poorly matched to the motherboard. Dealing with
diagnosing RAM issues is a serious matter. If RAM fails, the system will
suddenly come to a halt. Damage to software and operating systems that
were running is a serious concern.
Traditionally RAM was created in a non-parity format. This means that
there is one bit of RAM memory for each bit of data that will be stored in
RAM. Therefore eight bits of RAM will store eight bits of data. Parity RAM
contains an extra bit of RAM that is not used for data storage but rather for
error checking. Parity checking is a rudimentary method of detecting simple,
single-bit errors in a memory system. It in fact has been present in PCs since
the original IBM PC in 1981, and until the early 1990s was used in every PC.
In order for parity checking to work, the BIOS must support parity RAM
and have the feature enabled. A newer method of error checking, called ECC
(error correcting circuits), began with the Pentium class of computers. Parity
checking provided single-bit error detection for the system memory, but did
not handle multi-bit errors and provided no means to correct memory errors.
ECC will detect both single-bit and multi-bit errors, as well as attempt to
correct single-bit errors. Like parity checking, ECC requires a setting in the
BIOS program to be enabled.
Resource Monitoring
Resources within the server are the last key area of monitoring. Resources fall
under the category of IRQ (interrupt request lines), DMA (direct memory
access), and I/O (input/output channels). All of these are general system
resources that are used by every computer. Servers face more stress in resource
management because they implement other network-based programs that
can be, and often are, simultaneously accessed by other computers on the
network. In earlier times of computing, MS-DOS included a program called
MSD (Microsoft System Diagnostics). This simple utility would show which

SNMP 395
resources were free and which were in use. At a time when expansion cards
were configured manually through the use of jumpers, this was a valuable
tool. Modern computers and servers have moved away from manual resource
management and ISA cards to BIOS-controlled resources. At times though,
resources are still shared among numerous devices. Being able to monitor this
sharing and potential problems resulting from shared resources is a must.
Figure 12.2 is a screen shot from Windows 2000 Computer Management
showing the Conflicts/Sharing monitor under Hardware Resources. Notice
how you can view the shared resources.
FIGURE 12.2 Windows 2000 Conflicts/Sharing monitor
The Hardware Resources monitor also allows you to view the DMA,
IRQ, Forced Hardware, Memory, and I/O information. We will look closer
at the Computer Management feature later in this chapter.
SNMP
S imple Network Management Protocol (SNMP) is a network manage-
ment specification developed by the Internet Engineering Task Force (IETF),
a subsidiary group of the Internet Activities Board (IAB), in the mid 1980s to

provide standard, simplified, and extensible management of LAN-based

internetworking products such as hubs, bridges, and routers. As you found
out in Chapter 8, “TCP/IP,” SNMP is part of the TCP/IP suite. If you want to
use SNMP, you must be running TCP/IP. SNMP was designed to reduce the
complexity of network management and minimize the amount of resources
required to support it. SNMP provides for centralized, robust, interoperable
network management, along with the flexibility to allow for the management
of vendor-specific information.
Benefits of SNMP include simplicity of implementation. Being part of the
protocol suite, it is easy to install and use. It also does not require large com-
putational or memory resources from the devices that do accommodate it.
This limits the use of system resources to manage network devices.
SNMP however does have some drawbacks. The performance impact on
the network being managed should be considered when using the polling
scheme that SNMP relies on for collecting information from distributed
agents. A higher frequency of polling, which may be required to manage a
network effectively, will increase the overhead on a network, possibly
resulting in a need for additional networking or processor resources. Band-
width can suffer as a result of using SNMP. The frequency of polling can be
controlled by the SNMP manager, but can be dependent on what kind of
messages (generic or enterprise-specific) a device vendor supports. Many
vendors offer generic trap messages on their devices rather than enterprise-
specific messages, because that approach is easier and takes less time for the
vendor to implement. Devices that provide only generic trap information
must be polled frequently to obtain the granularity of information to man-
age the device effectively.
CMIP
C ommon Management Information Protocol (CMIP) may be a better
alternative than SNMP for large, complex networks or security-critical net-
works. CMIP is similar to SNMP and was developed to address SNMP’s
problems. However, CMIP takes significantly more system resources than
SNMP, is difficult to program, and is designed to run on the ISO protocol
stack.

Performance Monitoring 397
The best feature in CMIP is that an agent can perform tasks or trigger
events based upon the value of a variable or a specific condition. For example,
when a computer cannot communicate with the network print server, an
event can be generated to notify the administrator. With SNMP, a notifica-
tion alert would have to be performed by a user, because an SNMP agent does
not analyze information.
Performance Monitoring
O bjective assessment is based on logical analysis and benchmarking.
In this form of assessment, specific tools are used to accurately measure per-
formance of a hardware component. Usually benchmarking is the preferred
means of assessing hardware performance. An example would be taking two
comparable hard disks and installing them in identical computers. Tests
based on software usage and access time can then be gathered and compared.
Since the disks are installed in identical computers, any noticed differences
must be as a result of the different disks because that is the only variable.
There are many different programs that are used to benchmark hardware.
High-Level Benchmarks These are programs that use code from popu-
lar application software such as web browsers and office suite programs.
The idea is to create the stress that standard users would normally create
if they were using the hardware. Hardware performance is then measured
under these common stresses.
Low-Level Benchmarks This type of benchmarking attempts to isolate
the component directly and remove any extraneous interference (such
as the OS). This type of testing is sometimes discounted by vendors
because it does not simulate normal computer use.
Real-World Benchmarks This type of benchmark can be performed
outside the lab, often by enthusiasts rather than engineers. For example,
someone might install several CD-ROM drives in one computer and then
measure how long it takes to install a popular game using each drive
in turn. The performance of each drive would then be compared and
published.

Regardless of the method used to perform the benchmark, you need to

remind yourself that the performance that was achieved might not be what
you achieve. Even if you had an identical computer, your software and envi-
ronmental considerations (heat and humidity, for example) will play a role
in how your hardware performs.
Caveat Emptor
I have seen several computer technicians fall into the trap of purchasing com-
ponents based on subjective performance and opinions. The worst place to
get caught up in these situations is at computer fairs. Manufacturers are at
these trade shows with equipment set up and running. Of course they are
connecting the equipment to the best computer components that money can
buy. The video card they are demonstrating looks fantastic. It will play the
latest games with no slowdowns. However, what are the other factors that
are influencing that performance? What processor and RAM are installed?
Always look for concrete facts on benchmarking of the product. Try to locate
information from unbiased sources. You can bet that the manufacturer’s
literature will not have anything negative to say about their product.
Network Operating System Utilities

NOS performance monitoring software overlaps with the monitoring
discussed earlier. Hardware and performance are closely related and the
programs that monitor hardware often monitor system performance as
well. Performance is a measure of how well the system is doing its tasks.
A subjective approach would be to go by the feel of things. “The computer
is doing fine because I don’t sense a change in performance.” This may be
fine in a desktop environment, but when there are numerous clients access-
ing a server and they feel differently about the performance, the subjective
method does not work very well. The objective approach to performance
monitoring is through the use of software programs that will monitor
the server’s performance as it relates to the daily routines and tasks that it
must perform. Traditionally third-party software was the product of
choice due to its advanced features and capabilities; however, new network

operating systems from Microsoft, Novell, and Unix vendors have provided
performance-monitoring software that is as capable if not better than many
third-party providers.
NetWare
Novell implements several software programs that will assist in monitoring
system performance as well as in locating potential problem areas. Network
management software such as ManageWise and NetWare Management Por-
tal are used to monitor system and network performance. Novell also offers
the Monitor program (which comes free as a part of NetWare). The Monitor
program acts as an interface for the administration of the server from a
remote console.
ManageWise
ManageWise consists of a server component and a console component. (This
follows along with the Novell structure of remotely maintaining and admin-
istering a NetWare server). ManageWise includes several components that
are installed on the server: The server half of ManageWise includes the
following pieces:
NetWare Management Agent 1.6
NetWare LANalyzer Agent 1.0
The server components of LANDesk Virus Protect 2.1
The server components of LANDesk Manager 1.51
The Net Explorer component of NMS 2.0
Once installed, ManageWise provides several different management
services. Server problems are automatically detected, and notification is sent
to the ManageWise console, as well as to any other SNMP management
program that the server is configured to report to. ManageWise also allows
you to monitor and view key areas of server performance including available
cache memory, CPU utilization, and disk usage.
In addition to detecting server issues, ManageWise will also monitor and
detect network problems including analysis right down to the individual
packet level. ManageWise can capture and decode packets, and track what

applications are doing on the network. ManageWise will also monitor net-
work usage and performance. This will allow you to determine how growth
is affecting the network, and avoid possible problems such as those discussed
in the “New Server Upgrade” section above.
ManageWise also protects the network from viruses, on both workstations
and servers. Workstations are automatically scanned for viruses when they
are powered on, and again when they log into the network. ManageWise
also scans every file when it’s opened or closed, and immediately notifies the
network administrator if it detects a virus. Infected files are automatically
quarantined until the network administrator decides what to do with it.
Finally, ManageWise creates an inventory on both hardware and software
for each workstation, and stores it in a database. This database is distributed
across all the servers on the network, each storing the information for their
local workstations. When the administrator, at a ManageWise console, asks
for inventory information on a particular device, the ManageWise console
automatically queries that device, determines where its inventory information
is stored, and retrieves the information. Having information on network hard-
ware and software inventory can help you plan future upgrades.
The console part of ManageWise includes the NetWare Management Sys-
tem 2.0 and the console portions of LANDesk Manager 1.51 and LANDesk
Virus Protect 2.1. All the console pieces are automatically installed by the
ManageWise console install program.
The ManageWise console provides the user interface for all of the services
discussed above. The console is built around a map of the network automat-
ically generated by ManageWise. For instance, to manage a particular work-
station, a ManageWise user simply needs to find the workstation on the map
and then double-click it. This will bring up the Desktop Access window for
that workstation. From there the user will be able to remotely control the
workstation, view its hardware and software inventory data, transfer files to
and from the workstation, and so on, just by clicking the appropriate icon in
the Desktop Access toolbar.
NetWare Management Portal

The NetWare Management Portal allows administrators to manage TCP/IP
based NetWare servers from any web connection on the network. This pro-
vides convenience in management of multiple servers. If you had a network,
for example, with several servers distributed throughout the building, the

Management Portal would allow you to assess and monitor these servers
through any computer with an Internet connection and browser. Through
this management tool, administrators can perform a multitude of tasks
including:
Modify and view configuration parameters
Load and unload NLMs (NetWare Loadable Modules)
Start and stop server processes
Check the way server memory is used
View and change registry settings
View and clear server connections
Set parameters for network interface cards, drivers, and disks
View the status of certain processes
Manage disk volume information
Compress large files
Change the attributes of volumes and files
Manage the file system
More information on Novell’s ManageWise, Management Portal, and Monitor

are available at www.novell.com.
Unix
As mentioned earlier in this book, there are a multitude of Unix flavors. Each
flavor has noticeable differences and tweaks that make it suitable for a
specific application. With Unix operating systems being created with open
source code, third-party software is abundant. Monitoring and performance
assessment software are available from a variety of vendors. We will take a
look at a few of the more common utility programs.

Ntop
The ntop tool shows network usage, and was designed to run on most Unix
based operating systems (including Linux). Ntop software will analyze net-
work data traffic and provide the following functions:
Sort network traffic according to protocols
Show network traffic sorted according to various criteria
Display traffic statistics
Show IP traffic distribution among various protocols
Analyze IP traffic and sort the analysis according to the source/
destination
Display IP traffic subnet matrix
The ntop utility will run on fiber, token ring, and Ethernet networks. It
will also work over various protocols including IP, IPX, DecNet, AppleTalk,
Net BIOS, OSI, and DLC. Figure 12.3 is a screen shot from ntop. Notice the
pie chart comparing the types of network traffic.
FIGURE 12.3 The Unix based ntop utility displays global traffic statistics

HardDrake Project
The HardDrake Project is a software program that makes configuration
of hardware in Linux easier. It provides hardware detection through the
use of a hardware detect library. It is run through a simple GUI and supports
Ethernet and sounds cards. If you have used Linux before, you are well aware
of the difficulty that can arise in installing hardware. The HardDrake Project
helps alleviate this issue. Figure 12.4 is a screen shot from HardDrake.
FIGURE 12.4 HardDrake Project aids hardware configuration on a Linux-based server
KHealthCare
KHealthCare is a hardware-monitoring program that was designed for
Linux. It helps to predict possible hardware failures by using hardware mon-
itoring sensors and chips located on most modern motherboards. Most of
the ATX motherboards sold today support direct connection to fans and the
power supply. Through this means the motherboard controls fan RPMs
through voltages. The administrator sets threshold limits on items such as
fan RPMs, temperatures, and voltages. If a threshold is breached, an alert
can be sent to the administrator or KHealthCare can also be programmed to
automatically shut down the server. Figures 12.5, 12.6, and 12.7 are screen
shots from KHealthCare.

FIGURE 12.5 KHealthCare General tab
FIGURE 12.6 KHealthCare Monitoring tab

FIGURE 12.7 KHealthCare Temp Sensors tab
Lm-Sensors
The lm-Sensors monitor can monitor the hardware health of a Linux system.
Much like the KHealthCare program, lm-Sensors must be run on a
system that supports hardware monitoring.
Big Brother
Big Brother is a bit different than the other monitoring programs discussed. Big
Brother actually collects information that is broadcast from other systems to
a central location. At the same time Big Brother also polls connected systems
over the network. This process creates a redundant method of monitoring sys-
tem performances over a network. A colorful web-based GUI is used to help
decipher the information coming in. Simplicity was the focus in creating this
GUI: red is bad and green means all is good. Big Brother is supported on Linux,
Unix, and Windows based operating systems. Figure 12.8 is a screen shot from
the Big Brother program.
Many monitoring and performance assessment utilities are available for Unix
based operating systems. For more information go to www.linux.org/apps/
index.html.

FIGURE 12.8 In a Big Brother screen, green is good
Windows
The System Monitor has always been Microsoft’s primary tool for measur-
ing and monitoring system performance. The System Monitor is located in
the Administrative Tools folder under Performance. Figure 12.9 is a screen
shot from Windows 2000.
FIGURE 12.9 Windows 2000 Performance screen highlighting its System Monitor

The System Monitor is based around the use of counters. Counters are the
measurable values that are assessed. These values are selected by clicking
on the add (+) button located at the top of the System Monitor. A list of
counters is then displayed, as seen in Figure 12.10.
FIGURE 12.10 Selecting counters in the Windows 2000 System Monitor
If you are unsure of the counter’s significance, then the Explain button
will give you more information on what the counter will actually measure.
The real excitement comes when you add more than one counter. By adding
multiple counters, data can be compared between the counters. Is there a
trend in performance degeneration? Do the interrupts per second influence
the processor usage time? By collecting and analyzing data from multiple
counters at one time, you can establish trends in performance and system
behavior. As you see in Figure 12.11, three different counters are running
at one time.

FIGURE 12.11 Windows 2000 System Monitor running three different counters
Performance data does not have to be analyzed in real time. Logs can be
generated over a period of time and then analyzed at a later time. This will
help you learn the trends of the network and resource traffic that your server
is facing on a daily basis. It becomes clear that there are specific trends in
behavior of the clients that access the server. If your server is providing mul-
tiple services rather than being dedicated to one task, then you can determine
the performance for each task and make a careful decision on the need for
upgrading. For example it is common to find that the server is hit hard
for e-mail requests first thing in the morning as everyone arrives at work and
checks their email. Later in the day that stress load may switch over to print
requests or database requests. How are these stresses handled by the server?
Log files can become extremely large. Make sure that you have plenty of hard
disk space to accommodate the file. It is advisable to run the log file for a brief
period (such as 10 minutes). Stop the log, and check its size. This number can
then be used to calculate the probable total size of your log file based on the
length of time that you were hoping to collect data for.

When collecting data you need to be conscious of the fact that your mon-
itoring activities are actually increasing the load. Depending on the server’s
power (RAM and processor specifically), your results may be affected
significantly.
Hardware Sensor Monitor

Much like the Unix operating systems, Windows network operating sys-
tems have numerous third-party programs that will monitor hardware and
system performance. The Hardware Sensor monitor (also called Hmonitor)
is a shareware program based on motherboards that support monitoring
through sensors. Hmonitor will monitor temperatures, fans, voltages, CPU,
and thermo controls. It will also provide logs of performance over a period
of time. Figures 12.12 and 12.13 are screen shots from the Hardware Sen-
sor monitor. This program supports Windows 9X, Me, NT, 2000, and XP.
FIGURE 12.12 Hmonitor screen showing temperature settings
FIGURE 12.13 Hmonitor screen showing thermal throttle control settings

Remote Notification
Because most servers are secured in a safe environment, they often go
for extended periods of time without being checked on. Many servers also
have the keyboard, monitor, and mouse removed to prevent unwanted
access or tampering. With this limited contact, servers need a means of estab-
lishing communication with the network administrator should a problem
arise. Throughout this chapter we have identified and explored various
means of monitoring and identifying problems related to both hardware and
performance. Identification of these potential problems is no good if the
information is not received by the administrator in time to take proactive
measures. This is where remote notification comes in. Whether it is notifica-
tion of a potential virus, power loss and UPS takeover, hardware problems,
or performance issues, remote notification is an important component of
server operations. Even in an environment where there are limited numbers
of users and only one server operating, remote notification will ensure that
you know as soon as possible that there is a concern with the server. Unfor-
tunately this then places you on a 24-hour standby with the server. The
benefit of a remote notification is that if something like a fan fails on a Friday
night, you do not have to worry that the server was operating without the fan
and potentially overheating throughout the entire weekend. If urgent
enough, then you can deal with the issue immediately.
Remote notification can take on many different forms. E-mail alerts are a
common means of notification that something is not right, but are effective
only if you are constantly connected to the e-mail. Remote pager alerts or
phone calls are another option. Pagers fit nicely on your belt or pocket and
can go with you anywhere.
It Will Find You Anywhere!
I had the opportunity to set up a server with remote pager notification. It

really does work well. Part of my job found me one day crawling around in
the attic running lengths of UTP to expand a network. A fan failure in a
server located in another town was able to locate and page me. Since this
was a Friday afternoon, I would have otherwise not known about the fan
failure until Monday morning. By that time, the system could have over-
heated and caused other components to fail.

Summary 411
Other forms of remote notification can occur over a network. Network

paging alerts can be sent that will inform users and or network administra-
tors that the server is experiencing difficulty. Even if the users are not able to
repair the problem, they can at least take precautionary measures to ensure
that they will not lose any valuable data.
Combining remote notification with hardware-monitoring and
performance-monitoring tools will ensure that your server is performing
as expected. Should performance fall below established baselines, you will
be alerted and can take appropriate action to resolve the issue. Unpleasant
surprises are not welcome in the world of server management.
Summary
T his chapter began with an exploration of hardware monitoring.
Monitoring is a key responsibility of the server administrator. Monitoring
involves watching system performance in hope of catching potential failures
before they become a serious problem. Monitoring is also used to extend
the Mean Time Between Failures (MTBF). Monitoring usually involves
watching system resources, processors, RAM, and hard disk performance.
Monitoring can also be used to watch application performance.
Memory monitoring over time will tell you whether the server’s RAM
remains adequate for changing conditions and will also alert you to errors.
Parity is an extra data bit that is used for error checking. Newer forms
of RAM use ECC (error correction code) to monitor errors in RAM. ECC
RAM will also attempt to recover from memory errors. ECC also supports
checking multiple bits rather then just single-bit errors.
Hard disks contain many moving parts, and due to their stressful life,
are commonly the devices that will fail within a server. When a hard disk
is spun up and then powered down, it is called its start/stop cycle. Most
hard disks are guaranteed to live through 30,000 to 50,000 start/stop
cycles. Most hard disk manufacturers provide special diagnostic software
to assess their hard disks’ performance and current operability. These util-
ities can be invaluable in monitoring and assessing your hard disk.
SMART is a new feature that uses sensors combined with your BIOS and
operating system to monitor hard disk performance. SMART technology
evolved from IBM’s Predictive Failure Analysis technology.

Resource monitoring involves watching IRQ, DMA, and I/O perfor-

mance within the server. These resources are used by the server as well as
network-based applications.
We explained that SNMP is part of the TCP/IP protocol suite. It is a man-
agement protocol that is used to assess network performance. CMIP was
created to replace SNMP. Common Management Information Protocol uses
less overhead (system resources) then SNMP and runs more efficiently.
Performance monitoring is based on objective and subjective testing.
Objective testing is based on logical analysis and benchmarking. Bench-
marking falls under three main types: high-level, low-level, and real-world.
High-level benchmarking uses code from popular applications to perform
tests. Low-level benchmarking tries to isolate hardware performance inde-
pendently of other variables. Real-world benchmarking tests performance
using real everyday scenarios. Subjective benchmarking is based more on
user feel and impressions and is viewed as less credible than objective testing.
Network operating system utilities perform assessment and monitoring
of both hardware and system performance. NetWare has ManageWise,
NetWare Management Portal, and the Monitor utility. Unix, with its many
flavors and open source code, has many utilities, including ntop, HardDrake
Project, KHealthCare, lm sensors, and Big Brother. Windows’ primary mon-
itor is part of the System Monitor, which graphically displays Performance
Counters.
Remote notification ties in closely with performance and hardware
monitoring. Through remote notification administrators can be alerted
to potential problems before they result in system or network failure.
Exam Essentials
Know the benefits of monitoring. Monitoring is the process of watch-
ing system resources and hardware to maintain an established baseline
of performance.
Know what a baseline is. Baselines are set standards of expected
performance.

Exam Essentials 413
Know the key areas that are monitored. This include processor, RAM,
resources (IRQ, DMA, I/O) and hard disks.
Know the types of memory error control. Parity is an extra bit used to
check for RAM errors; ECC is error correction code, which can also
attempt to recover from memory errors.
Know what SMART hard disks are. SMART (Self-Monitoring Analysis
and Reporting Technology) monitors hard disks through motherboard
circuits.
Be familiar with MSD. MSD (Microsoft System Diagnostics) is soft-
ware created in the days of DOS that allowed you to assess and view
system resources.
Know what SNMP is. Simple Network Management Protocol is part
of the TCP/IP suite and is used to monitor network performance.
Know what CMIP is. Common Management Information Protocol is
an improvement over SNMP that runs with less overhead.
Be familiar with the different forms of benchmarking. These include
high-level (using code from popular applications), low-level (testing
isolated components), and real-world (using common everyday situations
to test performance).
Know the performance utilities for the three main NOSs. NetWare uses
ManageWise, NetWare Management Portal, and Monitor. Unix/Linux
uses a variety of third-party utilities including ntop, HardDrake Project,
KHealthCare, lm-Sensors-Source, and Big Brother. Windows has relied
on System Monitor but does support third-party software such as
Hmonitor.
Know the benefits of remote notification. Alerting administrators by
e-mail, pager, or network notification will allow for proactive approaches
to dealing with potential problems before they become serious network
failures.

Key Terms
ing terms:
baseline MSD (Microsoft System

Diagnostics)
CMIP (Common Management MTBF (mean time between
Information Protocol) failures)
DMA (direct memory access) parity RAM
ECC (error correcting circuits) performance
I/O (input/output channels) PFA (Predictive Failure Analysis)
IRQ (interrupt request lines) SMART (Self-Monitoring Analysis
and Reporting Technology)
landing zone SNMP (Simple Network
Management Protocol)
ManageWise start/stop cycle
Monitor System Monitor
monitoring

Review Questions
1. What is monitoring used for?
A. Watching system performance

B. Developing a baseline of performance
C. Determining the MTBF

D. All of the above
2. What does MTBF stand for?
A. Mean Time Between Failures
B. Motherboard Terminal Board Format
C. Marginal Temperature Base Figure

D. Monitoring Temperature Before Failure
3. What is commonly monitored within a server? (Choose all that apply.)
A. Hardware
B. Software
C. Resources
D. Peripherals
4. When should monitoring occur?

A. Once a month
B. When performance is falling
C. Regularly
D. On a new server only
5. Through the process of monitoring, ultimately, what are you

looking for?
A. Hardware failure
B. Trends in server behavior

C. Problems
D. Conflicts

6. What is a baseline?
A. A performance standard against which future performance can be

compared
B. Instructions for setting performance levels
C. The low point in performance
D. The high point in expected performance
7. Specific server hardware that is commonly monitored includes which

of the following?
A. Processors
B. Hard drives
C. RAM
D. Expansion card bus speeds
8. Name two categories of RAM errors?
A. Hard and soft
B. ECC and parity
C. SD and EDO
D. Faults and crashes
9. What is parity?
A. A method of error correcting that fixes hard errors

B. An extra bit of data that is used for error detection
C. A type of RAM error

D. A function of the operating system that repairs RAM errors
10. What does ECC stand for?

A. Extra Correction Circuit
B. Expandable Correction Code
C. Error Correcting Circuits

D. Extended Correction Code

11. In the context of hard disk technology, what is the landing zone
used for?
A. It is a location on the hard disk for the read/write head to rest on.
B. It is a location on the hard disk where the read/write head orients

itself with the data.
C. It is the end of the read/write head on a hard drive.
D. It is the location on a hard disk where data is saved.
12. What is the range of start/stop cycles that a hard disk is expected to
survive?
A. 20,000 to 30,000
B. 30,000 to 50,000
C. 50,000 to 60,000
D. 20,000 to 50,000
13. What does SMART stand for?
A. Self-Monitoring And Repair Technology
B. Self-Managing And Reporting Technology
C. Self-Monitoring Analysis and Reporting Technology
D. Self-Managing Analysis and Reporting Technology
14. What does PFA stand for?

A. Performance Failure Analysis
B. Predictive Failure Analysis

C. Preventative Failure Analysis
D. Proactive Failure Assessment
15. Select three resources that are commonly monitored.
A. IRQ
B. DMA
C. I/O
D. ECC

16. What does MSD stand for?
A. Microsoft System Diagnostics
B. Motherboard System Development
C. Microcomputer System Diagnostics

D. Monitoring System Defaults
17. What does SNMP stand for?
A. Selective Network Management Protocol

B. Simple Network Monitoring Protocol
C. Simple Network Management Protocol
D. Simple Network Monitoring Procedures
18. SNMP is part of what protocol suite?

A. IPX/SPX
B. AppleTalk
C. NetBEUI
D. TCP/IP
19. What does CMIP stand for?
A. Common Management Information Protocol
B. Common Monitoring Information Protocol

C. Current Monitoring Information Protocol
D. Current Management Information Protocol
20. What commonly used component of the Windows 2000 OS is used to

monitor system performance?
A. Device Manager
B. System manager
C. System Monitor
D. ManageWise


1. D. Monitoring will provide a means of watching system perfor-
mance, developing a baseline, and determining the MTBF.
2. A. MTBF stands for mean time between failures and is a measure
of the average length of time that a component will operate between
failures.
3. A, B, C. Hardware, software, and resources are commonly moni-
tored within a server.
4. C. Monitoring should occur regularly in order to get a clear under-
standing of performance trends.
5. B. Although monitoring will turn up hardware failures, problems,
and conflicts, you are ideally looking for trends in server behavior to
proactively deal with.
6. A. A baseline is a standard performance level that you can use to help
troubleshoot a problem. By comparing your server’s future perfor-
mance samplings against its baseline, you can identify changes.
7. A, B, C. Processors, RAM, and hard disks are commonly monitored.
8. A. Two RAM fault categories are hard errors and soft errors.
9. B. Parity is an extra bit used to detect errors in RAM.
10. C. Although there are several possible names for ECC, the only
possible answer from among the options is C.
11. A. The landing zone is a position on the hard disk where no data is
saved and the head is allowed to rest.
12. B. Normally a hard disk will support 30,000 to 50,000 start/stop
cycles in its lifetime.
13. C. SMART, or Self-Monitoring Analysis and Reporting Technology,
is a hard disk performance monitoring tool used with IDE drives.
14. B. PFA, or Predictive Failure Analysis, is an IBM initiative designed
to monitor hard disk performance.
15. A, B, C. IRQ, DMA, and I/O are the three resources that are
commonly monitored.

16. A. MSD, or Microsoft System Diagnostics, is an old technology used

in manual resource management in ISA busses.
17. C. SNMP, Simple Network Management Protocol, is used to
monitor network performance.
18. D. SNMP is a component of the TCP/IP suite.
19. A. CMIP, or Common Management Information Protocol, was

created to replace SNMP.
20. C. System Monitor is the common utility in Windows 2000 used to
monitor performance.

Chapter Managing and Securing
the Server Environment
THIS CHAPTER:

5.2 Recognize and report on server room environmental

issues (temperature, humidity/ESD/power surges, back-up
generator/fire suppression/flood considerations)

W hen you consider the amount of information that is
located on servers today, security should be a major consideration when
planning the server environment and network. If a resourceful person
wanted to bring a company to its knees, all they would have to do is destroy
the server. There are numerous precautions that you can take to limit the
possibility of server damage from either natural or human causes.
Chapter 13 explores the concepts of securing the server environment. This
includes environmental and other variables.
Server Room Security

S ecuring a server room takes a lot more planning and effort than most
people realize. Security involves all access to the server including direct and
indirect (network and remote connections such as Internet). Simply locking
a server in a closet is not good enough. People can remotely connect to a
server through a modem or local area connection and cause nearly as much
damage as if they were directly using the server. Planning for a secure server
environment includes physically securing the server hardware and software,
but also securing the system from remote risks.
Securing a Rack-Mounted Server

Rack-mounted servers are easier to secure than tower servers because rack
servers are bolted into the rack. Special bolts can be used to ensure that they
are not easily removed. The entire rack is then secured to the wall and/or
floor. If the location has a concrete floor, all the better! Special concrete
screws can be used to fasten the rack to the floor. It would then be virtually
impossible to move the rack. Besides the server console, other networking

Server Room Security 423
components—including UPS, monitor, keyboard, and mouse—should all

be kept in the server rack. Special trays can be purchased that are used for
supporting the keyboard and monitor. After all components are securely
attached to the rack, a locking door should be attached to the front. This will
ensure that the components are completely hands off. Most racks are located
within a locking cabinet, which provides protection from all sides. Some cab-
inets contain fans and grills for cooling, while others are made out of a metal
mesh that allows air to flow around the server and other installed compo-
nents. It really doesn’t matter what the rack system looks like in the end, as
long as it keeps curious fingers away from the server.
If you have a lot of space or money to spend, the entire rack system can
be kept in a dedicated room for the server. This provides an even higher level
of security because not only can you prevent people from touching the
server, you can prevent them from even getting close to it. A dedicated room
should have ample cooling and ventilation to ensure that the equipment will
not overheat. If you decide to go the route of a dedicated room, it should be
an interior room with no windows. Having your server in a dedicated room
with an outside window gives a thief an easy way to break in and take the
server. Exterior walls also pose the potential for external disasters. I have
seen everything from cars smashing through exterior walls to infestations of
ants nesting in the bottom of the rack. Why take the risk?
Securing a Tower Server

Because of their physical shape and size, tower servers are more difficult
to secure. Larger servers often have options for rack mounting. Special rails
can be purchased through the server manufacturer that adapt the server to a
rack option.
Wheels?
The most ridiculous adaptation that I have seen is a server on wheels. Many
servers were built with wheels on the bottom. I guess the idea was that
when you needed to move the server you could roll it out for maintenance
or other tasks. However, could you make it any easier for thieves? They
could just roll the server out the door!

424 Chapter 13 Managing and Securing the Server Environment
Another way to secure a larger tower server is to bolt it to the floor. Many
of the larger servers do have provision for bolting. However, when you need
to perform server maintenance, will you be required to move the server?
This method may result in a lot of work at a later date.
A dedicated server room is probably the best option to use with a tower
server. Remember that if your business expands and your network requires
a cluster of servers, you will have more than one server to protect. Having a
dedicated server room will allow you to install and place the servers to your
liking within the room. Physical security is then left primarily to the quality
of the lock on the door and to who has keys to it.
Don’t be tempted to set the server up in a closet. I have worked at busi-
nesses where they tucked the server away in a closet or under a cabinet in the
staff kitchen. Not only are these locations insecure, they also do not provide
proper ventilation.
Limiting Server Access

After you have decided on a secure installation method for your server, you
will need to focus on limiting access to it. Regardless of the type of server
(rack or tower) and the method you used to secure it, you will need to decide
who has access to it, when they have access to it, and under what circum-
stances. Limiting server access will begin with deciding on who gets keys. If
your server is in a locking rack or a dedicated server room, who will be
allowed to access it? It is important that there be more than one set of keys,
and more than one person who can access the server, in case the primary per-
son is unavailable. On the other side of the coin you don’t want everyone to
be able to access the server either. You may want to select one or two trust-
worthy people who will hold keys in case you are not available. They should
also be trained in what to do in the event of your absence. These tasks will
include changing backup tapes, basic troubleshooting, and even rebooting
the server.
Simple key access to the server room may not be secure enough for you.
At times the servers and their data will require more advanced security
measures. If you remember back to Chapter 1, “Server Types and Roles,” we
discussed a variety of means of providing physical security through authen-
tication. Biometrics has been used extensively in larger corporations that
require high levels of security. This includes items such as fingerprint iden-
tification, retinal scanning, and voice recognition as a means of identification
and ultimately determining access. Swipe cards and smart cards are also used

Remote Access 425
as a security measure. These cards are preprogrammed and can provide

access to a secure location and also can electronically monitor access.
Another similar means is using a keypad and code system. This method is
not as secure as biometric methods because codes can be stolen or carelessly
shared between employees.
Besides limiting access, you might also want to consider recording
devices to monitor what is actually occurring. Keypad access codes can limit
access to specific individuals, but you are still at the mercy of what they are
doing. If you also have video recording devices installed, you have physical
proof as well as a visual report on what was happening. This can come in
handy if there is a discrepancy between the employee testimony and server
events. Of all the security access methods mentioned (except the good lock),
video recording devices are probably the most affordable.
In small-business environments a signout sheet is often used. This “honor
system” has staff sign out items that they are going to use and then sign them
back in on return. In this environment, security is not a major concern.
Usually the password protection on the server is the only security feature
installed. The level of security that you implement will reflect the environ-
ment that you work in and the potential risks that the server may face.
Remote Access
D irect physical contact is not the only concern when dealing with serv-
ers today. With the ever-growing number of VPN and WAN connections
being used, remote access to the server is a serious area of threat. High-speed
Internet connections can also provide a door in for remote connections as
well as unauthorized access. Careful planning and addressing of security
issues when dealing with remote access is a must.
Remote Access Safeguards

Remote access has been a blessing in many ways. Information that was once
available at the office alone can now be accessed virtually anywhere that you
have a phone or Internet line. Unfortunately this also opens the door for
serious security breaches. Depending on your operating system, you can set
specific limits on remote access. Limits set could include not only allow or
disallow connections, but also the time of connection (both time of day and

duration of connection) and file and folder access; you can also set the OS to
log each connection. If your business has a large number of personnel that
are remotely connecting to the server, implementing these remote access fea-
tures would be a valuable security measure. Authentication at this point is
also critical. Each user logging in to the server remotely should have an indi-
vidual password and user account.
Passwords
Passwords are a strange thing. You were always told when growing up to
pick something that is easy to remember. In computer passwords, choosing
something that is “easy to remember” is the last thing in the world that you
want to do. Personal names or memorable names do not provide for a secure
password. Secure passwords are based on the following characteristics:
A combination of alphanumeric characters is used, including mixed-
case letters and symbols (e.g., Iron$Steel67).
Passwords are frequently changed.
Password lists are maintained by the server, thus preventing people
from selecting the same password twice in a row.
A strict policy on password secrecy is enforced. There should be no
shared passwords.
A minimum length of eight characters for a password is required.
Enforce account lockout after three unsuccessful password attempts.
Remote Threats
T he Internet poses a tremendous threat to server security. If you
consider the fact that a hacker can sit in the safety of his or her home and
continually attempt to break into a server until successful, this is probably
the biggest threat to the server security.
In its essence the Internet is nothing more than an immense wide area
network. Connectivity is through the TCP/IP protocol suite that opens doors
to a multitude of potential security holes. Many of the local area threats are
identical to Internet threats so there is some comfort in knowing that

Remote Threats 427
securing the network against Internet threats will also provide security
against local threats also. In order to effectively deal with the potential for
attacks through a network (whether local or the Internet) you must first
understand the types of attacks and how they work.
Types of Attacks
Attacks on networks are done for several purposes. Attackers can be moti-
vated to seek out information from your server. Other times they are looking
for the gratification of knowing that they can hack into a computer. At times
they are motivated by the knowledge that they are causing harm to someone
else. The nature of the attacker and his/her motivation can vary, but the
strategies used are similar. Attacks often take on the form of IP spoofing,
PING of death, WinNuke, and SYN flood.
IP Spoofing
IP spoofing involves sending packets of information with a fake source
address through the network or Internet. The server is led to believe that the
packets are coming from within the network. Using this method hackers
can trick the server into thinking that the hacker’s computer is part of the
internal network, and thus gain access. The use of a firewall can help in
preventing this form of attack.
Ping of Death
The PING of death is a denial of service attack (DoS). A DoS attack prevents
any users (including legitimate ones) from using the network. The PING util-
ity is part of the TCP/IP protocol suite and is primarily used to confirm con-
nectivity through sending and receiving responses from another network
device. It is a type of echo test. The PING of death involves sending very large
packets rapidly, which results in the receiving computer’s buffer overflow-
ing. The result is that the computer will stop responding, or reboot. Patches
available from operating system manufacturers that will assist in preventing
the PING of death.
WinNuke
WinNuke is a hacking method that is only usable against a Windows-based
operating system. If your network is using Novell NetWare, or Unix, you are

not susceptible to this form of attack. WinNuke sends special TCP/IP pack-
ets with an invalid TCP header. Windows-based operating systems do not
know how to deal with these headers, and the packets will crash the operat-
ing system. Microsoft refers to these crashes as “Out-of-Band data.” What
results is the blue screen of death, a blue screen with a Windows error. The
computer becomes unresponsive and will require you to shut the power com-
pletely off and then restart the computer (what is known as a hard shut-
down). Because Windows was not shut down properly, you will also have to
run a scandisk and most likely repair fragmented files that were open when
the crash occurred. Hopefully they are all recoverable.
WinNuke is not only a threat to Windows network operating systems. Any

Microsoft operating system is vulnerable to this type of attack, including the
desktop operating systems (Windows 95, 98, 2000, Me, and XP).
You can prevent WinNuke from happening by installing a patch from

Microsoft. Go to http://support.microsoft.com/servicedesks/
technet/ and then search for WinNuke.
SYN Flood
SYN floods are another kind of DoS attack. In normal TCP/IP communica-
tion the session is started with a packet containing a SYN flag. This SYN
flag requests that the receiving computer reply to confirm that it is ready to
start communication. A SYN flood attack involves flooding the receiving
computer with a multitude of meaningless packets all containing the SYN
flag. The receiving computer attempts to respond to all the requests and
in doing so consumes all of its resources. The result is an overburdened
computer that can’t respond to any more requests, even legitimate ones.
Network operating system manufacturers offer patches to help prevent this
type of attack.
Firewalls
Whenever you connect a private network to the public network (Internet),
you are opening doors for potential threats. In today’s ever-advancing
world, remote users and remote connections have become a staple of net-
work activity. Virtual private networks, corporate wide area networks,
remote access, and always on Internet connections provide a multitude of

Remote Threats 429
security holes in a network. Firewalls protect a private network from public

network traffic. Firewalls can be hardware, software, or a combination of
the two. In its essence a firewall examines data packets to determine if they
belong within the network. Access in and out of the private network is
granted or denied by the firewall. Many different firewall products are
available today. Software firewalls are available as an add-on supplied by
the NOS manufacturer, or as third-party software. Hardware firewalls are
often called a black box. Black box firewalls sit between the private
network and the public connection. Let’s first look at firewall technology
a little closer.
Firewall Technology
Firewalls can use several different technologies to limit packet and infor-
mation flow. Some of the more common means are access control lists,
dynamic packet filtering, protocol switching, and DMZs (demilitarized
zones).
Access Control Lists

An access control list (ACL) is a list of rules regarding network traffic. ACLs
are used within routers to control traffic flow. For example, computer A is
allowed to connect to computer B but computer C is not allowed to connect
to computers A or B. ACLs work effectively in determining traffic flow rules
but, working alone, they are susceptible to IP spoofing and must therefore be
used along with other safeguards.
Demilitarized Zone
A demilitarized zone (DMZ) is a dedicated section of your network that is
neither public nor private. It sits between these two areas. Since outside
users will access specific servers, such as web and e-mail servers, they are
placed in this special zone. The idea is that hackers will also go after these
specific servers. By placing them in a segregated area, away from the core
of your local area network, you take away the risks. Normally a DMZ fire-
wall computer has three network cards. One goes to the Internet connec-
tion, one to the DMZ network computers, and the third goes to your
private LAN. Figure 13.1 is an example of a DMZ. The local network
connects to the firewall via the network switch. The DMZ also connects
through a switch to the firewall. The firewall then connects to the Internet.
This prevents direct connection to the Internet by either the DMZ or the
local area network.

FIGURE 13.1 This configuration prevents direct Internet connection by either the DMZ
or LAN.
DMZ
To Public Internet
Firewall
Private Network
Critical servers such as data servers should not be kept in the DMZ, but
rather in the private network. Web, FTP, and e-mail servers are normally
kept in the DMZ.
Protocol Switching
Protocol switching is another means of protecting your network from out-
side influences. The TCP/IP protocol suite, as you know, drives the Internet.
Most local networks also use TCP/IP. As you learned in Chapter 7, TCP/IP
is the protocol of choice for Windows 2000, Unix, and NetWare 5 and 6.
With many of the network attacks relying on the TCP/IP protocol, this
creates an easy avenue for an attack to occur. Protocol switching involves
two possibilities:
Use a different protocol on the local area network to prevent TCP/IP
based attacks from being effective.
Create what is called a dead zone between your local area network
and the Internet. This dead zone will contain a different protocol.
Using this approach you can still maintain the TCP/IP protocol on
your local area network. Figure 13.2 is an example of using dead zone
protocol switching.

Remote Threats 431
FIGURE 13.2 Protocol switching using a dead zone
Internet using TCP/IP
Dead Zone using IPX/SPX
LAN using TCP/IP
In implementing a dead zone you will have to use two devices, such as
routers, to perform the protocol transitions. This can prove to be a costly
endeavor because routers are expensive.
Dynamic Packet Filtering

Packet filtering is the ability of a router or firewall to disregard packets that
do not meet set requirements. This process is done through the use of a
dynamic state table. The dynamic state table keeps track of all communica-
tion sessions between stations inside and outside of the firewall. The list is
called dynamic because it is constantly updated as communication sessions
are established and ended. Dynamic filtering is highly effective in preventing
IP spoofing, because the state table will recognize that someone is trying to
use an already established session and block them out.
Proxy Servers
Proxy servers are in common use today. They act on behalf of an entire net-
work. They are used to mask IP addresses of each of the internal computers
that are connecting to the public network. Since some hacking software
attempts to identify the IP address of computers on the local area network
(which can then be used to attempt to gain internal access), the proxy is a
good means of protecting private networks.

When a proxy server receives a request, it will first dissect the packet, ana-
lyze it, and reassemble it. The request is then sent out onto the Internet. The
same dissection process is done when the information is received from the
Internet. Proxy servers often offer a variety of added features such as web
restrictions, virus monitoring, and tracking features.
There are many different types of proxy servers available. The following
is a list of the more common types of proxies:
IP Proxy will hide the IP address of all stations on the local area
network. As requests are made to the public network, the proxy will
exchange its own IP address for that of the requesting computer. This
makes all requests appear as though they are coming from the one IP
address (the proxy).
Web Proxy will handle all HTTP requests. Much like the IP proxy
this form of proxy will send all web-based requests through its own IP
address. Web proxies are also used to filter out HTTP requests as well as
files coming in. If you do not want your users to be able to download
music files from WinMX, then that can be blocked through the web
proxy. Another great feature of web proxies is their caching ability. When
a request is granted on a web proxy, a copy of the information is kept
for a period of time in a cache file. If another request is made for the same
file, rather than going onto the Internet to retrieve it, the proxy will check
its cache file. This will dramatically speed up the retrieval of files.
FTP Proxy is used to upload and download files between a server and a
workstation. FTP proxies offer the same filtering and protection as web
and IP proxies.
SMTP Proxy is used to handle e-mail requests. SMTP proxies will
dissect and examine incoming and outgoing email for viruses as well
as content deemed insecure.
Many firewall software programs require at least two network cards to be

installed in your server. Be sure to consult the manufacturer on the firewall
product that you intend to install prior to purchasing it.

