Training
Certifications
Books
Special Offers
Community




 
MCSE Training Kit (Exam 70-226): Designing Highly Available Web Solutions with Microsoft® Windows® 2000 Server Technologies
Author Microsoft Corporation
Pages 544
Disk 2 Companion CD(s)
Level All Levels
Published 10/03/2001
ISBN 9780735614253
ISBN-10 0-7356-1425-3
Price(USD) $59.99
To see this book's discounted price, select a reseller below.
 

More Information

About the Book
Table of Contents
Sample Chapter
Index
Related Series
Related Books
About the Author

Support: Book & CD

Rate this book
Barnes Noble Amazon Quantum Books

 

Index


A
access control list (ACL), 279, 341
access process
   example of, 356
   IIS permissions and, 352, 355, 455-56
   NTFS permissions and, 353-54, 355
   overview of, 349-51
   troubleshooting, 358
ACL (access control list), 279, 341
active/active server cluster configuration, 136-40
Active Directory service, 275-99
   bridgehead servers, 284
   decision factors related to, 291-92
   defining a site structure, 286-87, 291
   DNS integration with, 66-67, 69, 70, 276-77
   example of using, 292-93
   global catalog servers, 290
   guidelines for working with, 292
   intersite replication strategy, 288-90
   lab exercises on, 295-98, 445-48
   logical structure, 278-80
   multimaster operations, 283
   objects, 277-78
   operations masters, 290-91
   overview of, 276-77
   physical structure, 280-82, 286-90
   placing domain controllers, 287-88
   planning process, 286-92
   reducing data failures with, 21-22
   replication, 282-84, 288-90
   review questions on, 299, 448-49
   schema, 277-78
   single–master operations, 283
active hubs, 27
active/passive server cluster configuration, 134-36, 140, 141
Active Server Pages (ASP), 158, 236, 305, 306, 351
ActiveX Data Objects (ADO), 190, 315
Add Item operation, 250, 445
Address Resolution Protocol (ARP), 175
administrative partitioning, 221
administrative passwords, 408
ADO (ActiveX Data Objects), 190, 315
Advanced Streaming Format, 165
alerts, processor, 396
allow permissions, 355
Anonymous access, 331, 342-43, 346, 456, 460
API. See application programming interface (API)
APIPA (Automatic Private IP Addressing), 52
Application Center, 187-227
   architecture of, 196-98
   benefits provided by, 191
   CLB clusters and, 213-23
   clustering scenarios, 198-201
   cluster types, 206, 437
   decision factors related to, 209
   example of cluster deployment, 210-11
   explanation of, 189
   features of, 191-92
   guidelines for planning clusters, 209-10
   identifying cluster components in, 212
   IP address determinations, 204-5
   lab exercises on, 224-26, 437-39
   load balancing and, 192-94, 206-8
   monitoring data in, 195-96
   overview of, 190-92
   planning process for, 202-9
   Resource Kit for, 207
   review questions on, 227, 440-41
   server configuration issues, 202-4
   session state maintenance, 208
   synchronization and deployment by, 194-95
   Web platform components and, 189-92
application failures, 21
application filtering, 368
application programming interface (API), 387
applications. See also software
   cluster–aware and cluster–unaware, 124
   COM+ components as, 214
   defined in Application Center, 195
   deploying, 307-10, 311, 313
   distributed, 301-37
   NLB clusters and, 164-65, 168
   running on server clusters, 123, 128, 137-39
   server–based, 124-25
   testing and staging, 194
   Web–based, 189-92, 301-37
application services, 190
application–specific technologies, 305
application state data, 159-60
architecture
   Application Center, 196-98
   Cluster service, 118-21
   management system, 12
   NLB, 158-60
   n–tier business Web site, 9-11, 420
   server cluster, 118-21
ARP (Address Resolution Protocol), 175
ASP (Active Server Pages), 158, 236, 305, 306, 351
attributes, 277
auditing, 397-404
   considerations for, 402
   example of, 402-3
   lab exercise on, 412, 414-15, 463-64
   logging site activity, 400-401
   review questions on, 416, 464
   setting up, 398-400
   Windows 2000 security events, 397-400
authentication, 341-48
   access process and, 351
   Anonymous access, 342-43, 346
   Basic, 330-31, 343, 346
   client certificate mapping, 344-46, 347
   custom schemes for, 351
   decision factors for, 346-47
   definition of, 341
   Digest, 344, 347
   example of, 347-48
   Integrated Windows, 331, 343-44, 346
   lab exercise on, 376-77, 456-57
   Outlook Web Access, 330-31, 454
   overview of, 341-42
   site facilitation of, 281, 286
authorization, 349-57
   access process and, 349-51
   decision factors for, 355
   definition of, 349
   example of, 356
   IIS permissions and, 352, 355
   lab exercise on, 377, 458
   NTFS permissions and, 353-54, 355
automatic failover, 116-17
Automatic Private IP Addressing (APIPA), 52
availability, 4-5, 419
   Application Center and, 192
   architectural goals and, 8
   capacity planning and, 238
   causes of downtime and, 16-18
   checklist for monitoring, 17-18
   metrics for calculating, 13-15
   rule of 9s and, 15
   strategies for ensuring, 19-23

B
back–end networks, 47
back–end systems, 10-11
back–to–back firewalls, 370-72, 373, 458-59
backups
   data failures and, 21
   DHCP database, 57, 59
   disaster recovery and, 406-7
backup servers, 32
Backup utility, 406-7
bandwidth
   calculating costs of, 250-51, 254
   client–side capacity and, 233-34
   determining requirements for, 260, 265, 272, 444
   download time and, 235
   monitoring usage of, 17
   server–side capacity and, 235-36
   Web site traffic and, 232
Basic authentication, 330-31, 343, 346, 456
batch/output management, 7
bathtub curve, 13-14
BOOTP/DHCP relay agents, 55
Bootstrap Protocol (BOOTP), 50
bottlenecks, 262-63
bridgehead servers, 284
businesses, Web computing model for, 7-12
Business Logic layer, 190, 304

