There is a lot to learn. Install the server n times first.
1, doing network management, mainly maintaining the integrated wiring and network planning of servers, terminals, clients and networks. Maybe at first I felt a lot of workload, annoyed and stressed, giving others the feeling of impetuousness. After a period of work practice and life thinking, we can feel that the main problem is that they have not learned to adjust themselves and their interests in life, so the problems in natural work will be solved and they will understand life.
2. To be a qualified network administrator, it is most necessary to master reasonable network planning, dynamic management, static monitoring, remote debugging and maintenance, including network topology, transmission steps of network protocols, network traffic control, QOs, configuration and rational use of various protocols.
The network administrator is a technical post, so technology must be the first. As for what technology is the most important, it depends on the needs of each unit. Simply put, you just need to contact and exchange visits. Complex networks may be the business of several or even more people, so there will be division of labor and cooperation, and the direction of maintenance and research will be different. Generally, there is no network management in small and medium-sized units, because there are few computers, so there is no need to set up special posts. Ask someone outside if you have any questions. More than 20 units may need to set up special network management or part-time network management. The network management of such units needs all aspects of IT knowledge, and the wider the scope, the better.
Second, the skills that enterprise network management needs to master. To be a network administrator, you need to know almost everything, not necessarily be proficient. Of course, you should also have your own strengths.
1. The system is the most basic requirement. 1998 to 2003, you should be able to play linux from unix, but not all (this system is very difficult).
2. Be able to maintain computer hardware and printers (from needle printers to inkjet printers to laser printers). If you can't do this part well, you may be busy for half a day
3. The configuration and management of mail services and clients mainly include Exchange, IMAIL, Qmail, Sendmail, etc. Nowadays, enterprises have their own emails, and their status cannot be ignored.
4. To know the common service configurations of windows/*nix system, the most basic ones are of course DHCP (DHCPD), DNS (BIND), IIS (Apache), FTP (Wuftpd/VSFTPD), AD (Samba), WINS, etc. If you don't know this, make it up quickly. Otherwise, don't go.
5. The database should know at least SQL SERVER and MYSQL. If you know ORACLE/SYBASE/DB2/INFORMIX, your salary will definitely be high 10% (hehe, it's a bit exaggerated. If you know all this, why not become a DBA? ).
6. Simple setup and management of switches and routers is necessary, otherwise you can only go to small enterprises (mainly Cisco, Huawei 3COM, Nortel, and of course you should be familiar with the low-end equipment of TP-Link and D-Link).
7. Be familiar with integrated wiring technology (at least 568A/568B) and know a little about optical fiber technology. If you are applying for a factory, the optical fiber is often pulled between factories.
8. Know how to plan the network and improve the stability (most important), security and utilization of the network as much as possible.
9. You can write scripts. Whether you use windows or *nix, scripts will often make your work more efficient (languages such as assembly /C are better).
10. Know how to back up and restore data quickly and safely.
1 1. Be familiar with anti-virus technologies such as proxy firewall, or you won't know what happened when your network is completely down.
12.WLAN technology should be mastered as soon as possible, which is the trend, and some networks of many enterprises are integrated into it.
13. Familiar with access network technology, at least know what ADSL, ISDN, FTTX, FR and DDN are all about.
14. Of course, some companies require you to know ASP, PHOTOSHOP, DW, etc. When recruiting administrators. They are mainly for the daily maintenance of the website.
15. Have a clear understanding of the whole network model and architecture, at least know the layers, protocols, interfaces, services, etc. If you can read through the three volumes of TCP/IP protocol, then you can start working.
16. Have a clear understanding of ERP system.
See if you can learn this.
How to do a good job in enterprise computer emergency work
With e-commerce and online transactions becoming a part of today's business society, more and more companies are found to have security risks in the network and are blackmailed by computer criminals. When there are security holes in the enterprise's network, the company's core business information and confidential business information will be stolen. In addition, fraud related to online banking has gradually increased, retailers' back-end databases have been attacked and credit card information has been stolen. Due to more and more denial of service attacks, more and more companies are losing profits and productivity. rice ...
-
With e-commerce and online transactions becoming a part of today's business society, more and more companies are found to have security risks in the network and are blackmailed by computer criminals. When there are security holes in the enterprise's network, the company's core business information and confidential business information will be stolen. In addition, fraud related to online banking has gradually increased, retailers' back-end databases have been attacked and credit card information has been stolen. Due to more and more denial of service attacks, more and more companies are losing profits and productivity.