Remote Threats 433
Operating System Firewalls

The three NOSs (NetWare, Unix, and Windows) that we discussed in
Chapter 7, “Network Operating Systems,” all support firewall software. In
this section we will explore the possibilities of each NOS and the common
firewall software supported.
Unix
The majority of the Internet is driven by the Unix operating system. Several
flavors of Unix have been created to address the Internet and firewall
technology directly. Many firewall products were created with Unix techno-
logy. Unix firewall protection can even be configured so that it is the only
service running on the server. This is an added deterrent to hackers as there
is nothing to see, steal, or damage on the server if the proxy is the only
thing running.
Unix-based firewalls also offer the greatest flexibility in implementation,
supporting over 32 network cards. This allows connectivity to numerous
network segments and can control information flow between network
segments on the private side as well as the public side. NetWare supports
16 network cards while Windows is limited to 4.
In the past a definite downside to the Unix structure was the command
line interface. It took people back to the days of DOS (having to remember
commands that were typed in manually). Now Unix supports X Window,
which will give you a GUI interface with mouse support to interface with the
OS and firewall.
NetWare
NetWare uses BorderManager as its firewall software. BorderManager uses
a NetWare administrator snap-in, which allows it to be managed through
NetWare’s Administrator utility. BorderManager offers superb client com-
patibility with support for Windows 95/98, NT, DOS, OS/2, and Mac OS.
Combined with the NetWare OS, BorderManager is considered to be one of
the best firewall protection systems available.
Windows NT/2000
With the security holes present in Windows operating systems, there has
been some hesitation in using products such as Windows NT Server as a

NOS for larger networks. With patches to fix attacks such as WinNuke,
many third-party firewall programs have been written. These third-party
programs run with NT domain security or with the new Active Directory
system in Windows 2000. A major benefit of Windows-based firewall soft-
ware is that it is managed through the familiar Windows-based interface.
Part of Microsoft’s server operating system is Microsoft Proxy, which
provides proxy and firewall services in an easy to set up and maintain user
interface.
The Black Box Firewall

Black box firewall implementations use a specific hardware component to
perform proxy and/or firewall service. This box contains its own operating
system (usually Unix based) and software. It is a self-contained computer
with network cards that then plug into the network. You will have to con-
figure a black box during its setup, which is usually done through a com-
mand line interface. After configuration the black box basically runs on its
own. The advantage of using a black box is the fact that the resource load is
taken off the server. Using a proxy can require a large amount of hard drive
space for the cache files. Processor and RAM are also used by the proxy,
which can become taxing on smaller servers. The downside of a black box is
its cost. These devices do not come cheap. It is also another piece of equip-
ment to mount in the rack, or provide physical security for. Another concern
is ease of use. Configuration can be complex, especially if you are unfamiliar
with the operating system that the black box is using.
Detecting Intrusions
It is great to install a firewall and proxy server, but if you are not monitoring
what is going on, then the added protection is nullified. Monitoring will
ensure that any holes that form in your defense, and any attempts to break
in, can be dealt with accordingly. Intrusion detection will take on three
forms: active, passive, and proactive.
Active Detection
Active detection uses system monitoring to search for hackers or suspicious
activity. Some advanced active detection software will also shut down ses-
sions that appear to be suspicious. Some active detection products available
include Cisco’s NetRanger, Memco’s SessionWall, and SATAN.

Temperature and Humidity Issues 435
Passive detection
Passive detection involves using devices that will monitor network or server
activity but nothing more. These forms of detection will use log files to store
attempts to break into the network but not take any action. Passive detection
will require frequent visitation by network administrators to check the log
files for suspicious activity.
Proactive detection
Proactive defense involves analysis of your network to determine possible
openings for threats before they can occur. This is commonly done through
careful research and planning. The network administrator must be con-
stantly researching and preparing for all known plans of attack. Programs
such as SATAN allow you to scan your network and assist in identifying
security holes. These can then be fixed before the hackers can find them.
Temperature and Humidity Issues

T emperature and humidity are controllable environmental condi-
tions. You might not think that they have anything to do with managing
and securing your server environment but they actually do. Managing your
server environment also includes controlling environmental variables as
much as possible. Extremes of both temperature and humidity can be a seri-
ous threat to the daily operations of your computer. Much like people,
servers prefer a small range of temperature and humidity. Extreme changes
in temperature and humidity will have negative consequences on your
server’s operation.
Temperature
Temperatures in the environment around your server should be kept at
70 degrees Fahrenheit. Computer components that run in a hot environment
will not last as long as components that run in a cooler one. However,
extreme cold will also have negative results on performance. Remember that
many of the mechanical components (hard disks, fans, optical drives) use
a lubricant on their moving parts. Extreme cold temperatures can cause
the lubricants to become too viscous. This will result in added stress to the
motors and gears that turn these components.

Lower temperatures also create an environment where ESD becomes

more of a threat. Electrostatic discharge is a serious threat to computer
components. More information on ESD is found in Chapter 15, “Disaster
Recovery.”
ESD
As I have been sitting here writing this chapter, I can honestly say that you
do not have to be working within your computer to see the consequences
of ESD. I recently got up from the chair to stretch. When I sat back down and
touched the mouse, I felt a shock and the computer rebooted. ESD traveled
from my hand through the mouse to the computer and caused a hard shut-
down. Lucky for me I saved my work before the shock occurred!
An often-overlooked area with temperature occurs overnight. Many

offices program their thermostats to turn the air-conditioning system off
overnight, because there is no one in the office at that time. The temperatures
within the office can climb quickly (especially if your office is in an urban set-
ting with lots of concrete) resulting in your server working in a stressful
setting throughout the night. Add to this that servers are often performing
major tasks through the night such as data backups, and you are taking a
big risk.
You should also be cautious of running equipment that is extremely cold
before it has a chance to slowly warm up to room temperature. Although
you will not take your server out into the freezing cold of winter, you might
be carrying removable hard drives, optical disks, and magnetic media for
tape backup drives. Any new hardware that arrives after being exposed to
extremely cold temperatures should be allowed to warm up to room temper-
ature naturally before using. A serious risk of component damage occurs
when condensation forms on these components from rapid warming in the
presence of water vapor. Condensation can damage sensitive components or
cause a short circuit to occur.
Humidity
Humidity poses threats similar to those posed by temperature extremes.
Computers prefer 50 percent relative humidity. More-humid environments

Power Issues 437
can result in condensation, while less-humid environments create a higher

potential for ESD. The worst combination is low temperatures and low
humidity. For those of you who live in areas that receive snow in the winter
months, you know that static electricity is much more common during the
cold months. Laser printers, for example, begin to jam more as pages become
stuck together with static charges.
Humid air is also more difficult to cool. This will cause the fans to spin at
a higher RPM and still not be able to move heat away from the server ade-
quately. Working in such an environment can lead to shorter MTBF (mean
time between failures).
Power Issues
P ower issues include concerns with electricity coming in from the
wall to the server, as well as power control within the server itself. Electrical
problems are often the result of low electrical power, or large bursts of
electrical power. Both extremes of electricity are potentially harmful for an
operating server.
Low electrical supply is often called a brownout or sag. This is a dip in
electrical current. You may have experienced a brownout, or sag, in your
home when someone turned on a high-power-consumption item such as a
vacuum cleaner. The lights within the room would dim. The effects of a
brownout or sag on a server include stress on operating components such as
cooling fans and hard disk motors. Most brownouts are temporary and after
a few moments the power will increase back to normal levels. At times,
though, brownouts may be the result of an overloaded circuit. If at all pos-
sible, a server should be on a dedicated electrical circuit directly from the
electrical panel. This will ensure that brownouts originating within your
building can be avoided.
A complete loss of electrical power is called a blackout. In the case of a
blackout there really is nothing you can do. The electrical power is lost until
the source of the problem can be located and repaired.
Power spikes and power surges are the opposite of a brownout. A power
spike is a brief intense gain in electrical current. You can also experience
power spikes in your home. During the early evenings (from 5 P.M. till 7 P.M.)
you might find that the lights in your home can at times brighten for a second
or two. This is a power spike. It is caused by the multitudes of people who

are arriving at home and using high-energy-consumption appliances to make

their supper. As the demand for electricity is increased and decreased with
these appliances turning on and off, the electricity being supplied through
the wires also fluctuates as it tries to meet the demands. A power surge is an
increase in power, much like a power spike, but it lasts from a few moments
to a few minutes. Both power surges and power spikes are extremely dan-
gerous for servers.
Surge Protectors
A surge protector is a must for every server. Realistically a surge protector
should be used to protect every electronic device in your office or home.
These simple devices contain a special electronic circuit that monitors the
incoming voltage level and trips a circuit breaker when the overvoltage
reaches a certain level. The level is called the overvoltage threshold. Care
must be taken when selecting your surge protector because many have a
threshold that is set too high. Always purchase a surge protector that is
specifically created for computer use.
Line Conditioners
Line conditioners provide better protection than surge protectors when deal-
ing with surges and spikes. Line conditioners use several electrical circuits to
clean the electrical signals that are coming in. They are effective against
power spikes, surges, and brownouts. A UPS is an example of a line condi-
tioner. Issues with “dirty power” can also be rectified with line conditioners.
Dirty power contains signals that are from other devices, such as fluorescent
lighting, that have strayed into the electrical line.
RFI
RFI (radio frequency interference) is caused by interference between server
operation and radio signals. This can be a result of a nearby radio or televi-
sion, cellular device, or two-way radios. Using high-grade shielded cables
will assist in eliminating problems resulting from RFI. If you are using
external SCSI hard drives, you should definitely look at spending the extra
money to purchase shielded external SCSI cables. This will protect data
being saved to the external drives. Another solution to combat RFI is to
use fiber optic cabling. Fiber cable is completely immune to RFI as well as
EMI (see the following section).

Power Issues 439
EMI
EMI (electromagnetic interference) is caused by interference from magnetic
fields. The result can be a temporary problem or, if the computer is left
within the field for an extended period of time, a permanent one. Sources of
EMI include electrical motors, transformers, electrical panels, and heaters.
Key components within your server that can be affected include hard disks,
floppy disks, and network data traffic.
EMI Influence
I have seen the effect of EMI firsthand. I once had a client bring me his com-
puter tower after the hard disk became corrupted. After formatting and
rebuilding the operating system and data on the hard disk, I returned the
computer to him. Oddly enough, it was only a month later that he returned
with the same problem. Once again I reinstalled his OS and programs. This
time I assumed that it was user error so I spent some time with him in using
his computer, including properly shutting down Windows to prevent OS
corruption. However, like the song, The Cat Came Back, he returned approx-
imately one month later with the same problems. At this point we were both
getting annoyed. I rebuilt the computer yet again. This time I delivered the
repaired computer to his home. He was not there but his wife asked me to
set it back up for him. She then proceeded to guide me to the basement
where he had his computer desk right under the electrical panel. He was
plugging his computer right into an outlet directly on the electrical panel.
EMI from the electrical panel was causing data corruption on his hard disk.
Eventually, within a month, the corruption had been spreading to the point
where it damaged his operating system.
UPS/SPS
A UPS (uninterruptible power supply) will provide protection against
brownouts, blackouts, spikes, and power sags. A UPS consists of a battery
and line conditioner. Electricity from the wall enters the UPS and is filtered
through the line conditioner. From there the power charges the battery. The
server runs off of the battery. If the electrical power fails, then the server con-
tinues to run off the battery until power is restored or the battery is depleted.

Software is used in combination with the UPS to alert users, as well as the
administrator, that the server is running on battery power. Software can also
gracefully shut the server down. This will include exiting all programs that
are running, as well as the operating system, before the battery is depleted.
An SPS (standby power supply) is similar to a UPS except that it uses a
switching circuit to switch between AC (alternating current) and DC (the
battery system). If a power drop occurs, the circuit will switch the server to
run on battery power. The major problem with an SPS is that if the circuit
does not react fast enough, power to the server can be lost and the server will
experience a hard shutdown.
A UPS is preferred to the SPS because there is less chance of the server
facing an abrupt shutdown if it is on a UPS.
Summary
The chapter began with the physical aspects of server security. This
includes ensuring that the server is safe in its location. With a rack-mounted
server, this is an easy job because everything bolts into the rack, which
should then be bolted to the floor. Rack-mounted servers can also have
a locking door on the rack, which will limit physical contact with the server
and other components in the rack.
Tower servers are more difficult to secure, because they are bulkier than
rack-mounted servers. Provision can be made to mount these servers within
a rack system or bolt them directly to the floor. The best solution is creating a
dedicated server room. This room should not have any windows (to prevent
break-ins) and should include security measures to limit physical access, such
as a strong door and lock.
Limiting server access covers several advanced measures that can be
incorporated to ensure that only authorized personal are entering the server
room and accessing the server. These methods include biometrics, swipe
cards, smart cards, keypads, and video recording equipment.
Remote access is becoming a staple in most server operations. Remote
users connect to access data files and e-mail, and to perform tasks. Securing
remote access to servers involves using secure passwords that are frequently
changed, and enforcing a strict policy on password and network use.
Remote threats include IP spoofing, PING of death, WinNuke, and SYN
flood. Each of these attacks can occur through the private network or come

Summary 441
in from the Internet (or public network). IP spoofing involves sending pack-
ets of information to the server with a fake source address in hope of tricking
the server into believing that the hacker’s computer is part of the private net-
work. The PING of death is a type of denial of service attack. The idea is to
overload the server with packets in hope of forcing the server to crash, or at
least stop responding. WinNuke attacks Microsoft operating systems. It uses
the operating system’s inability to effectively deal with invalid TCP/IP packet
headers. The result is a blue screen of death and an operating system that
stops responding. SYN flood is another form of denial of service attack. It
involves flooding the server with TCP/IP packets requesting a reply. The
server will become overrun with these tasks and unable to process private
network requests.
Firewalls protect private networks from public traffic. Firewalls can be
software, hardware, or both. Firewall technology use access control lists,
demilitarized zones, protocol switching, and dynamic packet filtering to
perform their job. Access control lists are a set of rules regarding network
traffic. A demilitarized zone is a dedicated section of the network that is
available to the private and public networks; located in these zones are web,
FTP, and e-mail servers. Protocol switching uses a dead zone to switch to
another protocol in hopes of creating a barrier that hackers cannot pene-
trate. Dynamic packet filtering happens when a firewall identifies suspicious
packets; this is done through a dynamic state table that is constantly updated
with new connection sessions that are occurring in the private network.
Proxy servers are another line of defense in securing your network. A
proxy server submits requests on behalf of the private network. Common
forms of proxy servers include web, IP, FTP, and SMTP.
Operating system firewalls include proprietary and third-party software
that is used as part of the network operating system. Unix supports many
third-party proxy services and is the driving force behind many web servers.
Novell offers BorderManager as well as third-party proxy support. Windows
servers are often considered the weakest of the operating systems in terms of
security breaches, but Microsoft does offer Proxy, which is an easy-to-use and
easily set up proxy service.
Black box firewalls take the strain of the firewall service off of the server
and into a dedicated separate device. Most black boxes are configured with
a Unix operating system and are self running (once configured).
Intrusion detection is based around three areas: active, passive, and pro-
active detection. Active detection involves software that constantly scans the
server and network for specious activity. If found, an alert can be sent, or the

software can even shut down the communication session. Passive detection
will only record suspicious activity in a log file. It is then up to the adminis-
trator to locate and repair these security holes. Proactive detection involves
analyzing your network and locating the security breaches before they are
discovered by hackers. Once located, the problems can be fixed or secured
before hackers attempt to break in.
Temperature and humidity are controllable environmental conditions.
Ideally temperature should be kept at 70 degrees Fahrenheit. If the temper-
ature is too high, the server will not be able to cool the components properly
and the MTBF will drop. If the temperature is too cool, the chances of ESD
rise and moving components can become stiff, putting extra stress on the
motors that operate them. Humidity can also cause harm within a server.
High levels of humidity can lead to condensation on components, resulting
in a short circuit. Low levels of humidity will increase the chances of ESD
damage. The ideal humidity is 50 percent.
Power issues include low voltage problems (brownouts and failures) as
well as overvoltage problems (spikes and surges). Both undervoltage and
overvoltage problems can be addressed through the use of surge protectors,
line conditioners, and UPSs (uninterruptible power supplies). Other impact-
ing factors include RFI (radio frequency interference) and EMI (electro-
magnetic interference). Both can be problematic in data safety as well as
component failure if exposure is extended.
Ensuring adequate server power involves the use of a UPS or SPS. A UPS
is preferred over an SPS (standby power supply) because the UPS is more
effective at preventing a hard shutdown resulting from a sudden power loss.
Exam Essentials
Be able to plan for a secure server environment. This includes direct
contact security (hardware and software) as well as remote access threats.
Know the methods to limit access to the server. Be familiar with secu-
rity measures such as biometrics, swipe cards, smart cards, and keypads.
Know the elements that make for a strong password. This includes
incorporation of both alpha and numeric characters, frequent password
changing, setting minimum password lengths, enforcing account lockouts
on failed attempts, and establishing a strict password policy.

Exam Essentials 443
Know the different types of server attacks. Some common server

attacks include IP spoofing, PING of death, WinNuke, and SYN floods.
Be familiar with what firewalls are. Firewalls protect private networks
from public network traffic.
Understand common firewall technology. This includes access control
lists, demilitarized zones, protocol switching, and dynamic packet filtering.
Know what a proxy server does. Proxy servers act on behalf of the
entire network. Their purpose is to mask IP addresses of the internal
devices on the private network.
Be able to explain a black box firewall. A black box firewall is a
separate component that attaches to your network. It contains its own
operating system (normally a Unix operating system), which runs inde-
pendently of the server.
Know the three main categories of detecting network intrusions.
Three main intrusion detection categories are active, passive, and
proactive.
Be familiar with the effects of extreme temperature and humidity on
server operations. Temperature and humidity must be maintained at
specific levels for optimal server performance. If the temperature and
humidity stray too far up or down from the acceptable levels, server hard-
ware performance can be jeopardized. Preferred levels are a temperature
of 70 degrees Fahrenheit and 50 percent humidity.
Know common power issues. This includes brownouts, blackouts,
power sags, spikes, EMI, RFI, and surges.
Know the preventative hardware available to deal with power issues.
Surge protectors, line conditioners, SPSs, and UPSs are common devices
used to cope with power issues.

Key Terms
ing terms:
demilitarized zone PING of death

access control list power spikes
authentication power surges
biometrics protocol switching
brownout proxy servers
denial of service attack (DoS) remote access
dynamic state table RFI (radio frequency interference)
EMI (electromagnetic interference) smart cards
ESD SPS (standby power supply)
firewall surge protector
IP spoofing swipe cards
line conditioners SYN flood
packet filtering UPS (uninterruptible power
supply)
passwords WinNuke

Review Questions
1. Which form of server is generally easier to secure?
A. Rack serves
B. Tower servers
C. Desktop servers
D. Component servers
2. Besides the server, which of the following items should be kept in the
rack? (Select all that apply.)
A. Monitor
B. Keyboard
C. UPS
D. Mouse
3. Can tower servers be rack mounted?
A. Yes
B. No
C. Depending on form factor (AT, NLX, or ATX)
D. Depends on manufacturer
4. Which of the following is an example of biometric security?

A. Video camera surveillance
B. Swipe card entry

C. Keypad entry
D. Fingerprint scanning
5. Besides limiting server access, what else might a network administra-

tor use to monitor server access?

A. A sign-in sheet
B. Warning signs
C. Video recording devices
D. Firewall software
6. Which of the following is an example of remote access to a company

server?
A. A user connecting to a web page
B. A user checking his e-mail when at home
C. A user retrieving data from the server when at home
D. A user sending files to the server though the Internet e-mail system.
7. Which of the following example is a secure password?

A. Iron$Steel13
B. Betty
C. 53995
D. Porsche
8. Which of the following does not meet secure password standards?
A. Enforcing password lockouts after three unsuccessful attempts
B. Enforcing regular password changes
C. Creating a log of all user passwords for administrative purposes

D. Preventing users from using the same passwords
9. What is IP spoofing?
A. Sending fake packets in order to trick the server into believing that
you are inside the network
B. Sending multiple IP packets in an attempt to overrun the server
C. Requesting multiple replies from the server in an attempt to over-

run the server’s buffers
D. Sending special TCP/IP packets with invalid headers in an attempt
to crash the server’s operating system

10. What is a PING of death?
C. Requesting multiple replies from the server in an attempt to over-
run the server’s buffers
11. What is WinNuke?
C. Requesting multiple replies from the server in an attempt to

overrun the server’s buffers
12. What is SYN Flood?
C. Requesting multiple replies from the server in an attempt to

overrun the server’s buffers
13. What is DoS?
A. Directory of service
B. Denial of service
C. Disk operating system
D. Drive of system

14. What does a firewall do?
A. Protects a private network from the public Internet
B. Prevents viruses from attacking your computer
C. Scans your network for errors

D. Blocks all incoming network signals
15. What are access control lists?
A. Rules for Internet connections and communication

B. Rules for TCP/IP communication on a network
C. Rules regarding network traffic
D. Rules for establishing and maintaining a communication session
16. What is a DMZ?

A. A section of your network that is most secure
B. A dedicated section of your network that is neither public

nor private
C. A type of security feature that requires granted access to use
D. A standard security feature created by the U.S. military for

network communication
17. What is protocol switching?
A. Adding another protocol between the private network and the

public network
B. Using a less common protocol to communicate with your servers
C. A means of masking your internal protocol through the cover of
another protocol
D. Using different protocols between clients and servers

18. What do dynamic packet filters use to keep track of communication

sessions?
A. Log files
B. Dynamic state tables

C. Access lists
D. RAM
19. What does a proxy server do?

A. Perform tasks on behalf of the network
B. Block DoS attacks
C. Hide network traffic
D. Create a secure environment to run your server in
20. Which of the following are categories of intrusion detection methods?

(Select all that apply.)
A. Active
B. Passive
C. Proactive
D. Black box


1. A. Rack-mounted servers tend to be easier to secure due to their
shape and design.
2. A, B, C, D. All items linked directly to the server should be kept
within the rack. This will ensure that when the rack is locked no access
to any server components will be allowed.
3. A. Most tower server manufacturers offer a rack mount feature for
their tower servers. These rails can be purchased separately and added
to the server.
4. D. Fingerprints are one means of biometric identification. Biometric
identification is based on using unique human characteristics as a
means of identifying people.
5. C. Monitoring servers often will include the use of video recording
devices. This will assist if a discrepancy arises as to who was using the
server.
6. C. The only option presented that creates a remote connection to the
company server is C. All the other options that are presented are
accessing the public network.
7. A. The only option presented that meets secure password require-
ments is answer A. Secure passwords should be at least eight characters
long, and contain both alpha and numeric characters.
8. C. By maintaining a list of user passwords, you are jeopardizing net-
work security. Should someone see this list, they would be able to gain
access to the network.
9. A. IP spoofing involves sending fake packets to trick the server into
believing that you are inside the private network.
10. B. The PING of death is a method of overrunning the server’s buffers.
11. D. WinNuke is only effective on Windows operating systems. It is an
attack against the operating system that will result in the OS crashing.
12. B. SYN floods involve sending multiple packets with a SYN flag in an
attempt to overrun the server’s ability to respond to requests.
13. B. DoS is the acronym for denial of service attack. It is a means of
overrunning a server so it will not be able to perform any tasks.

14. A. Firewalls protect your private network from public Internet

access. They can comprise hardware, software, or both.
15. C. ACLs are rules that govern network traffic. They are used by
firewalls to control network access.
16. B. A DMZ, or demilitarized zone, is a dedicated section of your
network that is separate from the private and public networks. By
placing e-mail and web servers in the DMZ, you are placing them
at risk but taking the risk away from your private network.
17. A. Protocol switching is the process of using a different protocol
between the private network and the public network.
18. B. Dynamic packet filters use dynamic state tables to keep track of
communication sessions. These tables are constantly being updated.
19. A. Proxy servers perform requests on behalf of the entire network.
These can include IP, web, e-mail, or FTP services.
20. A, B, C. Active, passive, and proactive are the three main categories
of intrusion detection.

Chapter Backups

THIS CHAPTER:
2.7 Install service tools (SNMP, backup software, system

monitoring agents, event logs, etc.)

Verify backup

Plan for redundancy (e.g., hard drives, power supplies, fans,
Use the technique of hot swap, warm swap, and hot spare to
ensure availability
Use the concepts of fault tolerance/fault recovery to create a
disaster recovery plan
Develop a disaster recovery plan
update as needed
Please see Chapter 12 for further coverage

of CompTIA objective “Install service tools,”
Chapter 9 for further coverage of objective
“Identify and correct misconfigurations and/or
upgrades,” and Chapter 15 for further coverage
of objective “Plan for disaster recovery.”

T his chapter looks at backup devices and backup strategies
to protect the data if a complete system failure occurs. This data protection
is normally done through regular, scheduled backups of the server data. On
the surface, backing up your data seems like a simple enough process: Select
a backup device, install it, put in the backup media, and let it run. Rarely
though is it so simple. Careful selection of backup hardware, software, and
media must take place to best match the environment that the server operates
in. You need to consider the capacity of the backup drive and the speed at
which it will perform, the software’s ease of use and interoperability with
your network, cost of the media, cost of the backup unit, and reliability of
the drive.
Backup Defined
A backup is nothing more than a duplicate of all files and folders on
a hard drive. This duplicate would be needed in case of damage or unwanted
change to the original. The key is unwanted change. Businesses often need to
restore data from a backup after an unwanted change has occurred to the
running copy. For example, a corrupted database can be corrected by restor-
ing from the backup copy. Consideration must be taken before doing this
restoration since the time that elapsed from the last backup to the point
of restoration translates to lost data.
There are many different backup devices and programs available, but
generally they all perform the same tasks in roughly the same way: The
backup software is installed and configured to run with the backup device.
The software is then pointed to the drive on which the data to be backed up
is located, the destination of the data is selected, and finally the backup is set
to start. Before getting to this stage though, you will have to decide which
backup device best serves your needs, so let’s begin there.

Backup Devices 455
Backing up vs. archiving: These two terms are often confused. Making a
backup means creating another copy of your data, usually on a removable
storage device that is kept in a safe place. Archiving means preparing data for
long-term storage. For example, you can compress and archive unused sec-
tions of a database. Archiving files does not copy them over to a removable
storage device for safety; backing them up does.
Backup Devices
I n the earlier days of personal computers, backups were done to
one medium only—the floppy drive. Operating systems included a simple
backup program for backing up data from a hard drive onto floppy disks.
When hard drives held only 5 or 10 megabytes, this was an adequate solu-
tion. This method was cheap (requiring you to purchase only floppy disks)
and simple to run. Once the data was backed up, the floppies could be stored
in a safe location. As technology advanced, backing up to floppies became
impossible. Remember that a floppy disk can hold no more than 2.88MB.
New applications and operating systems resulted in file sizes that made the
floppy disk an unsuitable method of backing up data.
Today there are a multitude of different devices available to back up data.
Magnetic tape, DAT (digital audio tape), DLT (digital linear tape), optical
disks, and removable hard disks are all currently used. What is paramount
is that the data being backed up can be removed. The RAID configuration
discussed in Chapter 5, “Fault Tolerance and Redundancy,” is an important
means of maintaining data availability when the server is running, but if
there is a complete system failure (resulting from fire, flood, or other natural
disaster, or from malice), then the information on those hard drives becomes
inaccessible. A backup device lets you copy your data and then take the copy
offsite for security.
Gaining popularity is the optical drive. Optical drives use a laser to
read (and write) to compact disks. Optical disks are made out of a thin film
compressed between layers of plastic. Unlike magnetic media, there is no
contact between the drive and the disk in optical devices. The laser reads
information from the disk without coming into contact with the media. This

456 Chapter 14 Backups
not only limits drive wear, but also improves the longevity of the optical
media. Provided that the optical media is not scratched or physically broken,
it will last indefinitely. There are currently two main forms of optical drives
in use today, CD-RW and recordable DVD.
The CD-RW (CD-Rewritable) is becoming the device of choice for small
networks. With the price of optical devices and media dropping, CD-RWs
provide an affordable way to back up data quickly and securely. Another
real benefit of this method is the long-term life span of the CD. Once the data
has been backed up to the disc, the disc remains virtually indestructible, as
opposed to data on magnetic tape, which can be damaged by magnetic dis-
turbances. Although media sizes are increasing, CD technology is currently
limited to less than a gigabyte on one CD.
Recently a recordable DVD drive has been released. Several different
variations on disk capacity and drive technology with recordable DVD
are currently in development and initial release. Once standardized, this
technology will offer optical disk backups with gigabytes of storage on one
disk. One DVD standard that is becoming a leader in future DVD standards
offers 8 gigabytes of storage on one DVD media disk. Compared to the
1.44MB of available space on a standard floppy disk, it is clear to see how
the DVD technology is of great interest for many users.
Removable hard disk drives are another option for backing up data,
but the costs outweigh the benefits (especially when compared to the other
possible methods of backing up data). Removable hard drives are mounted
within a case on rails that allow it to slide into an opening on the computer.
Connectors at the back of the case allow for connectivity to the computer.
When you leave you can simply slide the hard drive out and take it with you.
Care must be taken with the drive to prevent rough handling.
Of these available devices, magnetic devices are the most popular. This
includes the DAT and DLT drives as well as portable drives such as Iomega’s
Zip and Jaz drives. These media hold large amounts of data (tens of gigabytes
on one cartridge), the replacement cost of the media is reasonable, and in
general the media are reliable.
Iomega offers products ideal for small-business and personal backup solu-
tions. Available as both an internal and external device, the Iomega Zip and
Jaz are affordable backup solutions. The Zip drive is available in 100MB
and 250MB options, while the Jaz is available in 1GB or 2GB sizes. Iomega
media is readily available at most retail outlet stores at a competitive price.
External drives interface through a USB port to the computer, and the

Backup Devices 457
included backup software is simple to use. Unfortunately, for medium to

large businesses, 2GB of storage space on a disk is too small. Further infor-
mation on the Iomega products can be obtained through www.iomega.com.
DAT and DLT drives are capable of backing up extremely large amounts
of data and are widely used by medium to large businesses. DLT cartridges
hold 75GB or more. DAT drives are also available in an autoloader. This
interesting invention is similar to a multi-disc CD player except that it houses
multiple tapes. If your server contains more data than will fit on one tape,
then this device will rotate and select the next tape after the first one has
filled up. This eliminates your having to wait to change tapes manually.
Table 14.1 outlines the various types of backup devices and their common
capacities.
TABLE 14.1 Common Backup Devices and Capacities
Device Capacity
Floppy drive 1.44MB, 2.88MB
Iomega Zip 100MB, 250MB
Imation SuperDisk 120MB
Removable hard disk Varies (80GB common)
Iomega Jaz 1GB, 2GB
Sharq drive 1.5GB
Syquest cartridge 1GB, 1.5GB
CD-RW 650–800MB
DVD 4.7–17GB
QIC 100MB and up
DAT drives Gigabytes
DLT drives 35GB and up

Backup Methods
There are four different backup methods from which to choose
for your backup strategy. Each method has benefits and drawbacks.
Which method you choose depends on how much data needs to be backed
up each time and how much time is available for actually doing the backup.
Although it may seem best to do a full backup every day, it might not be
physically possible. Some backup software, for example, will not back up
files that are open or currently in use. If your backup takes several hours to
perform, then a backup during business hours will not work. If your business
works on a 24-hour basis, then a full backup every day is not possible and
you should choose another strategy. Let’s look at the available backup
methods.
Full Backups
A full backup is simple. Every time a backup is performed, all data is backed
up without skipping any files. The immediate benefit to this backup type
is that only one tape (or group of tapes if more than one is needed) is used.
Should the need arise to restore, only one tape (or group) must be located
and used. Full backups are the simplest type to perform, but they are also the
most time consuming because all data is being backed up every time the pro-
cess is performed. If you back up every day, then a full backup will occur
every day. With each of these daily full backups, information that has not
changed is also being backed up. For this reason, full backups are not the
most efficient. Figure 14.1 shows the data being backed up for a full backup
schedule. Each day of the week represents a typical backup schedule. As
most businesses operate on a Monday to Friday cycle, a full backup schedule
would involve performing a full backup on each of these days. Since the
office is not open on Saturday or Sunday there is no need to perform a
backup on these days. Notice that the amount of information being backed
up (expressed in gigabytes) is the same each day.

Backup Methods 459
FIGURE 14.1 Full backup schedule
30GB
20GB
10GB
Monday Tuesday Wednesday Thursday Friday
Differential Backups
With this backup strategy, a full backup is done periodically (usually once
a week), and a more-frequent backup (usually daily) is done only to those
files that have changed since the last full backup. Should there be a need to
restore, you will need the last full backup and the most recent differential
backup. The backup software uses an archive bit to achieve this. The archive
bit is an attribute that is modified each time a file is accessed. When the dif-
ferential backup starts, it looks for the changed archive bits and backs up
these files only. When the next full backup is performed, the archive bit is
cleared and the process starts over again. Figure 14.2 shows a differential
backup schedule. Notice that in a differential backup schedule the informa-
tion being backed up grows each day until the full backup is reached again.
A full backup has been performed on Monday; each other day is a differen-
tial backup.
FIGURE 14.2 Differential backup schedule
30GB
20GB
10GB

Incremental Backups
An incremental backup schedule is the fastest backup option. Usually, a full
backup is scheduled for once a week, and only files that have changed since
the previous incremental backup (usually done daily) are backed up. The
archive is cleared each time a backup occurs. Since each day’s backup is dif-
ferent from other days, all tapes will be needed to restore the data. This is the
slowest restoration of the three backup methods. Figure 14.3 is an example
of an incremental backup schedule. In this example you can see that the
information backed up each day varies in gigabyte size. A full backup is per-
formed on Monday, and every other day of the week only the files that have
changed since the previous day are backed up.
FIGURE 14.3 Incremental backup schedule
30GB
20GB
10GB
Custom Backups
Many of the third-party software backup packages that are available offer
a custom option. With this option, you can customize which files will be
backed up and with which backup method. The benefit is that critical files
can be set to back up fully every time, and less-critical files can be backed up
incrementally or differentially.
Backup Plans
A lthough it would be ideal to keep a warehouse full of backup tapes,
so that every day of your company’s existence would be kept and catalogued

Backup Plans 461
for future reference, there is obviously no way this could be a reality. Backup
media and storage space cost money. If you spent $40 for each tape and had
one tape for every day in a year, it would cost you $14,600. Even to have a
basic rotation of tapes to use on a regular schedule will cost a substantial
amount of money. How you plan your backup rotation will depend on
several factors, including available resources to purchase tapes.
Rotation Schedules
Rotating tapes is a method of reusing tapes in a predetermined cycle. This
ensures that data is kept for a period of time on tape and then, when that data
becomes dated or redundant, that tape can be reused for a new backup. There
are several common rotations available. Depending on your backup needs as
well as your need to refer to past data, tape rotations offer several possible
solutions.
Daily Rotation
Not surprisingly, daily rotation is not considered a suitable backup strategy.
In fact, there is no actual rotation that occurs at all. Unfortunately, in small
businesses, or environments where nontechnical employees take care of tech-
nology, it can happen. In a daily rotation the same tape is used every day.
The problem is that if data becomes corrupt there is no means of restoring
unless you catch the problem before the backup occurs. Daily rotation also
falls short in the fact that there is no offsite data safety. One of the key ele-
ments of a backup strategy is that there is a copy of data off site. In a daily
rotation, there is one tape and often it never leaves the tape drive.
Weekly Rotation
Weekly rotations are based on a set of tapes for a week. Each day of the week
gets a tape. When you reach the end of the week, you start over, reusing the
tape from the last week. For example, the Monday tape would be used on
Mondays only, and so forth. At best, you can restore back one business
week. The benefit of this backup rotation is that it requires only one tape for
each business day in the week. The downside is that you can’t go back in his-
tory very far. If today you notice a problem that damaged data more than a
week ago, you can’t restore the data and fix the problem.

Monthly Rotation
Monthly rotation involves a weekly rotation but, in addition, each Friday’s
tape is kept for an entire month. This allows you to go back to any week
within a one-month period. A total of nine tapes are used (Monday to Friday,
and four Fridays for the month). Monthly rotations are based around the idea
that any data errors requiring a restoration will be reported shortly after the
error occurred. If they occur within the week then a restore can take place
from the previous day. Otherwise the restoration will have to come from the
weekly backups, resulting in data since that last weekend backup being lost.
Yearly Rotation
The yearly rotation builds on the monthly rotation. Along with having daily
tapes for each weekday and weekly tapes for each Friday, you also keep the
last tape from each month for a year. This allows you to go back daily for a
week, weekly for a month, or monthly for a year.
It should go without saying that you should carefully label your tapes, but
many times people will not do this simple step. Carefully label each tape with
its position within the rotation. In a monthly rotation there will be several
Friday tapes (one for each Friday in the month) and each one will have to be
labeled with its position in the monthly rotation, e.g., 1st Friday, 2nd Friday,
and so on. You don’t want to start mixing the tapes up. Some backup soft-
ware actually identifies the tape and will not allow tapes to be used out of
order. If you bring the wrong tape in to work, you will have to make another
trip to your offsite storage place to locate the right one!
Grandfather-Father-Son Rotation
One of the more commonly used tape rotations is the GFS (grandfather-
father-son) strategy. Daily backups are known as the son. The last full
backup of the week (Friday, for example) is known as the father. The last
full backup of the month (which is kept in the yearly rotation) is known
as the grandfather. This rotation is based on the yearly rotation plan.
Tower of Hanoi Rotation

The Tower of Hanoi rotation method is based on a mathematical puzzle
of the same name. In this rotation, one media set (A) is used every other
backup session. Start day 1 with A and repeat every other backup (every
other day). The next media set (B) starts on the first non-A backup day and

Backup Plans 463
repeats every fourth backup session. Media set C starts on the first non-A or
non-B backup day and repeats every eighth session. Media set D starts on the
first non-A, non-B, or non-C backup day and repeats every sixteenth session.
Media set E alternates with media set D. With each additional media set added
to the rotation scheme, the backup history doubles. The frequently used media
sets have the most recent copies of a file, while less-frequently-used media
retain older versions. The decision regarding the frequency of rotation should
be based on the volume of data traffic. To maintain the required history of file
versions, a minimum of five media sets should be used in the weekly rotation
schedule, or eight for a daily rotation scheme. The Tower of Hanoi is the most
complex to use, but provides the best data protection.
Media Storage
Once you have decided on a backup rotation, you need to plan on the media
storage. Magnetic tapes are the most popular media in use today and need
careful storage. Much like the cassette tapes that preceded CDs in the music
industry, magnetic tapes are easily damaged by ultraviolet light, extreme
heat, extreme cold, and magnetic fields. Care must be taken in transporting
tapes. Don’t leave them where they will face any of the previously mentioned
dangers.
Ideally the first question will be, who is responsible for switching and
transporting the tapes? Where will the offsite storage be? What will happen
if the person responsible can’t perform the task? Obviously the traveling
salesperson is not an ideal candidate for this role because she is seldom in the
office. Also, more than one staff member should be aware of the offsite stor-
age site and have access to it in case the person primarily responsible for the
tapes is unavailable.
Your offsite storage site can be as simple as a safe, dry location within
your home, or as complex as a locking fireproof cabinet at a secure location.
How simple or complex will depend on the level of safety that your data
needs. The key is that the tapes do not stay in the same location as the server.
Remember the idea here is to have a safety net in place so if the server is
damaged, stolen, or destroyed, you still have your data.
Verification and Restoration

Creating and deploying a backup strategy is pointless if, when the time
comes to get the data from the backup media, it can’t be restored. Backup

software offers an option to verify the backup upon completion. Verification

compares the original data and the data copy on the media to ensure that
they are the same. Restoration is the process of extracting the data from
the backup to an operational state. Normally, when information is placed on
backup media, it is compressed to take up less space. There are numerous
compression schemes, but a popular Windows compression program is Win-
zip, which compresses files into a single zip file. Care must be taken when
using compression software because it often requires that identical software
be used to decompress the files. In the case of the media being decompressed
on a different server, identical drives and software must often be used. This
matching also must take into consideration firmware and driver versions. If
you are purchasing a backup device, you should take into consideration the
current and predicted future size of the data being backed up. Select a drive
and media capacity that will allow for growth without the use of data com-
pression if possible.
Learning the Hard Way
The IT head at a large engineering firm had been in charge of the data
server for over three years when the server failed and the data on the
drives was corrupted. Unfortunately, he had not attempted to do a restore
before. When he started the restore, he realized that the data had not been
verified either. Even more problematic was the fact that the backup unit
had not been backing up properly to begin with. In the end, the engineering
firm lost drawings worth $2,000,000 and the IT head was fired. The moral
of the story is clear. Always check up on how your backup is doing. Just
because an error message doesn’t appear on your screen doesn’t mean
that everything is working as you expect.
Data restoration should be attempted on a regular basis. This will ensure

that not only is the data being backed up properly, but it can be restored as
well. There have been cases where data was successfully backed up but not
restored properly due to a configuration error. Becoming familiar with the
process of restoration before you actually need to do it in an emergency is

Backup Software 465
also important. This will not only give you confidence that you know what
you are doing, but also reduce the chance that you will make a mistake when
it counts.
Backup Software
O riginally backup software was extremely basic. It would back up
files selected through a command line interface on a local computer only.
There were no options for network use, and no advanced options. The
Backup utility for Windows has evolved from a command line program to
a GUI program. NetWare includes a backup program called SBackup, and
Unix has a command-line-based backup program called Tar (short for tape
archiving). Although these backup programs will work, third-party pro-
grams offer more options. Figure 14.4 is a screen shot from Microsoft’s
Backup utility.
FIGURE 14.4 Microsoft Backup

The backup software you select must be compatible with the drives and
perating system. Some devices come with their own backup software designed
specifically for the device. For example, Iomega drives come with proprietary
Iomega software.
Many of the third-party utilities will let you back up files that are secure
within a password-protected folder. This will be extremely important in
your server if you have folders for your users that are password-protected.
If you use a backup utility that is unable to gain access to these folders, the
data will not be backed up. Other features to be aware of are automatic ver-
ification of successful backups and notification of problems. Some of the
advanced programs can e-mail alerts when a possible error is detected with
the tape drive, while others offer data reduction tips, such as not backing up
scratch files, duplicate files, trash folders, or games. Although these features
come at a price, it may be worth the investment if you do not have the time
to regularly check up on the server.
Increasing in necessity and popularity are real-time 7×24 systems that will
back up open files Because all files are backed up, even those within appli-
cations that are running, ideally no data will be lost if a failure occurs. This
expensive solution is seen in high-availability servers.
Regardless of your backup device choice, a software program will be
needed to run the backup. There are many choices available in features
and prices. Select your software carefully to meet your current and
future needs.
Backup Troubleshooting
B ackup drives, no matter what type and form they are, contain
moving parts. With the nature of the environment that they operate in,
backup devices do require regular maintenance to prevent component fail-
ure. Backup software and media may also require troubleshooting in order
to maintain proper operation. Software may need to be updated as well as
matched appropriately with other operating software to ensure compatibil-
ity. Media will deteriorate over time and require replacement. This section
will explore common troubleshooting issues when dealing with backup
devices, software, and media.

Backup Troubleshooting 467
Cleaning Your Drive

Regular drive cleaning is essential for magnetic tape drives. Dust and other
fine particles can accumulate on the heads of the tape drive. This can lead
to failed read/write attempts, premature read/write head wear, and even
head failure. Most backup software will prompt you on a regular basis
to clean the tape drive. Cleaning is a simple process of inserting a special
cleaning cartridge and allowing it to run for a few minutes. Not only does
the cleaning cartridge remove the contaminants from the drive head, it also
removes any magnetic charge buildup that has accumulated on the heads.
If you do not regularly clean the drive, it will fail.
Remember to clearly label your cleaning cartridges. I have been to service

calls where a backup drive was not working only to find out that someone
was trying to use a cleaning cartridge as a backup tape! This may seem rather
foolish but the cleaning cartridge and the regular tape looked identical except
for the fine print.
Oftentimes a backup failure is due to a dirty tape drive. Clean the drive
and attempt a backup again. If the backup still fails, then it may be the actual
media that is the problem.
Media Problems
Magnetic tapes do not last forever. Eventually wear and tear will cause the
tape to stretch out or the magnetic film to stop responding to read/write
requests. A common problem with large-capacity magnetic media occurs
when only a portion of the tape is used. As the tape is partially used, and
rewound and used again, the tape tension within the cartridge becomes
inconsistent. This causes problems for the tape drive motor and gears as the
mechanism tries to roll the tape. With the varied tape tensions, the drive will
face uneven resistance, which can result in the tape jamming within the drive
or the tape wrapping around the spindles in the drive.
Other media problems can occur from improper storage. Tape that
has been stored at extreme temperatures (too hot or too cold), or in any
other environment that is unfriendly to magnetic media, can cause perfor-
mance problems.

Some drives support several types and sizes of media. Before you purchase
your media, confirm with the drive manufacturer the exact details of sup-
ported media. If you select an incorrect media, there is a chance that the
backup will not perform as expected.
Optical drive media (discs) are immune to the issues of magnetism seen
in the tape drives but face their own problems. Special care must be taken
when handling optical discs because the media communicate through light
sources and must be free from scratches, fingerprints, or any other visual
obstructions.
Hardware Problems
Most backup devices connect to the server through the SCSI bus. If the
tape drive is not working upon installation, there may be a problem with
the drive installation. Confirm the SCSI ID, LUN, cabling, and termination
(refer back to Chapter 4, “Storage Devices” for more information on SCSI).
If these configurations are not done properly, the backup device will not
operate properly. Confirm also that the drive has been cleaned recently.
As previously mentioned, a dirty drive might not perform as expected, and
drive failure is a possible result of continual use of a dirty drive. Drive heads
can become so contaminated that the dirt causes physical damage to the
drive components. Magnetic buildup on the drive’s internal components
can also lead to hardware problems, such as causing the tape to become
tangled within the drive.
Software Problems
Software problems often focus on the operating system’s interaction with the
backup drive. Depending on the type and version of operating system on
the server, specific drivers may be needed. The drivers provided with the
backup drive may also be outdated. Ideally you should check with the drive
manufacturer’s website to be sure you have the correct driver. Is there a new
driver available? If you update your operating system on the server, is there
a new driver available for the new operating system?
SCSI-based magnetic backup drives also contain firmware that might
need to be updated to ensure proper operation with both your operating
system and your selected backup software. It is advisable to check regularly

Summary 469
with the manufacturer of your drive for firmware updates. Many websites
offer the opportunity to join a mailing list for updates, which is a nice way
to keep informed of updates for your products.
Third-party software problems can also occur. Compatibility between the
hardware, operating system, and the third-party drivers can lead to prob-
lems. Before purchasing your software, confirm that it will be compatible
with your hardware and operating system.
Media Retirement
Because old tapes can cause a problem, tape retirement is a key element of
preventative troubleshooting. Magnetic tapes, cartridges, optical disks, and
other backup media all have a finite useful life. Check the backup media log
to determine the number of times that the media has been used. This should
then be compared with the media manufacturer’s recommendations for use.
Planning ahead for media retirement can prevent possible problems in
the future.
Remote Backup Service

F or a fee, you can have a specialty company connect to your server
remotely and back up your data for you, eliminating the need to purchase a
backup drive, media, and cleaning cartridges, as well as the need for a secure
storage site and staffing. Remote backups use a high-speed Internet connec-
tion. Be sure to carefully research all aspects of outsourcing your backups,
including data security, cost, and convenience.
Summary
T his chapter explored the options for backing up data that is on
a server. Various devices are available to ensure data is safely copied and
stored. Backup hardware falls into one of two categories: optical and mag-
netic. Magnetic devices are currently the most popular.