C
cable maintenance, 87-88, 89
cache performance, 247, 390
calculating
   availability, 13-15
   downtime, 14-15
   user costs, 240-52
capacity planning, 229-73
   analyzing typical users, 242-43
   availability considerations, 20, 238
   calculating user costs, 240-52
   conceptual basis for, 240
   CPU usage calculations, 243-46, 253, 271, 441
   decision factors in, 264-65
   defining site topology, 260-62, 265
   determining purpose and type of site, 255, 265
   disk usage calculations, 248-49
   example of, 266-67
   finding potential bottlenecks, 262-63, 265
   guidelines for, 265-66
   hardware requirements, 257-59, 265
   identifying the user base, 255-57, 265, 269-71
   lab exercises on, 268-72, 442-44
   memory usage calculations, 246-48
   network bandwidth calculations, 250-51, 254, 260, 272
   NLB requirements, 167, 169
   overview of, 229, 231
   performance considerations, 236-37
   review questions on, 273, 444-45
   scalability considerations, 238, 264
   server cluster requirements, 128, 129
   traffic considerations, 231-36
   upgrading Web sites, 263-64, 265
Carrier Sense Multiple Access with Collision Detection (CSMA/CD), 251
CAs (Certification Authorities), 345
cascading failover, 117
case studies, xiii-xiv
central processing unit. See CPU
certificate mapping, 344-46, 347, 457
Certification Authorities (CAs), 345
CGI (Common Gateway Interface) applications, 236, 305, 392
change and configuration management, 6
CIM (Common Information Model), 387
circuit filtering, 368
Cisco Systems
   DistributedDirector, 45
   LocalDirector, 34, 35, 151
Class C affinity, 158, 436
classes, 278
CLB. See Component Load Balancing
cleanliness issues, 86
client affinity, 157-58
client certificate mapping, 344-46, 347, 457
clients, 10
   capacity of, 233-34
   proxy, 71-72
   reserving IP addresses for, 54-55
   rich vs. thin, 190
climate control failures, 21
cluster adapter, 160, 173
Cluster Administrator, 110, 112
Cluster API, 112
cluster automation server, 112
cluster–aware COM+ components, 216
cluster–aware/unaware applications, 124
cluster database, 112
clustered disk, 114
clustering
   Application Center scenarios for, 198-201
   characteristics of, 34-35
   DHCP servers, 57-58, 59-60
   failover, 5, 21-22, 116-17, 320
   load balancing and, 35-36
   software used for, 110
cluster objects, 112-18
Cluster service, 21, 107-46. See also server clusters
   architecture of, 118-21
   components of, 111-12
   configuration planning and, 122-31
   description of, 109
   DHCP servers and, 57-58
   Exchange 2000 Server and, 329-30
   lab exercises on, 143-45, 431-33
   objects managed by, 112-18
   overview of, 107-8
   resource groups and, 114-18, 124-27, 129, 132
   review questions on, 146, 433
   server cluster models and, 133-42
cluster sharing, 221
cluster size, 165-67
cluster traffic distribution, 173-75
cluster types, 206, 209, 437
collisions, network, 251
COM (Component Object Model), 190, 213-14, 302
COM+ application clusters, 200-201, 206
   deploying, 309-10, 311
   designing, 226, 439
   firewall protection for, 220, 373, 374
COM+ components, 214
COM+ object activation, 213
COM+ routing clusters, 206, 225, 438
COM+ services, 214
Commerce Server, 21
Common Gateway Interface (CGI) applications, 236, 305, 392
Common Information Model (CIM), 387
complex hybrid server cluster configuration, 139-40
Component Load Balancing (CLB), 187, 213-23. See also load balancing and clustering
   cluster–aware COM+ components, 216
   COM+ application cluster, 216
   COM services and component interface, 213-14
   example of, 222-23
   guidelines for using, 221-22
   how it works, 214-16
   implementing, 221
   locating information about, vii
   overview of, 213
   response timetable, 216
   routing list, 215-16
   software, 215
   when to use, 193, 217-20, 221-22, 440
Component Object Model (COM), 190, 213-14, 302
components, redundant, 27-29
computer names, 408
configuration management, 6
conflicts, permission, 355
connection speed, 234
controllers
   IP addresses for, 204
   redundancy of, 194
convergence, 155-58
cooling system, 85, 89
cost calculations. See also user costs
   cost per user, 242-51, 441-42
   CPU usage costs, 243-46, 253
   network bandwidth costs, 250-51, 254
   operational parameters, 241-42
   overview of, 240-42
   site links, 289, 290
   storage systems, 258-59
   typical user profile, 242-43
CPU (central processing unit), 84, 88
   calculating usage costs for, 243-45, 253, 441, 442-43
   determining requirements for, 257-58, 271, 443-44
   improving efficiency of, 245-46
CSMA/CD. See Carrier Sense Multiple Access with Collision Detection (CSMA/CD)

