Reliability Workbook for Windows Server

Overview

Service health is the state in which a service and all the components it depends on are behaving as desired within acceptable limits. This task list provides a schedule of proactive health monitoring and maintenance tasks to review and adapt to your individual requirements. For further instructions about the configuration and use of this task list, see the Administrator's Guide for Reliability Workbooks at www.microsoft.com/mof.

Task List Columns

  • Health Attribute: A group of requirements for a healthy system.
  • Health Area: A category of health action.
  • Health Requirement: A requirement in a particular health control area that drives monitoring activity, which ensures continued component health.
  • Monitoring Task: An action that involves observing trends and paying attention to warning levels and error alerts. These alerts will trigger maintenance tasks.
  • Maintenance Task: Regularly scheduled or trend-driven work that ensures the continued health of the component.
  • Monitoring Parameter: The picture of health for a component. These conditions are determined by your organization's requirements and may vary according to factors such as the component's importance to the business, the size of the organization, or staffing constraints.
  • Owner: Person with the responsibility to ensure that a task is done. The owner can complete the task, automate it, or delegate it and confirm that the work has been done.
  • Notes: Additional information relating to this item.

Note: Although many of the monitoring and maintenance tasks in this guide can be performed manually, best practice is to use automated methods because of the frequency and complexity of the individual tasks.

Monitoring Activities

Verify that administrator access is restricted

Health attribute

Security

Health area

Access Control

Health requirement

Control access to the server operating system.

Monitoring task

Verify that administrator access is restricted.

Monitoring parameter

Administrator access to the server operating system is limited.

Frequency

Monthly

Owner

Operator

Manual

Use Computer Management to verify membership of the Administrators group.

Automation

Use Windows PowerShell scripts or Microsoft System Center Operations Manager.

Notes

Monitor for secure events associated with changes to the Administrators group.

Check audit logs to detect unauthorized activity

Health attribute

Security

Health area

Access Control

Health requirement

Control access to the server operating system.

Monitoring task

Check audit logs to detect unauthorized activity.

Monitoring parameter

No unauthorized access to the server operating system is detected.

Frequency

Daily

Owner

Operator

Manual

Use Computer Management to view the Security event log.

Automation

Use Microsoft System Center Operations Manager to monitor the Security event log.

Verify that shared folders have appropriate permissions

Health attribute

Security

Health area

Access Control

Health requirement

Secure access to file shares.

Monitoring task

Verify that shared folders have appropriate permissions.

Monitoring parameter

The most restrictive permissions are applied to shared folders.

Frequency

Weekly

Owner

Operator

Manual

Use Windows Explorer to examine the permissions on shared folders.

Automation

Use Windows PowerShell scripts, or use Icacls.exe.

Check the health of each role on the server

Health attribute

All

Health area

All

Health requirement

Ensure that each role running on the server is in a healthy state.

Monitoring task

Check the health of each role on the server.

Monitoring parameter

N/A

Frequency

As needed

Owner

Operator

Manual

See the reliability workbook for each role.

Automation

See the reliability workbook for each role.

Verify that remote access is restricted

Health attribute

Security

Health area

Authentication

Health requirement

Ensure that remote access to the server is restricted.

Monitoring task

Verify that remote access is restricted.

Monitoring parameter

Remote access to the server is restricted.

Frequency

Weekly

Owner

Operator

Manual

Check the event logs to confirm remote access attempts to the server.

Automation

Use Microsoft System Center Operations Manager.

Notes

Check for unauthorized access attempts

Health attribute

Security

Health area

Authentication

Health requirement

Prevent unauthorized access to the server.

Monitoring task

Check for unauthorized access attempts.

Monitoring parameter

There are no unauthorized attempts to access the server.

Frequency

Daily

Owner

Operator

Manual

Check the Security event log for unauthorized access attempts.

Automation

Use Microsoft System Center Operations Manager.

Check for account lockout events

Health attribute

Security

Health area

Authentication

Health requirement

Prevent unauthorized access to the server.

Monitoring task

Check for account lockout events.

Monitoring parameter

No accounts are locked out.

Frequency

Daily

Owner

Operator

Manual

Check the Security event log for account lockout events.

Automation

Use Microsoft System Center Operations Manager.

Verify that the local Administrator account password is changed

Health attribute

Security

Health area

Authentication

Health requirement

Protect access to the server.