Backup methods fall under four main types: full, differential, incremental,
and custom. Full backups do a complete backup of all files each time the
backup is run. Differential backups back up all files that have changed since
the last full backup. Incremental backups do a backup of all the files that have
changed since the last backup (whether full, differential, or incremental).
A custom backup requires you to manually specify how the backup runs,
and can comprise a blend of the other three methods.
Media rotation schemes specify which tapes are used at which times in
your backup strategy. Weekly rotation uses the least number of tapes and
allows for files to be restored from up to one week earlier. Monthly rotation
uses a weekly schedule but also keeps each end-of-week backup for a period
of one month, allowing for data to be restored from each week up to a one
month earlier. Yearly rotations build on the monthly rotation to keep the last
backup of each month for a period of one year. This method of rotating tapes
through a one-year cycle is often referred to as the GFS (grandfather-father-
son) rotation. The Tower of Hanoi is the most complex tape rotation plan,
but can provide the widest time range of backups.
Safe media storage is an essential element to a successful backup strategy.
Whether optical or magnetic, backup media need to be carefully handled
and stored. Media should be kept in a dry environment free from extreme
environment changes and dangers.
Once a backup strategy is implemented, periodically a restoration should
be attempted to ensure that a successful restoration could occur when needed.
Most backup software also provides data verification. Verification compares
the original data to the copy on the backup media to ensure that it was copied
correctly.
Backup utilities provided in the major operating systems include Backup
for Windows, SBackup for NetWare, and Tar for Unix. Tape drives often
come bundled with proprietary backup software. You can also purchase full-
featured backup software from third-party vendors.
Troubleshooting includes dealing with hardware, software, and configu-
ration problems with backup systems.
Preventative troubleshooting includes regular cleaning of magnetic heads
and planned media retirement. Monitoring the age and use of media will
minimize problems resulting from media failure.

Exam Essentials 471
Exam Essentials
Know the difference between archiving and backing up. Make sure
that you know the definitions of, and differences between, these two
key terms.
Know the different backup devices available. Be able to list the major
backup devices and their media capacities.
Explain the difference between a full, differential, incremental, and
custom backup. Know which backup methods clear the archive bit;
know how each method backs up data.
Explain the common rotation schedules. Know the difference between
a daily, weekly, monthly, and yearly rotation. Understand the terminol-
ogy in the grandfather-father-son rotation. Explain the Tower of Hanoi
tape rotation.
Explain effective media storage. Know the elements involved in effec-
tive media storage, including cost control, personnel management, and
safe offsite location.
Define verification and restoration. Know the difference between the
terms verification and restoration as they pertain to backing up data.
Know the backup software available in operating systems. Know that
Windows includes Backup, NetWare includes SBackup, and most Unix
distributions include Tar as backup software.
Be able to explain common troubleshooting for backups. This includes
SCSI device configuration, media problems, hardware problems (e.g.,
cleaning heads), and software problems.

Key Terms
ing terms:
archive bit Jaz

archiving monthly rotation
backup recordable DVD
Backup restoration
CD-RW (CD-Rewritable) SBackup
daily rotation Tar
DAT (digital audio tape) Tower of Hanoi
differential backup verification
DLT (digital linear tape) weekly rotation
full backup yearly rotation
GFS (grandfather-father-son) Zip
incremental backup

Review Questions
1. What is archiving?
A. A means of copying data onto a disk

B. Using a third-party device to back up
C. Preparing files for long-term storage

D. The method of data verification
2. What is a backup?
A. A copy of computer files.
B. Moving data to another location.
C. Compressing data on a hard drive.

D. Redoing previously done steps.
3. Which one of the following backup devices is not commonly used by

businesses today?
A. Optical device
B. DLT drive
C. Floppy drive
D. Zip drive
4. What does DLT stand for?

A. Digital linear tape
B. Digital logical transport

C. Discrete line tape
D. Discrete logical transport

5. What does DAT stand for?
A. Digital acute tape
B. Digital audio tape
C. Digital advanced tape

D. Digital actuator tape
6. What is the current maximum size of CD-RW media?
A. 750MB
B. 850MB
C. 700MB
D. 1GB
7. What are the current capacities of an Iomega Jaz drive media?

A. 1GB and 2GB
B. 2GB and 4GB
C. 1GB and 4GB
D. 3GB and 4GB
8. What is the data size of DLT media?
A. 20–50GB
B. 35GB and up
C. 100GB
D. 20–50GB
9. What is the media size of a DVD disk?
A. 4.7–17GB
B. 20–50GB
C. 1–3GB
D. 650–800MB

10. Which of the following is the most commonly used backup device?
A. Optical device
B. Removable hard drive
C. Internal hard drive

D. Magnetic device
11. A differential backup performed after the full backup will back up
what data?
A. All changed data since the last full backup.
B. Only the data that has changed since the last differential backup.
C. Only the data that has not changed since the last backup.
D. All data regardless of the last full backup.
12. Does a differential backup use an archive bit?
A. Yes
B. No
C. It depends on the backup software used.
D. Only if the differential backup is part of a grandfather-father-son

rotation schedule.
13. Which option best describes the files that will be backed up in an
incremental backup?
A. Data that has changed since the last full backup
B. Data that has changed since the last backup

C. All data
D. Only open data files

14. Which backup method requires the least amount of tapes for a
restoration?
A. Full
B. Differential
C. Incremental
D. Custom
15. Which backup method requires the most tapes for a restoration?
A. Full
B. Differential
C. Incremental
D. Custom
16. In a Monday through Friday weekly rotation, how many tapes

are used?
A. Four
B. Three
C. Five
D. One
17. In a monthly rotation what is the maximum time period that you can
go back for a restoration?
A. One month
B. One week
C. One day
D. Depends on whether you are using incremental or differential

backups.

18. The Tower of Hanoi rotation requires how many sets of media if
performing a weekly rotation?
A. One
B. Four
C. Five
D. Three
19. Which of the following is the backup software provided in Unix

operating systems?
A. Tar
B. Backup
C. Unix backup
D. SBackup
20. What is media retirement?
A. Use of old media that still may work.
B. Planned removal of aging media.
C. Assessment of age of information on a backup.
D. Backing up of old data.


1. C. Archiving processes infrequently used files for long-term storage,
often compressing the data to minimize space requirements.
2. A. A backup is a copy of selected files, often to a format unreadable
without the software used to create the backup.
3. C. Floppy drives are not commonly used today due to their limited
capacity.
4. A. These devices are called digital linear tape drives because of the
way the magnetic tape moves across the read/write heads.
5. B. DAT drives use digital audio tape to store data.
6. C. Currently the largest capacity of CD-RW media in use is 700MB.
7. A. The Iomega Jaz drive supports disk capacities of either 1GB or 2GB.
8. B. DLT drives will support media size of 35GB and larger. Currently
DLT drives support over 100GB on a single tape.
9. A. DVD media, although still in development and refinement, will
support media between 4.7 and 17GB.
10. D. Magnetic devices, due to their reliability and large media capacity,
are the most commonly used backup devices.
11. A. Differential backups focus on data that has changed since the last
full backup only.
12. A. Differential backups rely on an archive bit to monitor files that
have changed since the last full backup was performed.
13. B. Incremental backups back up data that has changed since the last
backup.
14. A. Full backups are done on a daily basis, so only one tape would be
required to restore.
15. C. Incremental backups require the most tapes for a restoration. You
would need the last full backup and every incremental backup since
the last full backup.
16. C. Provided that you back up on a Monday to Friday basis, you
would require five tapes.

17. A. With a monthly rotation, you can go back one month because the
tape for each Friday is kept for a one-month period.
18. C. The Tower of Hanoi requires a minimum of five media sets.
19. A. Unix operating systems use Tar as their default backup software.
20. B. Media retirement is planned removal of well-used media before it
leads to problems. An effective media retirement schedule relies on
careful monitoring of media age and use.

Chapter Disaster Recovery

THIS CHAPTER:

Verify backup

6.5 Determine if the problem is hardware, software,

or virus related

Plan for redundancy (e.g., hard drives, power supplies, fans,
Use the technique of hot swap, warm swap, and hot spare to
ensure availability
Use the concepts of fault tolerance/fault recovery to create a
disaster recovery plan
Develop a disaster recovery plan
Identify type of backup and restoration schemes
update as needed

7.2 Restoring
Identify hardware replacements
Identify hot and cold sites
Implement disaster recovery plan
Further information on CompTIA objective

“Recognize and report on physical security
issues” can be found in Chapter 13, “Managing
and Securing the Server Environment.” Further
coverage of objective “Restoring” can be found
in Chapter 14, “Backups.”

T his chapter is an exploration into the worst nightmare that a
server technician can face: a disaster. Disasters can come from two broad
categories—natural or non-natural. No matter the source, the end result is
the same: the server is no longer functioning. Disaster recovery is an impor-
tant consideration when setting up your server. Development of a disaster
recovery plan is a must. Although there may never come a time when the
plan must be implemented, it is always best to prepare for any circumstance.
One element of disaster recovery is prevention. In a server, disaster preven-
tion takes on the form of fault tolerance. As you learned in previous chap-
ters, fault tolerance involves including redundant components in a computer
to ensure that when a component fails, a second or third exact copy of the
component can instantly take over.
Defining the Disaster

D isasters can come from a multitude of sources. Natural disasters are
unpredictable, but it is possible to narrow the possibilities and to plan ahead.
If you live along the west coast of North America, for example, there is an
obvious concern with earthquakes, whereas a company located within the
central plains of the United States would be more concerned with a tornado.
Natural disasters can come in the form of severe weather, such as floods,
lightning, cold and heat, and storms (tornadoes, hurricanes, earthquakes,
etc.). The damage caused by each natural disaster is different but the out-
come is still the same. Creating an environment in which a company can
operate regardless of the disaster is the key to disaster recovery. This will
take careful planning as well as involvement from several organizations,
including representation from the company, community, and specialists
in environmental issues.

484 Chapter 15 Disaster Recovery
Non-natural disasters include theft, vandalism, system failures, or other

issues brought on by non-environmental influences. Disasters are created
by non-natural means more often than natural. Disgruntled employees or
recently terminated personnel can pose a serious threat. One element of
server environment planning is creating a secure environment where access
to the server, as well as potential for intentional harm, is limited. Commonly
though, non-natural disasters are a result of component failure. Servers oper-
ate within stressful environments and, with time, there is a high potential
for component failure. Planning for a hardware failure begins with building
the server. As you remember from Chapter 5, “Fault Tolerance,” combining
redundant components within key areas of the server will reduce the poten-
tial for system failure should one component fail. For example, multiple
network cards within a server will ensure that connectivity to the network
will continue even if one network card fails. This creates a redundant server
and can be considered a component of disaster prevention.
Regardless of the cause of the disaster, the effects are still the same. Plan-
ning on how to deal with the potential of a disaster and its outcome is the
focus of disaster recovery.
Creating the Disaster Plan

A successful disaster plan is a living entity. It is a carefully planned and
constantly updated strategy on how to cope and recover from a system
failure. This plan must involve the entire organization at some level. Creating
a plan that only the IT manager is aware of doesn’t help when the manager
is away and a disaster strikes. Carrying out the disaster plan as seamlessly
and smoothly as possible will require the cooperation and careful training
of all staff. As previously mentioned, the disaster plan is a living entity. It
must be frequently revisited, as changes both environmental and technical
will require that alteration to the plan be made on a regular basis. This will
ensure that if the need arises to use the plan, it will continue to be valid and
implementation will be as smooth as possible.
Creating a disaster recovery plan requires at least six key steps. Some
disaster plans, due to complexity, will require many more planning steps, but
the following six steps will cover the essential areas of focus in order to create
and maintain an effective safeguard. In many ways the lines between each of

Creating the Disaster Plan 485
these steps is blurry. Some information presented in one step might just as
easily fit into another step, but here are the working categories:
Exploring the risks
Understanding the impact
Creating strategies
Training for strategy implementation
Plan Maintenance
Documentation
Exploring the Risks

Before a plan can be developed the risks involved must be determined. This
can be a daunting task. How do you evaluate the unknown? The best
approach to take is to involve a group of people. This group should include
specialists from within the organization as well as outside. Technical special-
ists can provide information on potential hardware and software issues.
Management specialists can provide information on staffing concerns. Out-
side agencies can provide insight into possible community and natural
issues. At this stage a list should be created outlining the possible risks and
the impact of these risks on the network. Having the involvement of a
diverse group will ensure that many possible risks from many sources
can be gathered.
Understanding the Impact

Once a list is defined of the possible risks that the network would face, an
assessment of each of these risks and their impact on the business must be
determined. Each risk should be evaluated and prioritized as to its severity.
Variables to consider include the probability of the disaster occurring. For
example, although there is a possibility of a meteoroid hitting the business
and destroying the server, the likelihood is extremely small and therefore the
priority of this risk should be near (or at) the bottom. Another important
variable to consider is the impact of this risk should it occur. How much
disruption would occur? What is the severity of the disruption, both in
business functionality as well as financial loss? What is the financial

commitment for preparing for each disruption? The potential impact

extends beyond physical disruption to computers and users but also into
understanding the financial commitment required to prepare for and deal
with a disaster.
Creating Strategies
After determining the risks, assessing their impact, and prioritizing the list
based on severity of the risk, it is time to develop strategies to deal with each
disaster potential. This stage will involve creating, in some cases, several
possible solutions to deal with each risk. In the case of hardware failure it
would include the following possible strategies:
Having spare parts on hand
Establishing contact with a local supplier to determine availability of
parts and shipping timelines
Training staff to identify as well as effectively deal with the problem
For example, a printing company relies on specific printer hardware to
perform most of their printing tasks. Strategies to cope with printer failure
would include having a backup printer available and training staff on how
to connect to and use the secondary printer.
Oftentimes the strategy development stage is difficult to define. Exact
costs of parts will change with time. Even parts availability will change
dramatically within a few months. (See also “Plan Maintenance,” below.)
Careful consideration must be given to the possibility that a server contain-
ing dated hardware may not be easily repaired should a disaster strike. Older
components may not be readily available, and if located these parts may also
be quite costly. This can be seen in the world of RAM. EDO RAM, which
was used prior to SD RAM, is rather difficult to obtain today, as it is no
longer stocked at most computer stores. The price of EDO RAM, as com-
pared to SD RAM, is extremely high. For example, current prices for 128MB
of SD RAM is $39.95, while only 32MB of EDO RAM is currently $74.95.
I can’t even find a price for 128MB of EDO for comparison!
Another consideration is involvement of staff at this stage. Determining
which staff will be involved and to what degree can be a difficult task.
Obviously there will need to be people involved in carrying out the disaster
recovery plan. Technical knowledge, leadership, as well as other favorable
traits should be carefully considered.

Creating the Disaster Plan 487
Training for Strategy Implementation

Creating a disaster recovery plan is not useful unless there will be personnel
capable of implementing the steps within the plan. Regular training will
ensure that staff are current on their role within the plan strategy. It is
imperative that you develop a plan for regular staff training that covers the
following two aspects of the plan:
What the plan is Staff should understand the elements of the plan, the
entire scope of implementation, and their individual as well as collective
roles within the plan. This will ensure that there is minimal confusion,
gaps, or overlap with plan implementation.
How the plan is executed All staff need to understand what to do and
when. There will be logical steps that must occur within a set sequence
in order for the plan to be carried out effectively. This could be as simple
as knowing when to restart their computers. Regardless of complexity,
making sure that staff are aware of plan execution will definitely limit the
confusion.
Regular training is often the step that is most commonly missed. As the
plan changes, training must bring staff up-to-date both on their individ-
ual roles as well as the roles of others in carrying out the plan. This will
ensure that if the time comes to use it, a suitable plan can be carried out
smoothly.
Plan Maintenance
Maintenance of the plan involves frequent plan visitation to update on
newly identified potential disasters as well as changes within the business
that would warrant updates. Changes that might warrant a plan update
would include introduction of new software and hardware to the network,
expansion of the business, new staff, or new technology use. The frequency
of plan maintenance will be determined by the business. If there are no
changes to the business and no foreseeable new disaster threats, then
maintenance to the plan will be limited.
This step should also include verification of available hardware and
software used within the disaster recovery plan. For example a slightly
outdated plan might specify that a hard disk failure would require the
purchase of a new 2GB hard disk. The price and availability of this hard

disk will be significantly different within six months of the plan creation.
If this plan were still in use today without any update, it would be imprac-
tical and perhaps impossible to fulfill because a new 2GB hard disk is no
longer available.
Documentation
Documentation is the last step in creating an effective disaster recovery plan.
Without clear documentation chaos would occur. When a severe disaster
strikes, people normally panic. Having clear documentation will serve as
a visual reminder of the steps that need to be taken, but also will help in
restoring some form of order to an environment that seems out of control.
Documentation should include detailed steps to carry out the plan, as
well as copies of all updates to the plan. Having a list of plan updates will
allow you to track all changes that have been made, as well as allow for
acceptance or rejection of the changes. This way, when the plan has to be
carried out, reference to previous revisions can be made.
Copies of the plan documentation should also be made. These copies
should include hard copies, digital copies, and backup copies located offsite.
This will ensure that no matter what the nature of the disaster, there will still
be access to the plan.
Identifying Hot and Cold Sites

A lthough most disasters that a business will face are small disrup-
tions, there is the potential for catastrophe. When deciding on how to deal
with a catastrophic disaster there are three backup options available: hot,
cooperative, and cold sites.
Hot Sites
A hot backup site is an exact copy of the original business located in a
different physical space. This includes equipment, software, and data.
Although a hot site is the ideal situation, it is extremely expensive to create
and maintain. The costs would include everything from renting/purchasing

Identifying Hot and Cold Sites 489
a second facility, equipment costs, software licensing, to maintenance

costs. Every update and patch that is applied to the primary location must
then be applied to the hot backup site. Maintaining a secondary site often
requires hiring additional technical staff to assist with the workload.
If the disaster occurs, a hot site is brought online by restoring data on its
server. The transition to the hot site is relatively easy. Some hot sites will
use a VPN or WAN connection to the primary site to maintain constant
data updates, thus eliminating the need to restore data should the failure
occur. Regardless on how the data is updated, a hot site will normally be
ready to go at a moment’s notice. The only transition is relocating staff to
the hot site facility.
Cooperative Hot Sites

Cooperative hot backup sites are an ideal way to cope with the high prices
associated with implementation of a hot site. Cooperative hot sites are cre-
ated and maintained by several companies. The site is then available to any
of the cooperating companies if needed. The hope is that only one company
will need the site at one time. Although this approach seems like an ideal
solution to dealing with creating a hot site, difficulty can arise in meeting
each company’s business and technology requirements. This will include
facility, hardware, and software requirements.
Cold Sites
Cold backup sites normally have equipment available but availability is not
at the level of a hot site. Computers will be available but not at the identical
configuration to the primary systems. The idea is that there will be enough
equipment to run the business but at a basic state until the primary facility
can be repaired. An example would be using a simple dial-up Internet
connection as opposed to a high-speed link that would be available at the
primary site.
Cold sites are a much more affordable option. However, the transition
between the primary and cold site is more difficult, often requiring that
computers be set up and configured, and patches be applied as necessary.
Often cold sites are not maintained regularly. This can lead to unpleasant
surprises, including hardware and software conflicts.

The benefit of cold sites over hot sites is affordability. Eliminating the
cost of regular maintenance and equipment matching makes cold sites
substantially more affordable and popular.
Replacing Failed Hardware

A s previously mentioned, disasters will often take on the form of
hardware component failure. Dealing with this type of disaster is more of a
routine task for most technicians, but care must be taken throughout this
process. Identifying the component that has failed is the first step. If the
component has indeed failed then replacement of the component must occur.
At this step, verifying hardware compatibility and following ESD best
practices will ensure that the replacement goes successfully.
Identify the Failure

Modern servers offer technology to make hardware failure identification
easier. Servers often spend long periods of time without any human contact,
especially if the server is locked in a cabinet or a specialty room. New
technology offers options for remote notification when a hardware failure
occurs. This notification can take on the form of an e-mail or pager alert,
or even a phone call with a prerecorded message. Regardless of the form,
remote notification allows for immediate notification of hardware issues,
which in turn allows for faster response time.
Another server technology that has increased in popularity is the addition
of visual displays. Visual displays are seen within numerous devices within
a computer, such as network cards. Link lights on the back of a network
card provide a visual verification of connectivity. This concept has expanded
to include lights on hot plug hard disks as well as LED panels on the server
that provide a visual representation of hardware status. These lights can be
compared to traffic signals: green for OK and red for failure.
Notification, whether it is visual or remote, simplifies the troubleshooting
process significantly. Rather than searching through the server to deter-
mine if and where a hardware issue may be, the server will point you in
the correct direction.

Replacing Failed Hardware 491
Once the problem is identified, corrective measures can then take place.
If the hardware has indeed failed, replacement is the only option. At this
point a full backup should be done. This will ensure that any unforeseeable
problems that may occur as a result of the hardware repair will not result
in any data loss.
Always Remember to Back Up!
It is amazing the risks that technicians often take. A simple update such
as installing a utility can result in catastrophic consequences. One of the
servers I once worked on had experienced a problem with a tape drive.
Upon consultation with the server manufacturer, I decided to install a
utility program that I had downloaded from the manufacturer’s website;
the utility would do a diagnostic on the tape drive as well as the SCSI channel
that the drive was connected to. When I performed this task, the server (run-
ning Windows NT Server) did a physical memory dump and basically died
right before my eyes. The entire operating system became corrupt and
the system failed. Fortunately I had backed up the server the night before
and there was no data loss. The server had to be reinstalled with the oper-
ating system and a restore from the backup tape to return the data as well
as security on files and folders. Had there not been a backup done, I would
have had to re-input all the users as well as set up their access and permis-
sions. Remember, it doesn’t matter whether you are doing a major system
upgrade, installing a patch file, or even doing diagnostics: always perform
a full data backup. Whatever can go wrong often does when you least
expect it.
ESD Best Practices

ESD (electrostatic discharge) is a computer’s worst enemy. The transfer of
electrical shocks to computer components through human contact is what
we’re referring to as electrostatic discharge. ESD often occurs during com-
ponent handling during either installation or maintenance. The effects of
ESD can be mild or severe, depending on the component and the amount
of static charge. This is analogous to a stroke in humans. Some people

will lose short-term or long-term memory, others will be paralyzed on one

side, others will die, and some people will make a full recovery. No one can
predict how people will react to a stroke. ESD is similar in that the damage
to components can vary dramatically. Unfortunately you can be causing
damage to a computer component without even knowing it. The smallest
charge that a human can physically feel is approximately 3,000 volts. It takes
10,000 volts before you can see a spark. A shock of as little as 30 volts can
damage a computer. It is highly likely that damage will occur without your
even noticing the discharge.
When working on hardware you should take special precautions to pre-
vent ESD damage. The first step is to work within an environment that will
limit the potential for static from forming. The worst possible environment
is cold and dry. If you live in a northern climate you will have experience
in the annoyance during the winter months: Paper tends to jam in photo-
copiers and printers more often, every time you reach for a door handle
you get a shock, your kids take pride in shuffling their feet across the carpet
and then lightly touching your ear to give you a shock. This is the ideal ESD
environment. If you need to perform work with hardware, you want to avoid
these conditions. Having a humidity control within the room where the
work is to be done will help significantly.
ESD Wrist Strap

An ESD wrist strap is an essential device during any hardware upgrade
regardless of the time of year. The potential for ESD occurring is constant.
An ESD wrist strap is a Velcro band that wraps around your wrist. Attached
to the strap is a wire containing a small resistor that bleeds charge away from
your body. The other end of the wire attaches to a ground source. The ideal
ground source is the ground pin on an electrical outlet. When properly
attached, the wrist strap will prevent electrical charges from transferring
from your body to the computer components.
ESD Mat
A major problem with the ESD strap is that the cable tethers one of your
hands. This will limit your mobility, and at times, the cable will become
entangled with the computer that you are working on. It is also possible (and
often does happen) for the wire to become disconnected from the ground

Replacing Failed Hardware 493
source. Many ESD straps use a coiled wire that does not provide much
distance between you and the outlet. An ESD mat is a better solution. This
mat is actually a rubber mat with the resistor and cable attached to it. It
grounds the computer against damage from both human contact as well as
charge from the table.
Oftentimes an ESD wrist strap is used in conjunction with an ESD mat.
This will provide protection from both human and tabletop ESD contact.
Antistatic Bags
All computer components are shipped within a special antistatic bag. These
special bags prevent static charge from coming into contact with the com-
puter components. It is highly advisable to keep these bags. At some point
you may need to transport a component or remove one temporarily. Having
an antistatic bag to store the component in will protect the component while
it is outside of the computer.
Antistatic Bags
Antistatic bags can also be used as gloves. Since the bag prevents the
transfer of static charge, technicians have used them as gloves when they
need to get a better grip on a component. An example of this use is install-
ing expansion cards. At times considerable force is needed to seat the card
properly in the slot. Using the antistatic bag as a glove will allow you to
manipulate the card with a better grip. Once an antistatic bag has been used
for this purpose, it should not be used to store computer components in.
The interior of the bag can contain residual charges from your hands.
Planning for Hardware Replacement

Once you have determined which hardware component has failed, it is time
to plan for the replacement. Keeping the ESD concerns in mind, hardware
replacement will have to be planned. This planning stage will include locating
a suitable replacement part, assessing the complexity of the replacement,
planning the time to perform the replacement, and notification (if necessary)
of staff that there will be repairs done.

Locating Suitable Replacement Parts

In new servers locating replacement parts is often not a difficult task.
Everything from power supplies, hard disks, RAM, to processors is readily
available. Older servers are a little more problematic. For example a failed
ISA network card may seem like a simple replacement but many retail
outlets are not stocking ISA expansion cards anymore. The same hold true
for older processors and RAM. It is highly advisable to plan ahead with
your hardware. Before any failures occur you should become familiar
with the hardware within your server and take the time to locate suppliers
for the parts. If you can build a positive relationship with a supplier you
will hopefully be able to locate parts quickly when you need to. Unfortunately
at times you may not be able to locate suitable replacement parts. If you
can identify this problem before a disaster strikes, steps can be taken
towards planning a server upgrade or replacement.
The worst-case scenario is that a component fails within the server and the
need for a simple replacement results in extended server downtime while a
part is located and then ordered, or the entire server undergoes an unplanned
upgrade. Carefully monitoring the age and availability of components within
a server will provide needed information so that suitable replacement parts
can be located as quickly as possible. This same information can be helpful
for making decisions about a planned upgrade to deal with aging server
components.
Assessing Replacement Complexity

How hard can it be? Take the cover off, remove a couple of cables and
screws, and swap the parts. Sometimes it is this easy. Other times it seems
as though the entire computer has to be stripped down before you can even
get access to the failed component. Depending on the server and its design,
component replacement can be a simple or an extremely complex task.
Always refer to the technical manuals provided by your server manufacturer
before you proceed to replace any hardware. This will help you understand
the proper steps to take to gain access to and replace parts within the server.
Hot swappable hard disks provide the easiest means of replacing a hard
disk. Simply grab the handle of the failed hard disk, release the locking mech-
anism, and slide the drive out. The replacement drive slides in and the handle
locks into position. If there is a RAID configuration, it will automatically
identify the new drive, format it, and begin copying data to the drive. This
process does not require that the server be shut down. For the users accessing
the server, this hardware replacement will go unnoticed.

Software Failures 495
Planning Replacement Time

Planning the time for the replacement will rely heavily on the complexity
of the replacement. In the previously discussed hot swap example, the
replacement can occur at any time because there would be no disruption
to the users. A motherboard replacement, however, would result in the
server having to be shut down for an extended period of time. This planned
replacement time would have to occur during a low-access time to the server
(possibly during the night). Plan to add extra time to the estimated time
for the replacement to allow proper testing of the new component and extra
time for fixing any possible glitches that might interfere with regular opera-
tions. Starting to replace a motherboard in a server at 8:30 A.M. when staff
are arriving and will need to access the server at 9:00 A.M. is not going to
work out in your favor.
Notification
If the repair to the server cannot occur during a time where there will be
no access, then proper notification will need to take place. This includes
advanced notification to all people who will be affected by the shutdown.
With this notification include the nature of the repair, the fact that the server
will be inaccessible, the start time, and estimated completion time. Advanced
notification should be done at least a week prior to the repair. This notifica-
tion can be done via in-house e-mail, regular in-house mail/fax, or verbally.
Regardless of the delivery method, you should include a verification process
to ensure that all intended recipients received and understood the notifica-
tion. Should there be any discrepancy at a later date, you will have proof
that the notice went out and was acknowledged by all intended people.
Finally, a second notification, much like a reminder, should be sent 24 hours
before the repair is to take place. This will ensure that those people who
forgot will be reminded and plan their day accordingly.
Software Failures
Software failures can also have a significant impact on server
operations. Before applying any update to a server, thorough testing should
be done. The unforeseeable impact on both the operating system as well as
installed programs can be severe. In an ideal environment a separate test
server would be used to verify every patch, every new software installation,

and every firmware update before they are installed on the production server
but it is rarely possible to afford an exact copy of the production server to
use for testing purposes. Carefully researching the software compatibility
issues before installation will normally reveal any potential negative conse-
quences. Before installing or applying any software update, you should do
a full backup.
Before installing any update, first consider the reason for performing
the update. Is the update needed? It is not necessary to install every avail-
able update. If there are no benefits or fixes that are going to provide a
positive impact for your environment, then why take the risk? Refer back
to Chapter 11, “Software Updates,” for more information.
Summary
T his chapter explored the development and implementation of a
disaster recovery plan, including defining and creating an effective means of
dealing with both minor and severe system failures.
Development of a disaster recovery plan includes exploring the risks,
understanding the impact, creating strategies, training staff, implementing
the plan, maintaining the plan, and documenting the plan.
When deciding on how to deal with a severe disaster, consideration must
be given to creation of a hot backup site, a cooperative hot backup site, or
a cold backup site. A hot site will be an exact copy of the original site, includ-
ing hardware, software, and operating facility. This is the most expensive
and complex method to set up and maintain but provides the easiest transi-
tion should the need arise to use it. A cooperative site is a hot site created
and shared by several companies with the intent to share the cost. Cold sites
contain equipment for use but often at a more affordable level than the
equipment used at the primary site. Cold sites often require quick setup
and adjustments in order to make them functional.
Replacing failed hardware is the most common service performed with
a disaster recovery. In order to successfully accomplish this task, you must
take several steps first. First you must identify the failure. Modern technol-
ogy can assist with this task, providing servers with a means of monitoring
and displaying the status of the hardware. Once the hardware failure is
determined, you must plan for the repair. Planning also includes being
constantly aware of ESD and the dangers it poses to computer components.

Exam Essentials 497
ESD best practices include monitoring temperature and humidity as well as

the use of antistatic wrist straps, mats, and component bags. The next step
is locating suitable replacement parts, ensuring compatibility with the server’s
existing components. Next comes assessing the complexity of the replace-
ment. This step should be done with reference to technical guides from the
server and replacement component manufacturers. Planning the replace-
ment time will assist in creating a smoother transition. Finally, notifying
users of the repair well in advance will ensure that everyone affected can
properly prepare for the downtime.
Software failures can also play an important role in disaster recovery and
planning. Many simple patch and firmware updates can go wrong and result
in a network disaster. Careful research and testing of the software will
protect the production server from disaster.
Exam Essentials
Know the two broad categories of possible disasters. This includes
natural and non-natural disasters.
Be able to provide examples of both types of disasters. Natural disas-
ters result from naturally occurring and unpreventable events such as
tornado and flood, while non-natural disasters include vandalism, theft,
and user error.
Be able to identify key elements of a disaster recovery plan. Know the
steps involved in creating a disaster plan including exploring the risks,
understanding the impact, creating strategies, training for strategy imple-
mentation, plan maintenance, and documentation.
Know the difference between hot, cooperative, and cold backup sites.
Hot sites are exact copies of the primary site, cooperative sites are hot sites
shared between businesses, cold sites contains minimal equipment will
need some configuration before getting up and running.
Know the steps to identify and replace failed hardware. This includes
identifying the failure through visual as well as notification cues, planning
the replacement, locating suitable parts, assessing the complexity of the
replacement, planning the replacement time, and notification.

Know the dangers of ESD. Be able to identify the risks involved in

performing a hardware change, including environmental considerations
and electrostatic voltage levels.
Know how to take measures to prevent ESD damage. Know the uses of
antistatic wrist straps, mats, and bags in preventing ESD damage from
occurring.
Know the potential risks in performing software updates. This includes
patches, software updates, and firmware.
Key Terms
Before you take the exam, be certain you are familiar with the
following terms:
antistatic bag hardware failure

backup hot backup site
cold backup site LED panels
cooperative hot backup site natural disasters
disaster recovery non-natural disasters
disaster recovery plan patch
documentation plan maintenance
ESD RAID
ESD mat remote notification
ESD wrist strap risks
firmware

Review Questions
1. Which of the following is an example of a natural disaster?
A. Electrical fire
B. Theft
C. User error
D. Flood
2. Which of the following is an example of a non-natural disaster?
A. Tornado
B. Flood
C. Electrical fire
D. Lightning strike
3. Are disasters more commonly the result of natural or non-natural

events?
A. Natural
B. Non-natural
4. What is the main focus of disaster recovery planning?
A. Planning on dealing with the potential of a disaster and its

outcomes
B. Dealing with a system failure after it happens
C. Learning how to rebuild company assets once a disaster occurs

D. Building a business that is completely immune to a disaster

5. What is a disaster plan?
A. A scheme to create potential problems within an organization
B. A carefully planned and constantly updated strategy on how to

cope and recover from a system failure
C. A “set in stone” plan that is created once and locked away on how
to deal with every potential problem that a business could face
D. A secret plan of action for fixing potential problems
6. How many steps at a minimum are required in creating a disaster

recovery plan?
A. Five
B. Six
C. Seven
D. Eight
7. What is the first step in creating a disaster recovery plan?
A. Exploring the risks
B. Understanding the impact
C. Creating strategies
D. Assessing the business requirements
8. Training for strategy implementation involves which two steps?

A. What strategies to use and how to use them
B. Prioritizing strategies and assessing their impact

C. What the plan is and how the plan is executed
D. Creating strategies and maintaining strategies

9. What does plan maintenance involve?
A. A quick scan through the disaster recovery plan to ensure that it is

still functional
B. Having a third party assess the validity of the disaster recovery
plan to ensure that it has been created correctly
C. Frequent visitation to update the plan on new potential disasters as
well as company changes
D. Revisitation of the disaster recovery plan on a yearly basis to
update staffing changes
10. What is a major reason for providing clear documentation of the

disaster recovery plan?
A. For insurance purposes
B. In case the person in charge is not available to carry out the plan
C. To serve as a visual reminder of the steps that need to be taken

when the time comes for the plan to be implemented
D. So everyone knows their role and there will be no questions
11. What format should copies of a disaster recovery plan be kept in?
A. Hard copy
B. Digital copy
C. Backup copy
D. All of the above
12. What is a hot backup site?
A. An exact copy of the primary site
B. A copy of the primary site that will require setup before use
C. A shared site between several companies
D. A partnered business, which will take over the primary company

should a disaster strike

13. What is a stumbling block in creating a cooperative backup site?
A. Establishing the partnership between companies
B. Matching the technological and business requirements of each

company
C. Locating a facility large enough to house all businesses within the
partnership
D. Fiscal planning between each company to cover the costs of the site
and technology
14. Do cold backup sites require any setup or configuration before use?
A. Yes
B. No
C. Depending on whether they are also cooperative backup sites
D. Only if the site is not owned by the corporation
15. What is the most common form of disaster that a technician will have
to deal with?
A. Software failure
B. User error
C. Hardware failure
D. Natural disasters
16. Which of the following is a form of remote notification?
A. LED displays
B. E-mail alerts
C. Beep error codes
D. Text alerts

A. Electrical shock discharge
B. Electro-shock discharge
C. Electrostatic discharge
D. Environmental static discharge
18. How many volts does it take to damage a computer component?
A. 30 volts
B. 1,000 volts
C. 50 volts
D. 500 volts
19. What does an ESD wrist strap or mat contain that removes ESD
charges safely?
A. Transistor
B. Diode
C. Capacitor
D. Resistor
20. Computer components that are not within the computer should
be stored in which of the following options?
A. A cardboard box
B. An antistatic bag
C. A bag
D. Any protective container


1. D. A flood is a naturally occurring disaster whereas the other options
are influenced or caused by people.
2. C. An electrical fire is a result of an electrical problem. This is a
non-natural event while the other options presented are all naturally
occurring events.
3. B. Most of the disasters that occur result from non-natural events
such as user error and hardware failure.
4. A. Disaster recovery planning involves analyzing, and preparing for a
disaster before it happens. This will ensure that if a disaster does hap-
pen, repairs and positive action can proceed as smoothly as possible.
5. B. A disaster plan is a carefully crafted and continually updated doc-
ument providing valid, up-to-date guidelines for coping with system
failure. It must be shared with and understood by all employees, to
ensure that they will remain calm and carry out the steps in the safest
and most efficient way possible.
6. B. A minimum of six steps are required in creating a disaster
recovery plan.
7. A. The first step in creating any disaster recovery plan is exploring
the potential risks. This involves creating a detailed list of all potential
threats that your company faces.
8. C. This stage of the disaster plan is the final step and involves train-
ing staff on what the plan is and how the plan is to be executed.
9. C. Disaster recovery plans require frequent visitation to update
any changes and assess new potential threats. The frequency that this
revisitation occurs at will vary depending on the nature of the com-
pany and environment that it exists in.
10. C. Clear documentation will serve as a visual reminder of the
planned steps when the time comes to carry them out. This will also
assist in maintaining order during a stressful and chaotic time. To
maintain clear documentation, frequent visitation to the plan and
adjustments as necessary must be done.

11. D. Ideally you should keep your disaster recovery plan in as many
different formats as possible. This will ensure that if you need to, you
can resort to several different means of accessing the plan.
12. A. A hot backup site is an exact copy of the primary site, including
equipment, and software. Hot backup sites are the most costly to
create and maintain, but they provide for the smoothest transition.
13. B. In a cooperative backup site one backup facility is shared between
several businesses. Creating an environment that will meet the needs
of all partnered businesses is the major stumbling block.
14. A. Cold backup sites will require setup of equipment as well as
configuration of software and data before they can be used.
15. C. Hardware failures are the most common form of disaster. Servers
operate within a stressful environment, and with time hardware com-
ponents will fail and require replacement.
16. B. Modern servers have the ability to send e-mail alerts to report on
potential problems with the operation of the server. This is a form of
remote notification.
17. C. ESD is the acronym for electrostatic discharge. ESD is a serious
concern when performing a hardware upgrade or replacement. Static
discharge can damage or destroy computer components without the
technician even knowing a discharge has happened.
18. A. It can take as little as 30 volts to seriously damage or destroy a
computer component. At this small of a voltage you would not even be
aware that the damage has occurred.
19. D. An ESD wrist strap and mat contain a resistor that slowly bleeds
any charge away from you and the computer to a ground source.
20. B. Components that are not installed in the computer should be
stored in an antistatic bag to prevent ESD damage.

Troubleshooting PART
VI

Chapter Problem Determination

THIS CHAPTER:
6.1 Perform problem determination

Use questioning techniques to determine what, how,
and when.
Identify contact(s) responsible for problem resolution
Use senses to observe problem (e.g., smell of smoke,
observation of unhooked cable, etc.)

O ne of the most trying tasks a server administrator faces is
troubleshooting problems when they arise. This means seeking out the prob-
lem and eliminating it or its cause. Fixing the problem is sometimes the easy
part while determining the source of the problem can be very difficult. A
server administrator must be efficient in recognizing a problem, especially
for those servers that require a high level of availability. Problem recognition
is definitely a skill that requires logical thinking, reasoning, and technical
knowledge.
Server troubleshooting is a major part of any server administrator’s day-
to-day tasks and it is also covered in great detail on the Server+ exam. This
chapter is dedicated to problem determination. It will introduce you to some
general troubleshooting steps that should be followed when trying to deter-
mine the source of a problem as well as some of the things you should look
for in the server environment.
Troubleshooting Steps
P inpointing a problem can be very difficult but following some simple
procedures can make the troubleshooting process much easier. Experienced
administrators won’t just rely on their own knowledge to solve a problem
but will use all the resources available to them to help achieve an accurate
diagnosis. This includes questioning users on the network, interpreting the
information in server logs, and even using your own senses.
Once a problem has been detected, following the steps outlined below can
ensure proper diagnosis and resolution of the problem at hand.
1. Determine the priority of the problem.
2. Gather information by asking questions and checking logs.

Troubleshooting Steps 511
3. Physical Problem Detection.
4. Identify contacts/responsible parties.
5. Fix the problem.
6. Document the solution.
Determine Problem Priority

One of the first things a server administrator needs to do is assess the prob-
lem at hand to determine its severity and assign it a priority. Once you’ve
assessed the problem you may determine that there are other matters that
need to be addressed before attempting to resolve the problem. In other sit-
uations you will determine that the problem requires immediate attention.
The severity of a problem will be based on the impact it is having—or
could have. One of the most important things to consider is data loss. If the
problem could result in the loss of network data, it will require your imme-
diate attention. For example, a failing hard disk would need to be replaced
as soon as possible, or a backup device that is not functioning would need to
be fixed right away.
Chances are if the problem is related to server hardware, it will require

immediate attention.
If you recall from Chapter 9, “Upgrading and Maintenance,” server

uptime is the amount of time that a server is available to users when they
need access to it. If a problem could impact server uptime, it probably needs
to be addressed immediately. Of course this will also be determined by the
importance of the server on the network. If the server is rarely accessed, it
can probably be assigned a lower priority. However, if the server plays an
important role on the network, such as a domain controller or a web server,
the problem will need to be fixed as soon as possible. If the problem could
lead to future downtime if it is not fixed immediately, then assign it a high
priority and begin troubleshooting. Keep in mind when assigning a priority
to a problem that your perception and a user’s perception might differ. A
downed Internet connection or the inability to send e-mail messages may be
high priority to users on the network but not on your list.

512 Chapter 16 Problem Determination
Gather Information
There are many ways that a server administrator can acquire information
pertaining to a reported problem. This can be done in a variety of ways but
two of the most common and efficient ways is to ask questions and use the
information in the error/event log.
Determine Problem Origin

Determining the source of a problem can quickly lead to a solution. Server
problems can be caused by malfunctioning hardware or software, or could
be due to a virus. When diagnosing why a problem has occurred, begin by
doing a virus scan to eliminate this as a possibility. If you’ve been updating the
virus signature file on a regular basis and performing regular virus scans,
the chances of the problem being virus-related are minimal (recovering from
a virus will be discussed in the next chapter).
Hardware-related problems are easier to diagnose than software related
problems. If there is a problem with a hardware component, most servers will
generate some type of report, warning sign, or error message. Different utilities
and tools will also allow you to monitor the status of hardware and determine
if a component is malfunctioning, failing, or in conflict with another device.
Solving a hardware-related problem usually involves reconfiguring the hard-
ware settings or replacing the failed hardware.
Software related problems are the most difficult to track to their source.
Servers are often running multiple services and applications that can end up
conflicting with one another. An application or service may stop responding
or cause the server to hang. Most often an error message of some form will
be generated regarding the cause of the problem (such as a corrupt file). Solv-
ing software related problems might entail installing service packs, software
updates, or the entire operating system.
This is where it becomes extremely important to track any changes that

are made to a server. Even the smallest configuration change made to one
application or service can impact on another service or application that was
previously functioning.
Ask Questions
When a problem occurs on a server, usually the first people to notice it or
feel the effects of it are the users on the network. Dealing with users can be

frustrating if they do not understand the technologies behind servers and

networking, but don’t count them out as a source of information because
their input can prove invaluable. Often users on the network are the first to
report a problem. The report that you get might be vague—“the network is
down,” perhaps—but if you ask the right questions, you can soon discover
some important information.
When questioning users, or even other technical support staff, use the
following questions as a guideline:
What is wrong? Try to get as much detail as possible, such as any error
messages that appear.
What are the symptoms of the problem? Find out from the individual
how often the problem is occurring, what applications are open when it
occurs, and whether the problem is experienced by one or multiple users.
When did the problem begin? Determine if this is the first time the
problem has occurred. If the problem has occurred before, ask the user
how often it occurs and if it does so at specific times.
What has changed? One of the most important things that can help you
troubleshoot the problem is to determine if any changes have been made
recently that can be the source of the problem.
Interpret Logs
Logs are essential in ensuring that your servers run successfully. Logs list
events that have occurred and record activity on your server. Entries in a log
file usually report errors and warnings generated, when they occurred, an
event ID, and sometimes an event description.
Log files can be overwhelming to a server administrator because of their
size and complexity. When troubleshooting, log files are one of the first
places you should look for information on the problem. Some log files will
provide a description of the event while others will only provide you with an
event or error code. Even if you cannot understand the information within
a log, vendor support personnel should be familiar with the error messages
and error codes. Some websites will also allow you to type in the error or
event code or the description and provide you with details on the cause of the
problem and the solution.
Most operating systems, services, and applications will write events to
some sort of log file. Where the logs are located and their format will of
course depend on the operating system. For example, NetWare servers write

information to one of three log files (Console.log, Abend.log, and the

Sys$log.err), which can be used to diagnose server-related problems.
Microsoft operating systems write information to a System Log. Figure 16.1
shows an example of the System Log in Microsoft’s Event Viewer. In Win-
dows 2000, Event Viewer can be accessed from Administrative Tools or
through the Control Panel.
FIGURE 16.1 Microsoft’s Event Viewer
The System Log shows events pertaining to the failure of a driver or

another system component. Double-clicking an event within Event Viewer
will bring up more-detailed information on the error, such as the error ID
and a description (see Figure 16.2).
If you are using one of Microsoft’s operating systems, you can then
go to Microsoft’s support site and search for information regarding the
specific event ID (see Figure 16.3). Chapter 17, “Troubleshooting Tools
and Techniques,” will look more closely at how to use log files for
troubleshooting.