D
DACL (Discretionary Access Control List), 353
database management system (DBMS), 318
databases
   accessing via the Web, 314-21
   application integration guidelines, 322-23
   example of distributed, 323-24
   failover clustering on, 320
   log shipping implemented on, 320-21
   managing data files on, 318
   optimizing connections to, 317
   partitioning data on, 318-20
   permissions for, 316-17
   scaling out, 318-21
   server requirements for, 259
   stored procedures used on, 318
   Web integration strategy for, 314-24
data–dependent routing, 319
data failures, 21-22
data files, 318
data filtering, 367-68
Data layer, 304
data network cost, 251
data redundancy, 91
data services, 190
DBMS (database management system), 318
default host, 161
deny permissions, 355
dependency tree, 118, 126
dependent resources, 118, 126
deployment options, 191, 194-95, 307-10, 311, 313, 449
DHCP (Dynamic Host Configuration Protocol), 25, 50-61
   backing up the DHCP database, 57, 59
   BOOTP/DHCP relay agents, 55
   clustering DHCP servers, 57-60
   configuration example, 59-60
   designing a DHCP structure, 58-59
   fault–tolerant configurations, 55-58
   lease process, 51-53
   overview of, 50
   scopes, 53-57, 59
DHCPACK message, 52
DHCPDISCOVER message, 51
DHCPNACK message, 52
DHCPOFFER message, 51-52
DHCPREQUEST message, 52
DHTML (dynamic HTML), 190
Digest authentication, 344, 347, 456
digital certificates, 344-45
direct dependency, 126
directory services. See Active Directory service
disaster recovery, 405-11
   backing up data, 406-7
   considerations for implementing, 410
   documenting recovery procedures, 409
   example of, 410-11
   maintaining system information, 407-8
   preparing recovery systems, 405-7
   review questions on, 416-17, 464-65
   testing recovery systems, 409
   testing system components, 408
Discretionary Access Control List (DACL), 353
disk controllers, 85, 89
disk defragmentation, 203
disk duplexing, 93
disk fault tolerance, 91-98
   hardware implementations of RAID, 95-96
   software implementations of RAID, 91-95
   storage area networks, 96-98
disk system
   calculating usage costs for, 248-49
   determining requirements for, 259
distributed applications, 301-37
   components supportive of, 303-7
   databases as, 314-24
   deploying, 307-10, 311, 313, 449
   examples of, 311-12, 323-24
   Exchange 2000 Server and, 326-33, 453-54
   failover clustering for, 449-50
   IIS and, 306-7, 450-51
   lab exercises on, 334-36, 450-54
   model of, 303-4
   Outlook Web Access service, 326-33
   overview of, 301-2
   review questions on, 337, 454-55
   SQL Server and, 335-36, 451-53
   strategies for integrating, 310
DistributedDirector (Cisco Systems), 45
distributed partitioned view, 318-19
DLLs (dynamic–link libraries), 109, 214, 236
DNS (Domain Name System), 25, 62-73
   Active Directory integration with, 66-67, 69, 70, 276-77
   attack protection, 368
   explained, 62
   hierarchy, 62-63
   Internet and, 63, 67-69
   namespaces, 67-69, 70-72
   replication, 65-66
   resource records, 63-64
   round robin, 33-34, 166, 172
   structure, 62-65
   zones, 64-65
documenting recovery systems, 409
domain controllers
   Active Directory, 281-82, 287-88, 291
   configuration planning for, 103-4
   lab exercise on placing, 297, 446
   operations masters and, 291
domain models, 124, 129
domain namespaces, 62
   configuring, 70-72
   lab exercise on designing, 77
   planning, 67-69
   proxy clients and, 71-72
   strategy for using, 70
Domain Name System. See DNS
domain naming master, 283, 290
domains
   Active Directory, 278-79
   maintaining information about, 408
domain segments, 43-44
download time, 235
downtime
   calculating, 14-15
   causes of, 16-17
Dynamic Host Configuration Protocol. See DHCP
dynamic HTML (DHTML), 190
dynamic–link libraries (DLLs), 109, 214, 236

E
ECC (error correcting codes), 16-17, 84
EFS (Encrypting File System), 363-64, 457
electrical power failures, 22
Emergency Repair Disks (ERDs), 406, 411
Encrypting File System (EFS), 363-64, 457
encryption, 359-66, 457
   choosing a method of, 364-65
   definition of, 359
   EFS, 363-64
   example of, 365
   IPSec, 362-63, 364
   SSL, 331, 359-61, 364
   TLS, 362
Enterprise Resource Planning (ERP), 107
Enterprise Services frameworks, 20
environmental concerns, 85-88, 89
environmental failures, 17
ERDs (Emergency Repair Disks), 406, 411
error correcting codes (ECC), 16-17, 84
error detection and correction, 84
events
   managing, 7
   monitoring, 196, 387-88
   security, 397
Event Viewer, 387-88, 397-98, 463
Exchange 2000 Server, 326-33
   designing a topology, 328-29
   ensuring system availability, 329-30
   example of using, 332
   integrating into Web sites, 336, 453-54
   planning authentication, 330-31
exclusion lists, 71-72
executable permissions, 352
exercises, topical. See lab exercises
exponential failure distribution, 7
external namespace, 67-69, 70
   configuring, 70-71

F
failback process, 117-18, 127
failover clustering, 5, 21-22, 116-17
   components used in, 320
   determining policies for, 127, 129, 145, 432-33
   log shipping vs., 321
   setting up, 449-50
   standard Web cluster and, 199
   types of, 320
Failover Manager, 117
failover timing, 127
failure, 5, 419
   reducing the probability of, 20-23
   types and causes of, 16-17
Failure Audit event, 398
fault tolerance, 6, 82-100, 419
   data storage systems and, 91-100
   decision factors for, 88-89, 98-99
   DHCP configurations and, 55-58
   environmental concerns and, 85-88
   example of configuration for, 89-90
   explanation of, 82
   lab exercises on, 101-4
   NLB process and, 167-68, 169
   RAID systems and, 91-96
   redundant components and, 82-85
   review questions on, 105
   SANs and, 96-98
   server clusters and, 127-28, 129
   strategies for implementing, 88-89, 98-99
Feature Set layer, Application Center, 198
Fiber Distributed Data Interface (FDDI), 160
Fibre Channel SANs, 23, 96
file encryption key (FEK), 364
file servers
   lab exercise on configuration planning, 101-3, 426-27
   RAID configurations for, 101-3
File System Cache, 247, 389
File Transfer Protocol (FTP), 150, 368
financial issues, 240-52. See also user costs
   calculating cost per user, 242-51
   CPU usage costs, 243-46, 253
   network bandwidth costs, 250-51, 254
   overview of calculating costs, 240-42
   profiling the typical user, 242-43
   storage systems, 258-59
firewalls, 367-74
   back–to–back, 370-73
   COM+ clusters behind, 220, 373, 374
   data filtering by, 367-68
   decision factors for, 372-73
   definition of, 367
   example of, 373, 374
   lab exercise on, 378, 458-59
   NAT, 368
   overview of, 367
   perimeter networks, 369-72, 373
   proxy servers, 369
   secure zones and, 11
   single, 369-70, 373
fixed disk requirements, 203
forests, Active Directory, 280
front–end networks, 45-47
front–end systems, 10
FTP (File Transfer Protocol), 150, 368
fully qualified domain name (FQDN), 62