Monitoring task

Verify that the local Administrator account password is changed.

Monitoring parameter

The local Administrator account password has been changed within policy.

Frequency

Monthly

Owner

Operator

Manual

Use Server Manager.

Automation

Use Microsoft System Center Operations Manager.

Verify that the application-level data is backed up

Health attribute

Continuity

Health area

Back Up

Health requirement

Provide a backup of application data.

Monitoring task

Verify that the application-level data is backed up.

Monitoring parameter

Application-level data is backed up.

Frequency

Daily

Owner

Operator

Manual

Use Windows Server Backup or application-level backup features to verify that data is backed up.

Automation

Use automated backup solutions such as Microsoft System Center Data Protection Manager for larger infrastructures.

Notes

An example is backing up individual Microsoft SQL Server 2008 R2 databases.

Verify that the server is backed up

Health attribute

Continuity

Health area

Back Up

Health requirement

Provide a backup of the server that can be used to restore functionality.

Monitoring task

Verify that the server is backed up.

Monitoring parameter

The server is backed up.

Frequency

Daily

Owner

Operator

Manual

Use Windows Server Backup to verify that the server is backed up.

Automation

Use automated backup solutions such as Microsoft System Center Data Protection Manager for larger infrastructures.

Verify that the server's firmware (BIOS, RAID controllers, and so on) is current

Health attribute

All

Health area

Hardware

Health requirement

The server is current with the latest firmware.

Monitoring task

Verify that the server's firmware (BIOS, RAID controllers, and so on) is current.

Monitoring parameter

Firmware is current.

Frequency

Monthly

Owner

Administrator

Manual

Check the firmware version in the server's BIOS.

Automation

See the server manufacturer's documentation, or use Microsoft System Center Operations Manager.

Check the status of the server's uninterruptable power supply, if required

Health attribute

Availability

Health area

Hardware

Health requirement

Ensure the availability of the server during power outages.

Monitoring task

Check the status of the server's uninterruptable power supply, if required.

Monitoring parameter

The uninterruptable power supply is working properly, and the battery does not require replacement.

Frequency

Weekly

Owner

Operator

Manual

Use Server Manager to check the event log for errors related to the uninterruptable power supply.

Automation

Use Microsoft System Center Operations Manager.

Physically test the uninterruptable power supply

Health attribute

Availability

Health area

Hardware

Health requirement

Ensure the availability of the server during power outages.

Monitoring task

Physically test the uninterruptable power supply.

Monitoring parameter

The uninterruptable power supply is working properly, and the battery does not require replacement.

Frequency

Monthly

Owner

Operator

Manual

Test the uninterruptable power supply per the manufacturer's instructions.

Automation

N/A

Notes

Also, uninterruptable power supply vendors provide utilities to test products.

Check whether the server is experiencing memory pressure

Health attribute

Performance

Health area

Hardware

Health requirement

Memory is sized to handle the expected load at ordinary and peak times.

Monitoring task

Check the following performance counters:·

  • Memory – Standby Cache Reserve Bytes
  • Memory – Free & Zero Page List Bytes
  • Memory – Pages Input/Sec

Monitoring parameter

Standby Cache Reserve Bytes + Free & Zero Page List Bytes ≥ 200 MB on servers with 1 GB of memory

Standby Cache Reserve Bytes + Free & Zero Page List Bytes ≥ 300 MB on servers with 2 GB or more of memory

Average of Pages Input/Sec over one hour < 10

Frequency

Weekly

Owner

Operator

Manual

Use Performance Monitor to view counters.

Automation

Use Microsoft System Center Operations Manager.

Check processor performance

Health attribute

Performance

Health area

Hardware

Health requirement

The processor configuration can handle the expected load at ordinary and peak times.

Monitoring task

Check the following performance counter: Processor – % Processor time

Monitoring parameter

Compare the performance counter to previously established baselines.

Frequency

Weekly

Owner

Operator

Manual

Use Performance Monitor to view counters.

Automation

Use Microsoft System Center Operations Manager.

Notes

For information about monitoring processor performance, see Recognizing a Processor Bottleneck.

http://technet.microsoft.com/en-us/library/cc938609.aspx

Verify that Windows Firewall is configured correctly

Health attribute

Security

Health area

Network

Health requirement

Ensure that network access to the server is restricted except for required services.