FIGURE 16.2 System error in Event Viewer
FIGURE 16.3 Event ID support

The System Log displayed within Microsoft’s Event Viewer gives you the
date and time that the error or warning occurred, the source of the error or
warning (which server component generated the event), an event ID, and a
description of the event.
It is good practice to regularly review the information in log files, making it

part of your daily or weekly routine. Some logs will generate warning mes-
sages alerting you to a possible problem so it can be dealt with before it
becomes more serious.
Physical Problem Detection

We have discussed gathering information by questioning users and review-
ing server logs. Another means of troubleshooting a problem is to rely on
your own senses—your sense of sight, smell, and sound. Your own senses
can help you determine quickly the cause and solution of any physical
problems.
Use Your Eyes

If a problem is suspected with a server, start looking around. Missing a visual
clue in the physical environment could cost you hours spent troubleshooting
a simple problem. Does anything look out of the ordinary? Has someone
other than you recently had access to the server? If anything looks out of
place, you will want to find out who last accessed the server and what
changes, if any, that person might have made. Also check the physical cable
connections, check the cables themselves, and check to make sure that all
components are properly connected. For example, noticing a disconnected
network cable can save you time in troubleshooting a server’s loss of net-
work connectivity (if only troubleshooting all server-related problems could
be so simple).
Use Your Nose

Using your sense of smell can also assist in problem determination. Check
the server environment for any usual smells, such as smoke or an “electrical”
smell. For example, if a video card burned out, you would probably detect
its very distinct odor.

You will recall from earlier discussions that excessive heat can have a
negative impact on a server, and that servers should be placed in a room
where the temperature can be carefully controlled and monitored. When
troubleshooting any server-related problems, check the temperature of the
server room. There are two issues to be aware of when considering heat.
First, servers and components generate a fair amount of heat. If a fan in a
power supply goes out, the box will let off a lot of heat. Or if a CPU fan goes,
you may notice erratic behavior in your server, such as the icons disappear-
ing from the desktop (this can obviously be more difficult to detect). If the
server itself is overheating internally, it can also cause hardware components
to fail. The second issue involves a fluctuation in room temperature, which
can cause components to physically shift and lose their connection (which
could be the cause of any hardware-related problems you may be having).
Use Your Ears

Listen for any unusual sounds that might indicate a failing or malfunctioning
component. Server rooms are notoriously noisy, but if you are in tune with
the environment, you should be able to pick up on any unfamiliar sounds.
Take for example an internal fan. Before an internal fan fails, it usually
makes a loud grating or humming noise that can alert you to the problem;
then you can replace the fan before it actually does fail. Or if a spindle is
about to go out on a hard drive, you might notice a very-high-pitched hum.
A rhythmic clicking coming from your hard drive is another ominous sound.
If you haven’t noticed any problems with the server already, get that hard
drive replaced before something tragic happens.
Notify Responsible Parties

In many cases, depending on the size and structure of the network, you
will be responsible for all aspects of server and network administration. In
other cases, particularly in a large network, several administrators might be
responsible for different areas of server and network administration. This
would mean that, when it came time to fix a problem, it might not be in your
area of administration and expertise. In such cases, once you have detected
a problem, you should notify the individual responsible for this area of
administration to fix the problem. It could also be appropriate to notify a
third party.
Take, for example, a case when users report they cannot access one of the
servers on the network. After examining the server, you determine that it is

functioning as it should be and the problem is in network connectivity and

a malfunctioning router. In this case, you may need to notify the person
responsible for maintaining internetworking and routers to fix the problem.
In some cases the contact to fix the problem may be a third party offering
support for a product. If the problem is due to hardware or third-party soft-
ware and you are unable to determine the cause of the problem, one of the
first things to do is contact the manufacturer’s support team. Chances are
they have encountered the problem before and will be able to provide a solu-
tion or, if they do not have a solution, will be quick to find one for you.
Fix the Problem

Once the trouble and its cause have been identified, you are ready to move
onto the next step, which is finding and implementing a solution. An expe-
rienced administrator might know the exact fix and be ready to implement
it if they have encountered the problem before or have expertise in that spe-
cific area. Those who are new to server administration (and even those who
are experienced but encountering a new problem) should be aware of the
different resources available to them and where to locate or access them.
You might need to ask for assistance to get the problem solved. Remember,
your goal is to get the server fixed as soon as possible to avoid the chance of
server downtime, so use all the resources you have available to you to get the
problem solved.
I have yet to meet an experienced server administrator who does not consult
some documentation, such as a knowledge base, to solve some server related
problems.
Find Available Resources

A good server administrator will be aware of the many resources that are
available for troubleshooting. A resource can be another person or some
form of documentation that provides insight into the problem at hand. There
are many places that a server administrator can go for support, some of
which are listed below.
Telephone support
Technical support websites
Technical support CDs

Search engines
Readme files
Newsgroups
Chat rooms
Locate and Use Documentation

An abundance of information is available for troubleshooting: readme files,
technical support CDs, support websites, and newsgroups. All can be useful
when determining a solution to a problem.
Some manufacturers and vendors have newsgroups available on their
website where customers can go to seek assistance and post information.
Chances are you are not the first customer who has encountered the problem,
and someone might have posted the cause and solution. If there is nothing
pertaining to your problem on the newsgroup, you can also post a question
that another customer or support person can answer.
Readme files are usually found on a manufacturer’s installation disk or
CD. A readme file will contain installation information, tips, and configura-
tion settings not to be found in a manual. Figure 16.4 shows the contents of
a sample readme file.
FIGURE 16.4 Sample readme file

Telephone support is another troubleshooting resource. Most vendors

and manufacturers will provide their customers with phone support for a
minimal cost. This can be for a specific period of time or on a per-incident
basis. If it is available to you, it is a resource that should not be overlooked
because the support technician on the other end will be familiar with the
product and should be able to answer both basic and complex questions.
There are drawbacks to telephone support, such as the length of time you
might be on hold waiting to get through to a support representative. The
support technician will most likely ask you for configuration information, so
you will need to be close to the server. You will probably be asked to install
any service packs or software updates to current versions before you will be
provided with any more assistance.
Many manufacturers and vendors are moving away from the telephone
support and providing technical CDs as a troubleshooting resource. For
example, Novell and Microsoft both publish monthly technical CDs that are
available for a small yearly fee. The CDs contain the latest knowledge base
articles, software updates, service packs, fixes, resources kits, and in some
cases drivers.
Almost all vendors and manufacturers provide technical support through
their websites. This is often the best place to look for information because it
tends to be the most up-to-date source. Websites also tend to be the easiest to
access and most readily available. Examples of technical websites can be found
at http://support.microsoft.com and http://support.novell.com.
Figure 16.5 shows Microsoft’s support home page. From Microsoft’s website
you can access a knowledge base with extensive support articles regarding
Microsoft products.
Also, don’t forget about Help files. They can often provide good infor-
mation about how a specific service or program is supposed to work, and
even advice on what to do when something isn’t working. Almost all oper-
ating systems and programs have a Help feature. It’s typically accessed by
hitting the F1 key on your keyboard, or by typing in help at a command
prompt.
Ask for Assistance

Why waste time troubleshooting a difficult problem when a call to the man-
ufacturer’s help desk could solve it quickly? An efficient server administrator
uses all available resources to get back online as quickly and efficiently as
possible, even if this means asking for assistance.

FIGURE 16.5 Microsoft’s technical support site
This is not to say that every time a problem arises you should call for sup-
port. If you can afford the time, first consult the documentation, help files,
and any web resources you can find. If you are unable to locate a solution,
then your next step should be to get help from a more seasoned server admin-
istrator or the manufacturer’s support team.
Document the Solution

Once the solution has been implemented and tested, your last step will be to
document the entire process (this is one step that is often overlooked by
administrators). This information could be useful to you the next time you
need to correct a similar problem, and could be even more useful to other
administrators responsible for server troubleshooting. The documentation
should be as thorough as possible and be written by the responsible trouble-
shooter. Keep the documentation in a safe location.
It is good practice to keep this information in a server maintenance log. Everyone

making changes to the server—whether those changes are upgrades, trouble-
shooting, or anything else—should document them in the maintenance log.

So once a fix has been found, implemented, and tested, you must docu-
ment everything from start to finish. Your documentation should include the
following information:
Description
Cause
Timeframe
Symptoms
Any error messages generated
Solution
Person responsible for troubleshooting
Any configuration changes made as a result of implementing the
solution
Log It!
Documenting may seem like a tedious task but it can make everyone’s job
just a little bit easier. When I look back and compare two technical support
teams that I was a part of, I can really see its importance. One was very
relaxed in making changes to the servers. If problems arose, no one was
notified and whoever was around fixed the problem with no documentation
left behind. This led to chaos, confusion, finger pointing, and what seemed
to me like an increase in server downtime. It was difficult to pinpoint what
configuration changes were made, and there were times when these
changes brought both the server and network down. Being in the dark about
what the technician before you did made it really difficult to troubleshoot.
The other team was far stricter about who did what, how it was done, and
what documentation they kept. Upgrades and troubleshooting were far less
chaotic and more often successful. If any one of the technical staff needed
to know what was done on the server last, finding out was as simple as look-
ing in our server maintenance log. It included a detailed description of the
problem, screen shots of any error messages, the step-by-step solution,
and who performed it. As far as I am concerned, you can never document
too much when it comes to server troubleshooting.

Summary 523
Summary
We began by defining the term troubleshooting. Understanding the
troubleshooting process can make problem detection and resolution much
easier and reduce server downtime.
Troubleshooting a server problem begins with assigning the problem a
priority. Server administrators need to determine which problems need to be
dealt with immediately and which can be put on hold for a short time.
Gathering information on a reported issue entails determining whether
the issue stems from software, hardware, or virus trouble. To get basic
information, ask questions of users on the network. Error/event logs record
precise information about server events, so this is one of the first places to
look for details about a problem.
Using your senses can provide valuable information when troubleshoot-
ing. Assess the server environment for any unusual sounds or smells. A visual
inspection of cables and connectors should also be performed to eliminate
these as the source of the problem.
Once the source has been determined, the person/persons responsible for
troubleshooting in this area should be notified. Large networks will most
likely be administered by experts in different technical areas. The appropriate
individual, the one responsible for providing support in the area of concern,
should be notified.
An abundance of technical resources assist server administrators in
troubleshooting. You should be familiar with some of the basic resources
available and how to access them. Possible resources include telephone sup-
port, readme files, technical support CDs, technical support websites, and
newsgroups. Any one of these or any combination can be used to determine
a solution to the problem.
In some situations it may be necessary to ask for assistance to get the
server functioning as it should. This may include looking to the manufac-
turer’s or vendor’s support personnel for assistance or asking another
administrator on staff.
Finally, the last step in the troubleshooting process is to document. Doc-
umentation should include a description of the problem, any error messages
that were generated, step-by step instructions for implementing the solution,
names of personnel performing the troubleshooting, and any configuration
changes made as a result of implementing the solution.

Exam Essentials
Know the general troubleshooting procedures. The steps to follow
when troubleshooting a problem will increase the likelihood of correctly
identifying the problem and finding a solution.
Know how to gather information about a reported problem. Problems
can be hardware, software, or virus related. Gathering information allows
you to appropriately diagnose the problem.
Know how to use error/event logs. Event logs, such as the System
Log in Windows Event Viewer, maintain information about events and
actions occurring on a server. They can provide detailed information on
any warnings or alerts caused by malfunctioning hardware or software.
Know how to use your senses. Using your senses of smell, hearing,
and sight when assessing the server environment can help you detect any
physical problems.
Know how to locate resources. Abundant troubleshooting resources
are available to a server administrator.
Know how to document solutions. Include all steps performed and any
problems encountered.
Key Terms
Before you take the exam, be certain you are familiar with the
following terms:
error/event log readme file

event ID resources
Event Viewer technical support CD
knowledge base troubleshooting
newsgroup

Review Questions
1. When you are troubleshooting a server problem or error, where
should you look to gather information?
A. Network users
B. Technical support CD
C. Error/event logs
D. Online support
E. All of the above
2. Of the following, which is considered the most important when

troubleshooting a server-related problem?
A. Amount of server downtime
B. Documenting the solution
C. Preventing data loss
D. Gathering appropriate information
3. You are performing an inspection of the server environment. You

notice an unusual grating sound coming from within the server. What
is most likely causing the problem?
A. There is no problem. Servers always make this noise.
B. A CPU fan is failing.

C. A hard disk has failed.
D. The video card has shifted.
4. Users in the accounting department are complaining that when they

run their month end report, their workstations often lock up and
require a reboot. Accountants have a server that is dedicated to the
department. This report ran just fine last month. Where will you begin
searching for clues that will tell you what has gone wrong?

A. The maintenance log
B. The network map
C. The wiring diagram
D. The server configuration documentation
5. What are some common methods or resources you can use to gather
information about a server-related problem?
A. Event logs
B. Maintenance logs
C. Asking questions
D. Looking, listening, sniffing
6. Why are maintenance logs important?

A. They provide a clear picture of what the service techs have been
doing.
B. They provide a background of what has been done to a computer.
C. They provide an instruction manual for doing routine tasks.
7. You have an application server that permits people from several

different areas to access the computer. Today the server went down
for no apparent reason and is sitting at a stop screen. What is your first
step in problem determination?
A. Write down the stop code and stop syntax (if any).
B. Talk to the people involved with the server to see if a change has
been made.
C. Reboot the server.
D. Check the manuals.
8. You have a dedicated application server. Lately the application has

been acting somewhat erratically, even though no changes have been
made to the system for a long time. Where should you begin checking?

A. Error/event logs
B. Network connections
C. Server I/O
D. System documentation
9. What are some resources that you can use to diagnose and solve
problems?
A. Friends and coworkers in the business.
B. Online knowledge bases.
C. System documentation.
D. Try different things in an attempt to solve the problem.
10. Last night you were working on a server, changing out its NIC. Coin-
cidentally, the network team was working on a router at the same
time. When you left, the NIC seemed to be working OK. When you
came into work today, you were bombarded with complaints that no
one could reach the server. Where should you begin checking first?
A. Check with the network team to see what changes were made.
B. Check the NIC to make sure it’s plugged in.
C. See if you can ping the NIC.
D. Check the speed the NIC is set for.
11. You are just starting a new server administration job when a server
fails and the reason it failed isn’t evident through conventional
troubleshooting techniques. Where should you begin checking first?
A. Check previous administrator’s documentation.
B. Check system documentation.

C. Check event logs.
D. Call some networking friends.
12. Your server is running Windows 2000 Advanced Server and has been
freezing lately during certain operations. Where should you go first to
find support on this issue?

A. Microsoft’s Knowledge Base
B. Newsgroups
C. Server documentation
D. Call for support
13. You need to look for a new device driver. Where should you begin
looking?
A. Newsgroups
B. Call support
C. Manufacturer’s website
D. Knowledge base
14. What is the final step in troubleshooting?

A. Notify users
B. Power off the server
C. Verify
D. Document
15. In Windows 2000, how do you access the System Log?
A. Through the Control Panel
B. In the My Documents folder
C. Right-clicking My Computer
D. Network Neighborhood
16. How can newsgroups be useful in troubleshooting?
A. Allow you to connect with other users who may have experienced
the same or a similar problem
B. Provide updated device drivers
C. Provide exact solutions to server problems
D. Provide access to knowledge base articles related to server

troubleshooting

17. There was a problem with one of your network servers. Over the
weekend another network administrator solved the problem. On
Monday when you arrive at work the server is down. What is your
first step?
A. Call for technical support
B. Look over the maintenance log from the weekend
C. Go directly to the support website
D. Question users
18. What resources are available through a subscription to Microsoft’s

TechNet?
A. Service packs
B. Drivers
C. Resource kits
D. Knowledge base articles
19. What type of information is contained within a Windows 2000

System Log?
A. Error ID
B. Date and time
C. Solution to the error
D. Source
20. What does an error/event log do?

A. Lists the solutions to server errors.
B. Logs events as they occur on a server.
C. Tracks changes made to a server.

D. Provides links to online support.


1. E. Network users are often first to report a problem, and are worthy
of close questioning. Error/event logs provide critical event data and
an event ID to help pinpoint the problem. Tech support—whether
live, online, or on CD—should yield a solution.
2. C. Although all the options are important in terms of troubleshoot-
ing, the most important one would be to prevent the loss of data.
3. B. A loud grating sound coming from within a server will usually
mean that a fan is failing.
4. A. A maintenance log is a listing of all the work done on a particular
system. It should include details like who did the maintenance, what
they did, why they did it, what changes were made, what time the
server came down, what time the server went back in service, what
problems (if any) were encountered, and the steps taken to solve
a problem.
5. A, B, C, D. Any of the above methods can be used to gather infor-
mation about a server-related problem.
6. B. Maintenance logs provide a background of what has been done to
a computer.
7. A. Before you do anything else, write down the stop code, if there is
one, and the syntax of the stop message, if there is one. You’ll need this
information as you investigate the cause of the problem. Then you
begin talking to others about what may have been done to the server.
8. A. Typically, an application written for the NOS on which it is
running will post events to the system’s log files. You can glean tons
of information simply by reading the logs to see if you can find out
what’s wrong. If you come up blank, begin to dig into the system
documentation, or use the documentation along with the log files to
interpret what’s happening.
9. A, B, C. Answer D is something that you shouldn’t let yourself get
involved with. Ask friends and coworkers who are familiar with sys-
tems, check knowledge bases, and consult system documentation, but
don’t try to solve problems by trying one thing after another!

10. A. First check with the network team to see what configuration
changes were made during the evening.
11. A. Answer C is wrong because the question states that conventional
troubleshooting has not yielded any information. Begin by checking to
see if the previous administrator left any documentation on this sys-
tem. Checking the system documentation is a good idea, but probably
not your first choice.
12. A. The first place that you should look for a solution to the problem
is Microsoft’s Knowledge Base, which can be accessed from their sup-
port site or on the Technet CD.
13. C. The best place to look for a new device driver is the manufac-
turer’s website.
14. D. The final step after resolving any server-related problems is to
document the entire process.
15. A. The System Log can be accessed with Start Settings Control
Panel Administrative Tools Event Viewer System Log.
16. A. Newsgroups provide of way for a server administrator to connect
with other users who may have experienced the same or a similar
problem. Keep in mind that the information on newsgroups is not
always accurate but it can be used as a starting point.
17. B. The first thing you should do is review the other administrator’s
documentation so you have an idea as to what was done to the server
over the weekend.
18. A, B, C, D. All of the above are available with a yearly subscription
to Microsoft’s TechNet.
19. A, B, D. The System Log within the Event Viewer tells you the date
and time the error occurred, the Error ID, and also the component that
generated the error (source).
20. B. Error/event logs are used to log events and actions that occur on a
server, such as error or warning messages that are generated by server
components.

Chapter Troubleshooting Tools
and Techniques
THIS CHAPTER:

Identify common diagnostic tools across the following OS:
Microsoft Windows NT/2000; Novell Netware, UNIX, Linux,
IBM OS/2
Perform shut down across the following OS: Microsoft
Windows NT/2000, Novell Netware, UNIX, Linux, IBM OS/2
Interpret error logs, operating system errors, health logs,
and critical events
Locate and effectively use hot tips (e.g., fixes, OS updates,
E-support, web pages, CDs)
Gather resources to get problem solved:
Identify situations requiring call for assistance
Acquire appropriate documentation
wake-on-LAN
remote alert.

6.3 Identify bottlenecks (e.g., processor, bus transfer, I/O,
disk I/O, network I/O, memory)
6.5 Determine if problem is hardware, software or virus related

I n one respect, it’s ironic that troubleshooting always seems to be
the last chapter in technical books. From technical manuals to study guides
like this, troubleshooting is always tucked away at the very end. Being able
to solve problems on your computers and networks is arguably the most crit-
ical skill you can develop. If this is the case, then why present the most
important information last?
It’s simple really. While troubleshooting is indeed a critical skill, you can’t
begin to fix a problem until you understand all of the components that could
be causing the problem. If you have no idea how an automobile works, it’s
not a good idea to attempt to fix a broken transmission on your own. The
same holds true for computers. Not knowing what you’re doing can create
more problems than originally existed.
Troubleshooting can be a frustrating and humiliating experience. Good
troubleshooting—fixing a problem—can also provide an exhilarating thrill
of victory. The best way to learn to troubleshoot is to practice, and the only
way to practice is to have problems. Although there is no good substitute for
experience when it comes to troubleshooting, you can help yourself out by
having a solid background in troubleshooting fundamentals. Another thing
to remember is that you will never know everything. If you run across some-
thing you don’t know, just know where to look to get yourself closer to a
solution. Chapter 17 provides some solid fundamentals, and points you in
the right direction to get the troubleshooting process started.
Common Issues
I once worked for a computer company that said, “We do not have
problems. We have issues and situations.” In fact, if you were caught calling

536 Chapter 17 Troubleshooting Tools and Techniques
the customer’s issue (or situation) a problem, you could be seriously repri-
manded. It’s all a matter of semantics really, but there are negative conno-
tations with using the word “problem.” When working on computers, there
are some areas in which problems—er, issues—commonly occur.
Bottlenecks
In the computing world, it seems that bottlenecks are everywhere. A bottle-
neck is defined as a limiting system resource. It’s the component or compo-
nents that slow the machine down. If you have a nice 1.5GHz processor in
your machine, but only have 32 megs of RAM, obviously something is
wrong. More than likely memory will be your bottleneck. Bottlenecks can
occur because of virtually any component in your system. It could be your
motherboard, processor, memory, I/O devices like network cards and
modems, or even network cables.
You will never eliminate all bottlenecks within your computer. I know
that sounds pessimistic, but it’s generally true. If memory is your bottleneck
and you upgrade your RAM, another component will now be the slow one,
like your motherboard. Since you cannot completely get rid of bottlenecks,
the goal is to minimize them to the point where they’re not a nuisance. Ide-
ally, the computer should always be waiting for the human to act next. We
should slow the computer down, not the other way around.
Identifying Bottlenecks
So now that you know what a bottleneck is, it’s time to track them down.
There are many diagnostic utilities on the market that will help you in this
pursuit. But before you go spend money on additional software, see what is
currently at your disposal.
First of all, don’t forget your senses. Does the computer seem slow? If not,
and you are always happy with its performance, don’t bother looking for a
problem. Chances are, if your computer’s performance is always great, the
bottlenecks you do have are not an issue. Go enjoy another cup of coffee. If
the machine does seem slow, then you want to take a look to find out why.
That’s where troubleshooting tools can greatly come in handy. Someone
may tell you that the server seems slow, but how do you know if they’re right
or not? Troubleshoot it with monitoring software.
By using your diagnostic software, you can get a snapshot of how the system
is performing at any given moment. Oftentimes, you can look at processor,

Common Issues 537
memory, disk, and network performance, as well as a host of other items.

But taking that snapshot won’t do you a lot of good unless you have some
frame of reference to compare it against. In other words, is the server slowing
down over time, or is the performance normal—just slow? To do this, you
need to establish a baseline of system performance.
Baselines are typically established when the server is first put into produc-
tion. Baselines are also re-established when you make major configuration
changes, like adding more RAM or a new processor. All the baseline does is
give you the comparison point you need to see if your server is slowing down
over time or not. Resource monitors will call their objects—the things they
monitor—by different names. No matter which program you choose, always
make sure that you can look at the four most critical server components: pro-
cessor, memory, hard disk, and network card.
Microsoft Windows NT Server 4 provides a utility to diagnose bottle-
necks called Performance Monitor. Windows 2000 Server comes with Sys-
tem Monitor, which is essentially the same utility as Performance Monitor,
but with a few new features. Figure 17.1 shows resource monitoring using
System Monitor.
FIGURE 17.1 Windows 2000 System Monitor

Notice that in Figure 17.1, we are specifically looking at processor, mem-

ory, and hard disk activity. There are literally thousands of items you can
monitor the performance of, both hardware and software. The vast major-
ity of them you will never look at. If you find a set of counters that you find
is relevant to the health of your server, you can save it as a log, and then
open the log whenever you need to monitor your system performance. This
will save you the time of adding the individual counters every time you
want to monitor your server. Figure 17.2 shows an example of a saved
counter log.
FIGURE 17.2 Counter log in System Monitor
NetWare 5 also provides a basic monitoring utility. From a console

prompt, type in load monitor. Monitor allows you to isolate performance
bottlenecks, optimize server performance, and troubleshoot and resolve
server issues. Figure 17.3 shows what the general information screen in
Monitor looks like.

Common Issues 539
FIGURE 17.3 Monitor’s General Information screen
Monitor also allows you to look at a variety of other items, including

server error logs, disk drives, cache statistics, and user accounts. NetWare 5
also allows you to use ConsoleOne for system monitoring. IBM’s OS/2 Warp
comes with a System Monitor application.
Most versions of Unix also come with their own built-in monitoring soft-
ware. There are so many versions out there, it’s impossible to list all of the
monitoring utilities here. Linux also has monitoring tools. As an example,
Red Hat Linux PowerTools comes with loadmeter, mon, slmon, and
wmmon, all of which are resource-monitoring utilities.
If you can’t seem to find a resource monitor for your server, a quick search
on the Internet will list thousands of products available to meet your needs.
It can be a pain sifting through all of them, but find one you like, and use it
regularly.
Acceptable Performance
Resource monitoring tools are great for showing you how your server is per-
forming, at least based on the numbers. System Monitor may tell you that
your processor is working at about 50 percent capacity, there is plentiful
memory, and the hard disks have about 20 percent free space. Are those
numbers good, bad, or do they even matter?
Here are some guidelines as to generally recognized acceptable perfor-
mance numbers:
Processor: Under 80 percent utilization
Memory: Under 75 percent utilization, and no more than 20–30 pages
per second written to virtual memory

Hard disk: Under 80 percent read/write time, and under 90 percent

disk space utilization
Network interface: Under 40 percent for Ethernet networks, 80 per-
cent for Token Ring networks
Again, these are just general guidelines. Also keep in mind that perfor-
mance spikes are normal. When you open an application on a computer, the
processor utilization will spike to 100 percent for a short time, and then drop
back down. This doesn’t indicate a processor bottleneck. However, if the
processor is constantly running at 90 or 100 percent, it’s time to find it some
help. Ultimately, you will be the one who has to decide if your server is
performing within acceptable limits.
Fixing Bottlenecks
Identifying the limiting system resource is only half of the battle. Once you
have located the component that is slowing down your system, you need to
do something about it. Many operating systems, such as NetWare 5, are
excellent at self-optimization. However, there is only so much optimizing an
operating system can do with limited physical resources.
Perhaps the most obvious solution is to upgrade or replace the hardware.
If your server’s memory is overtaxed, get more RAM. If the hard disks are
full, get new ones. If the processors are working overtime, get more or faster
processors.
If you can’t upgrade the server’s hardware, consider offloading some
of its services onto another machine. Even though this one server may be
overworked, you might have another server that is relatively idle. If you can
balance the server workload across your entire network, everything will
run much more efficiently.
Failed Configuration Change

You purchase a brand new software management system that is going to
make your administrative life easy. You install the package, reboot your
server, and the system crashes. Or in an effort to optimize the system, you
make some changes to critical configuration files. You reboot to find that
nothing changed at all. These types of things can happen. When a configu-
ration change goes wrong, it’s important to get the server back to proper
working order quickly.

Common Issues 541
The Change That Didn’t

The easiest type of failed configuration change to deal with is the one that
doesn’t do anything. In other words, the setting adjustment you made was
supposed to produce a desired effect, but nothing happened. What could the
problem be?
The first thing to do is be thankful that nothing bad happened. This may
sound like a pessimistic view, but reality says that if the server was working
(or we can assume it was) and you made a change, and it’s still working, then
life is good. Of course, we still have the problem of wanting a change to do
something, and it didn’t. There are a couple of things to check.
Was the change you made a permanent one, or was it a temporary one
that might have gone away after you rebooted? In the case of a Windows
environment, did you hit the OK button to effect the change, or did you
absentmindedly hit the Cancel button instead? (It’s okay, it happens to all of
us.) If your server is running NetWare, does the change need something in
the startup.ncf or autoexec.ncf (NetWare 4) or servcfg.000 (Net-
Ware 5) files? What about arguments that you may need to execute to load
the change in a Linux or Unix environment? Before you assume that your
change did nothing, make sure that it’s still in effect.
If the change did stick, but still didn’t seem to have an effect, try reversing
the change and re-enabling it. It sounds silly, but sometimes toggling the
effect like that can make it work. If you still didn’t get the desired results,
check the product documentation, or check your vendor’s website for any
issues related to what you are dealing with. There may be an undocumented
feature (known as a “bug” in some circles) that you are unaware of.
Unhealthy Results
A worse-case scenario is when you make a configuration change to your
server and something bad happens. Obviously, you need to find a way to get
the server back in working order quickly. How do you proceed?
It all depends on what change you made and what operating system you
have. For failed configuration changes in Windows 2000, you can boot into
Safe Mode. Safe Mode doesn’t load very many drivers and services—only the
keyboard, mouse, and basic video. You can then remove the problem com-
ponent, and reboot the server normally. If you can’t even get to the boot
menu, you will need to boot from a floppy disk.

Safe Mode is accessed by pressing F8 to invoke the advanced boot options as

Windows 2000 loads. Watch the bottom of your screen, and it will tell you
when.
Microsoft recommends installing software through Add/Remove Pro-

grams in Control Panel. If you have installed an application that seems to be
problematic on a Windows NT or Windows 2000 Server, you can use Add/
Remove Programs to remove the application that is causing the issue. It’s
best to use Control Panel to remove software as opposed to just deleting
the software directory. Deleting the directory does not remove references
to the software from the registry, and you may still have problems.
If you are using a NetWare server, check your configuration files for
things that shouldn’t be there, or things that you added that need to be
removed. If you are using Unix or Linux, there are startup command line
arguments that you can execute to prevent various services from loading.
You may also want to try rebooting into an alternate run level.
Software that is causing problems on a Unix or Linux server can be easily
removed by the rpm utility, the same utility you might have used to install the
package. To remove the software, use the following command, where pack-
age refers to the name of the application:
rpm –e [package]
You can also remove problematic modules from Unix and Linux
machines by executing the rmmod [module] command. To simply view your
current configuration on a Linux or Unix machine, you can execute config,
menu-based menuconfig, or xconfig, which is a graphical utility.
Consult with your server documentation to see what the manufacturer
recommends doing if the server won’t boot right. Oftentimes you will get
good advice as to how to proceed. The absolute worst thing that can happen
after a failed configuration change is that your server simply will not work.
You have tried everything you can, but nothing will get the server to boot.
If that happens, you will need to restore your server from a backup. Hope-
fully you have followed good backup procedures, and you can get the server
running quickly.

Common Issues 543
Hardware Issues
Underneath all of your operating system fluff lies the hardware. Most of the
time, we don’t think much about it. The server runs, and we leave the hard-
ware alone. When you have a hardware failure though, life can become
stressful.
If you have failed hardware, it’s important to isolate the piece of hardware
that failed and replace it as quickly as possible. Sometimes isolating the hard-
ware failure is easy. If there is smoke pouring out of your power supply, you
have a good indication that something is wrong. Other times, it’s not so easy
to figure out what’s wrong. If you can’t access a hard drive, it could be the
drive itself, or the controller that it’s plugged into. Logic can help solve this
too. If other drives that are plugged into the controller are still working,
chances are the controller is fine. If you are ever unsure of what part failed,
try replacing it and see if the replacement works. If not, then you were prob-
ably wrong about what failed. Try replacing something else.
Keeping hot pluggable hardware around is a good idea. If you can keep an
extra hard drive (or two), motherboard, processor, memory, power supply,
and network card around, you can often replace the part quickly. Keeping
extra hardware around can get expensive, however, so it’s not always feasible.
If you can’t do it, just make sure you have quick access to replacement parts.
Some parts are easily replaceable, and others are not. It depends on
the part you are dealing with. Parts that are easily replaced in the field are
referred to as field replaceable units (FRUs). Some examples of FRUs are
hard disks, motherboards, power supplies, network cards, and video cards.
Individual chips on the motherboard (except for the BIOS) are not often
considered to be an FRU.
There is one more important thing to remember about hardware. Not all
of it works with all operating systems. Be sure to check your operating sys-
tem manufacturer’s website to see if the hardware you have (or want to pur-
chase) works with their operating system. Most NOS vendors have a
hardware compatibility list (HCL) that lists hardware that is known to work
with the OS. If your hardware is not on the list, you could be in for difficult
times getting the piece to work. Also check the hardware vendor’s website
for drivers that are specific to your operating system. If they don’t exist,
getting the hardware to work with your operating system does not look
promising.

Troubleshooting Hardware
I was on vacation visiting my in-laws when we had a huge thunderstorm.

The power was out for nearly an hour. When the power came back, we dis-
covered quickly that the company my father-in-law worked for had been hit
too, and their e-mail server appeared to be down. A few phone calls indi-
cated that people were frantic. He called his consultant and told him to meet
us at the office.
When we got there, sure enough, the e-mail server was down. So was the
air conditioning. Heat sensors were flashing everywhere. One server rack
was completely powerless, and the other was complaining about the con-
ditions. The young consultant started ripping at cords, trying to get rid of
the defunct UPS. I stood by and watched as an amused observer. He found
more power outlets, and started plugging items (including the e-mail
server) back in.
After an hour of watching him troubleshoot why he couldn’t get to any

external sites from the server room, I was not as amused. It was hot, and
I was supposed to be on vacation. He had spent the last half hour in the
router configuration tables muttering about how they all looked right,
but something just had to be wrong with the router, because he couldn’t
get out.
I looked around at the rack for a few minutes, and politely asked him what
“that little black box that doesn’t have any lights on it” was. It was the CSU/
DSU for the incoming T1 connection, and he had neglected to plug it back
in. As soon as we powered the CSU/DSU up, magically, everything worked
again. We had an external connection.
The moral of the story: Always, always check your hardware connections
first, before you start troubleshooting everything else.
File Corruption and Viruses

Sometimes there appears to be no reason why a file is corrupted. It just mys-
teriously happened. Other times it seems as though your server is playing a
frustrating game with you, corrupting critical files at the most inopportune

Common Issues 545
moments. There are times though when a computer gets improperly shut
down, or crashes unexpectedly, and corrupt files appear. No matter how you
acquired the corrupt files, they all need to be fixed.
Applications installed on Windows 2000 Server may be able to automat-
ically repair themselves if they were installed through Add/Remove Pro-
grams in Control Panel. If an application was installed with an .msi file, it
can detect the corrupt file (if it’s directly related to the operation of the pro-
gram), and repair it automatically.
In the case of data files, the only reliable way to retrieve them is to restore
them from a backup. If files are important to you, back them up early and
often. If you are the network administrator, it’s one of your main responsi-
bilities to back up the servers that store user data. Not having an adequate
backup to corrupted files can be disastrous.
Viruses come in many shapes and sizes. They vary from simple joke
viruses to worms, Trojan horses, and polymorphic stealth viruses. Some just
make your screen look funny. Others corrupt or delete files, while some can
even wipe out your whole machine. On a server, even a “joke” virus is no
laughing matter.
The only surefire way to avoid a virus is to avoid the Internet, and keep
all diskettes away from the machine. Better yet, don’t install any software
at all, and leave the computer powered off. That strategy defeats the purpose
of having a network at all, and makes your server quite useless.
All network servers should be running an antivirus software like Norton
AntiVirus or McAfee VirusScan. Regular virus scans should be performed
on the servers (and all clients if possible), and infected files must be imme-
diately cleaned or destroyed. Most antivirus programs have configurable
options designed to clean or destroy infected files automatically. Also, a
good antivirus program will periodically download new virus updates from
the Internet.
If your server does get infected with a virus, and data is deleted or
destroyed, you need to start from scratch. Completely wipe out all drives on
the server, and restore from tape backup. With any luck, the tape backup
will not be infected. Also, be sure to warn all clients on your network about
the virus. Educate your users about the dangers of viruses, and how to best
avoid them.

Incompatibility Issues
Incompatibility issues with computers can involve both hardware and soft-
ware. The most common hardware incompatibility issue involves RAM.
When you upgrade the RAM in your computer, make sure to get the same
brand that you originally purchased. If possible, get the same exact type as
well, including speed and size. This can sometimes be a difficult task, espe-
cially if you bought the machine already assembled. In that case, contact the
manufacturer of your server and see if you can purchase the memory directly
from them.
Another common hardware incompatibility issue is with the processor.
Some applications and operating systems will not work with certain types of
processors. Be sure to check your NOS documentation before purchasing the
hardware. As an example, Windows NT Server will work with a MIPS pro-
cessor, but Windows 2000 Server will not.
Occasionally you will run across issues with hard drive incompatibility
as well. When mixing brands of hard drives on the same cable, whether the
drives are IDE or SCSI, you can encounter problems. In the case of IDE, try
to reverse the master/slave relationship to resolve the issue. If that does not
work, put the drives on separate controllers if possible. With SCSI, you often
have fewer problems between drive manufacturers. However, if you have a
problem you can try changing the SCSI ID on the drive to fix it.
Software incompatibility can drive a network administrator crazy. It rears
its ugly head when you install one application, and then find out that another
application ceases to function because of it. Fortunately, this does not seem
to be as common a problem as it used to be.
If you do encounter software incompatibility issues, you need to remove
one of the applications. Install the application on another server, and test to
see if everything works okay. If you do not have another server to install the
application on, then see if the vendor of either program has a workaround
for the problem. Give their website a look, or call their technical support for
assistance.
Another software compatibility issue is when the application does not run
on your operating system. This one should be easy to avoid. Just make sure
that the application was designed for use with your operating system before
you purchase it.

Using Log Files 547
Using Log Files

Troubleshooting servers is not an exact science. You will often be
under a great deal of time pressure, and have limited information as to what
the problem is. Fortunately, most server products produce log files that can
help you determine where the problem is happening. Most log files are
purely informational. That is, they are not going to give you step-by-step
solutions as to how to fix the problem. However, what they can give you
is valuable information that will allow you to fix the problem faster.
Windows 2000 Event Viewer

Windows 2000 Server comes with a logging utility called Event Viewer. By
default, Event Viewer has three logs: System, Application, and Security.
Event Viewer is shown in Figure 17.4.
FIGURE 17.4 Windows 2000 Event Viewer

Logged events will fall under one of three categories: information, warn-
ing, and error. Informational events do not need to be acted on. They are
there for your general benefit. Warnings have a yellow sign with an excla-
mation point next to them. They indicate potential problems. They are gen-
erated when an error happens, but the error was not critical to the operation
of the server. Errors have a red stop sign next to them, and these are what
you are looking for when troubleshooting problems. Figure 17.5 illustrates
information, warning, and error signs.
FIGURE 17.5 Events in the System Log
Each log has a specific purpose, and each can help you troubleshoot very
specific server problems:
System Log The System log is enabled by default. It will display events
related to the startup and shutdown of the server, as well as server related
services like DHCP, DNS, WINS, and RRAS.
Application Log The Application log, as its name indicates, logs errors
dealing specifically with applications. Exchange Server, SQL Server, and
other applications generate errors into this log.

Using Log Files 549
Security Log If you have auditing enabled on your server, you will gen-
erate messages in the Security log. Note that the Security log does not use
the information, warning, and error symbols. Rather, it uses two icons: a
padlock for an unsuccessful security attempt (such as a failed logon), and
a key for a successful security attempt (like accessing a file to which one
has permissions).
By double-clicking an event, you can see details about the event, such as
the computer it took place on, the user that was involved, the time it took
place, and an error code. Figure 17.6 shows the details of an event.
FIGURE 17.6 Error event in the System log
Although the bottom pane of the event detail box gives you information
in common language, the information that it provides may not be very help-
ful. You can search for the Event ID listed on Microsoft’s Knowledge Base
site for more-useful information.

If you have configured a domain and Active Directory, you will also have
a Directory Service log and File Replication Service log. Some other services,
like DNS, will install their own log as well.
Windows NT Server also comes with Event Viewer, but it is limited to the
System, Application, and Security log files.
Other Microsoft Log Files

While Event Viewer is useful for a variety of error messages, it does not log
all events that happen on your Windows 2000 Server. Internet Information
Services logs its setup information in the C:\winnt\iis5.log file. Win-
dows 2000 Routing and Remote Access (RRAS) logs information about
authentication and remote access in the ppp.log and device.log files
located in the C:\winnt\system32\logfiles folder. If users are unexpect-
edly disconnected while dialing in to your network, the device.log file is a
good place to check in Windows NT and Windows 2000.
NetWare Log Files

Novell NetWare also creates logs to help you monitor server activity and to
assist in troubleshooting. Novell recommends checking the error logs at least
once a week, even if you do not suspect problems, as a good preventative
maintenance measure. You can view the logs by using the EDIT utility on the
server, or from any text editor on a workstation. These logs are found in
SYS:SYSTEM:
boot$log.err lists errors that occurred during server startup.
sys$log.err includes server errors, such as system messages, alerts,
and security violations.
vol$log.err displays volume errors.
tts$log.err is for data backed out by the Transaction Tracking
System.
abend.log holds information related to server abends. Normally you
won’t see it. However, it will be in SYS:SYSTEM after the server is
rebooted after an abend.
There are also two important log files for Novell web servers: error log
and access log. These files will be located in the /NOVONYX/SUITESPOT/
HTTPS-SERVERNAME/LOGS directory. The error log will list all errors that

Using Documentation 551
the server has experienced, and the access log tracks all requests made of the
server, and the responses made by the server. Novell allows you to customize
what is included in the access log file. A log analyzer is provided to generate
server statistics.
Unix and Linux Logs

During boot up, Linux servers can be configured to log errors. The /etc/
sysconfig/init file controls how the system acts during boot. Specifically,
you can use the LOGLEVEL=<number> parameter. The default is 7. You may
choose a number from 1 (which logs nothing except for kernel panics) to 8
(which logs everything). Two other Linux logs you will deal with are SysLog
and logger. SysLog displays system errors, while logger is used more for
Internet and network connections.
Because there are so many flavors of Unix and Linux on the market, be
sure to check with your vendor’s documentation to see which specific logs
will be available to you.
Using Documentation
I t’s sad to say, but most of us are reluctant to crack open a manual in
an attempt to solve a problem. If we do, it’s the last resort. We’ll open the
book only after we’ve asked all of our friends, consulted a psychic, and sent
an instant message to grandma asking for advice. We think that using doc-
umentation is a sign of weakness. It’s really not.
With so much information and so many products out there, it’s impossi-
ble for one person to know everything. Fortunately for us, the people that
produce these products know a great deal about how they work, and are
willing to write it all down on a website or technical manual. You won’t
always find the answer you’re looking for directly out of the manuals. But
even if you don’t, they will lead you in the right direction to solve the prob-
lem, or give you an idea as to what else to try.
The documentation you will use falls under two general categories:
product documentation and previous technical documents about the spe-
cific device.