Computer crimes and worm virus incidents continue to occur. How should enterprises do a good job in computer emergency response to ensure that the economic losses of enterprises are minimal when they are attacked? Ye talked about his views in the following article.
1988 after the Morris worm incident, the United States established the world's earliest computer emergency response organization (cert). From 65438 to 0999, since the establishment of the first emergency response organization in China, it has played an obvious role in handling several large-scale network security incidents. So how should enterprises establish emergency organizations? Let's first understand what emergency response is.
What is emergency response?
Generally speaking, emergency response refers to the measures and behaviors taken by safety technicians after encountering unexpected events. Emergency refers to the situation that affects the normal work of the system. The system here includes both host problems and network problems, such as hacker attacks, information theft, denial of service attacks, abnormal network traffic and so on.
Two basic objectives of emergency response: ensuring recovery and accountability.
Unless it is an "after-the-fact" event, the first problem that emergency handlers have to solve is how to ensure that the affected system can resume normal functions. In the work of ensuring recovery, emergency personnel need to keep all kinds of necessary evidence for other work in the future. Accountability involves legal issues, and emergency responders supported by general user units or third parties mainly play the role of coordination and analysis, because judicial permission is usually needed to carry out such investigations.
Most enterprises have established an independent emergency response team, usually called Computer Security Incident Response Team (csirt), to deal with computer security incidents. Emergency response involves many disciplines and requires many abilities: resources are usually obtained from different departments of the company. Human resources personnel, legal advisers, technical experts, security experts, public security officials, business managers, end users, technical support personnel and other personnel involved in computer security emergency response. Of course, most of these people are part-time and need to cooperate with the emergency.
What should an enterprise do after it has an independent emergency team?
According to the emergency response method of pdcerf, we respond in six stages, namely, preparation, detection, containment, eradication, recovery and follow-up. As follows:
The first stage: preparation.
This stage focuses on prevention. The main work involves identifying the risks of the company, formulating safety policies, and establishing cooperation systems and emergency response systems; Configure safety equipment and software according to the safety policy, and prepare for emergency response and recovery of the host. Make some preparations for the network through network security measures, such as scanning, risk analysis, patching, etc. Conditional, the establishment of monitoring facilities, the establishment of data collection and analysis system and ability; Formulate strategies and regulations that can achieve emergency objectives, establish information communication channels and notification mechanisms, and formulate relevant laws and regulations; Create an available response work package; Establish a csirt that can be assembled to deal with emergencies.
The second stage: detection
Detect whether the event has happened or is happening, and the cause and nature of the event. Determine the nature of the incident and the severity of the impact, and what kind of dedicated resources are expected to be used to repair it. Select detection tools, analyze abnormal phenomena, improve the monitoring level of system or network behavior, and estimate the scope of security incidents. Determine whether large-scale events occur in the whole network through summary; Determine the emergency level and decide which level of emergency plan to start.
The third stage: containment.
Take timely action to curb the development of the incident. Preliminary analysis focuses on determining appropriate containment methods, such as isolating the network, modifying the filtering rules of all firewalls and routers, deleting the attacker's login account, shutting down the utilized service or shutting down the host, etc. Consulting security policy; Determine the risk of further operation and control the loss to a minimum; List several options and explain their risks, which should be decided by the customer. Ensure that the blocking mode has the least impact on the business of each network; Through coordination, strive for all networks to act in concert and implement isolation; Summarize the data and estimate the loss and isolation effect.
The fourth stage: eradication
Completely solve the hidden problems. Analyze the reasons and loopholes; Carry out safety reinforcement; Improve security policy. Strengthen publicity, announce hazards and solutions, and appeal to users to solve terminal problems; Strengthen inspection work, find and clean up problems existing in industries and key departments.
The fifth stage: recovery.
The attacked system is restored through backup; Make a new backup; Back up all security changes; The service has been brought back online and continuously monitored. Continuously summarize and analyze the operation of each network; Judging the effectiveness of isolation measures according to the operation of each network; Judging the terminal scale still affected by the summary analysis results; Find important users and inform them to solve them in time; Lift the blockade at an appropriate time.
Stage 6: Follow-up.
Pay attention to the security situation after the system is restored, especially where problems have occurred; Establish tracking documents and record tracking results in a standardized way; Evaluate the response effect; We will further investigate the events entering the judicial process and crack down on illegal and criminal activities.
The above are the coping methods that enterprises should refer to when dealing with emergencies, and the coping process can be further refined for specific businesses. In addition, if the internal emergency response team cannot handle major security incidents, it can report to the National Computer Emergency Response Coordination Center (cncert) for handling.