G
GARP Multicast Registration Protocol (GMRP), 174-75
General/Web clusters, 206, 225, 440, 441
Generic Attribute Registration Protocol (GARP), 174
Generic Routing Encapsulation (GRE) traffic, 175
geographic load balancer, 30-31
global catalog servers, 282, 290, 292, 298, 447-48
grouping resources. See resource groups
Group Policy snap–in, 398, 463

H
hardware
   failure of, 16-17, 23
   homogenous, 203-4
   maintaining information about, 408
   RAID system, 95-96, 98, 127, 168
   requirements for, 257-59, 265
Hardware Compatibility List (HCL), 20
health monitoring, 196
heartbeat LAN, 45, 156
homogenous hardware, 203-4
host bits, 41-42
host IDs, 40, 42
host priorities, 161
hot standby systems, 32
HTML (Hypertext Markup Language), 190, 327
HTTP (Hypertext Transfer Protocol), 18, 327, 342
HTTP Monitoring Tool, 384
HTTPS (Hypertext Transfer Protocol Secure), 359
hubs, 27
humidity issues, 86

I
IIS. See Internet Information Services
IKE (Internet Key Exchange) protocol, 363
IMAP (Internet Message Access Protocol), 326
indirect dependency, 126
INETINFO.EXE process, 246-47
infrastructure master, 283, 290, 291
infrastructure of networks. See network infrastructure
instances, 320
integrated NLB, 192-93
Integrated Windows authentication, 331, 343-44, 346, 456
internal namespace, 67-72
Internet
   DNS domain names and, 63
   internal and external namespaces on, 67-69
Internet Control Message Protocol (ICMP), 175, 362
Internet Engineering Task Force (IETF) standard, 362
Internet Group Management Protocol (IGMP), 174
Internet Information Services (IIS), 152
   accessing resources through, 349-51, 455-56
   authentication models, 341-48, 351
   designing an IIS application structure, 335, 450-51
   distributed applications and, 306-7
   management responsibilities of, 326
   pageable user–mode process, 246-47
   performance tests, 236-37
   planning IIS permissions, 352, 355
   using IIS site logging, 400-401, 402, 461
Internet Key Exchange (IKE) protocol, 363
Internet Message Access Protocol (IMAP), 326
Internet Protocol (IP), 391
Internet Protocol Security (IPSec), 362-63, 364, 457, 460
Internet Security and Acceleration (ISA) Server, 367, 368
Internet Server Application Programming Interface (ISAPI), 236, 247, 305, 351, 392
Internet Service Providers (ISPs), 30
intersite replication, 288-90, 291, 297-98, 446-47
intervals, replication, 289, 290
IP addresses, 39
   access control process and, 350-51
   determining in Application Center, 204-5, 209
   leasing, 51-53
   maintaining information about, 408
   network and host IDs, 39-40
   NLB process and, 160-61, 175
   subnetted, 40-41, 43, 204-5
ipconfig
   /all command, 55
   /release command, 51
IPSec (Internet Protocol Security), 362-63, 364, 457, 460
ISAPI (Internet Server Application Programming Interface), 236, 247, 305, 351, 392
ISA Server, 367, 368
ISPs (Internet Service Providers), 30

K
Kerberos authentication, 317, 331, 363
Knowledge Consistency Checker (KCC), 288

L
lab exercises. See also review questions
   on Active Directory, 295-98, 445-48
   on Application Center clusters, 224-26, 437-39
   on auditing strategies, 412, 414-15
   on authentication and encryption, 376-77, 456-57
   on authorization strategies, 377, 458
   on capacity planning, 268-72, 442-44
   on Cluster service, 143-45, 431-33
   on distributed applications, 334-36, 450-54
   on firewalls, 378, 458-59
   on monitoring strategies, 412-14, 462
   on namespace design, 77, 424-25
   on network infrastructure, 74-77, 421-25
   on NLB, 184-85, 434-35
   on network topology, 75-76, 421-22
   on RAID configurations, 101-4, 426-29
   on security issues, 375-78, 456-59
   on server clusters, 143-45, 431-33
   on server configurations, 101-4, 426-29
   on subnetting a TCP/IP network, 76-77, 422-23
LANs (local area networks), 30, 281
   heartbeat, 45, 156
latency, 241
lease process, DHCP, 51-53
Lightweight Directory Access Protocol (LDAP), 277
links, site, 288-90
load–balanced adapter, 203
load balancing and clustering, 32-36. See also Component Load Balancing (CLB); Network Load Balancing (NLB)
   Application Center options for, 191, 192-94, 206-8, 209
   load–balancing switches, 34, 151
   round–robin DNS, 33-34
   Windows 2000 clustering, 34-36
local administration, 192
local area networks. See LANs
LocalDirector (Cisco Systems), 34, 35, 151
log file formats, 401
logical structure, Active Directory, 278-80
logical unit numbers (LUNs), 114
logon, anonymous, 316
LogonUser() API, 343
log shipping
   failover clustering vs., 321
   implementing on distributed databases, 320-21
   strategies for configuring, 321
   to a warm backup server, 21