Product Documentation
Why does your VCR still flash 12:00? More importantly, where is the man-
ual that tells you how to set the time? It may be a natural tendency to discard
manuals when we open new toys (and server hardware qualifies as toys, for
purposes of this discussion). However, it can be much easier to configure the
device and troubleshoot it if you have problems when the manual is handy.
Besides, if you configure it right the first time, it’s less likely that you will run
into problems and need the manual again.
Many companies have a bookshelf or filing cabinet set aside for manuals.
If you don’t have a central repository for technical manuals, it’s about time
to get one. It would be tragic for you to get up the courage to crack a book
open, and then not be able to find the book.
Of course, manufacturer websites are also great sources of information.
Configuration settings with full-color pictures, FAQ lists, troubleshooting
tips, and even discussion forums are all available at your fingertips. Bookmark
your vendor websites in your browser for easy access. If you are under time
pressure to get something fixed, the last thing you want to do is waste
time searching for your vendor’s website.
Here are some good websites to have bookmarked for troubleshooting help:
http://support.microsoft.com/
http://www.microsoft.com/technet/
http://support.novell.com/
https://www.redhat.com/apps/support/
http://www.sun.com/service/support/
http://www-1.ibm.com/support/search/
The majority of the time, you will find an answer on one of these help
sites. Product upgrades, patches, and hot fixes are also at these locations on
the vendor websites.
Previous Technician Documents

Your company should have a log book for each server. The log book should
contain, among other things, technical notes from everyone that has worked

Using Documentation 553
on that server. At a bare minimum, the time, date, technician, problem

encountered, and resolution should be entered.
There have been some interesting methods employed to help organize a
log book. One way is to have someone go back through the log and type
everything up. It makes the book look a lot nicer (some of us have terrible
handwriting), but it does take time. Another good idea is to write keywords
in the outside margin indicating what the problem was. That way, the next
technician can skim the keywords looking to see if this problem has been
encountered before. Also, there is no need to write down everything you did.
The steps you used to successfully fix the problem should be sufficient.
Not keeping a server log can cause inordinately large problems when it
comes to fixing your servers. Say you worked for two hours on a server to fix
a problem. The problem comes back in a few days, and I am assigned to
work on it. If I don’t know what you did, it may take me two hours as well.
However, if I am armed with your knowledge, I may be able to fix it much
more quickly. Next time, you may want to reference my notes as well. It’s a
win-win situation for everyone in your department.
If you are new to the field or new to the company, keep your own private
log book as well. A spiral-bound 4 × 6 notebook (or similar size) works
great. Write down the problem, and what you did to fix it. Since it’s your
own book, you can write down everything you tried. Just make sure to high-
light or denote what actually worked. Also write keywords in the outside
margin to help you find things quickly. Keeping a book like this is a great
idea because when you are new, you will be absorbing a nauseating amount
of information. It’s impossible to keep it all straight. The book will help you
as a memory assistant. Eventually, you may find that you know enough to
not need to carry the book around anymore. Still keep it around somewhere,
because you never know when you might need to reference it.
When using a log book, it’s important to write down good technical informa-
tion. However, never write down passwords!
No matter if you have the best documentation in the world, there will be
situations where you cannot seem to find an answer to the problem. In situ-
ations like these, call someone for help. In the cases where you are in over
your head, making guesses to fix the server could only compound the prob-
lem. If the server is a production server, you could cost the company more
money by trying to guess and fix the situation than you would by calling

someone and asking for assistance. Put your ego aside and make the call. It’s
better to be safe than sorry when dealing with an unknown situation.
Remote Troubleshooting
Y ou’re not always going to be able to get to the machine that is not
functioning properly. This usually means you will have to talk someone
through a resolution over the phone. Most of the time, the person you are
helping will not have nearly the computer experience that you have. Patience
is a key. Other times, you will be able to remotely control the machine, and
fix it that way. This section looks at remote troubleshooting of servers, and
also looks at how to troubleshoot a wake-on-LAN.
Tools for Remote Troubleshooting

Depending on your operating system, you may have a lot of built-in tools at
your disposal. It also depends on what kind of remote problem you are try-
ing to fix. Trying to replace a failed hard disk remotely is quite a challenge,
whereas resolving a permissions issue may be a lot easier to deal with.
Windows NT and Windows 2000 Servers can be used to remotely trou-
bleshoot client machines. Utilities such as Event Viewer and Performance
Monitor can be used to examine remote machines for errors. If your network
is using TCP/IP, then utilities like telnet can be used to log in to remote com-
puters. Windows 2000 Server also comes with Terminal Services, which can
allow you to take remote control over a computer.
NetWare 5 has a remote managing utility called Z.E.N.works. Z.E.N.works
allows an administrator to remotely manage Windows 9x and NT clients.
You can also remotely install and administer applications, gather hardware
inventory, take remote control, and remotely administer computers.
Some versions of Unix also have specific remote troubleshooting and
remote control utilities. For the most part, remote troubleshooting in the
Unix world is done through telnet and rlogon. Both telnet and rlogon allow
you to log on to a remote machine, and troubleshoot its problem from there.
There are also a number of third-party services available. One of the most
famous is PC Anywhere, which allows you to take remote control of machines.
Others, like Netfor, provide remote troubleshooting services for a fee. Of

Remote Troubleshooting 555
course, all of the products mentioned suppose that your remote machine is
running. But what if it’s not?
If you cannot get the remote machine to work, you will have to trouble-
shoot over the phone. Ideally, you will have a technician at the site who is
computer savvy. More often than not, you are working with someone who
has little to no computer experience. They are frustrated because the machine
does not work, and the frustration is compounded because they don’t feel
that they should be the one working on the problem. When troubleshooting
over the phone, remember to keep your patience, and take it slow. Explain
what you are trying to do, and allow that person to see that you need and
value their help. Between the two of you, hopefully the problem can be fixed.
Wake-on-LAN
Wake-on-LAN (WOL) is a wonderful technology that allows an adminis-
trator to boot a machine at a remote location. After the machine is working,
the administrator can perform maintenance tasks, such as backups and virus
scans, during off hours. This decreases interruptions faced by users during
the day. The WOL technology was originally developed by AMD, and
termed “magic packet.” The network adapter maintains a very low power
state even when the computer is powered off. The NIC then looks for special
packets on the network indicating it should wake up the machine.
Windows products, NetWare, Unix, and Linux all support wake-on-LAN
technology. Your motherboard must also support it, and have a cable run-
ning from the NIC to the motherboard’s WOL connector. The motherboard
BIOS must also support WOL. However, if your motherboard has a WOL
connector, it’s likely that the BIOS supports it as well. Figure 17.7 shows
what a typical wake-on-LAN configuration might look like.
FIGURE 17.7 Wake-on-LAN connection to motherboard
WOL Connector
Ethernet Card Ethernet
Motherboard

Power to the network adapter comes from one of two sources, depending
on how your machine is configured. Power can come from the PCI bus where
the network card is plugged in, or from an auxiliary power cable coming
from the power supply. It all depends on how your machine is configured. In
either case, the network card has power even when the rest of the machine
is off. The only way to turn the network card off is to unplug the power cable
from the back of the machine.
To make wake-on-LAN technology work, you will need management
software as well. Microsoft’s Systems Management Server (SMS) 2, Novell’s
Z.E.N.works, and IBM’s NetFinity are all examples of WOL management
software.
Diagnostic Tools
E ach operating system comes with its own set of diagnostic tools
for your use. Although many of these tools have been covered already in this
chapter, this section will summarize some of the more important ones. Also,
the troubleshooting process frequently involves rebooting the server. This
section will also cover the steps required to reboot your machine if you
need to.
Windows NT/2000
Although Windows NT and Windows 2000 are very similar in structure,
they do have different names for utilities that perform the same tasks.
One of the most important tools for troubleshooting in Windows NT is
Event Viewer (see the “Event Viewer” section above). It contains three logs:
System, Application, and Security. Errors reported by the system will appear
in the System log. To troubleshoot users, use User Manager for Domains.
Servers can be troubleshot through the Server Manager utility. Use Win-
dows Explorer to deal with Security issues.
Windows 2000 also contains an Event Viewer. It has the same function-
ality as its Windows NT counterpart, except that it has additional logs avail-
able. In a domain, you have Active Directory Users and Computers, Active
Directory Sites and Services, and Active Directory Domains and Trusts avail-
able for a variety of management responsibilities. Also, you can right-click

Diagnostic Tools 557
My Computer and choose Manage to open Computer Management, which

allows you to troubleshoot your hard drives, shared folders, and services on
the server. Windows 2000 also comes with Device Manager for help in trouble-
shooting hardware issues.
Windows NT and Windows 2000 both have Performance Monitor
(although it’s called System Monitor in Windows 2000) to measure local and
remote system performance, Network Monitor to monitor network traffic,
and Task Manager to close unresponsive applications. Task Manager is
accessed by hitting Ctrl-Alt-Del, or by right-clicking the taskbar and select-
ing Task Manager.
To reboot a Windows NT or Windows 2000 Server, you have two
options. One is to click the Start button, select Shut Down, and then choose
Restart. Another is to hit Ctrl-Alt-Del to invoke the Security Dialog Box, and
then select the Shut Down button.
NetWare
NetWare provides built-in tools for administration and troubleshooting
as well. In NetWare 4, NWAdmin is the ultimate management and trouble-
shooting tool. It has an easy to use interface, and allows you to control
virtually every aspect of the server. NetWare 5 replaced NWAdmin with
ConsoleOne. The Monitor utility on NetWare servers is also good for look-
ing at configurations to see if there is a problem. NetWare also uses extensive
logging, and the logs can be viewed with any text editor. For repairing the
NDS tree, there is dsrepair, dstrace, and dsdiag.
To reboot your NetWare server, type down from the server prompt. When
returned to a command prompt, type restart server, and the server will
reboot.
Unix and Linux

The scope of available Unix and Linux tools is almost as broad as the variety
of operating systems themselves. Since Unix and Linux are open source,
many diagnostic utilities have been created. Some of the common configu-
ration tools are linuxconf and (Caldera Open Administrative System)
COAS, invoked by typing in coastool at the prompt. Both configuration
utilities have a status section, which can be used to troubleshoot. The fsck
utility can be used to check for file system errors. Fsck –r/ will start at the
root of the volume and check all directories.

Other configuration utilities include menuconfig and xconfig, which is

graphical. To remove software, use the rpm utility, and to remove problem-
atic modules, use the rmmod utility. On most Unix or Linux machines, run-
ning the ps command will show you all running processes. The kill
command can be used to kill misbehaving processes.
The specifics on how to shut down a Unix or Linux machine differ based
on the actual version of the operating system you are using. However, most
implementations will recognize the shutdown command. Some will also rec-
ognize a restart command. The syntax for shutdown on a Red Hat Linux
server is:
shutdown –arguments (time) “message”
shutdown –r +5 “Save all work and log out!”
The shutdown example listed will tell the server to automatically reboot
(-r), wait five minutes to shutdown (+5), and sends a message to all connected
users to save all work and log out. Some of the command line arguments that
you can use with the shutdown tool are displayed in Table 17.1.
TABLE 17.1 Shutdown Parameters
Switch Function
-r restarts the server
-h halts the server
-f performs a fast reboot
-k displays the warning, but does not shut down the server
-c cancels a running shutdown
+(mins) waits a specified number of minutes before shutting down
The linuxconf and coastool utilities also have their own shutdown panels.
If you cannot find a troubleshooting tool that does what you need it to,
remember that there are a large number of third-party vendors that produce
troubleshooting tools for specific operating systems. Go to your favorite
search engine and use your operating system and the word troubleshooting
as keywords. You are guaranteed to find some tools.

Troubleshooting Checklist 559
Troubleshooting Checklist
When troubleshooting computers, you want to make sure your trou-
bleshooting path takes a logical flow. After all, computers are logical beasts.
Here are some steps to follow when troubleshooting a problem:
1. Determine the problem’s priority.
2. Gather information about the problem.

3. Detect and isolate the problem.
4. Solve the problem.
5. Document your solution.
The first thing to do is determine how important the problem is. Most
companies have a grading scale of the problem’s importance. The higher it
is on the priority scale, the quicker you need to fix it. If it’s a choice between
fixing the corporate e-mail server, or fixing a user’s soundcard (after all, they
can’t listen to MP3s now), I would go with the e-mail server.
Find documentation, and gather everything you can about the problem at
hand. Sometimes this may be just you and a screwdriver. Other times you
will want to bring along technical documentation. Find out what you need,
and have it with you.
It’s quite difficult to solve a problem if you’re not sure exactly what’s
wrong. In the case of failed hardware, isolate the problem to the specific
component. Try another component if you can, to see if it works. Once you
have located the exact part that’s broken, it’s much easier to fix. If you are
dealing with a software error, see if shutting down the application and
reopening it helps. If not, you may want to reboot the machine in question.
Rebooting a machine fixes many software problems. I always tell my clients,
“Reboot. And if it goes away, it’s not a problem.” Of course, if the problem
persists, you may need to reinstall the software.
Once you have figured out exactly what the problem is, fix it. I know this
sounds elementary, but some people forget this step.
And last but certainly not least, document what you did. Make sure your
documentation finds its way into the server log books. That way, the next
technician that works on the machine knows what you did. Good documen-
tation serves a few functions. One, it saves everyone time in the long run.
Two, if there are more problems later, you have covered your bases.

The checklist above is just an example of what you can do when working
on machines. You may modify it slightly to suit your own style. However, I
do not recommend skipping any of the listed steps.
Real World vs. Exam Troubleshooting

A lot of test takers will come out of the testing room shaking their
heads. They will tell you that the test was totally different than real life, and
that the test sometimes had no right answers. Or even the other case, where
all of the answers seemed right. To their credit though, the makers of the
Server+ Exam have tried to make the troubleshooting in the test as close to
real life as possible. Remember that these test writers are human too. They
may not do something exactly like you would do it.
As a general rule, real-life troubleshooting experience won’t hurt you on
this test. The more experience you have, the better off you will be. If you
have never seen a server in real life, much less troubleshot one, you could be
in for a long test. Reading books like this certainly helps get you ready for an
exam, but nothing beats real-world experience. At the same time, real-world
troubleshooting can get you in trouble on the test. Many times, we take
shortcuts to get us to the end. We think we know what the problem is, so we
jump to a solution. While we can get away with that in life, that may cause
problems on the test.
One thing you can do to help yourself out is to know what the manufac-
turer says to do to resolve problems. In other words, read the manual and do
what they tell you to do. It’s likely that the test writers got their questions
from reading a technical document, not sitting in front of a server trying to
fix a problem. They will want you to do things by the book on the test. Along
those same lines, remember that third-party tools will probably not be the
right answer. If you are troubleshooting a NetWare server, use a NetWare
tool. There are some great third-party hardware and software trouble-
shooting tools available, but you won’t see them on the test.
Another thing you can do to help yourself out is realize that some ques-
tions do have more than one right answer, and some questions seem to have
no right answer at all. The test writers do this on purpose. Remember that
your goal is to pick the best possible answer. Who cares if you would never
do it that way in real life! Your objective when sitting in front of the testing
terminal is to pass the test. And in order to do that, you have to play their

Summary 561
game. Look through the answers, and eliminate ones you know are wrong.
If you only have one left, then that must be the right answer.
Knowing what menus, tools, and utilities you have available helps. If you
are presented with an answer that uses a tool that you have never heard of,
chances are it doesn’t exist. It may sound like the perfect tool for the job. It
may also be a really good wrong answer, because it’s not a real tool. Know
your product, and know what you can use.
Most of all, relax. This is only a test that measures how much you know
about various server products. It’s not a measure of your self worth. If you
are too tense, you can vapor lock and your brain can freeze up. It’s hard to
answer questions when you can’t think because you are too nervous. Relax,
think of a happy place, and tackle the question in front of you.
Summary
In this chapter, we looked at some troubleshooting fundamentals for
network servers.
First, we looked at some common problems, or issues, that servers may
have. Bottlenecks are very common. So common, in fact, that you will prob-
ably never get totally rid of them. Your goal is to minimize them as much as
you can. Failed configuration changes can be problematic. They need to be
reversed quickly. Having the wrong hardware can keep your server from
running, and it’s important to know how to replace failed hardware with the
correct part.
Viruses and file corruption can hamper productivity. Make sure to back
up files regularly, so if files are corrupted they can be retrieved. Run virus-
scanning programs on all of your servers, and all of your clients as well if you
can. Also, hardware and software components can sometimes cause conflicts
with each other, or not work at all with another component.
Next, we looked at log files. Almost every operating system generates log
files of some sort. They provide good information to help you in trouble-
shooting server problems. Log files can also warn you of potential problems
so you can fix them before they happen.
Documentation can save you a lot of headaches and time when fixing
servers. Have a central location where all relevant server documentation is
stored. This includes a log of all maintenance and configuration changes

performed on the server. Not keeping track of this sort of information can
cause ugly problems.
Next, we explored remote troubleshooting. Some operating systems have
tools built in for this purpose. Not all remote troubleshooting tools are
created equal. If possible, it’s nice to be able to take remote control of the
machine you are troubleshooting. Wake-on-LAN network cards are also
handy for remote troubleshooting, and remote maintenance and administra-
tion of client machines.
There are quite a few common diagnostic tools that you will use. The
tools vary depending on the operating system. Generally, the ones that come
with Windows-based servers are easy to use with menu-driven options. In
the Unix and Linux worlds, you will often face command-line tools, and you
will need to know the proper syntax to make them work. Check your doc-
umentation for details on their usage.
Last, we looked at a troubleshooting checklist, and discussed real-life
troubleshooting versus test troubleshooting. Real-world experience is gener-
ally nothing but a positive thing when testing. Just remember that your job
on the test is to pick the best answer out of the choices you are given.
Exam Essentials
Understand what a bottleneck is. Bottlenecks are limiting system
resources. Because of a bottleneck, the system runs slower than it proba-
bly should.
Know how to eliminate bottlenecks. You will probably never eliminate
all bottlenecks in your server. But if you can eliminate as many of them as
possible, your server will run well and clients will be happy. Sometimes
tweaking a server configuration can help. However, the best way to reduce
bottlenecks is by adding faster (or bigger) hardware to the server.
Know how to undo a failed configuration change. This depends on
your operating system. As an example, in Windows 2000 you can boot
into Safe Mode, and undo the change you made. Or if you installed an
application that is causing problems, remove it with Add/Remove Pro-
grams in Control Panel. To remove an application on a Linux server, use
the rpm utility.

Exam Essentials 563
Know how to identify and replace failed hardware. The failed piece of
hardware is the one that’s not working. All joking aside, isolate the prob-
lem by trying different hardware and seeing if it works. Alternately, you
can try the suspect piece of hardware in another functional machine.
Actual step-by-step details on replacing hardware vary per device. How-
ever, reading the hardware manual or looking at the vendor’s website can
give you good instructions.
Understand how to protect against viruses. A good antivirus program
is your best protection. Know that if you are on the Internet though, you
can never be 100 percent certain that you will not contract a virus.
Know how to deal with corrupt files. Corrupt files need to be restored
from the most recent valid tape backup.
Know what log files are good for. Log files won’t magically fix any-
thing by themselves, but they will give you clues as to what the problem
is. If you receive information in a log file that does not make a lot of sense
(like the Event IDs in Microsoft’s Event Viewer), check the vendor’s
online documentation for more details on how to proceed.
Understand the importance of documentation. Vendors don’t publish
manuals with their products because they think the books make the pack-
age lighter and reduce shipping charges. Manuals are there to assist you
in the installation, configuration, and troubleshooting of their product. If
the manual does not have the information you are looking for, check the
vendor’s website for the latest news.
Know what wake-on-LAN is. Wake-on-LAN is a technology that
allows administrators to boot remote computers from their network
cards. It’s useful for remote troubleshooting and administration.
Know how to troubleshoot for the exam. If you know what tools you
have available, and what each of the tools does, you will be in good shape.
Remember, your job on the test is to pick the best answer available.

Key Terms
ing terms:
baseline NetFinity
bottleneck Systems Management Server
(SMS)
field replaceable units wake-on-LAN (WOL)
(FRUs)
hardware compatibility list Z.E.N.works
(HCL)

Review Questions
1. You are the server administrator for your company. The company has
three servers, one of which holds the users’ home directories. The net-
work is connected to the Internet through a Cisco router. Recently,
files have started to disappear off of the servers. It appears to be ran-
dom and intermittent. You perform a security audit, and there is not
one user account responsible for the deletions. What is the most likely
cause of the problem?
A. The server hard drives are getting old and need replacement.
B. The server I/O bus is getting old and needs replacement.

C. There is a virus on the network.
D. One of the users is randomly deleting files.
2. You are the network administrator for an insurance firm that has five
offices throughout the state. Users complain that when you update
their machines during the day, it slows their productivity greatly. They
cannot service their customers as well, don’t make as many sales, and
their supervisor is not pleased. What technology could you implement
to reduce the interruptions associated with updating the user worksta-
tions throughout the company?
A. PC Anywhere
B. Wake-on-LAN
C. Software Automater
D. Systems Management Automater
3. You are the NetWare administrator for your network. You have
four NetWare servers, all in the same NDS tree. The servers are run-
ning NetWare 5.1. Recently, one of the servers performed an abend,
and had to be brought back up manually. You want to know what
caused the problem. Where should you look?

A. The abend.log file in sys:system
B. The boot$log.err file in sys:system
C. The vol$log.err file in sys:system
D. The sys$log.err file in sys:system

E. The crash$log.err file in sys:system
4. You are running four Windows 2000 Server computers on your net-
work. You have configured a domain called mycompany.local. Two
of your servers are domain controllers, and the other two are member
servers in the domain. Your domain controllers also provide DNS ser-
vices for your network. You believe that one of your processors in one
of your domain controllers is being overworked. What utility should
you use to verify this?
A. Network Monitor
B. System Monitor
C. Monitor
D. System Resource Meter
5. Your network has two Linux servers. You want to reboot one of the
servers. You want to warn the users, have the server wait ten minutes,
and then reboot automatically. What command should you execute?
A. shutdown –r +t10 “Save your work now, the server is rebooting!”
B. shutdown –r +10 “Save your work now, the server is rebooting!”
C. reboot –r +t10 “Save your work now, the server is rebooting!”

D. reboot –r +10 “Save your work now, the server is rebooting!”
ning NetWare 5.1. You suspect that someone is trying to hack into
one of your servers by using brute force. Where should you check to
see if this is the case?

7. You are the hardware administrator for your company’s seven servers.
Recently, you were instructed to purchase new memory for one of the
machines. You purchased the required memory, and have installed it
in the server. However, upon rebooting the server, the new memory is
not recognized. You take it back to the store, where they test it and
determine the memory to be functional. Their store policy is to not
accept refunds or exchanges for open memory. What is the most likely
cause of why the RAM is not recognized?
A. The RAM is nonfunctional.
B. You must install new RAM chips in pairs, not individually.
C. The new RAM chip has more memory than your current RAM
chips, and you cannot mix different sizes in one machine.
D. The RAM you purchased is incompatible with the current RAM
installed in the server.
8. You are the network administrator on a mixed Windows NT 4 and

Novell NetWare 4.11 network. You have a total of seven network
servers. Recently, users have been complaining of unusually slow server
access. It seems to be related to all servers, which are on their own net-
work segment. However, accessing other clients does not seem to be a
slow process. What tool can you use to see if there is excessive network
traffic on the servers’ network segment?
A. System Monitor
B. Network Monitor
C. Network Resource Meter

D. Performance Monitor

9. You have recently installed an application called Finance on one of

your Linux servers. The application seems to be causing problems
with other applications that were previously installed. What can you
execute to remove the Finance application without disturbing the
other applications?
A. rpm –e Finance
B. rpm –r Finance
C. linuxconf –remove Finance

D. linuxconf –delete Finance
10. You are the network administrator for your company. You have three
NetWare 5.1 servers, and fifty client machines. You know that Net-
Ware is self-tuning when it comes to performance, but you want to
know how busy your processors are in the server. What utility will
allow you to check this?
A. Performance Monitor
B. System Monitor
C. Monitor
D. Since NetWare is self-tuning, this cannot be done.
11. You are the hardware administrator for your company. One of your
servers has just had a problem, and you go to investigate. One of the
other administrators says that a hard drive crashed, and needs to be
replaced immediately. You notice that the case has not been removed
from the server. How should you proceed?
A. Get a new hard drive and replace the failed drive immediately.
B. Test the machine to make sure it’s the hard drive that failed.
C. Replace the defective hard drive immediately and document your
solution in the server log book.
D. Go back to getting the soundcard to work on your personal work-
station.

ning NetWare 5.1. You suspect that one of your hard drives may be
experiencing errors. Where should you check to see if this is the case?
13. You are the hardware administrator for your company’s five servers.
Recently, you were instructed to purchase new memory for one of the
machines. You purchased the required memory, and have installed it
in the server. However, upon rebooting the server, the new memory is
not recognized. You place the RAM into another server to test it, and
it works properly. What is the most likely cause of why the RAM is
not recognized in the intended server?
A. The server’s motherboard already has the maximum amount of
RAM that it will support installed.
B. You must install new RAM chips in pairs, not individually.
C. The RAM is nonfunctional.
D. The system BIOS does not recognize the new memory chip.
14. You are the administrator of a Windows 2000 Server. You recently
installed a new third-party name-resolution service on your server.
Now, when you reboot the server, you receive many error messages,
and then the server hangs. You need to make the server operational as
quickly as possible. How should you proceed?
A. Reinstall the server from the Windows 2000 Server CD.
B. Reinstall the server from the most recent tape backup.
C. Boot the server into the Recovery Console, and use ntdsutil to
restore the server to its previous state.
D. Boot the server into Safe Mode, and remove the new service.
Reboot the server.

15. You are the network administrator for your company. While running
Performance Monitor on one of your Windows NT servers, you notice
that your processor time is constantly between 90 and 100 percent.
What should you do, if anything, to rectify the situation? (Choose all
that apply.)
A. Install a second processor in the server.
B. Install a new, faster processor in the server.
C. Install more RAM into the server.

D. Install new SCSI hard disks into the server.
E. Do nothing. It’s normal to have the processor working above

90 percent.
ning NetWare 5.1. One of the servers was powered off last night, and
you are not sure why. When you attempt to boot the server now, it
seems to proceed normally, and then hangs up. You attempt to reboot
again, but it appears to have the same problem. What file do you most
want to look at to see what the problem is?
17. One of your network servers has recently experienced corrupted files.
Three users insist that they lost important project files that were stored
on the server. How should you proceed in an attempt to recover the
missing files?

A. Have each user use the rollback command from the command
prompt to restore the files.
B. Have each user open the application that the files used. The appli-
cation will have a cached copy of the missing files. Save those files,
and have the users use them.
C. Restore the files from the most recent tape backup of the server.
D. Scold the users for not having a local copy of these important files.
Remind them about the importance of backing up critical files.
18. You are the network administrator for your company’s Microsoft
Windows NT network. You have four servers, and have a domain.
After performing an upgrade on the server that functions as your
DHCP server, you reboot the machine. You receive an error message
saying that the DHCP Service has failed to start. Where should you
check to get more information on this error?
A. Event Viewer, System log
B. Event Viewer, Application log
C. Microsoft’s support website
D. The Windows Help file on DHCP
E. DHCP Manager
19. You are a network administrator for your company. You have twelve
servers, including one Microsoft Windows 2000 Server functioning as
your dial-in server. Periodically, users complain that they are discon-
nected from the RRAS server without any warning. What source
should you check to see if you can find out what the problem is?
A. The ras.log file
B. The ppp.log file
C. The device.log file
D. The RRAS Connection Manager utility

20. You are the server administrator for your company. One of your users
has noticed that every time they perform a specific operation within
one of your mission critical applications, it crashes unexpectedly. You
verify that this happens. You delete and reinstall the application, and
the crash continues to persist. What should you do to rectify the
situation?
A. Check with your hardware vendor’s website to see if there are any
known fixes or patches.
B. Check with your software vendor’s website to see if there are any
known fixes or patches.
C. Delete and reinstall the application again, and see if the crash
goes away.
D. Uninstall the application.


1. C. Viruses can do many things, and one of the things they do best is
to delete files. In the question, it mentions that there is not one user
account responsible, so that rules out answer D. Old hard drives do
not randomly delete files, nor do old I/O busses. If a hard drive were
to fail, it would likely take all of the files with it, not just some of them.
2. B. Wake-on-LAN is a technology that allows you to remotely boot the
machines. You can then schedule the machines to wake at night, per-
form the necessary maintenance and/or troubleshooting tasks, and then
have the machines power back down. There will be no need to bother
the users unless their machine has problems during the workday.
3. A. When NetWare servers perform an abend, it’s not pretty. An
abend is a hard system crash, which means the server needs to be
rebooted. After the reboot following an abend, there will be an
abend.log file in the sys:system volume. Check there for helpful
information. Of the possible answers, only the crash$log.err file
does not exist.
4. B. Network Monitor is used to capture and examine network pack-
ets. System Monitor is the Windows 2000 performance monitoring
utility. Monitor is a NetWare monitoring utility. System Resource
Meter comes with Windows 98.
5. B. The proper command to use is shutdown. The –r switch tells the
server to automatically reboot. When indicating time, you just need
a + sign and the number of minutes you wish to give the users. Warning
messages should be in quotes.
6. D. The sys$log.err file records system messages, including server
errors, system alerts, and security violations.
7. D. The RAM was tested, so you know it works. Most likely, how-
ever, it doesn’t want to play nice with the RAM you have currently
installed in the server. Oftentimes there is no clear reason why; it just
doesn’t want to work. It may indeed be a different size (512MB versus
256MB, for example), but that is irrelevant.

8. B. Network Monitor is a Windows NT utility that allows you to ana-

lyze network traffic. It may be that the cause of the slowdown on the
server segment is that one of the network cards is failing and is starting
to broadcast excessively. Network Monitor can help you track down
broadcast offenders. System Monitor comes with Windows 2000. Per-
formance Monitor can tell you how busy the NIC is, but it will not tell
you who is causing the problem.
9. A. To remove an application from a Linux server, you can use the
same utility (rpm) that you used to install the application. The correct
switch to remove software is –e.
10. C. The Monitor utility is used to view system statistics, including
how busy your processor is. Performance Monitor and System Mon-
itor are Windows NT and Windows 2000 utilities, respectively.
11. B. If the case has not been removed, it’s unlikely that the other tech-
nician has done much (if any) hardware troubleshooting. It’s best to
test things first, and make sure the hard drive is indeed the culprit,
before you replace parts. Of course, you want to document your solu-
tion, but once again, test to make sure you know what’s broken before
you replace parts.
12. C. The vol$log.err file records errors regarding the volumes on
your servers.
13. A. You tested the RAM, so you know it works. Obviously, the BIOS
does not recognize the memory, but that doesn’t answer the question
of “why?” The best answer is that your motherboard is already maxed
out in RAM. Check with your motherboard’s documentation to see
how much RAM it can support.
14. D. Reinstalling the server may work, but it’s certainly not a time-
friendly option. The best way to proceed is to boot into Safe Mode and
remove the evil service.
15. A, B. The processor should run consistently below 80 percent. Spikes
above 80 are normal, but the processor should not consistently run
that high. Installing a second processor or a faster processor will help.
It’s possible that more RAM or new hard drives may help, but not
as significantly as directly addressing the problem. The processor is
overworked.

16. B. The boot$log.err file records all events during the boot process.
Granted, in this case, if you can’t boot the server up, it may be hard to
get to that file. However, it’s the one you would want to look at if you
could get to it.
17. C. It’s the administrator’s responsibility to back up file servers. If the
users are missing files, then the administrator can restore them from a
recent tape backup. Generally, you should not leave it to the users to
back up their own files. The rollback command, in relation to restor-
ing files, does not exist.
18. A. Error messages that pop up when you boot will log more informa-
tion in the System log of Event Viewer. Go there first to find out more
information. If you are still stumped as to how to fix the problem, you
can use the provided Event ID and search Microsoft’s support site for
more information.
19. C. The device.log file will log all activity that goes through the
serial ports of your RRAS server. If users are being intermittently dis-
connected, this file may be able to give you an indication as to why.
20. B. This is a good time to check with the software vendor and see if
they know about the problem that you’re having. Their website may
have a fix or patch that alleviates the problem. If not, you will cer-
tainly want to call their tech support and see if they can fix it. If they
are unwilling or unable to, search for an alternate product.

Server+ Glossary

578 Glossary
10Base2 An Ethernet standard which uses 802.11 The family of 802.11 IEEE standards
thinnet coaxial cable baseband communication includes several varations on high-speed wire-
at 10 megabits per second (Mbps) over a max- less networking, including 802.11a and
imum distance of 200 meters. 802.11b.
10Base5 This Ethernet standard uses 80286 Also called the 286. A 16-bit micro-
thicknet coaxial wire with 10 megabits per processor from Intel, first released in February
second (Mbps) transfer speed at a maximum 1982 and used by IBM in the IBM PC/AT com-
distance of 500 meters. puter. Since then it has been used in many other
IBM-compatible computers. The 80286 uses a
10BaseT An Ethernet standard that uses 16-bit data word and a 16-bit data bus, and it
twisted-pair cabling at a transmission speed uses 24 bits to address memory.
of 10 megabits per second (Mbps) and a max-
imum distance of 100 meters. 80287 Also called the 287. A floating-point
processor from Intel, designed for use with the
386 enhanced mode In Microsoft Win- 80286 CPU chip. When supported by applica-
dows, the most advanced and complex of tion programs, a floating-point processor can
the different operating modes, 386 enhanced speed up floating-point and transcendental
mode lets Windows access the protected mode math operations by 10 to 50 times. The 80287
of the 80386 (or higher) processor for extended conforms to the IEEE 754-1985 standard for
memory management and multitasking for binary floating-point operations, and it is avail-
both Windows and non-Windows application able in clock speeds of 6, 8, 10, and 12MHz.
programs.
80386DX Also called the 80386, the 386DX,
802.3 An IEEE standard that defines a bus and the 386. A full 32-bit microprocessor intro-
topology network that uses a 50-ohm coaxial duced by Intel in October 1985 and used in
baseband cable and carries transmissions at many IBM and IBM-compatible computers.
10Mbps. This standard groups data bits into Available in 16-, 20-, 25-, and 33MHz ver-
frames and uses the Carrier Sense Multiple sions, the 80386 has a 32-bit data word, can
Access with Collision Detection (CSMA/CD) transfer information 32 bits at a time over the
cable access method to put data on the data bus, and can use 32 bits in addressing
cable. memory. The 80386 is equivalent to about
802.5 The IEEE 802.5 standard specifies a 275,000 transistors, and can perform 6 million
physical star, logical ring topology that uses a instructions per second. The floating-point pro-
token-passing technology to put the data on the cessor for the 80386DX is the 80387.
cable. IBM developed this technology for their 80386SX Also called the 386SX. A lower-
mainframe and minicomputer networks. IBM’s cost alternative to the 80386DX micropro-
name for it was Token Ring. The name stuck, cessor, 80386SX was introduced by Intel in
and any network using this type of technology 1988. Available in 16-, 20-, 25-, and 33MHz
is called a Token Ring network.

Glossary 579
versions, the 80386SX is an 80386DX with internally but at 25MHz while communicating
a 16-bit data bus. This design allows systems with other system components, including
to be configured using cheaper 16-bit compo- memory and the other chips on the mother-
nents, leading to a lower overall cost. The board, thus maintaining its overall system com-
floating-point processor for the 80386SX is patibility. 50- and 66MHz versions of the DX2
the 80387SX. are available. The 486DX2 contains 1.2 million
transistors and is capable of 40 million instruc-
80387 Also called the 387. A floating-point tions per second.
processor from Intel, 80387 was designed for
use with the 80386 CPU chip. When supported 80486SX Also called the 486SX. A 32-bit
by application programs, a floating-point pro- microprocessor introduced by Intel in April
cessor can speed up floating-point and tran- 1991. The 80486SX can be described as an
scendental math operations by 10 to 50 times. 80486DX with the floating-point processor
The 80387 conforms to the IEEE 754-1985 circuitry disabled. Available in 16-, 20-, and
standard for binary floating-point operations 25MHz versions, the 80486SX contains the
and is available in speeds of 16, 20, 25, and equivalent of 1.185 million transistors and can
33MHz. execute 16.5 million instructions per second.
80486DX Also called the 486 or i486. 80487 Also called the 487. A floating-point
80486DX is a 32-bit microprocessor intro- processor from Intel, designed for use with the
duced by Intel in April 1989. The 80486 repre- 80486SX CPU chip. When supported by appli-
sents the continuing evolution of the 80386 cation programs, a floating-point processor can
family of microprocessors and adds several speed up floating-point and transcendental
notable features, including on-board cache, math operations by 10 to 50 times. The 80487
built-in floating-point processor and memory is essentially a 20MHz 80486 with the floating-
management unit, as well as certain advanced point circuitry still enabled. When an 80487 is
provisions for multiprocessing. Available in added into the coprocessor socket of a mother-
25-, 33-, and 50MHz versions, the 80486 is board running the 80486SX, it effectively
equivalent to 1.25 million transistors and can becomes the main processor, shutting down
perform 20 million instructions per second. the 80486SX and taking over all operations.
The 80487 conforms to the IEEE 754-1985
80486DX2 Also known as the 486DX2. A standard for binary floating-point operations.
32-bit microprocessor introduced by Intel in
1992. It is functionally identical to and 100 8086 This 16-bit microprocessor from
percent compatible with the 80486DX, but it Intel was first released in June 1978, and it
has one major difference: the DX2 chip adds is available in speeds of 4.77MHz, 8MHz,
what Intel calls speed-doubling technology— and 10MHz. The 8086 was used in a variety of
meaning that it runs twice as fast internally as early IBM-compatible computers as well as the
it does with components external to the chip. IBM PS/2 Model 25 and Model 30. The 8086
For example, the DX2-50 operates at 50MHz uses a 16-bit data word and a 16-bit data bus.

580 Glossary
The 8086 contains the equivalent of 29,000 Active Directory The Active Directory, a
transistors and can execute 0.33 million feature of Windows 2000, stores information
instructions per second. about users, computers, and network resources.
The Active Directory is stored in databases on
8088 This 16-bit microprocessor from Intel special Windows 2000 Server computers called
was released in June 1978, and it was used in Domain Controllers.
the first IBM PC, as well as the IBM PC/XT,
Portable PC, PCjr, and a large number of IBM- Active hubs A type of hub that uses elec-
compatible computers. The 8088 uses a 16-bit tronics to amplify and clean up the signal
data word, but transfers information along before it is broadcast to the other ports.
an 8-bit data bus. Available in speeds of
4.77MHz and 8MHz, the 8088 is approxi- active matrix A type of liquid crystal display
mately equivalent to 29,000 transistors and that has a transistor for each pixel in the screen.
can execute 0.33 million instructions per active-matrix screen An LCD display mech-
second. anism that uses an individual transistor to con-
8-bit bus The type of expansion bus that was trol every pixel on the screen. Active-matrix
used with the original IBM PC. The bus can screens are characterized by high contrast,
transmit 8 bits at a time. a wide viewing angle, vivid colors, and fast
screen refresh rates, and they do not show the
Accelerated Graphics Port (AGP) bus A streaking or shadowing that is common with
type of 32-bit expansion bus that runs at cheaper LCD technology.
66MHz. It is a very high-speed bus that is
used primarily for video expansion cards actuator arm The device inside a hard disk
and can transfer data at a maximum drive that moves the read/write heads as a
throughput 508.6MBps. group in the fixed disk.
access control list A method of controlling adapter fault tolerance This process
network resources by allowing or denying involves installing and configuring more than
access to users. This list of rules is created and one network card (adapter) in a computer to
maintained on the server. provide continuous operation should a fault
arise in a network card.
access time The period of time that elapses
between a request for information from disk address bus The internal processor bus used
or memory and the information arriving at for accessing memory. The width of this bus
the requesting device. Memory access time determines how much physical memory a pro-
refers to the time it takes to transfer a char- cessor can access.
acter from memory to or from the processor, address The precise location in memory or
while disk access time refers to the time it on disk where a piece of information is stored.
takes to place the read/write heads over the Every byte in memory and every sector on a
requested data. disk have their own unique addresses.

Glossary 581
Administrative Tools In Windows 2000 or infection. Some antivirus programs are

Professional, this is the group of utilities used to terminate-and-stay-resident programs that can
manage many common configuration and detect suspicious activity on your computer as
maintenance tasks. it happens, while others must be run periodi-
cally as part of your normal housekeeping
Alert A message sent by an agent to inform an activities.
administrator that a problem has occurred or a
threshold has been reached. Application layer The seventh, or highest,
layer in the International Organization for Stan-
allocation unit An allocation unit is a por- dardization’s Open Systems Interconnection
tion of the hard drive that is used by the com- (ISO/OSI) model for computer-to-computer
puter when saving information to the drive. communications. This layer uses services
Smaller allocation units are generally more effi- provided by the lower layers, but is completely
cient, because they result in less wasted space. insulated from the details of the network hard-
alpha Extremely early versions of computer ware. It describes how application programs
software are called “alpha code.” Alpha code is interact with the network operating system,
generally incomplete and unusable, and it is including database management, e-mail, and
almost never released to the public. terminal emulation programs.
analog Describes any device that represents application servers Also called appservers,
changing values by a continuously variable these servers share out applications (software
physical property such as voltage in a circuit, programs) to users over a network.
fluid pressure, liquid level, and so on. An archive bit A file attribute that is used to
analog device can handle an infinite number of determine whether a file has been updated since
values within its range. the last backup. A bit is set in the file directory
antistatic bag A bag designed to keep static to indicate the archive status.
charges from building up on the outside of a archiving The process of compressing
computer component during shipping. The bag numerous files into one compact file.
will collect some of the charges, but does not
drain them away as ESD mats do. ARP ARP stands for address resolution pro-
tocol. When a host on an IP based network
antistatic wrist strap (ESD strap) A spe- wants to send data to another host, the host
cially constructed strap worn to guard against name must be mapped to an IP address and the
the damages of ESD. One end of the strap is IP address mapped to a MAC address.
attached to an earth ground and the other is
wrapped around the technician’s wrist. array A grouping of hard disks that are the
same size, speed, and type. Often used within a
antivirus program An application program RAID conifguration.
you run to detect or eliminate a computer virus

582 Glossary
ASCII Acronym for American Standard angles to the expansion cards, thus allowing the
Code for Information Interchange. A standard fan from the power supply to assist in cooling
coding scheme that assigns numeric values to the CPU.
letters, numbers, punctuation marks, and con-
trol characters, to achieve compatibility among authentication The process of determining
different computers and peripherals. the identity and legitimacy of a user, node,
or process. Username and password are com-
assessment An evaluation performed to monly used to provide authentication.
measure the current status of either software
or hardware operations. Assessments are nor- AUTOEXEC.BAT A contraction of AUTO-
mally performed objectively with a set standard matically EXECuted BATch. AUTOEXEC.BAT
to measure performance. is a special DOS batch file, located in the root
directory of a startup disk, and it runs automat-
asynchronous Describes a type of communi- ically every time the computer is started or
cation that adds special signaling bits to each restarted.
end of the data. The bit at the beginning of the
information signals the start of the data and is auto-ranging multimeters A multimeter
known as the start bit. The next few bits are the that automatically sets its upper and lower
actual data that needs to be sent. Those bits are ranges depending on the input signal. These
known as the data bits. Stop bits indicate that multimeters are more difficult to damage by
the data is finished. Asynchronous communica- choosing the wrong range setting. See also
tions have no timing signal. multimeter.
AT bus Another name for the ISA bus. See Autorun On a CD-ROM, the Autorun
also ISA. option allows the CD to automatically start an
installation program or a menu screen when it
ATA version 2 (ATA-2) The second version is inserted into the CD-ROM drive.
of the original IDE (ATA) specification that
allowed drive sizes of several gigabtyes and availability Availability relates to a resource,
overcame the limitation of 528MB. It is also such as a server, which is currently accessible.
sometimes generically known as Enhanced IDE By including redundancy within your server
(EIDE). configuration, you are increasing the avail-
ability of the server.
Attached Resource Computer Network
(ARCNet) A network technology that uses a baby AT A type of motherboard form factor
physical star, logical ring, and token passing where the motherboard is smaller than the orig-
access method. It is typically wired with coaxial inal AT form factor.
cable. backup A duplicate copy made to be able to
ATX A motherboard form factor in which recover from an accidental loss of data.
the processor and memory slots are at right

Glossary 583
Backup The Backup utility for Windows has batch file File with a .bat extension that
evolved from a command-line program to a contains other DOS commands. By typing the
GUI program. name of the batch file and pressing Enter, DOS
will process all of the batch file commands, one
backup drive A device used to create a at a time, without need for any additional user
backup of computer data for safe storage. input.
Backup devices normally use removable
media that hold the backed-up data. baud rate In communications equipment, a
measurement of the number of state changes
backup set A related collection of backup (from 0 to 1 or vice versa) per second on an
media. asynchronous communications channel.
backup software Programs and utilities Berg connector A type of connector most
used to back up data to a tape drive or other commonly used in PC floppy drive power
device. Third-party backup programs offer cables; it has four conductors arranged in
more features than the standard utilities a row.
included with operating systems.
beta Beta code is software that has reached
backup source The device or data being the stage where is usable and generally stable,
backed up. but it is not completely finished. Beta code is
bandwidth In communications, the differ- often released to the public for testing on an “as
ence between the highest and the lowest fre- is” basis, and user comments are then used to
quencies available for transmission in any given finish the release version of the product.
range. In networking, the transmission capacity bias voltage The high-voltage charge
of a computer or a communications channel applied to the developing roller inside an EP
stated in megabits or megabytes per second; the cartridge.
higher the number, the faster the data transmis-
sion takes place. Bindery Novell’s database containing all the
information about users, workstations, servers,
baseline A measure of performance during and other objects recognized by the server. The
what is considered a normal workload. Bindery was replaced in version 4 by NetWare
BASH Bourne Again SHell is GNU’s com- Directory Services (NDS).
mand interpreter for Unix. See Bourne also. binary Any scheme that uses two different
basis weight A measurement of the “heavi- states, components, conditions, or conclusions.
ness” of paper. The number is the weight, in In mathematics, the binary (base-2) numbering
pounds, of 500 17"× 22" sheets of that type system uses combinations of the digits 0 and 1
of paper. to represent all values.