Monitoring task

Verify that Windows Firewall with Advanced Security is configured correctly.

Monitoring parameter

Network access is the most restrictive possible.

Frequency

Weekly

Owner

Operator

Manual

Use Windows Firewall with Advanced Security.

Automation

Use Microsoft System Center Operations Manager.

Verify that the server is reachable

Health attribute

Availability

Health area

Networking

Health requirement

The server can be managed remotely.

Monitoring task

Verify that the server is reachable.

Monitoring parameter

The server is reachable.

Frequency

Daily

Owner

Operator

Manual

Ping each server by using the Internet Control Message Protocol.

Automation

Use Microsoft System Center Operations Manager or Windows PowerShell scripts.

Notes

If Internet Control Message Protocol (ICMP) is not enabled in the firewall, you can use Netsh.exe to enable ICMP as described in the Microsoft Help and Support article, 'How to use the "netsh advfirewall firewall' context instead of the 'netsh firewall' context to control Windows Firewall behavior in Windows Server 2008 and in Windows Vista."

http://support.microsoft.com/kb/947709

Verify network capacity for current and expected workloads

Health attribute

Capacity

Health area

Networking

Health requirement

Network capacity is available for current and expected workloads.

Monitoring task

Verify network capacity for current and expected workloads.

Monitoring parameter

Network capacity is available for current and expected workloads.

Frequency

Weekly

Owner

Operator

Manual

Check network usage by using Performance Monitor.

Automation

Use Microsoft System Center Operations Manager to monitor network usage.

Check the integrity of the file system

Health attribute

Availability

Health area

Storage

Health requirement

Maintain the integrity of the file system.

Monitoring task

Check the integrity of the file system.

Monitoring parameter

No bad files are found.

Frequency

Monthly

Owner

Operator

Manual

Run Chkdsk.exe manually.

Automation

Schedule a task to run Chkdsk.exe weekly, or use Windows PowerShell scripts.

Notes

Do not use the /f command-line option to automatically repair problems found.

Check the consistency of RAID arrays

Health attribute

Availability

Health area

Storage

Health requirement

RAID storage is consistent and fault tolerant.

Monitoring task

Check the consistency of RAID arrays.

Monitoring parameter

RAID arrays are fault tolerant.

Frequency

Weekly

Owner

Operator

Manual

See the RAID manufacturer's documentation.

Automation

See the RAID manufacturer's documentation, or use Microsoft System Center Operations Manager.

Verify storage capacity for current and expected workloads

Health attribute

Capacity

Health area

Storage

Health requirement

Storage is available for current and expected workloads.

Monitoring task

Verify storage capacity for current and expected workloads.

Monitoring parameter

Storage capacity is available for current and expected workloads.

Frequency

Weekly

Owner

Operator

Manual

Check free disk space on each volume by using Windows Explorer.

Automation

Use Microsoft System Center Operations Manager to monitor the capacity of each volume.

Check the event logs for warnings and errors

Title

Check the event logs for warnings and errors.

Health attribute

All

Health area

System

Health requirement

Ensure the overall health of the server.

Monitoring task

Check the event logs for warnings and errors.

Monitoring parameter

There are no warnings or errors that are unexpected or unresolved.

Frequency

Daily

Owner

Operator

Manual

Use Event Viewer in Server Manager.

Automation

Use Microsoft System Center Operations Manager.

Verify Windows Time service synchronization

Health attribute

Availability

Health area

System

Health requirement

Ensure that time synchronization is configured across servers.

Monitoring task

Verify Windows Time service synchronization.

Monitoring parameter

Windows Time service is synchronized across servers.

Frequency

Monthly

Owner

Operator

Manual

Check time synchronization events in the event log; or use Windows PowerShell scripts and the w32tm command to check time synchronization.

Automation

Use Microsoft System Center Operations Manager.

Verify that the Audit Log Service is available

Health attribute

Security

Health area

System

Health requirement

Ensure that audit logging is working as expected.

Monitoring task

Verify that the Audit Log Service is available.

Monitoring parameter

Audit logging is working as expected.

Frequency

Daily

Owner

Operator

Manual

Use Server Manager.

Automation

Use Microsoft System Center Operations Manager.

Verify that event logging is working correctly

Health attribute

Security

Health area

System

Health requirement

Ensure that event logging is working as expected.

Monitoring task

Verify that event logging is working correctly.