M
MAC address, 173-74, 176-77
maintenance
   cable, 87-88, 89
   session state, 159-60, 208, 209
manageability, 6-7, 419
   Application Center and, 191
   COM+ clusters and, 220, 221
management networks, 45, 47
management systems
   architectural elements of, 12
   operational procedures and, 20
management–traffic adapter, 203
managing
   data files on databases, 318
   performance, 6, 217-19, 236-37
   resources, 109-10, 118
many–to–one certificate mapping, 346
MaskSourceMAC feature, 176
mean time to failure (MTTF), 13-15, 420
mean time to recovery (MTTR), 13-15, 420
Media Access Control (MAC) address, 173-74, 176-77
megacycles (MC), 244
member IP address, 204
member scopes, 54
memory
   backup, 88
   calculating usage costs for, 246-48
   determining requirements for, 258
   fault–tolerant, 84, 88
   monitoring, 388-90, 393, 462
   server, 202
memory pools, 389
Microsoft Application Center. See Application Center
Microsoft Certified Technical Education Centers (CTECs), xvi
Microsoft Data Access Components (MDAC), 22
Microsoft IIS log file format, 401
Microsoft Internet Security and Acceleration (ISA) Server, 367
Microsoft Management Console (MMC), 191, 384
Microsoft Message Queue Server (MSMQ), 190
Microsoft Professional Exam 70–226, vi, vii
Microsoft Proxy Server, 369
Microsoft Transaction Server (MTS), 190
middle–tier technologies, 305
mirrored volumes (RAID–1), 92
   decision factors for implementing, 99
   striped volumes with parity compared to, 94-95
mirroring, 6
monitoring, 383-96
   availability, 17-18
   bandwidth usage, 17
   data in Application Center, 192, 195-96
   decision factors for, 393-94
   example of, 394-95
   lab exercise on, 412-14, 462
   memory, 388-90, 393, 462
   network I/O data, 391-92, 462
   processor activity, 390-91, 393, 394-95, 462
   review questions on, 416, 464
   security overhead, 392
   tools used for, 383-88
   Web applications, 392-93, 394, 462
motherboard, 84, 88
MTTF (mean time to failure), 13-15, 420
MTTR (mean time to recovery), 13-15, 420
multicast mode of NLB, 174-75, 435
   multiple network adapters in, 180-81
   single network adapter in, 180
multihoming, 83
multilayer switches, 28
multimaster replication, 66-67, 283
multiple network adapters
   in NLB multicast mode, 180-81
   in NLB unicast mode, 179-80
multiple proxy servers, 160
multiple sites, 30-31
multiserver environment, 328, 454
multitiered networks, 44

N
N+1 failover, 117
named pipe, 316-17
name exclusion list, 68
name resolution structure, 62-73
namespaces
   example of configuring, 70-72
   internal and external, 67-69
   lab exercise on designing, 77, 424-25
   proxy clients and, 71-72
   strategy for using, 70
NAT (Network Address Translation), 363, 368
native–mode domain, 282
NCSA Common log file format, 401
NetBIOS, 204
NetStat tool, 384
network adapters, 203, 245-46
Network Address Translation (NAT), 363, 368
network availability, 17
Network Driver Interface Specification (NDIS), 159
network failures, 17, 22
network hardware switches, 176-78
network IDs, 39-40, 42-43
network infrastructure, 25-79
   DHCP server environment, 50-61
   lab exercises on, 74-77, 421-25
   locating information about, viii
   name resolution structure, 62-73
   overview of, 25
   redundancy in network topology, 27-38, 49
   review questions on, 78-79, 425-26
   subnet addressing structure, 39-48
network interface cards (NICs), 27
   firewalls configured with, 369
   redundant, 83-84, 88
network interfaces, 113
network I/O data, 391-92, 393, 462
Network Load Balancing (NLB), 35-36, 107-8, 147-86. See also load balancing and clustering
   affinity settings for, 192-93
   algorithm for, 154
   Application Center option for, 207, 440
   application state data and, 159-60
   architecture of, 158-60
   benefits of, 151-52
   capacity requirements, 167, 169
   client affinity process, 157-58
   cluster traffic distribution, 173-75
   convergence process, 155-58
   decision factors for, 168-69
   determining application use, 164-65, 168
   examples of, 169-70, 182-83
   Exchange 2000 Server and, 329, 330
   fault–tolerant disks and, 167-68, 169
   guidelines for, 169
   host priorities and, 161
   how it works, 152-54, 435
   integrated, 192-93
   IP addresses and, 160-61
   lab exercises on, 184-85, 434-35
   methods for implementing, 150-51
   models for configuring, 165, 169, 173-83, 435
   multiple servers and, 149-51
   network hardware switches used with, 176-78
   network risks and, 163-64, 168
   overview of, 147, 149
   planning NLB clusters, 163-69, 184-85
   port rules and, 161
   review questions on, 186, 435-36
   round–robin DNS and, 166, 172
   sizing NLB clusters, 165-67, 169
Network Monitor, 384
Network News Transfer Protocol (NNTP), 326
networks
   back–end, 47
   calculating bandwidth costs for, 250-51, 254
   determining bandwidth requirements for, 260, 265, 272
   front–end, 45-47
   identifying risks on, 122-23, 128, 163-64, 168
   management, 45, 47
   perimeter, 369-72, 373
   secure, 43, 47, 339-80
   segmenting into subnets, 43-47
   server clusters and, 113
network topology, 27-38
   adding redundancy to, 49
   component redundancy, 27-29
   examples of, 37-38, 46
   Exchange Server, 328-29
   lab exercise on, 75-76, 421-22
   path redundancy, 30-31
   perimeter network, 369-72, 373
   server redundancy, 31-36
   strategies for designing, 36
NICs. See network interface cards
NLB configuration models, 173-83. See also Network Load Balancing (NLB)
   cluster traffic distribution and, 173-75
   decision factors for choosing, 181
   example of, 182-83
   lab exercise on choosing, 185
   locating information about, vii
   multicast mode, 180-81
   network hardware switches and, 176-78
   unicast mode, 178-80
NLB Web clusters, 199
NNTP (Network News Transfer Protocol), 326
nodes, 113-14
node–to–node communication, 113
no load balancing option, 194, 208
nonmaskable interrupt (NMI), 84
non–NLB solutions, 207
non–NLB Web clusters, 200
nonparity RAM, 84
NT file system (NTFS) security, 343
   access process and, 351
   planning NTFS permissions, 353-54, 355
n–tier business Web sites, 9-11, 420
NT LAN Manager (NTLM) authentication, 343