584 Glossary
biometrics The integration of computer first turn on or reset your computer. A set of
authentication and unique human characteris- instructions contained in ROM begin exe-
tics. Biometrics will often include fingerprints, cuting, first running a series of power on self-
retinal scanning, voice recognition, or identifi- tests (POSTs) to check that devices, such as
cation of other unique human characteristics. hard disks, are in working order, then locating
and loading the operating system, and finally
BIOS (basic input/output system) The passing control of the computer over to that
ROM-based software on a motherboard that operating system.
acts as a kind of interpreter between an oper-
ating system and a computer’s hardware. bootable disk Any disk capable of loading
and starting the operating system, although
BIOS CMOS setup program Program that most often used when referring to a floppy
modifies BIOS settings in the CMOS memory. disk. In these days of larger and larger oper-
This program is available at system startup ating systems, it is less common to boot from
time by pressing a key combination such as a floppy disk. In some cases, all of the files
Alt+F1 or Ctrl+F2. needed to start the operating system will not
BIOS shadow A copy of the BIOS in fit on a single floppy disk, which makes it
memory. impossible to boot from a floppy.
bit Contraction of BInary digiT. A bit is the bottleneck Bottlenecks are locations
basic unit of information in the binary num- where the performance is hindered due to poor
bering system, representing either 0 (for off) or performance. This can include processor speed,
1 (for on). Bits can be grouped together to make amount of RAM, and hard drive speeds.
up larger storage units, the most common being Bourne An early command interpreter and
the 8-bit byte. A byte can represent all kinds script language for Unix created by S.R. Bourne
of information, including the letters of the of Bell Laboratories.
alphabet, the numbers 0 through 9, and
common punctuation symbols. BPS (bits per second) A measurement of
how much data (how many bits) is being trans-
bit-mapped font A character in a specific mitted in one second. Typically used to describe
typestyle and size, defined by a pattern of dots. the speed of asynchronous communications
The computer must keep a complete set of (modems).
bitmaps for every typestyle you use on your
system, and these bitmaps can consume large bridge This type of connectivity device oper-
amounts of disk space. ates in the Data Link layer of the OSI model. It
is used to join similar topologies (Ethernet to
boot The loading of an operating system Ethernet, Token Ring to Token Ring) and
into memory, usually from a hard disk, to divide traffic on network segments. This
although occasionally from a floppy disk. This device will pass information destined for one
is an automatic procedure begun when you

Glossary 585
particular workstation to that segment, but it decimal portion of the version number; for
will not pass broadcast traffic. example, the revision level may advance from 2
to 2.01 or 2.1, rather than from 2 to 3.
broadcasting Sending a signal to all entities
that can listen to it. In networking, it refers to bus A set of pathways that allow information
sending a signal to all entities connected to that and signals to travel between components
network. inside or outside of a computer.
brouter In networking, a device that com- bus clock A chip on the motherboard that
bines the attributes of a bridge and a router. A produces a type of signal (called a clock signal)
brouter can route one or more specific proto- that indicates how fast the bus can transmit
cols, such as TCP/IP, and bridge all others. information.
brownout A short period of low voltage bus connector slot A slot made up of
often caused by an unusually heavy demand for several small copper channels that grab the
power. matching “fingers” of the expansion circuit
boards. The fingers connect to copper path-
browser A piece of software used to access ways on the motherboard.
the Internet. Common browsers are Netscape’s
Navigator and Microsoft’s Internet Explorer. bus mastering A technique that allows
certain advanced bus architectures to delegate
bubble-jet printer A type of sprayed ink control of data transfers between the Central
printer, this type uses an electric signal that Processing Unit (CPU) and associated periph-
energizes a heating element, causing ink to eral devices to an add-in board.
vaporize and get pushed out of the pinhole
and onto the paper. bus mouse A mouse connected to the com-
puter using an expansion board plugged into an
bug A logical or programming error in hard- expansion slot, instead of simply connected to a
ware or software that causes a malfunction of serial port as in the case of a serial mouse.
some sort. If the problem is in software, it can
be fixed by changes to the program. If the fault bus topology Type of physical topology that
is in hardware, new circuits must be designed consists of a single cable that runs to every
and constructed. Some bugs are fatal and cause workstation on the network. Each computer
the program to hang or cause data loss, others shares that same data and address path. As
are just annoying, and many are never even messages pass through the trunk, each work-
noticed. station checks to see if the message is addressed
for itself. This topology is very difficult to recon-
bug-fix A release of hardware or software figure, since reconfiguration requires you to
that corrects known bugs but does not contain disconnect and reconnect a portion of the net-
additional new features. Such releases are usu- work (thus bringing the whole network down).
ally designated only by an increase in the

586 Glossary
byte Contraction of BinarY digiT Eight. A capacitive touch screen Type of display
group of 8 bits that, in computer storage terms, monitor that has two clear plastic coatings over
usually holds a single character, such as a the screen, separated by air. When the user
number, letter, or other symbol. presses the screen in a particular spot, the
coatings are pressed together and the controller
C One of several commonly used shells for registers a change in the total capacitance of
administering Unix. (See also Bourne and the two layers. The controller then determines
BASH.) (C is also a programming language.) where the screen was pressed by the capaci-
cable access methods Methods by which tance values and sends that information to the
stations on a network get permission to computer in the form of x,y coordinates.
transmit their data. capacitor An electrical component, normally
cache Pronounced cash. A special area of found in power supplies and timing circuits,
memory, managed by a cache controller, that used to store electrical charge.
improves performance by storing the contents card services Part of the software support
of frequently accessed memory locations and needed for PCMCIA (PC Card) hardware
their addresses. When the processor references devices in a portable computer, controlling the
a memory address, the cache checks to see if it use of system interrupts, memory, or power
holds that address. If it does, the information management. When an application wants to
is passed directly to the processor; if not, a access a PC Card, it always goes through the
normal memory access takes place instead. A card services software and never communicates
cache can speed up operations in a computer in directly with the underlying hardware.
which RAM access is slow compared with its
processor speed, because the cache memory is carpal tunnel syndrome A form of wrist
always faster than normal RAM. injury caused by holding the hands in an
awkward position for long periods of time.
cache memory Fast SRAM memory used to
store, or cache, frequently used instructions carriage motor Stepper motor used to move
and data. the print head back and forth on a dot-matrix
printer.
capacitive keyboard Keyboard designed
with two sheets of semi-conductive material cathode-ray tube See CRT.
separated by a thin sheet of Mylar inside the
keyboard. When a key is pressed, the plunger CCD (charge-coupled device) A device that
presses down and a paddle connected to allows light to be converted into electrical
the plunger presses the two sheets of semi- pulses.
conductive material together, changing the CCITT Acronym for Comité Consultatif Inter-
total capacitance of the two sheets. The nationale de Téléphonie et de Télégraphie. An
controller can tell by the capacitance value organization, based in Geneva, that develops
returned which key was pressed.

Glossary 587
worldwide data communications standards. Centronics parallel interface A standard

CCITT is part of the ITU (International Tele- 36-pin interface in the PC world for the exchange
communications Union). The organization has of information between the PC and a peripheral,
been renamed ITU-T (ITU Telecommunications such as a printer, originally developed by the
Standardization Sector). printer manufacturer Centronics, Inc. The stan-
dard defines eight parallel data lines, plus addi-
CD-ROM Acronym for compact disc read- tional lines for status and control information.
only memory. A high-capacity, optical storage
device that uses compact disc technology to CGA Acronym for Color/Graphics Adapter.
store large amounts of information: up to CGA is a video adapter that provided low-
650MB (the equivalent of approximately resolution text and graphics. CGA provided
300,000 pages of text) on a single 4.72" disk. several different text and graphics modes,
including 40- or 80-column by 25-line,
CD-RW (CD-Rewritable) An optical disc 16-color text mode, and graphics modes of
that lets you write on it in multiple sessions. 640 horizontal pixels by 200 vertical pixels
One of the problems with CD-R discs is that with 2 colors, or 320 horizontal pixels by
you can only write to them once. With CD-RW 200 vertical pixels with 4 colors. CGA has
drives and discs, you can treat the optical disc been superseded by later video standards,
just like a hard disk and write data onto it including EGA, VGA, SuperVGA, and XGA.
multiple times.
charge-coupled device See CCD (charge-
Central Processing Unit (CPU) The com- coupled device).
puting and control part of the computer.
The CPU in a mainframe computer may be charging corona The wire or roller that is
contained on many printed circuit boards, used to put a uniform charge on the EP drum
the CPU in a minicomputer may be contained inside a toner cartridge.
on several boards, and the CPU in a PC is
contained in a single extremely powerful checksum A method of providing informa-
microprocessor. tion for error detection, usually calculated by
summing a set of values.
centralized processing A network pro-
cessing scheme in which all “intelligence” is checksumming An error-checking routine
found in one computer and all other computers that runs a mathematical equation against a
send requests to the central computer to be set of data and comes up with a result, called a
processed. Mainframe networks use central- checksum. The data is then transmitted, and the
ized processing. receiver then runs the same formula against
the data transmitted and compares the result
Centronics 50 A high-density 50-pin con- to the checksum. If they are the same, the trans-
nector commonly used for SCSI interfaces. mission is considered successful.

588 Glossary
chip creep The slow self-loosening of chips clock doubling Technology that allows a
from their sockets on the system board as a chip to run at the bus’s rated speed externally,
result of the frequent heating and cooling of but still be able to run the processor’s internal
the board (which causes parts of the board— clock at twice the speed of the bus. This tech-
significantly, the chip connector slots—to alter- nology improves computer performance.
nately expand and shrink).
clock rate See clock speed.
chip puller A tool that is used on older
(pre-386) systems to remove the chips without clock signal Built-in metronome-like signal
damaging them. that indicates how fast the components can
operate.
clean install A process by which the current
application or operating system is completely clock speed Also known as clock rate. The
removed and a new copy is installed. All traces internal speed of a computer or processor, nor-
of the original version are completely mally expressed in MHz. The faster the clock
removed. speed, the faster the computer will perform a
specific operation, assuming the other compo-
cleaning step The step in the EP print pro- nents in the system, such as disk drives, can
cess where excess toner is scraped from the EP keep up with the increased speed.
drum with a rubber blade.
clock tripling A type of processor design
client A network entity that can request where the processor runs at one speed exter-
resources from the network or server. nally and at triple that speed internally.
client computers A computer that requests cluster The smallest unit of hard disk space
resources from a network. that DOS can allocate to a file, consisting of
one or more contiguous sectors. The number of
client-server Client-server architecture sectors contained in a cluster depends on the
describes computer programs specifically hard disk type and operating system.
designed to use the processing power of both
the server and the client machines in the comple- clustering Connecting two or more com-
tion of their tasks. Generally this means that the puters together in such a way that they behave
client makes an initial request to the server, like a single computer. Clustering is often used
and the server then does some initial processing to provide parallel processing, Load Balancing,
on the request. The result of that processing and fault tolerance.
is then returned to the client, or to another
machine for additional work to be done with it. CMIP (Common Management Information
Protocol) Designed as a replacement for
client software Software that allows a SNMP, but not yet widely adopted, CMIP is
device to request resources from a network. a network management protocol. CMIP

Glossary 589
provides better security and better reporting of In Windows 2000, the computer name is
unusual network conditions. always the same as the machine’s host name,
while in Windows 9x the two can be different.
CMOS Acronym for Complementary Metal
Oxide Semiconductor. An area of nonvolatile conditioning step The step in the EP print
memory that contains settings that determine process where a uniform charge is applied
how a computer is configured. to the EP drum by the charging corona or
charging roller.
CMOS battery A battery used to power
CMOS memory so that the computer won’t conductor Any item that permits the flow of
lose its settings when powered down. electricity between two entities.
cold backup site A backup site that contains CONFIG.SYS In DOS and OS/2, a special
basic equipment for running a business in case text file containing settings that control the way
of disaster at the primary location. Cold backup that the operating system works. CONFIG.SYS
sites require hardware and software setup and must be located in the root directory of the
configuration before use. default boot disk, normally drive C, and is read
by the operating system only once as the system
command line Describes a computer inter- starts running. Some application programs and
face that uses basic prompts and requires the peripheral devices require you to include spe-
user to type in commands; also the line itself. cial statements in CONFIG.SYS, while other
COMMAND.COM Takes commands issued commands may specify the number of disk-
by the user through text strings or click actions read buffers or open files on your system,
and translates them back into calls that can be specify how the disk cache should be config-
understood by the lower layers of DOS. It is the ured, or load any special device drivers your
vital command interpreter for DOS. system may need.
Complementary Metal Oxide connectivity devices Any device that facili-

Semiconductor See CMOS. tates connections between network devices.
Some examples include hubs, routers, switches,
computer hardware faults A failure that and gateways.
occurs in computer hardware that is being
monitored. The fault is generally reported by contacts DIMMs use gold for all contacts
the operating system or third-party hardware but SIMMs can use tin or gold. When adding
monitors. RAM, be sure the new RAM uses the same
metal as the existing RAM.
computer name The name by which a
Microsoft computer is known on the network. Control Program for Microcomputer
This is a NetBIOS name (up to 15 characters in (CP/M) A computer operating system that
length), which must be unique on the network. was an early competitor of Microsoft’s DOS

590 Glossary
system. CP/M was a command-line system that crosstalk Problem related to electromagnetic
was developed by Gary Kildall. fields when two wires carrying electrical signals
run parallel and one of the wires induces a
conventional memory The amount of signal in the second wire. If these wires are
memory accessible by DOS in PCs using carrying data, the extra, unintended signal can
an Intel processor operating in real mode, cause errors in the communication. Crosstalk
normally the first 640K. is especially a problem in unshielded parallel
cooperative hot backup site A cooperative cables that are longer than 10 feet.
hot backup site (see entry for hot backup site) is CRT Acronym for cathode-ray tube. A dis-
shared between two or more businesses in hope play device used in computer monitors and tele-
of reducing the total costs of ownership (TCO). vision sets. A CRT display consists of a glass
The backup site is designed to meet the needs of vacuum tube that contains one electron gun for
each company involved. a monochrome display, or three (red, green,
cooperative multitasking A form of multi- and blue) electron guns for a color display.
tasking in which all running applications must Electron beams from these guns sweep rapidly
work together to share system resources. across the inside of the screen from the upper-
left to the lower-right of the screen. The inside
corona roller Type of transfer corona of the screen is coated with thousands of phos-
assembly that uses a charged roller to apply phor dots that glow when they are struck by the
charge to the paper. electron beam. To stop the image from flick-
ering, the beams sweep at a rate of between 43
corona wire Type of transfer corona assembly. and 87 times per second, depending on the
Also, the wire in that assembly that is charged by phosphor persistence and the scanning mode
the high voltage supply. It is narrow in diameter used—interlaced or non-interlaced. This is
and located in a special notch under the EP print known as the refresh rate and is measured in
cartridge. Hz. The Video Electronics Standards Associa-
tion (VESA) recommends a vertical refresh rate
Counter Logs Monitor Lets you set a period
of 72Hz, noninterlaced, at a resolution of 800
of time during which the information gathered
by 600 pixels.
in the System Monitor will be recorded in a text
file on the hard drive. This allows you to main- cylinder A hard disk consists of two or more
tain a record of performance. This record can platters, each with two sides. Each side is fur-
be reviewed at a later date or used to compare ther divided into concentric circles known as
to data gathered at another time. tracks, and all the tracks at the same concentric
position on a disk are known collectively as a
CPU (Central Processing Unit) See Central
cylinder.
Processing Unit (CPU).
daily rotation Daily rotation is not consid-
CPU clock Type of clock signal that dictates
ered a suitable backup strategy. In a daily
how fast the CPU can run.

Glossary 591
rotation, the same tape is used every day. There Data Link layer The second of seven layers of
is no offsite storage of media, and no opportu- the International Standards Organization’s
nity to restore data unless the problem is Open Systems Interconnection (ISO/OSI) model
discovered within a day. for computer-to-computer communications.
The Data Link layer validates the integrity of
daisy-chaining Pattern of cabling where the the flow of data from one node to another by
cables run from the first device to the second, synchronizing blocks of data and by controlling
second to the third, and so on. If the devices the flow of data.
have both an “in” and an “out,” the in of the
first device of each pair is connected to the out data set ready See DSR.
of the second device of each pair.
data terminal equipment See DTE.
daisy-wheel printer An impact printer that
uses a plastic or metal print mechanism with data terminal ready See DTR.
a different character on the end of each spoke data transfer rate The speed at which a disk
of the wheel. As the print mechanism rotates drive can transfer information from the drive to
to the correct letter, a small hammer strikes the the processor, usually measured in megabits or
character against the ribbon, transferring megabytes per second.
the image onto the paper.
daughterboard A printed circuit board that
DAT See digital audiotape (DAT). attaches to another board to provide additional
data bits In asynchronous transmissions, the functions.
bits that actually comprise the data; usually 7 DB-25 A 25-pin connector used to interface
or 8 data bits make up the data word. external devices with the computer. Commonly
data bus Bus used to send and receive data to used for a parallel port or original SCSI-1
the microprocessor. connector.
data compression Any method of encoding DB connector Any of several types of cable
data so that it occupies less space than in its connectors used for parallel or serial cables.
original form. The number following the letters DB (for data
bus) indicates the number of pins that the
data encoding scheme (DES) The method connector usually has.
used by a disk controller to store digital infor-
mation onto a hard disk or floppy disk. DES de facto Latin translation for by fact. Any
has remained unbroken despite years of use; it standard that is a standard because everyone
completely randomizes the information so is using it.
that it is impossible to determine the encryp- default gateway The router that all packets
tion key even if some of the original text is are sent to when the workstation doesn’t know
known.

592 Glossary
where the destination station is, or when it denial of service attack (DoS) A type of
can’t find the destination station. network attack that prevents users, even legiti-
mate users, from accessing the network.
de jure Latin translation for by law. Any
standard that is a standard because a standards DES See data encoding scheme (DES).
body decided it should be so.
Desktop Contains the visible elements of
debouncing A keyboard feature that elimi- Windows and defines the limits of the graphic
nates unintended triggering of keystrokes. It environment.
works by having the keyboard controller con-
stantly scan the keyboard for keystrokes. Only Desktop Control Panel Windows utility
keystrokes that are pressed for more than two that is used to configure the system so it is more
scans are considered keystrokes. This prevents user friendly. This Control Panel contains the
spurious electronic signals from generating settings for the background color and pattern
input. as well as screen saver settings.
decimal The base-10 numbering system that developing roller The roller inside a toner
uses the familiar numbers 0–9. cartridge that presents a uniform line of toner
to help apply the toner to the image written on
dedicated server The server that is assigned the EP drum.
to perform a specific application or service.
developing step The step in the EP print
default gateway If a user needs to communi- process where the image written on the EP
cate by TCP/IP with a computer that is not on drum by the laser is developed, that is, it has
their subnet (the local network segment) the toner stuck to it.
computer needs to use a gateway to access this
remote network. The default gateway is simply device driver A small program that allows a
the path that is taken by all outgoing traffic computer to communicate with and control
unless another path is specified. a device.
defragmentation The process of reorga- Device Manager A utility in Windows 9x and

nizing and rewriting files so that they occupy Windows 2000 that allows the user to view and
one large continuous area on your hard disk modify hardware settings. Device drivers can be
rather than several smaller areas. installed or upgraded, and problems with devices
can be found and dealt with here.
demilitarized zone (DMZ) A dedicated area
located between the private network and the DEVICE= Command found in the DOS
public Internet. Servers and resources that need CONFIG.SYS that tells DOS which driver to
to be accessed by both networks are located in find and load into memory at boot time.
this zone, while the private servers and services DEVICEHIGH= Command that is used to
are located in the private network. A DMZ load the device drivers into upper memory
helps protect the private network.

Glossary 593
blocks, thereby freeing up space in conven- DIN-n Circular type of connector used with
tional memory. computers. (The n represents the number of
connectors.)
diagnostic program A program that tests
computer hardware and peripherals for correct DIP (Dual Inline Package) A standard
operation. In the PC, some faults are easy to housing constructed of hard plastic commonly
find, and these are known as “hard faults”; the used to hold an integrated circuit. The circuit’s
diagnostic program will diagnose them cor- leads are connected to two parallel rows of pins
rectly every time. Others, such as memory designed to fit snugly into a socket; these pins
faults, can be difficult to find; these are called may also be soldered directly to a printed-
“soft faults” because they do not occur every circuit board. If you try to install or remove
time the memory location is tested, but only dual inline packages, be careful not to bend or
under very specific circumstances. damage their pins.
differential backup A type of backup that DIP switch A small switch used to select
backs up files that have changed since the last the operating mode of a device, mounted as
full backup. a Dual Inline Package. DIP switches can be
either sliding or rocker switches and are often
digital audiotape (DAT) A method of grouped together for convenience. They are
recording information in digital form on a used on printed circuit boards, dot-matrix
small audiotape cassette. Many gigabytes of printers, modems, and other peripherals.
information can be recorded on a cassette, and
so a DAT can be used as a backup medium. direct memory access See DMA (direct
Like all tape devices, however, DATs are rela- memory access).
tively slow.
directory Directories are used to organize
digital signal A signal that consists of dis- files on the hard drive. Another name for a
crete values. These values do not change over directory is a folder. Directories created inside
time; in effect, they change instantly from one or below others are called “subfolders” or
value to another. “subdirectories.”
digital signature A digital signature is used Direct Rambus A memory bus that transfers
to verify the identity of the sender and/or origin data at 800MHz over a 16-bit memory bus.
of the message. It is a unique value associated Direct Rambus memory models (often called
with a transaction and cannot be forged. RIMMs), like DDR SDRAM, can transfer data
on both the rising and falling edges of a clock
DIMM (Dual Inline Memory Module) cycle.
Memory module that is similar to a SIMM
(Single Inline Memory Module), except that Direct Rambus RAM A type of memory cre-
a DIMM is double-sided. There are memory ated by Rambus Inc. with transfer speeds of up
chips on both sides of the memory module. to 800MHz.

594 Glossary
directory services Software that stores infor- or hard disks installed in the computer. A single
mation about objects on a network and makes disk controller may manage more than one
this information available to users and network hard disk; many disk controllers also manage
administrators. Windows 2000 uses AD, while floppy disks and compatible tape drives.
Novell 4 and newer versions use NDS.
disk drive A peripheral storage device that
direct-solder method A method of attaching reads and writes to magnetic or optical disks.
chips to the motherboard where the chip is sol- When more than one disk drive is installed on a
dered directly to the motherboard. computer, the operating system assigns each
drive a unique name—for example A and C in
disaster recovery The process involving DOS, Windows, and OS/2.
rebuilding or repairing computer systems/data
after a disaster has struck. disk duplexing In networking, a fault-
tolerant technique that writes the same infor-
disaster recovery plan A carefully created mation simultaneously onto two different hard
plan, which is regularly updated, that outlines disks. Disk duplexing is supported by most of
the steps to follow in dealing with a data the major network operating systems and is
disaster. It can include disaster prevention, designed to protect the system against a single
or fault tolerance planning. disk failure; it is not designed to protect against
disk cache An area of computer memory multiple disk failures and is no substitute for a
where data is temporarily stored on its way to well-planned series of disk backups.
or from a disk. A disk cache mediates between diskless workstation A networked com-
the application and the hard disk, and when an puter that does not have any local disk storage
application asks for information from the hard capability.
disk, the cache program first checks to see if
that data is already in the cache memory. If it is, disk mirroring In networking, a fault-
the disk cache program loads the information tolerant technique that writes the same infor-
from the cache memory rather than from the mation simultaneously onto two different hard
hard disk. If the information is not in memory, disks, using the same disk controller. In the
the cache program reads the data from the disk, event of one disk failing, information from the
copies it into the cache memory for future other can be used to continue operations. Disk
reference, and then passes the data to the mirroring is offered by most of the major net-
requesting application. work operating systems and is designed to pro-
tect the system against a single disk failure; it is
disk-caching program A program that reads not designed to protect against multiple disk
the most commonly accessed data from disk failures and is no substitute for a well-planned
and keeps it in memory for faster access. series of disk backups.
disk controller The electronic circuitry that disk operating system See DOS.
controls and manages the operation of floppy

Glossary 595
distributed processing A computer system plan (as well as the collection itself). All rele-
in which processing is performed by several vant information is documented and kept in
separate computers linked by a communica- a safe place for future reference.
tions network. The term often refers to any
computer system supported by a network, but domain The security structure for Windows
more properly refers to a system in which each NT Server and Windows 2000 Active Direc-
computer is chosen to handle a specific work- tory; the namespace structure of TCP/IP’s DNS
load and the network supports the system as structure.
a whole. Domain Name System (DNS) DNS allows
DIX Ethernet The original name for the TCP/IP-capable users anywhere in the world to
Ethernet network technology. Named after the find resources in other companies or countries
original developer companies, Digital, Intel, by using their domain name. Each domain is an
and Xerox. independent namespace for a particular organi-
zation, and DNS servers manage requests for
DLT (digital linear tape) DLT is a form of information about the IP addresses of partic-
backup media that uses magnetic ribbon tape ular DNS entries. DNS is used to manage all
within a cartridge to store data. names on the Internet.
DMA (direct memory access) A method of dongle A special cable that provides a con-
transferring information directly from a mass- nector to a circuit board that doesn’t have one.
storage device such as a hard disk or from an For example, a motherboard may use a dongle
adapter card into memory (or vice versa), to provide a serial port when there is a ribbon
without the information passing through the cable connector for the dongle on the mother-
processor. board, but there is no serial port.
DMA channels Dedicated circuit pathways dongle connection A connector on a moth-

on the motherboard that make DMA possible. erboard where a dongle will connect.
docking station A hardware system into DOS Acronym for disk operating system,
which a portable computer fits so that it can an operating system originally developed by
be used as a full-fledged desktop computer. Microsoft for the IBM PC. DOS exists in two
Docking stations vary from simple port replica- very similar versions: MS-DOS, developed and
tors (that allow you access to parallel and serial marketed by Microsoft for use with IBM-
ports and a mouse) to complete systems (that compatible computers; and PC-DOS, sup-
give you access to network connections, CD- ported and sold by IBM for use only on
ROMs, even a tape backup system or PCMCIA computers manufactured by IBM.
ports).
DOS Environment Variables Variables that
documentation The process of carefully col- specify global things like the path that DOS
lecting information pertaining to an event or a searches to find executables.

596 Glossary
DOS extender A small program that extends downtime The measurement of time during
the range of DOS memory. For example, which a computer system is unusable. This
HIMEM.SYS allows DOS access to the includes both time during a failure as well as
memory ranges about 1024K. the time involved in repairing a failure.
DOS prompt A visual confirmation that DRAM See dynamic RAM (DRAM).
DOS is ready to receive input from the key-
board. The default prompt includes the current drawing tablet Pointing device that includes
drive letter followed by a right angle bracket a pencil-like device (called a stylus) for drawing
(for example, C>). You can create your on its flat rubber-coated sheet of plastic.
own custom prompt with the PROMPT drive bay An opening in the system unit into
command. which you can install a floppy disk drive, hard
DOS shell An early graphic user interface for disk drive, or tape drive.
DOS that allowed users to manage files and run drive geometry Term used to describe the
programs through a simple text interface and number of cylinders, read/write heads, and
even use a mouse. It was soon replaced by sectors in a hard disk.
Windows.
drive hole Hole in a floppy disk that allows
dot-matrix printer An impact printer that the motor in the disk drive to spin the disk. Also
uses columns of small pins and an inked ribbon known as the hub hole.
to create the tiny pattern of dots that form the
characters. Dot-matrix printers are available in drive letter In DOS, Windows, and OS/2,
9-, 18-, or 24-pin configurations. the drive letter is a designation used to specify a
particular hard or floppy disk. For example, the
dot pitch In a monitor, the vertical distance first floppy disk is usually referred to as drive A,
between the centers of like-colored phosphors and the first hard disk as drive C.
on the screen of a color monitor, measured in
millimeters (mm). driver See device driver.
dots per inch (dpi) A measure of resolution driver signing In order to prevent viruses
expressed by the number of dots that a device and poorly written drivers from damaging your
can print or display in one inch. system, Windows 2000 uses a process called
driver signing that allows companies to digi-
double data rate synchronous dynamic tally sign their device software, and it also
RAM (DDR SDRAM) Supports data transfer allows administrators to block the installation
on both edges of the clock cycle, which effec- of unsigned drivers.
tively doubles memory chip throughput.
driver software See device driver.
double-density disk A floppy disk with a
storage capacity of 360KB. D-Shell See DB connector.

Glossary 597
DSR Abbreviation for data set ready. A hard- duplex. Half-duplex channels can transmit
ware signal defined by the RS-232-C standard only or receive only. Most dial-up services
to indicate that the device is ready. available to PC users take advantage of full-
duplex capabilities, but if you cannot see what
D-Sub See DB connector. you are typing, switch to half duplex. If you are
DTE Abbreviation for data terminal equip- using half duplex and you can see two of every
ment. In communications, any device, such as a character you type, change to full duplex.
terminal or a computer, connected to a commu- duplex printing Printing a document on
nications channel or public network. both sides of the page so that the appropriate
DTR Abbreviation for data terminal ready. A pages face each other when the document is
hardware signal defined by the RS-232-C stan- bound.
dard to indicate that the computer is ready to dynamic electricity See electricity.
accept a transmission.
Dynamic Host Configuration Protocol
dual-booting If a single machine must be (DHCP) DHCP manages the automatic
used for many tasks, it may be necessary for assignment of TCP/IP addressing information
it to have multiple operating systems installed (such as the IP address, subnet mask, default
simultaneously. To do this a boot manager pre- gateway and DNS server). This can save a great
sents the user with a choice of which operating deal of time when configuring and maintaining
system to use at startup. To use a different OS a TCP/IP network.
the user would have to shut down the system,
restart it, and select the other OS. Dynamic Link Library (DLL) files Windows
component files that contain small pieces of
Dual Inline Memory Module See DIMM executable code that are shared between mul-
(Dual Inline Memory Module). tiple Windows programs. They are used to
Dual Inline Package See DIP (Dual Inline eliminate redundant programming in certain
Package). Windows applications. DLLs are used exten-
sively in Microsoft Windows, OS/2, and in
dumb terminal A combination of keyboard Windows NT. DLLs may have filename exten-
and screen that has no local computing power, sions of .dll, .drv, or .fon.
used to input information to a large, remote
computer, often a minicomputer or a main- dynamic RAM (DRAM) A common type of
frame. This remote computer provides all the computer memory that uses capacitors and
processing power for the system. transistors storing electrical charges to repre-
sent memory states. These capacitors lose
duplex In asynchronous transmissions, the their electrical charge, and so they need to be
ability to transmit and receive on the same refreshed every millisecond, during which time
channel at the same time; also referred to as full they cannot be read by the processor. DRAM

598 Glossary
chips are small, simple, cheap, easy to make, EDO (Extended Data Out) RAM A type of
and hold approximately four times as much DRAM that increases memory performance by
information as a static RAM (SRAM) chip of eliminating wait states.
similar complexity. However, they are slower
than static RAM. Processors operating at clock EEPROM Acronym for Electrically Eras-
speeds of 25MHz or more need DRAM with able Programmable Read-Only Memory.
access times of faster than 80 nanoseconds (80 A memory chip that maintains its contents
billionths of a second), while SRAM chips can without electrical power, and whose contents
be read in as little as 15 to 30 nanoseconds. can be erased and reprogrammed either within
the computer or from an external source.
dynamic state table A dynamic state table EEPROMs are used where the application
is used for packet filtering. The dynamic state requires stable storage without power but
table keeps track of all communication sessions may have to be reprogrammed.
between stations inside and outside of a fire-
wall. The list is called dynamic because it is EGA Acronym for Enhanced Graphics
constantly updated as communication sessions Adapter. A video adapter standard that pro-
are established and ended. vides medium-resolution text and graphics.
EGA can display 16 colors at the same time
ECC (error correcting circuits) Began with from a choice of 64, with a horizontal resolu-
the Pentium class of computers. Parity checking tion of 640 pixels and a vertical resolution of
provided single-bit error detection for the system 350 pixels. EGA has been superseded by VGA
memory, but did not handle multi-bit errors and and SVGA.
provided no means to correct memory errors.
ECC will detect both single-bit and multi-bit EISA Acronym for Extended Industry Stan-
errors, as well as attempt to correct single- dard Architecture. A PC bus standard that
bit errors. Like parity checking, ECC requires extends the traditional AT-bus to 32 bits and
a setting in the BIOS program to be enabled. allows more than one processor to share the
bus. EISA has a 32-bit data path and, at a bus
edge connector A form of connector con- speed of 8MHz, can achieve a maximum
sisting of a row of etched contacts along the throughput of 33 megabytes per second.
edge of a printed circuit board that is inserted
into an expansion slot in the computer. EISA Configuration Utility (EISA Config)
The utility used to configure an EISA bus
eDirectory Novell directory software expansion card.
(currently version 8.6.1) is a Lightweight
Directory Access Protocol (LDAP)-enabled, Electrically Erasable Programmable Read-
directory-based identity management system Only Memory See EEPROM.
that centralizes the management of user iden- electricity The flow of free electrons from
tities, access privileges, and other network one molecule of substance to another. This
resources. flow of electrons is used to do work.

Glossary 599
electromagnetic drawing tablets Type of Enhanced Graphics Adapter See EGA.

drawing tablet that has grids of wires under-
neath the rubberized surface. The stylus contains enhanced keyboard A 101-key or 102-key
a small sensor that is sensitive to electromagnetic keyboard introduced by IBM that has become
fields. At timed intervals, an electromagnetic the accepted standard for PC keyboard layout.
pulse is sent across the grid. The sensor in the Unlike earlier keyboards, it has 12 function keys
stylus picks up these pulses. across the top, rather than 10 function keys in
a block on the left side, has extra Ctrl and Alt
electromagnetic interference (EMI) Any keys, and has a set of cursor control keys
electromagnetic radiation released by an between the main keyboard and the numeric
electronic device that disrupts the operation keypad.
or performance of any other device.
Enhanced Small Device Interface (ESDI) A
electron gun The component of a monitor popular hard-disk, floppy-disk, and tape-drive
that fires electrons at the back of the phosphor- interface standard, capable of a data transfer
coated screen. rate of 10 to 20 megabits per second. ESDI is
most often used with large hard disks.
electrostatic discharge (ESD) When two
objects of dissimilar charge come in contact environment variables These are used to set
with one another, they will exchange electrons certain system-wide parameters that can then
in order to standardize the electrostatic charge be used by applications running on the system.
between the two objects. This exchange, or dis- For instance, a system’s temporary directory
charge, can sometimes be seen as a spark or arc can be set to a specific location using an envi-
of electricity. Even when it cannot be seen it is ronment variable.
damaging to electronic components.
EP drum Device that is coated with a photo-
e-mail Electronic mail is generally sent across sensitive material that can hold a static charge
the Internet using protocols named SMTP (for when not exposed to light. The drum contains
sending) and POP3 (for receiving). a cleaning blade that continuously scrapes the
used toner off the photosensitive drum to keep
EMI See electromagnetic interference (EMI). it clean.
EMM386.EXE Reserved memory manager EP print process Six-step process an EP laser
that emulates Expanded Memory in the printer uses to form images on paper. In order,
Extended Memory area (XMS) and provides the steps are charging, exposing, developing,
DOS with the ability to utilize upper memory transferring, fusing, and cleaning.
blocks to load programs and device drivers.
EP printer (electrophotographic printer)
encoding Process by which binary informa- Printer that uses high voltage, a laser, and a
tion is changed into flux transition patterns on black carbon toner to form an image on a page.
a disk surface.

600 Glossary
EPROM Acronym for erasable program- event ID These numbers match a text descrip-
mable read-only memory. A memory chip that tion in a message file within Event Viewer. The
maintains its contents without electrical power, numbers can be used by product support repre-
and whose contents can be erased and repro- sentatives to understand what occurred in the
grammed by removing a protective cover and system. See Event Viewer.
exposing the chip to ultraviolet light.
Event Viewer A Microsoft utility that
ergonomics Standards that define the maintains logs about application, security, and
positioning and use of the body to promote a system events on a computer. You can use
healthy work environment. Event Viewer to view and manage the event
logs, gather information about hardware and
error/event log Error/event logs record pre- software problems, and monitor security
cise information about server events, such as events.
services starting and stopping, or users logging
on and off and accessing resources. This is one exit roller Found on laser and page printers,
of the first places to look for details about a the mechanism that guides the paper out of the
problem. printer into the paper-receiving tray.
ESD See electrostatic discharge (ESD). expanded memory page frame See page
frame.
ESD mat Preventive measure to guard
against the effects of ESD. The excess charge expanded memory specification (EMS)
is drained away from any item that comes in The original version of the Lotus-Intel-Microsoft
contact with it. Expanded Memory Specification (LIM EMS)
that lets DOS applications use more than 640KB
ESD wrist strap An antistatic device that of memory space.
attaches between the wrist of the user and a
ground, used to direct static charges away from expansion bus An extension of the main
the user and computer components. Often computer bus that includes expansion slots for
includes an embedded resistor. use by compatible adapters, such as memory
boards, video adapters, hard disk controllers,
Ethernet A network technology based on the and SCSI interface cards.
IEEE 802.3 CSMA/CD standard. The original
Ethernet implementation specified 10Mbps, expansion card A device that can be installed
baseband signaling, coaxial cable, and CSMA/ into a computer’s expansion bus.
CD media access.
expansion slot One of the connectors on the
even parity A technique that counts the expansion bus that gives an adapter access to
number of 1’s in a binary number and, if the system bus. You can add as many addi-
the number of 1’s is not an even number, tional adapters as there are expansion slots
adds a digit to make it even. (See also parity.) inside your computer.

Glossary 601
extended data output RAM (EDO RAM) A allows the processor to talk to other devices.
variant of dynamic random access memory that This component allows the CPU to talk to the
helps improve memory speed and performance other devices in the computer and vice versa.
by altering the timing and sequence of signals
that activate the circuitry for accessing memory external cache memory Separate expansion
locations. board that installs in a special processor-direct
bus that contains cache memory.
extended DOS partition A further optional
division of a hard disk, after the primary DOS external commands Commands that are not
partition, that functions as one or more addi- contained within COMMAND.COM. They are
tional logical drives. A logical drive is simply an represented by a .COM or .EXE extension.
area of a larger disk that acts as though it were external hard disk A hard disk packaged in
a separate disk with its own drive letter. its own case with cables and an independent
Extended Graphics Array See XGA. power supply rather than a disk drive housed
inside and integrated with the computer’s
Extended Industry Standard Architecture system unit.
See EISA.
external modem A stand-alone modem,
extended memory manager A device separate from the computer and connected by a
driver that supports the software portion of serial cable. LEDs on the front of the chassis
the extended memory specification in an IBM- indicate the current modem status and can be
compatible computer. useful in troubleshooting communications
problems. An external modem is a good buy if
Extended Memory System (XMS) you want to use a modem with different com-
Memory above 1,024KB that is used by puters at different times or with different types
Windows and Windows-based programs. of computer.
This type of memory cannot be accessed
unless the HIMEM.SYS memory manager is failback The process by which workload is
loaded in the DOS CONFIG.SYS with a line transferred back to the now-operational server
like DEVICE=HIMEM.SYS. after a fault resulting in failover.
extended partition If all of the space on a failover The process by which a backup
drive is not used in the creation of the drive’s server, network component, or service takes
primary partition, a second partition can be up the workload of a failed member.
created out of the remaining space. Called the
extended partition, this second partition can FAQ Acronym for Frequently Asked Ques-
hold one or more logical drives. tion. A document that lists some of the more
commonly asked questions about a product or
external bus An external component con- component. When researching a problem, the
nected through expansion cards and slots FAQ is usually the best place to start.

602 Glossary
FAT See file allocation table (FAT). field replacement unit See FRU (field
replacement unit).
fault tolerance A method of preparing a net-
work system, or some part of that system, to file allocation table (FAT) A table main-
improve its ability to function despite a hard- tained by DOS or OS/2 that lists all the clusters
ware, software, or system fault. This includes available on a disk. The FAT includes the loca-
installation of multiples of the same component tion of each cluster, as well as whether it is in
to prevent a single point of failure. use, available for use, or damaged in some way
and therefore unavailable. FAT also keeps
fax modem An adapter that fits into a track of which pieces belong to which file.
PC expansion slot and provides many of the
capabilities of a full-sized fax machine, but at file compression program An application
a fraction of the cost. program that shrinks program or data files, so
that they occupy less disk space. The file must
FDDI See fiber distributed data interface then be extracted or decompressed before you
(FDDI). can use it. Many of the most popular file com-
FDISK.EXE The DOS utility that is used to pression programs are shareware, like WinZIP,
partition hard disks for use with DOS. PKZIP, LHA, and StuffIt for the Macintosh,
although utility packages like PC Tools from
feed roller The rubber roller in a laser printer Central Point Software also contain file com-
that feeds the paper into the printer. pression programs.
fiber distributed data interface (FDDI) A file corruption Occasionally an improper

specification for fiber-optic networks trans- shutdown, a virus, or a random problem will
mitting at a speed of up to 100 megabits per cause a file’s information to become unread-
second over a dual, counter-rotating, Token able. This unreadable file is referred to as
Ring topology. FDDI is suited to systems that “corrupt” and it must be either repaired or
require the transfer of very large amounts of replaced.
information, such as medical imaging, 3D
seismic processing, oil reservoir simulation, file locking A feature of many network
and full-motion video. operating systems that prevents more than one
person from updating a file at the same time by
fiber optic cable A transmission technology “locking” the file.
that sends pulses of light along specially manu-
factured optical fibers. Each fiber consists of a File Manager Early Windows utility that
core, thinner than a human hair, surrounded by allows the user to accomplish a number of
a sheath with a much lower refractive index. important file-related tasks from a single
Light signals introduced at one end of the cable interface. This is a Windows 3.x feature
are conducted along the cable as the signals are only; Window 9x uses Explorer.
reflected from the sheath.

Glossary 603
file server A networked computer used to EEPROM—that maintains its contents when
store files for access by other client computers power is removed.
on the network. On larger networks, the file
server may run a special network operating fixed disk A disk drive that contains several
system; on smaller installations, the file server disks (also known as platters) stacked together
may run a PC operating system supplemented and mounted through their centers on a small
by peer-to-peer networking software. rod. The disks rotate as read/write heads float
above the disks that make, modify, or sense
file sharing In networking, the sharing of changes in the magnetic positions of the coat-
files via the network file server. Shared files can ings on the disk.
be read, reviewed, and updated by more than
one individual. Access to the file or files is often fixed resistor Type of resistor that is used to
regulated by password protection, account or reduce the current by a certain amount. Fixed
security clearance, or file locking, to prevent resistors are color coded to identify their resis-
simultaneous changes from being made by tance values and tolerance bands.
more than one person at a time. flash memory A special form of non-volatile
File Transfer Protocol (FTP) FTP is used to EEPROM that can be erased at signal levels
transfer large files across the Internet or any normally found inside the PC, so that you can
TCP/IP network. Special servers, called FTP reprogram the contents with whatever you like
servers, store information and then transfer without pulling the chips out of your computer.
it back to FTP clients as needed. FTP servers Also, once flash memory has been programmed,
can also be secured with a username and pass- you can remove the expansion board it is mou-
word to prevent unauthorized downloading nted on and plug it into another computer if
(retrieval of a file from the server) or uploading you wish.
(placing of a file on the server). flash utility A small software program cre-
FILER Novell NetWare 3.x utility used to ated to update the firmware software that runs
manage files on a network server. individual hardware components.
firewall A network component (either hard- flatbed scanner An optical device used to
ware or software) that provides a secure barrier digitize a whole page or a large image.
between networks or network segments. Fire- flat-panel display In laptop and notebook
walls use packet filtering, application filtering, computers, a very narrow display that uses one
or circuit-level filtering to prevent attacks or of several technologies, such as electrolumines-
unauthorized access. cence, LCD, or thin film transistors.
FireWire See IEEE-1394. flavor A term used in the Unix world to
firmware Any software stored in a form denote a variation or distribution of the Unix
of read-only memory—ROM, EPROM, or operating system.

604 Glossary
floating-point calculation A calculation of floppy drive cable A cable that connects the
numbers whose decimal point is not fixed but floppy drive(s) to the floppy drive controller.
moves or floats to provide the best degree of The cable is a 34-wire ribbon cable that usually
accuracy. Floating-point calculations can be has three connectors.
implemented in software, or they can be per-
formed much faster by a separate floating- floppy drive interfaces A connector on a
point processor. motherboard used to connect floppy drives to
the motherboard.
floating-point processor A special-purpose,
secondary processor designed to perform floptical disk A removable optical disk with
floating-point calculations much faster than a recording capacity of between 20 and 25
the main processor. megabytes.
floppy disk A flat, round, magnetically coated flux transition Presence or absence of a mag-
plastic disk enclosed in a protective jacket. Data netic field in a particle of the coating on the
is written onto the floppy disk by the disk drive’s disk. As the disk passes over an area the elec-
read/write heads as the disk rotates inside the tromagnet is energized to cause the material to
jacket. It can be used to distribute commercial be magnetized in a small area.
software, to transfer programs from one com- footprint The amount of desktop or floor
puter to another, or to back up files from a hard space occupied by a computer or display ter-
disk. Floppy disks in personal computing are of minal. By extension, also refers to the size of
two physical sizes, 5.25" or 3.5", and a variety software items such as applications or oper-
of storage capacities. The 5.25" floppy disk ating systems.
has a stiff plastic external cover, while the 3.5"
floppy disk is enclosed in a hard plastic case. form factor There are two primary form
IBM-compatibles use 5.25" and 3.5" disks, and factors for server machines—tower or rack
the Macintosh uses 3.5" disks. mount. The form factor defines the type of case
that the server is housed in, and which type you
floppy disk controller The circuit board that have will make a significant difference as to
is installed in a computer to translate signals what steps you take when moving the computer
from the CPU into signals that the floppy disk into its place in the server room.
drive can understand. Often it is integrated into
the same circuit board that houses the hard disk FORMAT.COM External DOS command
controller; it can, however, be integrated into that prepares the partition to store information
the motherboard in the PC. using the FAT system as required by DOS and
Windows 9x.
floppy disk drive A device used to read and
write data to and from a floppy disk. Floppy formatter board Type of circuit board
disk drives may be full-height drives, but more that takes the information the printer receives
commonly these days they are half-height from the computer and turns it into commands
drives. for the various components in the printer.

