Management skills for small and medium enterprises and Internet cafes

The following are some of my experiences in Internet cafe management over the past four years, which can be used as a reference for my friends who are doing maintenance in small-scale environments. Internet cafes or office environments for small and medium-sized enterprises are similar. Most of them belong to single-or dual-Egress networks with simple extension, so the maintenance workload is not great. However, due to the wide variety of running software, difficult to balance, or the difficulty of batch deployment due to a large number of machine types, system administrators are also faced with headaches. Every day, systems are stuck in endless installation, testing software and hardware maintenance cannot be liberated, so some of the technologies I mentioned below may make it easier for you. The simplest extension network design must be concise, which will reduce your workload and make it easy to identify faults.
IP Address Allocation
In an environment such as an Internet cafe, it is best to allocate the corresponding machine name to facilitate management and configuration. You can reserve a small DHCP pool to facilitate the access of external devices, such as some users carrying their own laptops), and facilitate the access to the network when debugging or changing the network card. In the enterprise network, it is best to allocate IP addresses according to the Department. DHCP technology can be used to bind IP addresses according to the nic mac,
Create a file warehouse and a monitored Gateway
Regardless of the environment, it is necessary to create a file warehouse, so that you can centrally store or back up various releases of software, it is convenient to avoid the use of CDs or other inconvenient media when reinstalling the system. In a slightly strict environment, for example, an enterprise with permission separation should establish an access policy on the file warehouse, which can be authenticated Based on the account or host.
My File Repository stores the following types of content:
1. Some common software for office or Internet cafes
2. Backup of operating system installation files, all hardware drivers throughout the network
3. Complete backup of the Operating System (for Windows systems, after the first installation and debugging is completed, you can use ghost to save an image for later batch distribution or redeployment)
4. Knowledge Base, some common materials, and various e-books
5. shared storage content, such as songs, movies, and games in the internet cafe environment. In the enterprise environment, if some software supports this operation, you can also consider using the centralized storage method, but remember to back up and lock the file. The File Repository can be created using freebsd + samba and managed using ftp. You can also use the File Repository as a web server or remotely install an operating system server.
The gateway that can be monitored is necessary, especially in the network environment of many windows and linux Hosts. There are usually many security problems in these two types of systems, so it is best to put it behind NAT to protect it. The Gateway can adopt freebsd + ipfilter. The snort and tcpdump sniffing software should be run on it. It is best not to install remote X-win support. We recommend that you disable sshd and syslogd only. syslog can be sent to the file warehouse server, unless necessary, sshd should not trust the external network, the gateway host should not trust the Intranet and have separate management interfaces connected to the Administrator's workstation (a separate Nic interface or RS232 connection can be used ). The environment containing windows hosts should block and log popular worms. Logs can easily help you find hosts infected with worms. We recommend that you also block the smtp port in the internet cafe environment, it is not necessary to send emails in Internet cafes. You can use the webmail system, OUTLOOK, and FOXMAIL to install emails. There are too many Trojans using mail to send data. Blocking and recording smtp can reduce some risks.
Reasonably arrange the System Structure
System Planning should be clear and easy for ordinary people to accept, and some resource-consuming functions should be removed as much as possible to release some of the memory and excavator's potential, some services that should not be run must be closed to prevent security issues. In windows, hard disks with a slightly larger capacity are recommended to be divided into three zones: C (4-8 GB) system, D (1.6-3 GB) backup, and E (remaining) data, in the winnt/2 k/xp/2003 system, we recommend that you use the NTFS file system for drive C and drive E to facilitate permission control. If the processor is good enough and the memory is large enough, you can compress the drive E, if a large file is stored, a slightly larger cluster should be used to format the partition, which can improve the performance. directories of software and data should be classified, and two levels of directories should be established. Do not put all programs and data in the root directory of the disk, which is messy and difficult to manage.
Use Centralized Control Software
If it is convenient, you should install a remote control software for the machine. In the Internet cafe, you can select software such as the internet cafe synchronization expert to execute commands, synchronize the directory tree, and merge the registry. Centralized Control Software in the enterprise environment should adopt procedures with certification to prevent others from being controlled at will.
Develop the habit of writing documents
Documents should be provided for the entire network to facilitate routine inspection and handover with other administrators.
Use green software whenever possible
There are a lot of junk software for windows, and there will be a lot of junk in the registry after uninstalling. Therefore, it is necessary to prepare a registry Comparison Program, such as regsnap. You can easily port out some software and have a lot of software. As long as there is a subtree in the registry, you can run it. You can simply delete the main directory of a program during uninstallation.
Try to be consistent on the Interface
The interface design should conform to the common habits. You can modify it slightly to form your own style and stick to it until you form a "culture". In this way, you can save a lot of time to answer questions and guide users.
Redundancy for some basic resources
For a slightly larger network, at least you need to back up some faulty hardware, such as the motherboard, power supply, and fan. There should be multiple sets of Vulnerable hardware. At the same time, a network card that can be recognized by most systems should be provided for convenience of maintenance, such as realtek's 8029 and 8139. Create a LIVECD or DOM disk that supports bridges, so that you can insert two networks or intercept one network to detect errors.
Cooling system and ventilation are important
Heat can accelerate the aging of your machine, especially the current computer, the power is too high, the CPU and North Bridge are both a large heat source, you must do a good job of heat dissipation, otherwise the nearby capacitor will suffer. When designing a heat dissipation system, do not forget people's heat dissipation. It is best to consult professional HVAC engineers during construction. They have more experience with estimation of various heat sources than we do. They can help design a cooling system, process the water from the cooling system, and process the humidity in the air.
Dust removal and elimination of annoying creatures
Dust can slow down the conversion of your fan and make the system unstable. In a relatively high humidity environment, invisible resistance may also be formed on the printing board. Some small creatures may also have an impact. At least the mouse may break various wires when bored. Xiaoqiang does not know whether there is any impact. However, all kinds of medicines are very cheap and should be put on a regular basis, it is easy to eliminate the harassment of these small animals.
Organize users or other maintenance personnel to learn regularly
The centralized training of users and maintenance personnel makes your management easier, saving you time to answer the same question, so that you can focus on learning new technologies and have time to solve some difficult problems.