O
object classes, 278
object linking and embedding (OLE) database, 190, 314
objects
   Active Directory, 277-78
   cluster, 112-18
ODBC logging format, 401, 464
ODBC technology, 314
OLE DB technology, 190, 314
one–to–one certificate mapping, 346
online UPS, 86
Open Systems Interconnection (OSI) model, 361
operating systems
   Application Center layers and, 198
   RAID configuration for, 102-3
operational failures, 17
operational procedures, 19-20
operations masters, 290-91, 292, 298, 447-48
optimizing
   content of Web sites, 263
   database connections, 317
   performance of Web clusters, 209
organizational units (OUs), 280
OSI (Open Systems Interconnection) model, 361
Outlook Web Access service, 326-33
   authentication, 330-31, 332, 454
   decision factors related to, 331-32
   designing an Exchange topology, 328-29, 331
   ensuring system availability, 329-30, 332
   example of using, 332
   implementing, 327-31
   setting up, 331-32
   user access with, 326-27, 330-31

P
PAC file, 68, 71-72
packet filtering, 368
pageable user–mode process, 246
paging, 389
parity information, 6, 93-94
parity RAM, 84
partitioned nodes, 113
partitioning data, 318-20, 325
passive hubs, 27
passwords, administrative, 408
paths, redundant, 30-31
PDC emulator, 283, 290, 291
Performance Counter Check, 384
Performance Logs and Alerts snap–in, 384, 385-86, 461
performance management, 6
   capacity planning, 236-37
   COM+ components, 217-19, 221
   optimization, 209
   response time, 218-19, 221
   throughput, 217-18
   Web applications, 236-37
performance metrics, 18
performance monitoring, 196, 383-96
   decision factors for, 393-94
   example of, 394-95
   memory, 388-90
   network I/O, 391-92
   processor activity, 390-91
   security overhead, 392
   tools used for, 383-88
   Web applications, 392-93
Performance tool, 384-86, 464
perimeter networks, 11, 43, 369-72
   back–to–back firewalls, 370-72, 458-59
   guidelines for segmenting, 44
   single firewall, 369-70, 458
Peripheral Component Interconnect (PCI), 119
permissions
   executable, 352
   IIS, 353, 355, 458
   NTFS, 353-54, 355
   troubleshooting, 358
   Web database access, 316-17
physical structure, Active Directory, 280-82
PKI (public key infrastructure), 344
placeholders, 74
Point–to–Point Tunneling Protocol (PPTP), 161
policies, failover, 127, 129, 145, 432-33
port rules, 161, 164-65
Post Office Protocol (POP), 326
power failures, 86-87
power supplies, 85, 89
PPTP (Point–to–Point Tunneling Protocol), 161
preferred nodes, 118
Presentation layer, 190, 303, 304
Primary Domain Controller (PDC), 283
primary node, 134
primary zone, 65
private roots, 68
problem management, 6
processes, 388-89
Process Explode, 384
Process Monitor, 384
Processor\% Processor Time counter, 396, 461
processors
   creating a processor alert, 396
   monitoring performance of, 390-91, 393, 394-95, 462
Process Thread and Status, 384
Process Tree, 384
Process Viewer, 384
providers, 315
proxy autoconfiguration (PAC) file, 68, 71-72
proxy clients, 71-72
proxy servers, 369
public key encryption, 359, 364
public key infrastructure (PKI), 344
public network, 43