Glossary 605
formatting 1. To apply the page-layout com- between a cable and associated devices. FPT
mands and font specifications to a document (Force Perfect Termination) is an advanced form
and produce the final printed output. 2. The of active termination.
process of initializing a new, blank floppy disk
or hard disk so that it can be used to store full AT A type of motherboard form factor
information. where the motherboard is the same size as the
original IBM AT computer’s motherboard.
form factors Physical characteristics and
dimensions of drive styles. full backup Creates a full duplication of
all data each time that the backup process is
form feed (FF) A printer command that executed.
advances the paper in the printer to the top
of the next page by pressing the FF button full-duplex communications Communica-
on the printer. tions where both entities can send and receive
simultaneously.
fragmentation A disk storage problem
that exists after several smaller files have been function keys The set of programmable keys
deleted from a hard disk. The deletion of files on the keyboard that can perform special tasks
leaves the disk with areas of free disk space assigned by the current application program.
scattered throughout the disk. The fact that fuser Device on an EP Printer that uses two
these areas of disk space are located so far apart rollers to heat the toner particles and melt them
on the disk causes slower performance because to the paper. The fuser is made up of a halogen
the disk read/write heads have to move all heating lamp, a Teflon-coated aluminum fusing
around the disk’s surface to find the pieces roller, and a rubberized pressure roller. The
of one file. lamp heats the aluminum roller. As the paper
free memory An area of memory not passes between the two rollers, the rubber roller
currently in use. presses the paper against the heated roller. This
causes the toner to melt and become a perma-
Frequently Asked Question See FAQ. nent image on the paper.
friction feed A paper-feed mechanism that fusing assembly See fuser.

uses pinch rollers to move the paper through
a printer, one page at a time. fusing step The step in the EP process where
the toner image on the paper is fused to the
FRU (field replacement unit) The indi- paper using heat and pressure. The heat melts
vidual parts or whole assemblies that can be the toner and the pressure helps fuse the image
replaced to repair a computer. permanently to the paper.
FPT (Force Perfect Termination) Uses diode game port A DB-15 connector used to con-
switching and biasing to fill any fluctuations nect game devices (like joysticks) to a computer.

606 Glossary
gateway In networking, a shared connection execute in windows, using a consistent set of

between a local area network and a larger pull-down menus, dialog boxes, and other
system, such as a mainframe computer or a graphical elements such as scroll bars and
large packet-switching network. Usually icons.
slower than a bridge or router, a gateway typi-
cally has its own processor and memory and graphics accelerator board A specialized
can perform protocol conversions. Protocol expansion board containing a graphics copro-
conversion allows a gateway to connect two cessor as well as all the other circuitry found on
dissimilar networks; data is converted and a video adapter.
reformatted before it is forwarded to the new graphics mode A mode of a video card that
network. allows the video card to display graphics.
GDI.EXE Windows core component that is group icons A type of Windows icon that
responsible for drawing icons and windows in groups Windows program icons together in the
Windows 3.x. Program Manager.
General Protection Fault (GPF) A Win- GUI See graphical user interface (GUI).
dows error that typically occurs when a
Windows program tries to access memory half-duplex communications Communica-
currently in use by another program. tions that occur when only one entity can
transmit or receive at any one instant.
GFS (grandfather-father-son) A backup
rotation scheme that involves daily backups half-height drive A space-saving drive bay
(called the son), one full weekly backup (called that is half the height of the 3" drive bays used
the father), and one full monthly backup in the original IBM PC. Most of today’s drives
(called the grandfather). are half-height drives.
gigabyte One billion bytes; however, bytes hand-held scanner Type of scanner that is
are most often counted in powers of 2, and so small enough to be held in your hand. Used
a gigabyte becomes 2 to the 30th power, or to digitize a relatively small image or artwork,
1,073,741,824 bytes. it consists of the controller, CCD, and light
source contained in a small enclosure with
GPF See General Protection Fault (GPF). wheels on it.
graphical user interface (GUI) A graphics- hard disk controller An expansion board
based user interface that allows users to select that contains the necessary circuitry to control
files, programs, or commands by pointing to and coordinate a hard disk drive. Many hard
pictorial representations on the screen rather disk controllers are capable of managing more
than by typing long, complex commands from than one hard disk, as well as floppy disks and
a command prompt. Application programs even tape drives.

Glossary 607
hard disk drive A storage device that uses a updated by Microsoft for each of its Windows
set of rotating, magnetically coated disks called OSs) of all hardware currently known to be
platters to store data or programs. A typical compatible with a particular operating system.
hard disk platter rotates at up to 7200rpm, and Windows 98, NT, and 2000 all have their
the read/write heads float on a cushion of air own HCL.
from 10 to 25 millionths of an inch thick so that
the heads never come into contact with the hardware failure A computer failure that
recording surface. The whole unit is hermetically involves a hardware component that will not
sealed to prevent airborne contaminants from function as expected. Hardware failures often
entering and interfering with these close toler- require that the device be replaced rather than
ances. Hard disks range in capacity from a few repaired.
tens of megabytes to several gigabytes of storage hardware interrupt An interrupt or request
space; the bigger the disk, the more important a for service generated by a hardware device such
well thought out backup strategy becomes. as a keystroke from the keyboard or a tick from
hard disk interfaces A connector on a moth- the clock. Because the processor may receive
erboard that makes it possible to connect a several such signals simultaneously, hardware
hard disk to the motherboard. interrupts are usually assigned a priority level
and processed according to that priority.
hard disk system A disk storage system con-
taining the following components: the hard hardware ports See I/O address.
disk controller, hard disk, and host adapter. head The electromagnetic device used to read
hard memory error A reproducible memory from and write to magnetic media such as hard
error that is related to hardware failure. and floppy disks, tape drives, and compact
discs. The head converts the information read
hard reset A system reset made by pressing into electrical pulses sent to the computer for
the computer’s reset button or by turning the processing.
power off and then on again.
header Information that is attached to the
hard shutdown An unplanned shutdown beginning of a network data frame.
that involves a complete loss of power to the
operating system and all open programs. Heartbeat A signal generated periodically by
hardware or software to indicate that it is still
hardware All the physical electronic compo- running.
nents of a computer system, including periph-
erals, printed-circuit boards, displays, and heat sink A device that is attached to an
printers. electronic component that removes heat from
the component by induction. It is often a plate
hardware compatibility list (HCL) An HCL of aluminum or metal with several vertical
is a list (that is maintained and regularly fingers.

608 Glossary
hertz Abbreviated Hz. A unit of frequency High Voltage Differential (HVD) A SCSI
measurement; 1 hertz equals one cycle per signalling method that supports a throughput
second. of 40MBps at a cable length of 25 meters.
hexadecimal Abbreviated hex. The base-16 high-voltage probe A device used to drain
numbering system that uses the digits 0 to 9, away voltage from a monitor before testing. It
followed by the letters A to F (equivalent to the is a pencil shaped device with a metal point and
decimal numbers 10 through 15). Hex is a very a wire lead with a clip.
convenient way to represent the binary num-
bers computers use internally, because it fits HIMEM.SYS The DOS and Microsoft Win-
neatly into the 8-bit byte. All of the 16 hex dows device driver that manages the use of
digits 0 to F can be represented in 4 bits, and so extended memory and the high memory area
two hex digits (one digit for each set of 4 bits) on IBM-compatible computers. HIMEM.SYS
can be stored in a single byte. This means that not only allows your application programs to
1 byte can contain any one of 256 different hex access extended memory, it oversees that area
numbers, from 0 through FF. Hex numbers are to prevent other programs from trying to use
often labeled with a lowercase h (for example, the same space at the same time. HIMEM.SYS
1234h) to distinguish them from decimal must be loaded by a DEVICE command in
numbers. your CONFIG.SYS file; you cannot use
DEVICEHIGH.
high-density disk A floppy disk with more
recording density and storage capacity than a HMA See high memory area (HMA).
double-density disk. home page On the Internet, an initial
high-level format The process of preparing starting page. A home page may be related to a
a floppy disk or a hard disk partition for use by single person, a specific subject, or a corpora-
the operating system. In the case of DOS, a tion and is a convenient jumping-off point to
high-level format creates the boot sector, the other pages or resources.
file allocation table (FAT), and the root host The central or controlling computer in a
directory. networked or distributed processing environ-
high memory area (HMA) In an IBM- ment, providing services that other computers or
compatible computer, the first 64K of extended terminals can access via the network. Computers
memory above the 1MB limit of 8086 and connected to the Internet are also described as
8088 addresses. Programs that conform to hosts, and can be accessed using FTP, Telnet,
the extended memory specification can use Gopher, or a browser.
this memory as an extension of conventional host adapter Translates signals from the
memory although only one program can use or hard drive and controller to signals the com-
control HMA at a time. puter’s bus can understand.

Glossary 609
host name The name by which a computer is iFolder Novell iFolder is an Internet service
known on a TCP/IP network. This name must software that simplifies, accelerates, and secures
be unique within the domain that the machine access to your data across the Internet. Files are
is in. In Windows 2000 the computer name is kept dynamically updated and accessible wher-
always the same as the machine’s host name, ever the user is (as long as Internet access is
while in Windows 9x the two can be different. available).
hot backup site A hot backup site is an exact IMAP (Internet Message Access Protocol)
copy of the original business located in a dif- A protocol for retrieving e-mail messages. The
ferent physical space. This includes equipment, newest-release IMAP 4 is similar to POP3 but
software, and data. It is extremely expensive to contains advanced features.
create and maintain but the easiest to transition
to should the need arise. incremental backup A backup method that
backs up the files that have changed since the
hot plug A technology that allows installa- last backup (full, differential, or incremental)
tion of a hardware component, such as a hard was performed.
disk, in a computer without first powering
down the computer. Industry Standard Architecture (ISA) bus
An expansion bus used in the original AT
hub A connectivity device used to link several motherboards. ISA expansion busses transfer
computers together into a physical star topology. at 16 bits and are configured through the use of
They repeat any signal that comes in on one port jumpers on the expansion card.
and copies it to the other ports.
in-place upgrade When reformatting a hard
HVPS See high-voltage power supply disk on a server and performing a clean install
(HVPS). of the OS, you will find that most operating
systems provide in-place upgrade functionality.
hybrid topology A mix of more than one When you perform the upgrade, the configura-
topology type used on a network. tion settings for the old OS are migrated to the
Hypertext Transfer Protocol (HTTP) HTTP new OS. In many ways, an in-place upgrade is
is the protocol of the World Wide Web, and is the easiest option when you need to upgrade
used to send and receive web pages and other your OS.
content from an HTTP server (web server). integrated Describes a motherboard or other
HTTP makes use of linked pages, accessed via computer component that contains embedded
hyperlinks, which are words or pictures that, parts normally provided as separate components.
when clicked on, take you to another page.
IntranetWare Novell released IntranetWare in
I/O (input/output channels) The transfer 1996 and 1997. It is a product family designed
of data between a computer and a peripheral for intranet data sharing.
device. See I/O address.

610 Glossary
I/O address Lines on a bus used to allow IBM PS/2 A series of personal computers
the CPU to send instructions to the devices using several different Intel processors, intro-
installed in the bus slots. Each device is given its duced by IBM in 1987. The main difference
own communication line to the CPU. These between the PS/2 line and earlier IBM personal
lines function like one-way (unidirectional) computers was a major change to the internal
mailboxes. bus. Previous computers used the AT bus, also
known as industry-standard architecture, but
I/O ports See I/O address. IBM used the proprietary micro channel archi-
IP spoofing A hacking method that involves tecture in the PS/2 line instead. Micro channel
a hacker tricking a private network into architecture expansion boards will not work in
believing that his machine’s IP address belongs a computer using ISA. See IBM-compatible
within the private network. computer.
ipconfig A command-line utility that locates IC See integrated circuit (IC).

and displays the current TCP/IP configuration. icons On-screen graphics that act as doors
IBM-compatible computer Originally, any through which programs are started and there-
personal computer compatible with the IBM fore used to spawn windows. They are short-
line of personal computers. With the launch of cuts that allow a user to open a program or a
IBM’s proprietary micro channel architecture utility without knowing where that program is
in the PS/2 line of computers, which replaced or how it needs to be configured.
the AT bus, two incompatible standards IDE Acronym for integrated (or intelligent)
emerged, and so the term became misleading. drive electronics. A hard disk technology that
Now, it is becoming more common to use the can connect multiple drives together. These
term “industry-standard computer” when drives integrate the controller and drive into
referring to a computer that uses the AT or ISA one assembly. This makes them very inexpen-
bus, and the term “DOS computer” to describe sive. Because of this, IDE drives are the most
any PC that runs DOS and is based on one of commonly used disk technology installed in
the Intel family of chips. computers today.
IBM PC A series of personal computers based IEEE-1394 A high-speed digital interface
on the Intel 8088 processor, introduced by IBM most commonly used to transfer data between
in mid-1981. The PC was released containing computers and digital video cameras. It has a
16K of memory, expandable to 64K on the maximum data transfer rate of over 400Mbps
motherboard, and a monochrome video adapter (the original Apple Macintosh implementation
incapable of displaying bit-mapped graphics. is called FireWire).
The floppy disk drive held 160K of data and
programs. There was no hard disk on the orig- impact printer Any printer that forms
inal IBM PC; that came later with the release an image on paper by forcing a character
of the IBM PC/XT. image against an inked ribbon. Dot-matrix,

Glossary 611
daisy-wheel, and line printers are all impact an OverDrive processor can increase application
printers, whereas laser printers are not. performance by an estimated 40 to 70 percent.
incremental backup A backup of a hard intelligent hub A class of hub that can be
disk that consists of only those files created or remotely managed on the network.
modified since the last backup was performed.
interface Any port or opening that is specifi-
Industry Standard Architecture See ISA. cally designed to facilitate communication
between two entities.
ini file Text file that is created by an instal-
lation program when a new Windows applica- interface software The software for a
tion is installed. INI files contain settings for particular interface that translates software
individual Windows applications as well as for commands into commands that the printer
Windows itself. can understand.
initialization commands A set of commands interlacing A display technique that uses two
sent to a modem to prepare it to function. passes over the monitor screen, painting every
other line on the screen the first time and then
inoculating The process of protecting a com- filling in the rest of the lines on the second pass.
puter system against virus attacks by installing It relies on the physiological phenomenon
antivirus software. known as persistence of vision to produce the
input/output address See I/O address. effect of a continuous image.
integrated circuit (IC) Also known as a chip. interleaving Interleaving involves skipping
A small semiconductor circuit that contains sectors to write the data, instead of writing
many electronic components. sequentially to every sector. This evens out the
data flow and allows the drive to keep pace
integrated drive electronics See IDE. with the rest of the system. Interleaving is given
in ratios. If the interleave is 2:1, the disk skips 2
Integrated Services Digital Network See minus 1, or 1 sector, between each sector it
ISDN. writes (it writes to one sector, skips one sector,
then writes to the next sector following). Most
integrated system boards A system board
drives today use a 1:1 interleave, because
that has most of the computer’s circuitry
today’s drives are very efficient at transferring
attached, as opposed to having been installed
information.
as expansion cards.
International Organization for Standardiza-
Intel OverDrive OverDrive chips boost
tion (ISO) An international standards-making
system performance by using the same clock
body, based in Geneva, that establishes global
multiplying technology found in the Intel
standards for communications and information
80486DX-2 and DX4 chips. Once installed,

612 Glossary
exchange. (Note that ISO is not an acronym, but 80x86 family of processors supports 256
rather a Greek word meaning equal.) prioritized interrupts, of which the first 64
are reserved for use by the system hardware
Internet The Internet (Net) is the global TCP/ or by DOS.
IP network that now extends into nearly every
office and school. The World Wide Web is the interrupt request (IRQ) A hardware inter-
most visible part of the Internet, but e-mail, rupt signals that an event has taken place that
newsgroups, and FTP (to name just a few) are requires the processor’s attention, and may
also important parts of the Internet. come from the keyboard, the input/output
ports, or the system’s disk drives. In the PC, the
Internet address An IP or domain address main processor does not accept interrupts from
which identifies a specific node on the Internet. hardware devices directly; instead interrupts
Internet Protocol See IP. are routed to an Intel 8259A Programmable
Interrupt Controller. This chip responds to
Internet Service Provider (ISP) An ISP is each hardware interrupt, assigns a priority,
a company that provides Internet access for and forwards it to the main processor.
users. Generally ISPs are local or regional com-
panies that provide Internet access and e-mail interrupt request (IRQ) lines Hardware
addresses to users. lines that carry a signal from a device to the
processor.
internetwork Any TCP/IP network that
spans router interfaces is considered to be an IP Abbreviation for Internet Protocol. The
internetwork. This means that anything from a underlying communications protocol on which
small office with two subnets to the Internet the Internet is based. IP allows a data packet to
itself can be described as an internetwork. travel across many networks before reaching its
final destination.
interrupt A signal to the processor generated
by a device under its control (such as the system IP address In order to communicate on a
clock) that interrupts normal processing. An TCP/IP network, each machine must have a
interrupt indicates that an event requiring the unique IP address. This address is in the form
processor’s attention has occurred, causing x.x.x.x where x is a number from 0 to 255.
the processor to suspend and save its current IPCONFIG Used on Windows 2000 to view
activity and then branch to an interrupt service current IP configuration information and to
routine. This service routine processes the inter- manually request updated information from
rupt (whether it was generated by the system a DHCP server.
clock, a keystroke, or a mouse click) and when
it’s complete, returns control to the suspended IPP (Internet Printing Protocol) An Internet
process. In the PC, interrupts are often divided printing protocol designed by Novell and Xerox,
into three classes: internal hardware, external and supported by IETF. IPP allows for printing
hardware, and software interrupts. The Intel over the Internet with four main function

Glossary 613
areas: finding a printer’s capabilities, kilobits per second Abbreviated Kbps. The
allowing users to submit print jobs to a number of bits, or binary digits, transmitted
printer, allowing users to find printer status, every second, measured in multiples of 1024
and cancelling a previously submitted job. bits per second. Used as an indicator of com-
munications transmission rate.
IRQ See interrupt request (IRQ).
kilobyte Abbreviated K, KB, or Kbyte. 1024
ISA (Industry Standard Architecture) bus bytes.
The 16-bit bus design was first used in IBM’s
PC/AT computer in 1984. ISA has a bus speed of knowledge base A collection of regularly
8MHz and a maximum throughput of 8MBps. updated information pertaining to a specific
EISA is a 32-bit extension to this standard bus. topic.
ISDN Abbreviation for Integrated Services KVM (keyboard/video/mouse) A box that

Digital Network. A worldwide digital com- allows more than one computer to be con-
munications network emerging from existing trolled through a single keyboard, monitor,
telephone services, intended to replace all and mouse. The KVM box contains a switch
current systems with a completely digital that allows you to select which computer to
transmission system. Computers and other control.
devices connect to ISDN via simple, standard-
ized interfaces, and when complete, ISDN L1 cache Any cache memory that is inte-
systems will be capable of transmitting voice, grated into the CPU.
video, music, and data. L2 cache Any cache memory that is external
Jaz A backup device created by Iomega that to the CPU.
uses removable cartridges to store data. Jaz car- LAN See local area network (LAN).
tridges are available in 1 or 2 gigabyte sizes.
landing zone A safe location on a hard
joystick port See game port. drive where the actuator arm and read/write
jumper A small plastic and metal connector heads can safely come to a rest and not contact
that completes a circuit, usually to select the areas of the hard drive platters that
one option from a set of several user-definable contain data.
options. Jumpers are often used to select one Iaser printer A generic name for a printer
particular hardware configuration rather than that uses the electrophotographic (EP) print
another. process.
kernel file Windows core component that is laser scanner The assembly in an EP process
responsible for managing Windows resources printer that contains the laser. This component
and running applications. is responsible for writing the image to the
kilobit Abbreviated Kb or Kbit. 1024 bits EP drum.
(binary digits).

614 Glossary
latency The time that elapses between issuing uses electric current to align crystals in a special
a request for data and actually starting the data liquid. The rod-shaped crystals are contained
transfer. In a hard disk, this translates into the between two parallel transparent electrodes,
time it takes to position the disk’s read/write and when current is applied, they change their
head and rotate the disk so that the required orientation, creating a darker area. Many LCD
sector or cluster is under the head. Latency is screens are also backlit or side-lit to increase
just one of many factors that influence disk visibility and reduce the possibility of eyestrain.
access speeds.
line conditioner A device placed between a
LCD See liquid crystal display (LCD). computer and the electrical source. Line condi-
tioners protect electronic equipment from
LCD monitor A monitor that uses liquid power surges, spikes, and brownouts.
crystal display technology. Many laptop and
notebook computers use LCD displays because Linux A freely available operating system
of their low power requirements. based on Unix. Linux’s open architecture lends
it especially well to custom engineering to meet
least significant bit (LSB) In a binary individual needs.
number, the lowest-order bit. That is, the right-
most bit. So, in the binary number 0001, the 1 Load Balancing A strategy in which requests
is the least significant bit. are distributed across all available channels.
The idea behind Load Balancing is to equalize
LED page printer A type of EP process the traffic stress across multiple devices rather
printer that uses a row of LEDs instead of a than place a major burden on one. Similar to
laser to expose the EP drum. clustering, in that two or more servers team up
LED panels Small light panels located either to do a single job: What distinguishes Load Bal-
on the front panel, or within a computer case, ancing, though, is that each server retains its
designed to provide visual information as to the own identity and often keeps its own copy of
status of the computer’s hardware operations. needed resources.
legacy An application in which a company local area network (LAN) A group of com-
has already invested heavily, and which must puters and associated peripherals connected by
remain operational. Legacy applications can a communications channel capable of sharing
limit upgrades. files and other resources between several users.
letter quality (LQ) A category of dot-matrix local bus A PC bus specification that allows
printer that can print characters that look very peripherals to exchange data at a rate faster
close to the quality a laser printer might produce. than the 8 megabytes per second allowed by the
ISA (Industry Standard Architecture) and the
liquid crystal display (LCD) A display tech- 32 megabytes per second allowed by the EISA
nology common in portable computers that (Extended Industry Standard Architecture)

Glossary 615
definitions. Local bus can achieve a maximum use for the rest of that session. Users can either
data rate of 133 megabytes per second with a log on to a workgroup or to a network security
33MHz bus speed, 148 megabytes per second entity (such as the Active Directory).
with a 40MHz bus, or 267 megabytes per
second with a 50MHz bus. low-level format The process that creates
the tracks and sectors on a blank hard disk
local resources Files or folders that are or floppy disk; sometimes called the physical
physically located on the machine the user is format. Most hard disks are already low-level
sitting at are referred to as local to that user. formatted; however, floppy disks receive both a
Windows 2000 has the ability to enforce local low- and a high-level format (or logical format)
security, while Windows 9x does not. when you use the DOS or OS/2 command
FORMAT.
log file A file that details errors and warnings
generated, when they occurred, an event ID, Low Voltage Differential (LVD) A signaling
and sometimes an event description. Normally method used in SCSI communication. A low-
log files are saved in a text format on a local noise, low-power, low-amplitude method for
hard drive. high-speed data transmission.
logic board The sturdy sheet or board to LPTx ports In DOS, the device name used
which all other components on the computer to denote a parallel communications port,
are attached. These components consist of the often used with a printer. DOS supports three
CPU, underlying circuitry, expansion slots, parallel ports: LPT1, LPT2, and LPT3, and
video components, and RAM slots, just to OS/2 adds support for network ports LPT4
name a few. Also known as a motherboard or through LPT9.
planar board.
LUN (logical unit number) A unique identi-
logical drive Created within an extended fier on a SCSI bus that enables it to differentiate
partition, a logical drive is used to organize between up to eight separate devices on a single
space within the partition, which can be SCSI ID.
accessed through the use of a drive letter.
magneto-optical (MO) drives An erasable,
logical memory The way memory is organized high-capacity, removable storage device similar
so it can be accessed by an operating system. to a CD-ROM drive. Magneto-optical drives
use both magnetic and laser technology to
logical topology Topology that defines how write data to the disk and use the laser to read
the data flows in a network. that data back again. Writing data takes two
logon The process of logging on submits passes over the disk, an erase pass followed by
your username and password to the network the write pass, but reading can be done in just
and gives you the network credentials you will one pass and, as a result, is much faster.

616 Glossary
main motor A printer stepper motor that is megabit (Mbit) Usually 1,048,576 binary
used to advance the paper. digits or bits of data. Often used as equivalent
to 1 million bits.
MAN (metropolitan area network) A net-
work that is larger than a local area network megabits per second (Mbps) A measurement
but smaller than a wide area network. MANs of the amount of information moving across a
often contain multiple redundant links between network or communications link in 1 second,
physical locations to ensure connectivity. measured in multiples of 1,048,576 bits.
ManageWise Network management soft- megabyte (MB) Usually 1,048,576 bytes.

ware from Novell that manages NetWare and Megabytes are a common way of representing
Windows servers, as well as all supported computer memory or hard-disk capacity.
clients.
megahertz (MHz) One million cycles per
mapped path A logical disk drive created second. A processor’s clock speed is often
as a path to another physical computer over expressed in MHz. The original IBM PC oper-
a network. ated an 8088 running at 4.77MHz, while the
more modern Pentium processor runs at speeds
master drive The primary drive in an IDE of up to 1000MHz and higher.
master/slave configuration.
memory The primary random access
master/slave relationship A connective memory (RAM) installed in the computer. The
relationship between two devices located on an operating system copies application programs
IDE ribbon cable. One device must be set to be from disk into memory, where all program exe-
the master and one to be the slave. This process cution and data processing takes place; results
is done through jumpers located on the devices. are written back out to disk again. The amount
math coprocessor A processor that speeds of memory installed in the computer can deter-
up the floating decimal point calculations that mine the size and number of programs that
are needed in algebra and statistical calculations. it can run, as well as the size of the largest
data file.
MCA MCA is incompatible with expansion
boards that follow the earlier 16-bit AT bus memory address The exact location in
standard, physically because the boards are memory that stores a particular data item or
about 50 percent smaller and electronically as program instruction.
the bus depends on more proprietary integrated memory map The organization and alloca-
circuits. MCA was designed for multipro- tion of memory in a computer. A memory
cessing, and it also allows expansion boards map will give an indication of the amount of
to identify themselves, thus eliminating many memory used by the operating system and the
of the conflicts that arose through the use of amount remaining for use by applications.
manual settings in the original bus.

Glossary 617
memory optimization The process of performs the reverse process and demodulates
making the most possible conventional the data from the carrier signal.
memory available to run DOS programs.
modified frequency modulation (MFM)
memory refresh An electrical signal that encoding The most widely used method
keeps the data stored in memory from of storing data on a hard disk. Based on an
degrading. earlier technique known as frequency modula-
tion (FM) encoding, MFM achieves a two-fold
mesh topology Type of logical topology increase in data storage density over standard
where each device on a network is connected FM recording, but it is not as efficient a space
to every other device on the network. This saver as run-length limited encoding.
topology uses routers to search multiple paths
and determine the best path. Molex connector See standard peripheral
power connector.
Messaging Application Programming Inter-
face (MAPI) The MAPI interface is used to monitor A video output device capable of
control how Windows interacts with messaging displaying text and graphics, often in color.
applications such as e-mail programs. MAPI
makes most of the functions of e-mail trans- Monitor A Novell NetWare loadable module
parent and allows programmers to just write for monitoring the status and performance of
the application, not the whole messaging the NetWare server and network activity. Mon-
system. itor also observes memory and processor use.
MFM encoding See modified frequency monitoring The process of watching a

modulation (MFM) encoding. computer’s performance through specifically
designed software and tools. The intention of
Microsoft Diagnostics See MSD (Microsoft monitoring is to gather data and predict poten-
Diagnostics). tial problems before they occur.
Microsoft Disk Operating System See monitoring agents Software programs that
MS-DOS. assist the process of performance monitoring
by collecting and reporting data.
modem Contraction of modulator/
demodulator, a device that allows a computer monochrome monitor A monitor that can
to transmit information over a telephone line. display text and graphics in one color only. For
The modem translates between the digital sig- example, white text on a green background or
nals that the computer uses and analog signals black text on a white background.
suitable for transmission over telephone lines.
When transmitting, the modem modulates monthly rotation A backup rotation cycle in
the digital data onto a carrier signal on the which, for example, each Friday’s tape is kept
telephone line. When receiving, the modem for a month. Data errors discovered within the

618 Glossary
week could be corrected by restoring the appro- MS-DOS Acronym for Microsoft Disk Oper-
priate daily backup. Errors discovered within ating System. MS-DOS, like other operating
the month could be corrected by restoring from systems, allocates system resources (such as
a weekly backup, limiting data loss to changes hard and floppy disks, the monitor, and the
made subsequent to that backup. printer) to the applications programs that need
them. MS-DOS is a single-user, single-tasking
most significant bit (MSB) In a binary operating system, with either a command-line
number, the highest-order bit. That is, the left- interface or a shell interface.
most bit. In the binary number 10000000, the
1 is the most significant bit. MTBF (mean time between failures) A cal-
culation of the average time between computer
motherboard The main printed circuit failures. This can include hardware, software,
board in a computer that contains the central or a combination of the two.
processing unit, appropriate coprocessor and
support chips, device controllers, memory, and multimedia A computer technology that
also expansion slots to give access to the com- displays information by using a combination of
puter’s internal bus. Also known as a logic full-motion video, animation, sound, graphics,
board or system board. and text with a high degree of user interaction.
mouse A small input device with one or more multimeter Electronic device used to
buttons used for pointing or drawing. As you measure and test ohms, amperes, and volts.
move the mouse in any direction, an on-screen
mouse cursor follows the mouse movements; multimode A fiber optic transmission
all movements are relative. Once the mouse method that uses light emitting diodes as the
pointer is in the correct position on the screen, optical transmission method.
you can press one of the mouse buttons to ini- multiplexer A network device that combines
tiate an action or operation; different user multiple data streams into a single stream for
interfaces and file programs interpret mouse transmission. Multiplexers can also break out
clicks in different ways. the original data streams from a single, multi-
MSBACKUP A DOS program that allows the plexed stream.
user to make backup copies of all the programs multipurpose server A server that has
and data stored on the hard disk. This program more than one use. For example, a multi-
is menu-driven and allows the user to set up purpose server can be both a file server and
options that can be used each time you back up a print server.
the hard drive.
multistation access unit (MAU) The cen-
MSD (Microsoft System Diagnostics) Pro- tral device in a Token Ring network that pro-
gram that allows the user to examine many vides both the physical and logical connections
different aspects of a system’s hardware and to the stations.
software setup.

Glossary 619
multisync monitor A monitor designed to requesting lower-level network services to

detect and adjust to a variety of different input transmit information from node to node.
signals. By contrast, a fixed-frequency monitor
must receive a signal at one specific frequency. NetBIOS Extended User Interface See
NetBEUI.
multitasking A feature of an operating
system that allows more than one program to NetFinity Server product line created
run simultaneously. by IBM.
multithreading The ability of a program to Netstat A software utility that displays

send multiple tasks to the processor at the same protocol statistics and current TCP/IP network
time. This allows an application to execute connections.
more quickly, but it requires the support of a network A group of computers and associ-
multithreaded operating system. ated peripherals connected by a communica-
natural disaster In the context of server tions channel capable of sharing files and other
maintenance, a natural disaster is loss of data resources between several users. A network can
caused by flood, tornado, earthquake, and range from a peer-to-peer network (that con-
so on. nects a small number of users in an office or
department) to a local area network (that con-
Nbtstat Displays protocol statistics and nects many users over permanently installed
current TCP/IP connections using NetBIOS cables and dial-up lines) or to a wide area net-
over TCP/IP. work (that connects users on several different
networks spread over a wide geographic area).
near letter quality (NLQ) A category of
dot-matrix printer that can come close to the network adapter In order to access network
quality of a laser printer, but still is lacking resources, a physical connection to the network
somewhat in print quality. must be made. This is generally done through
the network adapter, which is expansion hard-
NetBEUI Abbreviation for NetBIOS ware designed to interface with the network.
Extended User Interface. A network device (Also referred to as network card.)
driver for the transport layer supplied with
Microsoft’s LAN Manager. Network Basic Input/Output System See
NetBIOS.
NetBIOS Acronym for Network Basic Input/
Output System. In networking, a layer of soft- network client software The software that
ware, originally developed in 1984 by IBM and enables a computer to communicate on the
Sytek, that links a network operating system network.
with specific network hardware. NetBIOS
provides an application program interface network interface card (NIC) In net-
(API) with a consistent set of commands for working, the PC expansion board that plugs

620 Glossary
into a personal computer or server and works by performing the functions of both server and
with the network operating system to control workstation, this type of server does neither
the flow of information over the network. The function very well. Nondedicated servers are
network interface card is connected to the net- typically used in peer-to-peer networks.
work cabling (twisted-pair, coaxial or fiber-
optic cable), which in turn connects all the nonintegrated system boards A type of
network interface cards in the network. motherboard where the various subsystems
(video, disk access, etc.) are not integrated
Network layer The third of seven layers of into the motherboard, but rather placed on
the International Organization for Standard- expansion cards that can be removed and
ization’s Open Systems Interconnection (ISO/ upgraded.
OSI) model for computer-to-computer commu-
nications. The Network layer defines protocols non-interlaced Describes a monitor in which
for data routing to ensure that the information the display is updated (refreshed) in a single
arrives at the correct destination node. pass, painting every line on the screen. Inter-
lacing takes two passes to paint the screen,
network security provider In a network painting every other line on the first pass, and
environment, it is often easier to manage the then sequentially filling in the other lines on
network by having centralized user ID and the second pass. Non-interlaced scanning,
password storage. Examples of this type of while more expensive to implement, reduces
centralized system are Windows 2000’s Active unwanted flicker and eyestrain.
Directory or NetWare’s NDS.
non-natural disasters Disastrous data loss
Newsgroup An online discussion group originating from human sources such as elec-
which shares information on a specific topic of trical fires, theft, and vandalism.
interest. Messages can be posted and replied to
on a newsgroup. NOS (Network Operating System) Soft-
ware that runs on the server and controls and
NIC See network interface card (NIC). manages the network. The NOS controls the
communication with resources and the flow of
NLMs (NetWare Loadable Modules) Soft- data across the network.
ware that enhances or provides additional
functions in a NetWare 3.x or higher server. notebook computer A small portable com-
puter, about the size of a computer book, with
node In communications, any device a flat screen and a keyboard that fold together.
attached to the network. A notebook computer is lighter and smaller
nonconductor Any material that does not than a laptop computer. Some models use flash
conduct electricity. memory rather than conventional hard disks
for program and data storage, while other
nondedicated server A computer that can models offer a range of business applications
be both a server and a workstation. In practice, in ROM. Many offer PCMCIA expansion slots

Glossary 621
for additional peripherals such as modems, fax Open Systems Interconnection (OSI)
modems, or network connections. model See OSI (Open Systems Interconnec-
tion) model.
Novell NetWare A server operating system
created by Novell. The most recent version of OpenServer OpenServer is a family of client
NetWare is version 6. and server operating systems for the Intel plat-
form based on the Unix operating system.
NTDS (NT Directory Services) Previous
versions of Windows Server used NTDS (NT operating system (OS) The software
Directory Services) to control user accounts responsible for allocating system resources,
and groups security. Windows 2000 switched including memory, processor time, disk
to Active Directory. space, and peripheral devices such as printers,
modems, and the monitor. All application pro-
NTFS The NT File System was created to grams use the operating system to gain access
provide enhanced security and performance to these system resources as they are needed.
for the Windows NT operating system, and it The operating system is the first program
has been adopted and improved upon by Win- loaded into the computer as it boots, and it
dows 2000. NTFS provides Windows 2000 remains in memory at all times thereafter.
with local file security, file auditing, compres-
sion, and encryption options. It is not compat- optical disk A disk that can be read from and
ible with Windows 9x or DOS. written to, like a fixed disk but, like a CD, is
read with a laser.
null modem A short RS-232-C cable that
connects two personal computers so that they optical drive A type of storage drive that
can communicate without the use of modems. uses a laser to read from and write to the
The cable connects the two computers’ serial storage medium.
ports, and certain lines in the cable are crossed
over so that the wires used for sending data by optical mouse A mouse that uses a special
one computer are used for receiving data by the mouse pad and a beam of laser light. The beam
other computer and vice versa. of light shines onto the mouse pad and reflects
back to a sensor in the mouse. Special small
numeric keypad A set of keys to the right lines crossing the mouse pad reflect the light
of the main part of the keyboard, used for into the sensor in different ways to signal the
numeric data entry. position of the mouse.
odd parity A technique that counts the optical scanner See scanner.
number of 1s in a binary number and, if
the number of 1s total is not an odd optical touch screen A type of touch screen
number, adds a digit to make it odd. See that uses light beams on the top and left side
also parity. and optical sensors on the bottom and right
side to detect the position of your finger when
ohm Unit of electrical resistance. you touch the screen.

622 Glossary
option disk A disk that contains the device- IP addresses are used to assess data packets and
specific configuration files for the device being then compared to a static list to grant or deny
installed into a MCA bus computer. access. Packet filtering is a method used by
firewalls.
optomechanical mouse Type of mouse that
contains a round ball that makes contact with page description language Describes the
two rollers. Each roller is connected to a wheel whole page being printed. The controller in the
that has small holes in it. The wheel rotates printer interprets these commands and turns
between the arms of a U-shaped mechanism them into laser pulses or firing print wires.
that holds a light on one arm and an optical
sensor on the other. As the wheels rotate, the page frame The special area reserved in
light flashes coming through the holes indicate upper memory that is used to swap pages of
the speed and direction of the mouse, and these memory into and out of expanded memory.
values are transmitted to the computer and the page printers Type of printer that handles
mouse control software. print jobs one page at a time instead of one line
OS/2 An early 32-bit operating system at a time.
originally designed by Microsoft and IBM in pages 16K chunks of memory used in
partnership, and then sold by IBM exclusively. expanded memory.
OSI (Open Systems Interconnection) paging The process of swapping memory
Model A protocol model, developed by the to an alternate location, such as to and from
International Organization for Standardization a page frame in expanded memory or to and
(ISO), that was intended to provide a common from a swap file.
way of describing network protocols. This
model describes a seven-layered relationship PAN (personal area network) A small net-
between the stages of communication. Not work normally focused on an individual and
every protocol maps perfectly to the OSI devices associated with him or her. Devices can
model, as there is some overlap within some include laptops, desktops, and PDAs.
the layers of some protocols.
paper pickup roller A D-shaped roller that
Overclocking A method of physically forcing rotates against the paper and pushes one sheet
a computer to perform at a faster speed then into the printer.
originally designed. Overclocking often
involves increasing voltages and clock speeds paper registration roller A roller in an EP
for processor. process printer that keeps paper movement in
sync with the EP image formation process.
packet filtering A method of controlling
traffic to a network through analyzing paper transport assembly The set of
incoming and outgoing data packets. devices that moves the paper through the

Glossary 623
printer. It consists of a motor and several rub- passive-matrix screen An LCD display
berized rollers that each perform a different mechanism that uses a transistor to control
function. every row of pixels on the screen. This is in
sharp contrast to active-matrix screens, where
parallel port An input/output port that man- each individual pixel is controlled by its own
ages information 8 bits at a time, often used to transistor.
connect a parallel printer.
password In order to identify themselves on
parallel processing A processor architecture the network, each user must provide two cre-
where a processor essentially contains two pro- dentials—a username and a password. The
cessors in one. The processor can then execute username says, “This is who I am,” and the
more than one instruction per clock cycle. password says, “And here’s proof!” Passwords
parity Parity is a simple form of error checking are case sensitive and should be kept secret
used in computers and telecommunications. from other users on the network.
Parity works by adding an additional bit to a Patch A small file created to repair or add
binary number and using it to indicate any a feature to an existing program. Patches are
changes in that number during transmission. installed and normally replace existing files
parity RAM An error-assessing method used within a program or operating system.
to analyze RAM based on adding an extra path When referring to a file on a computer’s
data bit. Parity is used to ensure the validity of hard drive, the path is used to describe where it
the data. exists within the directory structure. If a file is
partition A portion of a hard disk that the on the D drive in a folder named TEST, its path
operating system treats as a separate drive. is d:\test\.
partition table In DOS, an area of the hard PC Card A PC Card, also known as a
disk containing information on how the disk is PCMCIA card or a “credit card adapter” is a
organized. The partition table also contains peripheral device that uses the PCMCIA speci-
information that tells the computer which fication. These have the advantage of being
operating system to load; most disks will con- small, easy to use and fully plug-and-play
tain DOS, but some users may divide their hard compliant.
disk into different partitions, or areas, each PC Card slot An opening in the case of a por-
containing a different operating system. The table computer intended to receive a PC Card;
partition table indicates which of these parti- also known as a PCMCIA slot.
tions is the active partition, the partition that
should be used to start the computer. PC Card Socket Services See socket
services.
passive hub Type of hub that electrically
connects all network ports together. This type PCB See printed-circuit board (PCB).
of hub is not powered.

624 Glossary
PCONSOLE Novell NetWare version 3 used dual pipelining that allow the Pentium to
PCONSOLE to setup and manage printers on a execute more than one instruction per clock
NetWare server. cycle.
PC-DOS 1 Microsoft’s Disk Operating Pentium Pro The 32-bit Pentium Pro (also
System is generally referred to as MS-DOS. known as the P6) has a 64-bit data path between
When it was packaged with IBM’s personal the processor and cache and is capable of run-
computers, though, DOS was modified slightly ning at clock speeds up to 200MHz. Unlike the
and was called PC-DOS. Pentium, the Pentium Pro has its secondary cache
built into the CPU itself, rather than on the moth-
PCI Abbreviation for Peripheral Component erboard, meaning that it accesses cache at
Interconnect. A specification introduced by internal speed, not bus speed.
Intel that defines a local bus that allows up to
10 PCI-compliant expansion cards to be peripheral Any hardware device attached
plugged into the computer. One of these 10 to and controlled by a computer, such as a
cards must be the PCI controller card, but the monitor, keyboard, hard disk, floppy disk,
others can include a video card, network inter- CD-ROM drives, printer, mouse, tape drive,
face card, SCSI interface, or any other basic and joystick.
input/output function. The PCI controller
exchanges information with the computer’s Peripheral Component Interconnect
processor as 32- or 64-bits and allows intelli- See PCI.
gent PCI adapters to perform certain tasks con- permanent swap file A permanent swap file
currently with the main processor by using bus allows Microsoft Windows to write informa-
mastering techniques. tion to a known place on the hard disk, which
PCMCIA Abbreviation for PC Memory Card enhances performance over using conventional
International Association. Expansion cards methods with a temporary swap file. The Win-
developed for this standard are now called dows permanent swap file consists of a large
PC Cards. number of consecutive contiguous clusters; it
is often the largest single file on the hard disk,
peer-to-peer network Network where the and of course this disk space cannot be used
computers act as both workstations and servers by any other application.
and where there is no centralized administra-
tion or control. PFA (Predictive Failure Analysis) The use
of software and hardware tools to create an
Pentium The Pentium represents the evolu- objective opinion and prediction as to the life
tion of the 80486 family of microprocessors cycle of a computer component.
and adds several notable features, including
8K instruction code and data caches, built-in PGA (Pin Grid Array) A type of IC package
floating-point processor and memory manage- that consists of a grid of pins connected to a
ment unit, as well as a superscalar design and square, flat package.

Glossary 625
photosensitive drum See EP drum. is the base on which all other software sits. As
such the OS is the “platform” that applications
physical disk A disk that exists within or and utilities run on.
attached to a computer; hardware.
Plug and Play (PnP) A standard that defines
Physical layer The first and lowest of the automatic techniques designed to make PC
seven layers in the International Organization for configuration simple and straightforward.
Standardization’s Open Systems Interconnection
(ISO/OSI) model for computer-to-computer Point-to-Point Protocol (PPP) The protocol
communications. The Physical layer defines the used with dial-up connections to the Internet.
physical, electrical, mechanical, and functional Its functions include error control, security,
procedures used to connect the equipment. dynamic IP addressing, and support for mul-
tiple protocols.
physical topology How the cables on a net-
work are physically arranged. Possible config- POP See Post Office Protocol.
urations include star, ring, mesh, and hybrid
topologies. POST See power on self-test (POST).
pickup roller See paper pickup roller. Post Office Protocol v 3 (POP3) POP3 is
used to accept and store e-mail and to allow
Pin Grid Array See PGA (Pin Grid Array). users to connect to their mailbox and access
their mail. SMTP is used to send mail to the
PING Packet Internet Groper utility, a POP3 server.
command-line utility used to see if another host
on the network is reachable and responsive. PostScript A page-description language used
It works by sending out packets to another host when printing high-quality text and graphics.
on the network and waits for a reply. Desktop publishing or illustration programs
that create PostScript output can print on any
PING of death A DoS attack in which a large PostScript printer or imagesetter, because Post-
ICMP packet is sent to overflow a remote Script is hardware-independent. An interpreter
host’s buffer, which causes the remote host in the printer translates the PostScript com-
to reboot or hang. mands into commands that the printer can
plan maintenance The process of revisiting understand.
a created plan to add updates, repair known potentiometer See variable resistor.
problem areas, or adjust the listed procedures
as seen fit. power on self-test (POST) A set of diag-
nostic programs, loaded automatically from
planar board See motherboard. ROM BIOS during startup, designed to ensure
platform An operating system (OS) is the that the major system components are present
basic software that runs on a computer, and it and operating. If a problem is found, the POST

626 Glossary
software writes an error message in the screen, Standardization’s Open Systems Interconnec-
sometimes with a diagnostic code number indi- tion (ISO/OSI) model for computer-to-computer
cating the type of fault located. These POST communications. The Presentation layer defines
tests execute before any attempt is made to load the way that data is formatted, presented, con-
the operating system. verted, and encoded.
power spike A sudden and brief surge in preventative maintenance The process of
electrical current. performing various procedures on a computer
to prevent future data loss or system downtime.
power supply A part of the computer that
converts the power from a wall outlet into the primary DOS partition In DOS, a division
lower voltages, typically 5 to 12 volts DC, of the hard disk that contains important oper-
required internally in the computer. ating system files. A DOS hard disk can be
divided into two partitions, or areas: the pri-
power surge A brief but sudden increase in mary DOS partition and the extended DOS
line voltage, often destructive, usually caused partition. If you want to start your computer
by a nearby electrical appliance (such as a from the hard disk, the disk must contain an
photocopier or elevator) or when power is active primary DOS partition that includes the
reapplied after an outage. three DOS system files: MSDOS.SYS, IO.SYS,
power users A power user is someone who and COMMAND.COM. The primary DOS
either does administrative-level tasks on their partition on the first hard disk in the system is
machine or needs to have additional access to referred to as drive C. Disk partitions are dis-
the system to do their work. The Power Users played, created, and changed using the FDISK
group on a Windows 2000 Professional station command.
has abilities somewhere between normal users print consumables Products that a printer
and administrators. uses in the print process that must be replaced
preemptive multitasking A form of multi- occasionally. Examples include toner, ink, rib-
tasking where the operating system executes bons, and paper.
an application for a specific period of time, printed-circuit board (PCB) Any flat board
according to its assigned priority and need. made of plastic or fiberglass that contains chips
At that time, it is preempted and another task and other electronic components. Many PCBs
is given access to the CPU for its allocated time. are multilayer boards with several different sets
Although an application can give up control of copper traces connecting components
before its time is up, such as during input/ together.
output waits, no task is ever allowed to execute
for longer than its allotted time period. printer control assembly Large circuit
board in the printer that converts signals from
Presentation layer The sixth of seven the computer into signals for the various parts
layers of the International Organization for in the laser printer.