Q
quorum disk, 121
quorum resource, 110, 121

R
RAID systems, 23, 91-96
   comparison of, 94-95
   example of configuring, 99-100
   fault tolerance and, 6, 91, 127
   hardware implementations of, 95-96, 127, 168
   lab exercises on, 101-4, 426-29
   NLB process and, 167-68
   planning, 101-4
   server clusters and, 127
   software implementations of, 91-95, 167-68
   strategies for designing, 98-99
RAM (random access memory), 84. See also memory
   determining requirements for, 258
   pageable user–mode process and, 246
read operation costs, 249
recovery systems, 405-11
   considerations for, 410
   documenting, 409
   example of, 410-11
   preparing, 405-7
   testing, 409
redundancy, 25
   controller, 194
   data, 91
   example of, 37-38
   lab exercise on, 75-76
   network topology and, 27-38, 49
   RAID–5, 94
   strategies for designing, 36
redundant components, 27-29
   fault tolerance and, 82-85, 88
   hubs and switches, 27-28
   routers, 29
redundant paths, 30-31
   ISPs, 30
   LANs, 30
   multiple sites, 30-31
redundant services, 31-36
   backup servers, 32
   hot standby systems, 32
   load balancing and clustering, 32-36
   spare systems, 32
relational database server, 104
relative ID master, 283, 290, 291
relay agents, 55
reliability, 7, 419
   Application Center and, 191
   architectural goals and, 8
remote administration, 192
Remote Data Service (RDS), 316
replication
   Active Directory, 282-84, 288-90
   intersite strategy for, 288-90, 291, 297-98, 446-47
   multimaster, 66-67
   site link information, 289
   zone transfer and, 65-66
reservations, client, 54-55
Resource API, 112
Resource DLL, 112
resource groups, 114-18, 129
   failback process and, 117-18
   failover process and, 116-17, 127
   lab exercise on, 144-45, 431-32
   planning, 124-26, 132, 144-45
   virtual servers and, 115-16
Resource Monitor, 111
resource record (RR) data, 33, 63-64
resources
   characteristics of, 118
   listing, 125
   managing, 109-10, 118
response time, 218-19, 221
response timetable, 216
RestoreFlag parameter, 57
review questions. See also lab exercises
   on Active Directory, 299, 448-49
   on Application Center, 227, 440-41
   on auditing, 416, 464
   on capacity planning, 273, 444-45
   on Cluster service, 146, 433
   on disaster recovery, 416-17, 464-65
   on distributed applications, 337, 454-55
   on monitoring, 416, 464
   on network infrastructure, 78-79, 425-26
   on NLB, 186, 435-36
   on security issues, 379-80, 460
   on server clusters, 146, 433
   on server configurations, 105, 429
rich clients, 190
root domain, 64
round–robin DNS, 33-34, 166, 172
routers, 29
routing list, 215-16
Routing and Remote Access Service (RRAS), 44
rule of 9s, 15

S
SANs (storage area networks), 23, 96-98
   connectivity in, 97-98
   decision factors for implementing, 98
   eliminating points of failure in, 98
   server clusters and, 128, 130-31
scalability, 7, 420
   Application Center and, 191
   architectural goals and, 8
   capacity planning and, 238, 264
   NLB and, 151
schedule, replication, 289, 290
schema, Active Directory, 277-78
schema master, 283, 290
scopes, 53-55
   splitting, 56-57, 59
   superscopes, 54
scripting support, 192
SCSI (Small Computer System Interface)
   disk performance issues, 318
   IDs associated with, 114
secondary node, 134
secondary zone, 65
SecureNAT, 368
secure networks, 43, 47
Secure Sockets Layer (SSL), 159, 236
   Basic authentication used with, 343, 365, 454, 457
   encryption, 331, 359-61, 364
   example of using, 365
security, 339-80
   access process and, 349-51
   architectural goals and, 9
   auditing strategies and, 397-404
   authentication strategies and, 341-48
   authorization strategies and, 349-57
   COM+ components and, 220, 221
   encryption technologies and, 359-66
   firewall technologies and, 367-74
   infrastructure for, 11-12
   lab exercises on, 375-78, 456-59
   monitoring, 392
   overview of, 339-40
   planning, 375-78
   review questions on, 379-80, 460
   troubleshooting, 358
security descriptor, 353
security domains, 11
security failures, 22-23
security identifier (SID), 353
security management, 6
security overhead, 392, 394
segmenting networks, 43-45
   strategies for, 44-45
server cluster models, 133-42
   active/active configuration, 136-40
   active/passive configuration, 134-36, 141
   lab exercise on choosing, 144
   single–node configuration, 133-34
   summary description of, 140
server clusters, 10, 109-46
   applications run on, 123-24
   architecture of, 118-21
   capacity requirements for, 128, 129
   characteristics of, 34-35
   components of, 110-12
   configuration planning for, 122-30
   DHCP, 57-60
   examples of, 130-31, 141
   fault–tolerant storage for, 127-28
   guidelines for planning, 129-30
   lab exercises on, 143-45, 431
   models for configuring, 124, 129, 133-42
   objects of, 112-18
   overview of, 109-10
   planning in Application Center, 202-9
   resource groups and, 114-18, 124-27, 129, 132
   review questions on, 146
   software used by, 110
   steps in planning, 128-29
server configurations, 81-105
   data storage and, 91-100
   fault tolerance and, 82-90
   lab exercises on, 101-4, 426-29
   overview of, 81
   planning in Application Center, 202-4, 209
   review questions on, 105, 429
servers
   failure of, 23
   improving or adding, 264
service level agreements (SLAs), 97
services
   application, 190
   redundant, 31-36
session state maintenance, 159-60, 208, 209
Setup disks, 406, 411
shared–nothing model, 119, 196
SID (security identifier), 353
Simple Mail Transfer Protocol (SMTP), 326, 368, 391
Simple Network Management Protocol (SNMP), 16
Single affinity, 158, 436
single firewall, 369-70, 373, 458
single–master operations, 283
single network adapter
   in NLB multicast mode, 180
   in NLB unicast mode, 178-79
single–node clusters, 133-34, 140, 198, 440
single points of failure, 5
sites. See also Web sites
   Active Directory, 281, 286-87, 291, 296
   defining topology for, 260-62, 265, 445-46
   lab exercise on structuring, 296-97
   linking, 288-90
sizing NLB clusters, 165-67, 169
SMP (symmetric multiprocessing), 4, 34
SMTP (Simple Mail Transfer Protocol), 326, 368, 391
SNMP (Simple Network Management Protocol), 16
software. See also applications
   CLB, 215
   failure of, 16
   maintaining information about, 408
   RAID system, 91-95, 98, 168
   server cluster, 110
spare systems, 32
speed. See transmission speed
splitting scopes, 56-57, 59
SQL Server databases
   accessing data from, 315
   integrating into an application structure, 335-36, 451-53
   partitioning data in, 325
SSL. See Secure Sockets Layer
stager, 198
standard Web clusters, 199, 440
standby operations master, 291
standby UPS, 87
Start of Authority (SOA) resource record, 64
Startup disks, 406, 411
stateful systems, 11
stateless systems, 10
static application deployment, 309
storage
   determining requirements for, 258-59
   fault–tolerant, 85, 89, 91-100, 127-28, 129
   RAID systems, 91-96
   SANs, 96-98
   strategies for designing, 98-99
   types of areas for, 10
storage area networks. See SANs
storage management, 7, 258
stored procedures, 318
streaming media servers, 165
striped volumes with parity (RAID–5), 93-94
   decision factors for implementing, 99
   mirrored volumes compared to, 94-95
structures
   Active Directory, 278-82
   DHCP, 58-59
   DNS, 62-65
   name resolution, 62-73
study and review questions. See review questions
subnetting, 39-48, 422-23
   example of, 45-47
   explanation of, 40-41
   IP addresses and, 39-40, 204-5
   lab exercise on, 76-77, 422-23
   network segments and, 43-47
   procedure for, 41-43
Success Audit event, 398
superscopes, 54
switches, 27-28
   load–balancing, 34, 151
   network hardware, 176-78
   redundant, 28
switch flooding, 177
symmetric encryption, 359, 364
symmetric multiprocessing (SMP), 4, 34
synchronization options, 191, 194-95, 203
System Access Control List (SACL), 353
system availability, 18
System Monitor, 248, 384, 385
system monitoring. See monitoring

T
Task Manager, 386-87
TCP (Transmission Control Protocol), 231, 362, 391
TCP/IP networks
   DHCP server environment for, 50-61
   name resolution structure for, 62-73
   permissions used on, 316-17
   subnet addressing structure for, 39-48, 422-23
TCP ports, 164
temperature issues, 86
testing
   application performance, 236-37
   recovery systems, 409
   system components, 408
thin clients, 190
third–party load balancing, 207
threads, 388-89
throughput performance, 217-18
TLS (Transport Layer Security), 362
tokens, 353
topology. See also network topology
   Exchange Server, 328-29, 331
   perimeter network, 369-72, 373
total cost of ownership (TCO), 97
traffic, 231-36
   client–side network capacity and, 233-34
   data transmission speed and, 231-33
   server–side network capacity and, 235-36
Transmission Control Protocol (TCP), 231, 362, 391
transmission speed
   client–side capacity and, 233-34
   network interface types and, 234
   server–side capacity and, 235-36
   Web site traffic and, 231-33
transport, replication, 289, 290
Transport Layer Security (TLS), 362
trees, Active Directory, 279-80
troubleshooting access permissions, 358

U
UDP (User Datagram Protocol), 164, 277, 362
unicast mode of NLB, 173-75, 435
   multiple network adapters in, 179-80
   single network adapter in, 178-79
uninterruptible power supply (UPS), 22, 86-87, 89, 123
upgrading Web sites, 263-64, 265
URL (Uniform Resource Locator), 10
user base, identifying, 255-57, 265, 269-71, 442-43
user costs, 240-52, 441-42
   CPU costs, 243-46, 253, 442-43
   disk costs, 248-49
   memory costs, 246-48
   network bandwidth costs, 250-51, 254
   operational parameters for, 241-42
   overview of calculating, 240-42
   profiling the typical user, 242-43
User Datagram Protocol (UDP), 164, 277, 362
User Interface layer, Application Center, 197
user profile, 242-43

V
VeriSign, 360
Veritas Cluster Server, 21
Virtual Basic Scripting Edition (VBScript), 190
virtual load area network (VLAN), 83
virtual servers, 115-16, 136
VPN servers, 165

W
W3C Extended log file format, 401
WANs (wide area networks), 281
Web Application Stress Tool (WAST), 236, 384
Web–based applications, 189-92, 301-37
   application–specific technologies, 305
   database integration strategies, 314-24
   decision factors for, 310, 322
   defining a strategy for, 303-12
   deploying, 307-10, 311, 313
   distributed application model, 303-4
   examples of, 311-12, 323-24
   Exchange integration strategies, 326-33, 453-54
   guidelines for using, 311, 322-23
   Internet Information Services and, 306-7
   lab exercises on, 334-36
   monitoring, 392-93, 394, 462
   Outlook Web Access service, 326-33
   overview of, 301-2
   permissions for, 316-17
   review questions on, 337
   strategies for integrating, 310
Web–Based Enterprise Management (WBEM), 387
Web Capacity Analysis Tool (WCAT), 236, 384
Web computing model, 7-12
   architectural elements, 9-11
   architectural goals, 8-9
   management infrastructure, 12
   security infrastructure, 11-12
WebDAV, 326, 327
Web farms, 10
Web network cost, 251
Web Proxy Service, 369
Web sites
   auditing, 404
   capacity planning process for, 255-64
   defining topology for, 260-62, 265
   determining purpose and type of, 255, 265
   finding potential bottlenecks in, 262-63, 265
   identifying user base for, 255-57, 265
   IIS site logging for, 400-401, 402
   manageability of, 220
   performance of, 217-19, 236-37
   security of, 220
   traffic on, 231-33
   upgrading, 263-64, 265
Web–tier clusters, 202
wide area networks (WANs), 281
Windows 2000
   Advanced Server, 3-4
   Backup utility, 406-7
   clustering process in, 34-36
   logging security events in, 397-400, 402
   preparing recovery systems for, 405-7
Windows Internet Naming Service (WINS), 62
Windows NT Load Balancing Service (WLBS), 35
WMI tool, 387
working set, 388-89
write operation costs, 249

X
XML (extensible markup language), 190, 327

Z
zones, 64-65
   explained, 64
   replicating, 65-66
zone transfer, 65-66



Last Updated: September 25, 2001
Top of Page