Glossary 627
printer ribbon A fabric strip that is impreg- Program Manager The primary interface to
nated with ink and wrapped around two spools Windows that allows you to organize and exe-
encased in a cartridge. This cartridge is used in cute numerous programs by double-clicking an
dot-matrix printers to provide the ink for the icon in a single graphical window.
print process.
programmable read-only memory (PROM)
printhead That part of a printer that creates A memory chip to which data can be written only
the printed image. In a dot-matrix printer, the once. Data is written to a PROM chip with a
printhead contains the small pins that strike the device called a PROM programmer or PROM
ribbon to create the image, and in an ink-jet burner.
printer, the printhead contains the jets used to
create the ink droplets as well as the ink reser- proprietary design A motherboard design
voirs. A laser printer creates images using an that is unique to a particular manufacturer and
electrophotographic method similar to that is not licensed to other manufacturers.
found in photocopiers and does not have a protected mode A processor operating
printhead. mode where every program’s memory is pro-
print media Another name for the mediums tected from every other program so that if one
being printed on. Examples include paper, program crashes, it doesn’t bring down the
transparencies, and labels. other programs.
product key Software piracy is a serious protocol In networking and communications,

problem in the industry, so many programs the specification that defines the procedures to
include a product key that must be typed in follow when transmitting and receiving data.
for the software to install properly. This key Protocols define the format, timing, sequence,
is then submitted if the user registers for tech- and error-checking systems used.
nical support. protocol stack In networking and commu-
productivity tools Any of a number of appli- nications, the several layers of software that
cations users depend on to do job-related tasks. define the computer-to-computer or computer-
Word processors and spreadsheets are common to-network protocol. The protocol stack on a
examples, but most companies have additional Novell NetWare system will be different from
productivity tools as well. that used on a Banyan VINES network or on
a Microsoft LAN Manager system.
Program Groups See group icons.
protocol switching A firewall method by
Program Manager Group (GRP) Files Files which the communication protocol used in the
in the Windows 3.x directories that store infor- private network is switched to another pro-
mation about which application icons are tocol in a dead zone and then switched to TCP/
contained in which group icons. IP protocol on its way to the public network.

628 Glossary
proxy servers A server that performs tasks RAID Redundant Array of Inexpensive (or
on behalf of the private network. In using a Independent) Disks. RAID refers to a system
proxy server, you are protecting the private setup that uses multiple drives and writes data
IP addresses of the internal network. Only the across all disks in a predefined order. RAID is
address of the proxy server is given out onto based on levels and data being mirrored or
the public network. striped.
PS/2 mouse interface A type of mouse RAM Acronym for random access memory.
interface that uses a round, DIN-6 connector The main system memory in a computer, used
that gets its name from the first computer it was for the operating system, application programs,
introduced on, the IBM PS/2. and data.
puck The proper name for the mouse-like RAM disk An area of memory managed by
device used with drawing tablets. a special device driver and used as a simu-
lated disk. Anything stored on a RAM disk
QSOP (Quad Small Outline Package) A will be erased when the computer is turned
type of IC package that has all leads soldered off, so the contents must be saved onto a
directly to the circuit board. Also called a real disk.
“surface mount” chip.
Rambus Inline Memory Modules (RIMMs)
Queue A temporary holding structure in A type of memory module that uses Rambus
which values can be stored until needed. memory. See Direct Rambus.
Queues are organized in such a way that
the first item received is also the first item random access memory See RAM.
addressed. Queues are used in printers.
rasterizing The process of converting signals
Quick-and-Dirty Disk Operating System from the computer into signals for the various
(QDOS) Created by Tim Patterson of Seattle assemblies in the laser printer.
Computer Products, QDOS was the basis of
MS-DOS. QDOS was purchased by Microsoft readme file a basic text document created
and renamed MS-DOS. by a product manufacturer, which contains
information on a specific product. Readme files
Rack A storage structure to which compo- often contain last minute changes and impor-
nents can be bolted for security. Typical racks tant information regarding the operation of
are 19" wide. the product.
radio frequency interference (RFI) Many read-only memory See ROM (read-only
electronic devices, including computers and memory).
peripherals, can interfere with other signals in
the radio-frequency range by producing electro- read/write head That part of a floppy- or
magnetic radiation; this is normally regulated hard-disk system that reads and writes data to
by government agencies in each country. and from a magnetic disk.

Glossary 629
real mode A processor operating mode have an individual password and user account
whereby a processor emulates an 8086 processor. for authentication.
recordable DVD An optical device that remote notification If network performance

records to Digital Video Discs. or environmental conditions exceed preset
limits, alerts can be sent by e-mail, beeper, or
Red Hat Linux A flavor of the Linux directly to the administrator’s screen.
operating system.
removable mass storage Any high-capacity
Redundancy Using more than one device storage device inserted into a drive for reading
within a computer. Should one device fail then and writing, then removed for storage and
the redundant device will take over until the safekeeping.
primary device is repaired or replaced.
removable media Any storage media that
reference disk A special disk that is bootable can be removed from the system.
and contains a program that is able to send
special commands to MCA bus devices to repeater In networking, a simple hardware
configure their parameters. device that moves all packets from one local
area network segment to another.
refresh rate In a monitor, the rate at which
the phosphors that create the image on the reserved memory In DOS, a term used to
screen are recharged. describe that area of memory between 640K
and 1MB, also known as upper memory.
registration roller See paper registration Reserved memory is used by DOS to store
roller. system and video information.
Registry The Registry is used in Windows 9x, resistor An electronic device used to resist
NT, and 2000 to store configuration informa- the flow of current in an electrical circuit. See
tion about the machine. This includes infor- also fixed resistor and variable resistor.
mation about both individual user settings and
global system settings. resistor pack A combination of multiple
resistors in a single package. Often used for
REM statement A command placed in the terminating SCSI buses.
beginning of a line in a DOS batch file to pre-
vent that line from executing. resource Anything on a network that clients
might want to access or use.
remote access Network connections from
offsite locations, through either dial-in or ded- restore The process of getting data from a
icated high-speed lines. Remote access poses backup restored to the computer it originally
special security threats. Depending on your came from.
operating system, you can set specific limits
on access. Each user logging in remotely should RFI See radio frequency interference (RFI).

630 Glossary
rheostat See variable resistor. their destination. Routers link local area net-
work segments at the network layer of the Inter-
ribbon cartridge The container that holds national Organization for Standardization’s
the printer ribbon. Open Systems Interconnect (ISO/OSI) model
ring topology Type of physical topology in for computer-to-computer communications.
which each computer connects to two other Routing Information Protocol (RIP) for
computers, joining them in a circle and creating IPX A distance-vectoring route-discovery
a unidirectional path where messages move protocol used by IPX. It uses hops and tics to
from workstation to workstation. Each entity determine the cost for a particular route. The
participating in the ring reads a message, regen- path with the fewest hops (each router involved
erates it, and then hands it to its neighbor. in a path is one hop) is used when sending data.
RJ-11/RJ-45 A commonly used modular RS-232-C In asynchronous transmissions, a
telephone connector. RJ-11 is a four- or six-pin recommended standard interface established
connector used in most connections destined by the Electrical Industries Association. The
for voice use; it is the connector used on phone standard defines the specific lines, timing, and
cords. RJ-45 is the eight-pin connector used for signal characteristics used between the com-
data transmission over twisted-pair wiring and puter and the peripheral device and uses a 25-
can be used for networking; RJ-45 is the con- pin or 9-pin DB connector. RS-232-C is used
nector used on 10Base-T Ethernet cables. for serial communications between a computer
RLL encoding See run-length limited (RLL) and a peripheral such as a printer, modem,
encoding. digitizing tablet, or mouse.
ROM (read-only memory) A type of com- RS-232 cables See serial cables.
puter memory that retains its data perma- RS-422/423/449 In asynchronous transmis-
nently, even when power is removed. Once the sions, a recommended standard interface estab-
data is written to this type of memory, it cannot lished by the Electrical Industries Association
be changed. for distances greater than 50 feet but less than
root directory In a hierarchical directory 1000 feet. The standard defines the specific
structure, the directory from which all other lines, timing, and signal characteristics used
directories must branch. The root directory is between the computer and the peripheral device.
created by the FORMAT command and can RTS Abbreviation for request to send. A
contain files as well as other directories. This hardware signal defined by the RS-232-C stan-
directory cannot be deleted. dard to request permission to transmit.
router In networking, an intelligent con- run-length limited (RLL) encoding An effi-
necting device that can send packets to the cor- cient method of storing information on a hard
rect local area network segment to take them to

Glossary 631
disk that effectively doubles the storage capacity committee. SCSI is used to connect a personal
of a disk when compared to older, less efficient computer to several peripheral devices using
methods such as modified frequency modula- just one port. Devices connected in this way are
tion encoding (MFM). said to be “daisy-chained” together, and each
device must have a unique identifier or priority
SAN (storage area network) Provides a number.
link for multiple users to a mass storage loca-
tion. Large corporations that prefer to cen- SCSI adapter Device that is used to manage
tralize their data commonly use SANs. This all the devices on the SCSI bus as well as to send
assists in data safety and backups because and retrieve data from the devices.
all the file servers can be housed in a secure
building with limited access. SANs normally SCSI address A unique address given to each
use high-speed links such as fiber optics to com- SCSI device.
municate with their storage facilities. SCSI bus Another name for the SCSI inter-
Safe Mode A Windows 9x operating mode face and communications protocol.
that only loads a basic set of drivers and a basic SCSI chain All the devices connected to a
screen resolution. It can be activated using the single SCSI adapter.
F8 key at boot time.
SCSI ID A unique number that identifies a
Sbackup A backup utility provided in Novell SCSI device on a SCSI chain. Every device on
NetWare versions 3 and 4. a SCSI chain must have a unique SCSI ID. SCSI
scanner An optical device used to digitize ID can be configured through jumpers on the
images such as line art or photographs, so that device or through a software utility.
they can be merged with text by a page-layout SCSI terminator The SCSI interface must be
or desktop publishing program or incorporated correctly terminated to prevent signals echoing
into a CAD drawing. on the bus. Many SCSI devices have built-in
screen saver Program originally designed to terminators that engage when they are needed.
prevent damage to a computer monitor from With some older SCSI devices, you have to add
being left on too long. These programs usually an external SCSI terminator that plugs into the
include moving graphics so that no one pixel is device’s SCSI connector.
left on all the time. Screen savers detect com- SCSI-1 High-speed parallel interface stan-
puter inactivity and activate after a certain dard that supports up to eight devices both
period. internal and external, and provides a generic
SCSI Acronym for small computer interface for devices such as scanners, CD-
system interface. A high-speed, system-level ROMs, and other disks. SCSI-1 had a transfer
parallel interface defined by the ANSI X3T9.2 speed of 5MBps.

632 Glossary
SCSI-2 A SCSI interface that supports server In networking, any computer that
transfer rates of up to 10MBps. Supports drives makes access to files, printing, communica-
of 3GB or more. tions, or other services available to users of the
network. In large networks, a server may run a
sector The smallest unit of storage on a disk, special network operating system; in smaller
usually 512 bytes. Sectors are grouped together installations, a server may run a personal
into clusters. computer operating system.
seek time Time it takes the actuator arm to service pack A Microsoft term for an
move from rest position to active position for operating system update distributed to repair
the read/write head to access the information. known issues as well as to update features.
Often used as a performance gauge of an indi- Novell uses the term consolidated support pack
vidual drive. The major part of a hard disk’s for its collection of patches and fixes. Sun
access time is actually seek time. Microsystems provides Patch Clusters for its
semiconductors Any material that, operating system.
depending on some condition, is either a con- server uptime A measure of the time that a
ductor or nonconductor. server has been successfully operating since its
serial cables Cables used for serial commu- last shutdown.
nications. See serial communications. service A service is any program that runs in
serial communications The transmission the background on a computer and performs
of information from computer to computer or some sort of task for that computer or other
from computer to a peripheral, one bit at a time. machines on the network.
Serial communications can be synchronous and Session layer The fifth of seven layers of the
controlled by a clock or asynchronous and International Organization for Standardiza-
coordinated by start and stop bits embedded in tion’s Open Systems Interconnection (ISO/OSI)
the data stream. model for computer-to-computer communica-
serial mouse A mouse that attaches directly tions. The Session layer coordinates communi-
to one of the computer’s serial ports. cations and maintains the session for as long as
it is needed, performing security, logging, and
serial port A computer input/output port administrative functions.
that supports serial communications in which
information is processed one bit at a time. share name The share name is used to iden-
RS-232-C is a common serial protocol used tify a network access point. Share names can be
by computers when communicating with the same as the directory they are sharing or
modems, printers, mice, and other peripherals. they can be different.
serial printer A printer that attaches to one shell Every operating system needs to have
of the computer’s serial ports. some sort of interface that allows users to

Glossary 633
navigate the system. The shell is the program slave drive The secondary drive in a IDE
that controls how this interface works. For MS- master/slave disk configuration.
DOS, the Windows Program Manager was its
most popular shell. For Windows 9x and 2000, slot A motherboard receptacle into which
Explorer (explorer.exe) is the standard shell compatible expansion cards or processors can
program. be inserted.
shielded twisted-pair See STP (shield small computer system interface See SCSI.
twisted-pair). SMART (Self-Monitoring Analysis and
single-ended (SE) A communication Reporting Technology) A drive technology
method used by SCSI devices. Most SCSI that monitors its own performance and warns
devices use normal SE signaling, which limits the operating system (and user) of possible
the maximum length of a SCSI bus to 1.5m future failure.
(4.9'). This includes most 50-pin (narrow) SCSI Smart card A plastic card (similar in size
devices such as scanners and Zip drives. to a credit card) that has memory for storing
Single Inline Memory Module (SIMM) information and possibly an embedded
Individual RAM chips are soldered or surface microprocessor. These cards are prepro-
mounted onto small narrow circuit boards grammed and can provide access to a secure
called carrier modules, which can be plugged location and also can electronically monitor
into sockets on the motherboard. These carrier access.
modules are simple to install and occupy less SMTP (Simple Mail Transfer Protocol) An
space than conventional memory modules. Application level protocol used to send
Single Inline Package (SIP) A type of semi- e-mail messages from one mail server to
conductor package where the package has a another. When you configure your e-mail
single row of connector pins on one side only. application, you have to specify the SMTP
server that your e-mail application will be
single mode A fiber optic transmission sending mail to.
method that used a laser as the light source.
SNMP (Simple Network Management
single-purpose server A server that is dedi- Protocol) A set of protocols used for col-
cated to one purpose (e.g., a file server or a lecting information about a network. SNMP
printer server). agents are network devices such as computers,
routers, and bridges that gather information
site license A software license that is valid about themselves and return the information
for all installations at a single site. to a system running an SNMP management
Slackware Slackware is a free version of program.
Linux created by Patrick Volkerding.

634 Glossary
socket services Part of the software support source All computer programs—operating
needed for PCMCIA hardware devices in a system or application—are nothing but a col-
portable computer, controlling the interface lection of program code. This is the source code
to the hardware. Socket services is the lowest or “source” that defines what a program is and
layer in the software that manages PCMCIA how it works. The open source movement is
cards. It provides a BIOS-level software inter- involved with allowing you to see and even
face to the hardware, effectively hiding the modify this code.
specific details from higher levels of software.
Socket services also detect when you insert or spin speed An indication of how fast the
remove a PCMCIA card and identify the type platters on a fixed disk are spinning.
of card it is. spindle The rod that platters are mounted on
socket A motherboard receptacle into which to in a hard disk drive.
a compatible processor can be inserted. Some spool file A file used to temporarily store
motherboard designs use slots instead, and you data for later processing (usually for printing).
need to match the chip to the motherboard. (A Also called a queue.
second meaning of socket is a Unix term for a
software object that connects an application to spooling Writing data to a queue (spool file)
a network protocol.) for later processing. This allows the computer
to continue its normal operations.
software An application program or an
operating system that a computer can execute. SPS (standby power supply) A power
Software is a broad term that can imply one or backup device that will provide battery power
many programs, and it can also refer to appli- to a computer in the event of a power failure.
cations that may actually consist of more than SPS software provides additional features. A
one program. server should be protected by an SPS to prevent
hard shutdowns.
software driver Software that acts as the
liaison between a piece of hardware and the SRAM See static RAM (SRAM).
operating system and allows the use of a
component. star topology A network design with a cen-
tral connectivity device (hub, switch, or MAU)
software patch A small program created to to which all other devices connect.
repair or update a program. Software patches
are normally installed through an executable start/stop cycle Every time power is applied
file but can also be installed manually or copied to a hard disk, the platters spin up to their set
over existing files. RPM. This process creates a cushion of air that
then lifts up the read/write heads off of the
solenoid An electromechanical device that, surface of the platter. When the power is shut
when activated, produces an instant push or down, the air cushion is lost and the heads fall
pull force. back down to rest on the platters. Every time

Glossary 635
this start/stop cycle occurs, some wear is from the paper after the toner has been trans-
applied to the platters. Normally a hard disk ferred to the paper.
will have a minimum of 30,000 to 50,000 start/
stop cycles in its lifetime. static strap See ESD wrist strap.
ST506 interface A popular hard-disk inter- stepper motor A very precise motor that can
face standard developed by Seagate Technolo- move in very small increments. Often used in
gies, first used in IBM’s PC/XT computer and printers.
still popular today, with disk capacities smaller stepping Stepping is similar to version num-
than about 40MB. ST506 has a relatively slow bers: as updates are made to chips, the version
data transfer rate of 5 megabits per second. numbers change. You’ll want to consider pro-
stack Another name for the memory map, or cessor stepping particularly when upgrading
the way memory is laid out. a single processor system to a multiprocessor
one. Mixing processor steppings does not
standard peripheral power connector always work well. One stepping (revision)
Type of connector used to power various between CPUs is acceptable.
internal drives. Also called a Molex connector.
stop bit(s) In asynchronous transmissions,
star network A network topology in the stop bits are transmitted to indicate the end
form of a star. At the center of the star is a of the current data word. Depending on the
wiring hub or concentrator, and the nodes or convention in use, one or two stop bits
workstations are arranged around the central are used.
point representing the points of the star.
STP (shield twisted-pair) Cabling that has a
start bit In asynchronous transmissions, a braided foil shield around the twisted pairs of
start bit is transmitted to indicate the beginning wire to decrease electrical interference.
of a new data word.
stylus A pen-like pointing device used in pen-
Start menu As the main focus of the Win- based systems and personal digital assistants.
dows 9x/NT/2000 user interface, the Start
menu allows program shortcuts to be placed subnet mask The subnet mask is a required
for easy and organized access. part of any TCP/IP configuration, and it is used
to define which addresses are local and which
static RAM (SRAM) A type of computer are on remote networks.
memory that retains its contents as long as
power is supplied. It does not need constant Sun Solaris A Unix-based operating envi-
refreshment like dynamic RAM chips. ronment created by Sun Microsystems.
static-charge eliminator strip The device in superscalar See parallel processing.

EP process printers that drains the static charge

636 Glossary
SuperVGA (SVGA) An enhancement to the switchbox A device that allows the user
Video Graphics Array (VGA) video standard to manually or automatically switch between
defined by the Video Electronics Standards two or more devices. An economical alterna-
Association (VESA). tive to a KVM, switchboxes work well for
monitors.
surface mount See Quad Small Outline
Package (QSOP). SYN flood A denial of service attack in which
the hacker sends a barrage of SYN packets. The
surge protector A device that protects sensi- receiving station tries to respond to each SYN
tive equipment from electrical surges or spikes request for a connection, exhausting all the
through the use of a breaker. server resources. All incoming connections are
surge suppressor Also known as a surge rejected until all current connections can be
protector. A regulating device placed between established.
the computer and the AC line connection that synchronization The timing of separate
protects the computer system from power elements or events to occur simultaneously.
surges. 1. In a multimedia presentation, synchroniza-
SVGA See SuperVGA (SVGA). tion ensures that the audio and video compo-
nents are timed correctly, so they actually make
swap file On a hard disk, a file used to store sense. 2. In computer-to-computer communi-
parts of running programs that have been cations, the hardware and must be synchro-
swapped out of memory temporarily to make nized so that file transfers can take place. 3. The
room for other running programs. A swap file process of updating files on both a portable
may be permanent, always occupying the same computer and a desktop system so that they
amount of hard disk space even though the both have the latest versions is also known as
application that created it may not be running, synchronization.
or is temporary, only created as and when
needed. synchronous DRAM A type of DRAM
memory module that uses memory chips syn-
swipe card Digitally-encoded card used to chronized to the speed of the processor.
control access to a restricted area. Access can
be granted or denied, as well as monitored. synchronous transmission In communica-
tions, a transmission method that uses a clock
switch Often referred to as an intelligent signal to regulate data flow. Synchronous
hub. The benefit of a switch over a hub is that transmissions do not use start and stop bits.
a switch will read the information coming
inbound and, based on the address located in syntax Syntax is a term used to describe the
the data header, the switch will send the infor- proper way of forming a text command for
mation out on the receiving addressed port. entry into the computer. Many commands have
This eliminates the network wide propagation a number of different options, each of which
that occurs with a hub. requires a particular format.

Glossary 637
Syscon A command line utility used to con- utility programs, as distinct from an application
trol a NetWare 3.x server, especially for user program.
administration of the Bindery (configuration,
trust, login, and account information). Systems Management Server (SMS)
Microsoft server software used to manage
system attribute Attribute of DOS that is network resources; includes wake-on-LAN
used to tell the OS that this file is needed by the capability.
OS and should not be deleted. Marks a file as
part of the operating system and will also tabs On many windows you will find that, to
protect the file from deletion. save space, a single window will have many
tabs, each of which can be selected to display
system board The sturdy sheet or board to particular information.
which all other components on the computer
are attached. These components consist of the tape cartridge A self-contained tape storage
CPU, underlying circuitry, expansion slots, module, containing tape much like that in a
video components, and RAM slots, just to video cassette. Tape cartridges are primarily
name a few. Also known as a logic board, used to back up hard disk systems.
motherboard, or planar board. tape drive Removable media drive that uses
system disk A disk that contains all the a tape cartridge that has a long polyester ribbon
files necessary to boot and start the operating coated with magnetic oxide and wrapped
system. In most computers, the hard disk around two spools with a read/ write head in
is the system disk; indeed, many modern between.
operating systems are too large to run from Tar A Unix backup utility included in the
floppy disk. operating system. (Short for Tape ARchive.)
SYSTEM.INI In Microsoft Windows, an ini- target Another name for the backup media,
tialization file that contains information on it is the destination for the data being backed
your hardware and the internal Windows oper- up. It is usually a tape drive or other backup
ating environment. device.
System Monitor A Windows 2000 utility taskbar The area of the Windows 9x/NT/
that monitors current system performance 2000 interface which includes the Start button
through the use of counters. and the System Tray, as well as icons for any
system resources On a Windows 3.x or open programs.
95/98 machine, the system resources represent TCP/IP Acronym for Transmission Control
those components of the PC that are being used Protocol/Internet Protocol. A set of computer-
(memory, CPU, etc.). to-computer communications protocols that
system software The programs that make up encompass media access, packet transport,
the operating system, along with the associated session communications, file transfer, e-mail,

638 Glossary
and terminal emulation. TCP/IP is supported terminator A device attached to the last
by a very large number of hardware and peripheral in a series or the last node on a net-
software vendors and is available on many work. A resistor is placed at both ends of a coax
different computers from PCs to mainframes. Ethernet cable to prevent signals from reflecting
and interfering with the transmission.
technical support CD A compact disc pro-
vided by a product manufacturer, which context mode A video display mode for a
tains product support, updates, and/or product video card that allows it to only display text.
patches/fixes. When running DOS programs, a video card is
in text mode.
Telnet A protocol that functions at the Appli-
cation layer of the OSI Model providing ter- thermal printer A nonimpact printer that
minal emulation capabilities. uses a thermal printhead and specially treated
paper to create an image.
temporary swap file A swap file that is cre-
ated every time it is needed. A temporary swap thick Ethernet Connecting coaxial cable
file will not consist of a single large area of con- used on an Ethernet network. The cable is 1 cm
tiguous hard disk space, but may consist of sev- (approximately 0.4") thick and can be used
eral discontinuous pieces of space. By its very to connect network nodes up to a distance of
nature, a temporary swap file does not occupy approximately 3300 feet. Thick Ethernet is
valuable hard disk space if the application that primarily used for facility-wide installations.
created it is not running. In a permanent swap Also known as 10Base5.
file the hard disk space is always reserved and is
therefore unavailable to any other application thin Ethernet Connecting coaxial cable
program. used on an Ethernet network. The cable is
5 mm (approximately 0.2") thick, and can be
terminal A monitor and keyboard attached used to connect network nodes up to a distance
to a computer (usually a mainframe), used for of approximately 1000 feet. Thin Ethernet is
data entry and display. Unlike a personal com- primarily used for office installations. Also
puter, a terminal does not have its own central known as 10Base2.
processing unit or hard disk.
thrashing A slang term for the condition that
Terminate and Stay Resident (TSR) A occurs when Windows must constantly swap
DOS program that stays loaded in memory, data between memory and hard disk. The hard
even when it is not actually running, so that disk spins continuously during this and makes a
you can invoke it very quickly to perform a lot of noise.
specific task.
threshold An attribute level that is set as
Termination The use of a resistor at the end a cut-off point between significant (critical)
of a cable to prevent signals from bouncing and nonsignificant events or conditions. These
back on the wire. Terminators are used in SCSI might include temperature, electrical current,
chains as well as coaxial cable networks. CPU load, RAM use, and free hard disk space.

Glossary 639
token passing A media access method that electrically charged ink to be fused to the paper
gives every NIC equal access to the cable. The during printing.
token is a special packet of data that is passed
from computer to computer. Any computer topology A way of laying out a network. Can
that wants to transmit has to wait until it has describe either the logical or physical layout.
the token, at which point it can add its own touch screen A special monitor that lets the
data to the token and send it on. user make choices by touching icons or graph-
Token Ring network A local area network ical buttons on the screen.
with a ring structure that uses token-passing Tower A vertical computer case design. Tower
to regulate traffic on the network and avoid style computers are the most common in use
collisions. On a Token Ring network, the con- today.
trolling computer generates a “token” that
controls the right to transmit. This token is Tower of Hanoi A complex tape backup
continuously passed from one node to the next rotation used within a carefully planned and
around the network. When a node has informa- deployed strategy. To maintain the required his-
tion to transmit, it captures the token, sets its tory of file versions, a minimum of five media
status to busy, and adds the message and the sets should be used in the weekly rotation
destination address. All other nodes continu- schedule, or eight for a daily rotation scheme.
ously read the token to determine if they are the
recipient of a message; if they are, they collect Trace Log Windows Trace Logs Monitor
the token, extract the message, and return the continuously traces server changes and actions.
token to the sender. The sender then removes This information is useful in locating the source
the message and sets the token status to free, of potential problems. If a program action is
indicating that it can be used by the next node responsible for server stress, then the Trace Log
in sequence. will help you track the program’s utilization of
server resources.
tolerance band Found on a fixed resistor,
this colored band indicates how well the Tracert Used to trace the path of a packet
resistor holds to its rated value. across a TCP/IP network.
toner Black carbon substance mixed with trackball An input device used for pointing,
polyester resins and iron oxide particles. designed as an alternative to the mouse.
During the EP printing process, toner is first
tracks The concentric circle unit of hard disk
attracted to areas that have been exposed to the
division. A disk platter is divided into these
laser in laser printers and is later deposited and
concentric circles.
melted onto the print medium.
transfer corona assembly The part of an EP
toner cartridge The replaceable cartridge in
process printer that is responsible for transferring
a laser printer or photocopier that contains the

640 Glossary
the developed image from the EP drum to the that combines the transmitting and receiving
paper. circuitry needed for asynchronous transmission
over a serial line. Asynchronous transmissions
transfer step The step in the EP print process use start and stop bits encoded in the data
where the developed toner image on the EP stream to coordinate communications rather
drum is transferred to the print media using the than the clock pulse found in synchronous
transfer corona. transmissions.
transistor Abbreviation for transfer resistor. UDP (user datagram protocol)
A semiconductor component that acts like a
switch, controlling the flow of an electric cur- User Datagram Protocol UDP (User Data-
rent. A small voltage applied at one pole con- gram Protocol) is a Transport level transmis-
trols a larger voltage on the other poles. sion protocol that is similar to TCP but it does
Transistors are incorporated into modern not provide reliable delivery of data between
microprocessors by the million. hosts.
Transmission Control Protocol/Internet Ultra DMA IDE Also known as ATA version
Protocol See TCP/IP. 4 (ATA-4), it can transfer data at 33Mbps, so it
is also commonly seen in motherboard specifi-
Transport layer The fourth of seven layers of cations as Ultra DMA/33, Ultra 66, or UDMA.
the International Organization for Standard-
ization’s Open Systems Interconnection (ISO/ Ultra 160 A SCSI 3 release, it is a parallel
OSI) model for computer-to-computer commu- interface that uses a 16-bit wide bus, LVD sig-
nications. The Transport layer defines proto- naling and termination, and has a maximum
cols for message structure and supervises the transfer speed of 160MBps.
validity of the transmission by performing
some error checking. Ultra-3 SCSI This is the latest SCSI standard.
Ultra-3, also called Ultra SCSI, supports data
Troubleshooting The methodical and sys- throughput of 20–40MBps.
tematic process of locating and repairing prob-
lems that occur. Ultra 320 SCSI Ultra 320 is the next genera-
tion of parallel SCSI interface. At one point it
TSR See Terminate and Stay Resident (TSR). was called SCSI Ultra-4. It is a 16-bit wide bus
that uses LVD signaling, LVD termination, a
twisted-pair cable Cable that comprises two Centronics 68-pin connector, and has a
insulated wires twisted together at six twists transfer speed of 320MBps.
per inch. In twisted-pair cable, one wire carries
the signal and the other is grounded. Telephone uninstall To remove a program from a
wire installed in modern buildings is often computer. This generally involves removing its
twisted-pair wiring. configuration information from the Registry,
its icons from the Start menu, and its program
UART Acronym for Universal Asynchronous code from the file system.
Receiver/Transmitter. An electronic module

Glossary 641
Universal Serial Bus See USB. the appropriate commands to the other core
components.
Unix/Linux A 32-bit, multiuser, multitasking,
portable operating system, Unix/Linux is by far user forum A website on the Internet, similar
the least expensive NOS. In many circles it is free to a chat room, where people can share infoma-
for distribution or a nominal fee is charged. Due tion on a particular topic. People can also post
to its open architecture, it can then be reengi- and reply to messages and surveys. Also see
neered to best meet your business needs. knowledge base.
UnixWare An implementation of Unix username In order to identify themselves

System 5 released by Novell. UnixWare was on the network, each user must provide two
obtained by SCO Linux from Novell in 1997. credentials—a username and a password. The
UnixWare provides interoperability with username says, “This is who I am,” and the
Novell based networks as well as being easy password says, “And here’s proof!” Each user-
to administer and install. name must be unique on the network and is
generally used by only one person.
upgrading An updating process in which old
programs, operating systems, and equipment user profiles In order to allow each user to
are replaced by new. customize their Windows experience, user pro-
files save a particular user’s desktop appear-
upper memory area See reserved ance and preferences so that when they log on,
memory area. they will always have there own desktop, even
upper memory block (UMB) Free areas of if they share the machine with others.
memory that can be used for loading drivers utility program A small program or set of
and programs into the upper memory area. small programs that support the operating
Uptime A measure of time that a system is system by providing additional services that the
running without failure. Both hardware and operating system does not provide.
software are evaluated by uptime. UTP Acronym for unshielded twisted-pair. A
USB Acronym for Universal Serial Bus. A type of unshielded network cable that contains
technology used to connect peripheral devices multiple conductors in pairs that are twisted
to a computer. Each USB channel will support around each other.
127 devices and has a total transfer rate of up vaccine An application program that
to 12Mbps. removes and destroys a computer virus. The
USER.EXE Windows core component that people who unleash computer viruses are often
allows a user to interact with Windows. It is very accomplished programmers, and they are
the component responsible for interpreting constantly creating new and novel ways of
keystrokes and mouse movements and sending causing damage to a system. The antivirus and

642 Glossary
vaccine programmers do the best they can to colors. In contrast, a digital display can only
catch up, but they must always lag behind resolve a finite range of shades or colors.
to some extent.
video adapter An expansion board that
vacuum tube Electronic component that is a plugs into the expansion bus in a DOS com-
glorified switch. A small voltage at one pole puter and provides for text and graphics output
switches a larger voltage at the other poles on to the monitor. The adapter converts the text
or off. and graphic signals into several instructions for
the display that tell it how to draw the graphic.
variable resistor A resistor that does not
have a fixed value. Typically the value is Video Graphics Array See VGA.
changed using a knob or slider.
video RAM (VRAM) Special-purpose RAM
verification In the context of backup secu- with two data paths for access, rather than just
rity, verification compares the original data one as in conventional RAM. These two paths
and the data copy on the media to ensure that let a VRAM board manage two functions at
they are the same. This feature is built into once—refreshing the display and communi-
comprehensive backup software. cating with the processor. VRAM doesn’t
require the system to complete one function
version Each time that computer software is before starting the other, so it allows faster
modified, new features are added and old prob- operation for the whole video system.
lems are, hopefully, fixed. To tell these modi-
fied programs apart, computer programmers virtual memory A memory-management
use versions. These are incremented by one technique that allows information in physical
digit (for example, from 1.0 to 2.0) for major memory to be swapped out to a hard disk. This
revisions, or by a tenth of a digit (for example, technique provides application programs with
from 2.0 to 2.1) for minor modifications. more memory space than is actually available
Higher version numbers mean newer versions. in the computer. True virtual-memory manage-
ment requires specialized hardware in the pro-
VGA Acronym for Video Graphics Array. cessor for the operating system to use; it is not
A video adapter. VGA supports previous just a question of writing information out to a
graphics standards, and provides several swap file on the hard disk at the application level.
different graphics resolutions, including
640 pixels horizontally by 480 pixels vertically. virus A program intended to damage your
A maximum of 256 colors can be displayed computer system without your knowledge or
simultaneously, chosen from a palette of permission. A virus may attach itself to another
262,114 colors. Because the VGA standard program or to the partition table or the boot
requires an analog display, it is capable of track on your hard disk. When a certain event
resolving a continuous range of gray shades or occurs, a date passes, or a specific program

Glossary 643
executes, the virus is triggered into action. Not VRM (voltage regulator module) A small
all viruses are harmful; some are just annoying. card that is used in a multiprocessor mother-
board in the empty processor slots until needed
virus protection suite Offers centralized by additional processors.
protection and updates. The real benefit of a
virus protection suite occurs when the time to wait state A clock cycle during which no
update the virus definition comes. Virus protec- instructions are executed because the processor
tion suites are updated on the server, which is waiting for data from a device or from
then monitors the rest of the network. memory.
VL bus Also known as VL local bus. Abbrevi- wake-on-LAN (WOL) Technology that
ation for the VESA local bus, a bus architecture allows an administrator to boot a machine at a
introduced by the Video Electronics Standards remote location. After the machine is working,
Association (VESA), in which up to three adapter the administrator can perform maintenance
slots are built into the motherboard. The VL bus tasks, such as backups and virus scans, during
allows for bus mastering. off hours. The network adapter maintains a
very low power state even when the computer
VLAN (virtual local area network) A log- is powered off. The NIC then looks for special
ical grouping of hosts on one or more LANs packets on the network indicating it should
that allows communication to occur between wake up the machine.
hosts as if they were on the same physical LAN
or segment. WAN (wide area network) Network that
expands LANs to include networks outside of
VLSI (Very Large Scale Integration) Tech- the local environment and also to distribute
nology used by chip manufacturers to integrate resources across distances.
the functions of several small chips into one chip.
warm boot Refers to pressing Control+Alt+
volts Unit of electrical potential. Delete to reboot the computer. This type of
VPN (virtual private network) A virtual booting doesn’t require the computer to per-
private network (VPN) is similar to a dial-in form all of the hardware and memory checks
connection in that it allows users to access their that a cold boot does.
network remotely. weekly rotation A backup rotation schedule
The VPN connection is encrypted, and that involves using a dedicated backup media
because all communication is encapsulated for each day of the week.
within the VPN protocol, users can access
network resources through the VPN that they wide area network See WAN (wide area
would otherwise be unable to see using stan- network).
dard TCP/IP connectivity.
Wide Ultra-2 SCSI This release provided
VRAM See video RAM (VRAM). LVD or HVD signaling, a 16-bit wide bus,

644 Glossary
transfer speeds of 80MBps, and LVD or HVD Windows Installer A new method Microsoft
termination; it used a Centronics 68-pin is using to allow users to customize their appli-
connector. cation installations more easily. The Windows
Installer also makes it easier for users to install
window In a graphical user interface, a approved software on secured workstations
rectangular portion of the screen that acts and can automatically repair damaged installs.
as a viewing area for application programs.
Windows can be tiled or cascaded and can Windows Internet Name Service (WINS)
be individually moved and sized on the screen. WINS provides a database for the storage and
Some programs can open multiple document retrieval of NetBIOS computer names. Each
windows inside their application window to client must register with the WINS server to be
display several word processing or spreadsheet able to be added to and query the database.
data files at the same time.
Windows NT A 32-bit multitasking portable
Windows 95 Windows 95 is a 32-bit, operating system developed by Microsoft. Win-
multitasking, multithreaded operating system dows NT is designed as a portable operating
capable of running DOS, Windows 3.1, and system, and initial versions ran on Intel 80386
Windows 95 applications; supports Plug and (or later) processors and RISC processors, such
Play (on the appropriate hardware); and adds as the MIPS R4000 and the DEC Alpha.
an enhanced FAT file system in the Virtual
FAT, which allows long filenames of up to 255 Windows Program Manager Windows 3.x
characters while also supporting the DOS 8.3 file that contains all of the program icons,
file-naming conventions. group icons, and menus used for organizing,
starting, and running programs.
Windows 98 The home PC operating system
released by Microsoft, as the successor to their WIN.INI File that contains Windows environ-
popular Windows 95 operating system. Basically mental settings that control the environment’s
the same as Windows 95, it offers a few improve- general function and appearance.
ments. For example, Windows 98 improves WINIPCFG In Windows 9x, this is the utility
upon the basic “look and feel” of Windows 95 that allows you to view your current TCP/IP
with a “browser-like” interface. It also contains configuration. It also allows a user to request
bug-fixes and can support two monitors simulta- a new IP configuration from a DHCP server.
neously. In addition to new interface features, it
includes support for new hardware, including WinNuke An attack that is effective because
Universal Serial Bus devices. of the way the Windows TCP/IP stack handles
bad data in the TCP header. Instead of
Windows 2000 Windows operating system returning an error code, or rejecting the bad
that incorporates the “look and feel” of Win- data, it sends the operating system to the blue
dows 9x with the power of Windows NT. screen of death. A security patch is available
Windows Desktop See Desktop. from Microsoft to fix this.

Glossary 645
wizard Wizards are preprogrammed utilities World Wide Web (WWW) This is the graph-
that walk the user through a particular task. ical extension of the Internet that features mil-
Each wizard generally includes a number of dif- lions of pages of information accessed though
ferent pages, each of which allows you to enter the use of the Hypertext Transfer Protocol
information or choose particular options. At (HTTP).
the finish of the wizard, the computer will then
perform the requested task based on the infor- write-protect To prevent the addition or
mation it has gathered. deletion of files on a disk or tape. Floppy disks
have write-protect notches or small write-
WLAN (wireless local area network) A protect tabs that allow files to be read from
local area network based on wireless tech- the disk, but prevent any modifications or dele-
nology. A base station sends and receives sig- tions. Certain attributes can make individual
nals from each client station, each of which has files write-protected so they can be read but not
a supported wireless transmission card. altered or erased.
word The size of a word varies from one write-protect tab The small notch or tab in
computer to another, depending on the CPU. a floppy disk that is used to write-protect it.
For computers with a 16-bit CPU, a word is 16
bits (2 bytes). On large mainframes, a word can writing step The step in the EP print process
be as long as 64 bits (8 bytes). where the items being printed are written to the
EP drum. In this step, the laser is flashed on and
workgroup A group of individuals who off as it scans across the surface of the drum.
work together and share the same files and The area that the laser shines on is discharged
databases over a local area network. Special to almost ground (−100 volts).
groupware such as Lotus Notes coordinates the
workgroup and allows users to edit drawings x86 series The general name given to the
or documents and update the database as a Intel line of IBM-compatible CPUs.
group. XGA Acronym for Extended Graphics Array.
working directory Programs that need to XGA is only available as a micro channel archi-
save temporary files or configuration data while tecture expansion board; it is not available in
they are running do so within their working ISA or EISA form. XGA supports resolution of
directory. Users can also have a working direc- 1024 horizontal pixels by 768 vertical pixels
tory to save their temporary files. with 256 colors, as well as a VGA mode of 640
pixels by 480 pixels with 65,536 colors, and
workstation 1. In networking, any personal like the 8514/A, XGA is interlaced. XGA is
computer (other than the file server) attached to optimized for use with graphical user interfaces,
the network. 2. A high-performance computer and instead of being very good at drawing lines,
optimized for applications such as computer- it is a bit-block transfer device designed to
aided design, computer-aided engineering, or move blocks of bits like windows or dialog
scientific applications. boxes.

646 Glossary
yearly rotation The yearly rotation builds zero wait state Describes a computer that
on the monthly rotation. Along with having can process information without wait states.
daily tapes for each weekday and weekly tapes A wait state is a clock cycle during which no
for each Friday, you also keep the last tape instructions are executed because the processor
from each month for a year. This allows you to is waiting for data from a device or from
go back daily for a week, weekly for a month, memory.
or monthly for a year.
ZIF socket Abbreviation for Zero Insertion
Z.E.N.works A family of directory-enabled Force socket. A specially designed chip socket
system management products from Novell. which makes replacing a chip easier and safer.
Z.E.N.works supports Windows and NetWare
clients. Zip A portable magnetic backup device cre-
ated by the Iomega company. Zip drives hold
zero insertion force (ZIF) A type of pro- large amounts of data (tens of gigabytes on one
cessor socket where you don’t have to “snap” cartridge), the replacement cost of the media is
the chip into the socket. Rather, you simply reasonable, and in general the media are
set the chip into the ZIF socket and push a bar reliable.
down to secure it.

Sybex CompTia Server Study Guide 2nd Edition

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Sybex CompTia Server Study Guide 2nd Edition

Uploaded by

Copyright:

Available Formats

Using Your Sybex Electronic Book

Search To search, click the Search Query button on the toolbar

Use the Search Next button (Control+U) and Search

Click here to begin using

San Francisco • London

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

First Edition copyright © 2001 SYBEX Inc.

Library of Congress Card Number: 2001099339

Manufactured in the United States of America

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

Good luck in pursuit of your Server+ certification!

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

To Kara and Abbie.

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

To the talented staff who assisted us in this undertaking: Liz Burke,

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

This is an example of how a warning will be presented within a chapter.

Chapters end with several important elements. These include a chapter

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

What Is Server+ Certification?

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

18 and 24 months of experience in the server technology industry, as well as

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

Why Become Server+ Certified?

Provides Proof of Professional Achievement

Increases Your Marketability

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

Provides Opportunity for Advancement

Fulfills Training Requirements

Raises Customer Confidence

How to Become Server+ Certified

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

Who Should Buy This Book?

How to Use This Book and the CD

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

Chapter Review Questions To test your knowledge as you progress

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

Server+ Exam Blueprint

1.0 Installation (17%)

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

Verify SCSI ID configuration and termination

2.0 Configuration (18%)

3.0 Upgrading (12%)

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

Perform OS upgrade to support multiprocessors

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

Verify that server and OS recognize the added memory

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

4.0 Proactive Maintenance (9%)

5.0 Environment (5%)

6.0 Troubleshooting and Problem Determination (27%)

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

Use senses to observe problem (e.g., smell of smoke, observation of

7.0 Disaster Recovery (12%)

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

Tips for Taking the Server+ Exam

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

Read the questions carefully. Numerous questions are written with

Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com

posted. I would recommend not using these exam information websites

About the Authors