Monitoring parameter

Event logging is logging events as expected.

Frequency

Daily

Owner

Operator

Manual

Check the event logs to confirm that events are logged.

Automation

Use Microsoft System Center Operations Manager.

Verify that no unnecessary services are running

Health attribute

Security

Health area

System

Health requirement

Limit the attack surface area of the server operating system.

Monitoring task

Verify that no unnecessary services are running.

Monitoring parameter

Only necessary services are running.

Frequency

Weekly

Owner

Operator

Manual

Use Server Manager.

Automation

Use Microsoft System Center Operations Manager.

Verify that the server has no viruses or malware

Health attribute

Security

Health area

System

Health requirement

The server is free of viruses and malware.

Monitoring task

Verify that the server has no viruses or malware.

Monitoring parameter

No viruses or malware are found.

Frequency

Daily

Owner

Operator

Manual

Check the antivirus application's log.

Automation

Use Microsoft System Center Operations Manager.

Verify that the server operating system is updated

Health attribute

Security

Health area

Updates

Health requirement

The server operating system is current with operating system, application, and malware updates.

Monitoring task

Verify that the server operating system is updated.

Monitoring parameter

The server operating system is updated.

Frequency

Weekly

Owner

Operator

Manual

Log on to the server operating system and check whether new updates are required, or use the Microsoft Baseline Security Analyzer.

Automation

Use Windows Server Update Services 3.0 or Microsoft System Center Configuration Manager to identify required updates.

Maintenance Activities

Configure auditing on the server

Health attribute

Security

Health area

Access Control

Health requirement

Control access to the management operating system.

Maintenance task

Configure auditing on the server.

Frequency

Monthly

Owner

Administrator

Manual

Use a local security policy to configure auditing on the server.

Automation

Use Group Policy to configure auditing for servers.

Prune accounts from the local Administrators group of the server operating system

Health attribute

Security

Health area

Access Control

Health requirement

Control access to the server operating system.

Maintenance task

Prune accounts from the local Administrators group of the server operating system.

Frequency

As required

Owner

Administrator

Manual

Use Computer Management to prune membership in the local Administrators group.

Automation

Create a Group Policy object using Restricted Groups to control membership of the local Administrators group.

Configure permissions on shared folders

Health attribute

Security

Health area

Access Control

Health requirement

Secure access to file shares.

Maintenance task

Configure permissions on shared folders.

Frequency

As required

Owner

Administrator

Manual

Use Windows Explorer to configure permissions on shared folders.

Automation

Restrict remote access to the server

Health attribute

Security

Health area

Authentication

Health requirement

Ensure that remote access to the server is restricted.

Maintenance task

Restrict remote access to the server.

Frequency

As needed

Owner

Administrator

Manual

Use System Properties to configure Remote Desktop.

Automation

Use Group Policy to limit the use of Remote Desktop.

Configure access attempt auditing

Health attribute

Security

Health area

Authentication

Health requirement

Prevent unauthorized access to the server.

Maintenance task

Configure access attempt auditing.

Frequency

As needed

Owner

Administrator

Manual

Configure auditing by using local Group Policy.

Automation

Use Group Policy to configure access auditing for all servers.

Configure account lockout auditing

Health attribute

Security

Health area

Authentication

Health requirement

Prevent unauthorized access to the server.

Maintenance task

Configure account lockout auditing.

Frequency

As needed

Owner

Administrator

Manual

Configure auditing by using local Group Policy.

Automation

Use Group Policy to configure access auditing for all servers.

Reset locked-out accounts

Health attribute

Security

Health area

Authentication

Health requirement

Prevent unauthorized access to the server.

Maintenance task

Reset locked-out accounts.

Frequency

As required

Owner

Operator

Manual

Use Server Manager or Active Directory Users and Computers.

Automation

N/A

Change the local Administrator account password

Health attribute

Security

Health area

Authentication

Health requirement

Protect access to the server.

Maintenance task

Change the local Administrator account password.

Frequency

As required by policy

Owner

Administrator

Manual

Use Server Manager.

Automation

Use Windows PowerShell scripts.

Back up application-level data

Health attribute

Continuity

Health area

Back Up

Health requirement

Provide a backup of application data.

Maintenance task

Back up application-level data.

Frequency

Daily

Owner

Operator

Manual

Use Windows Server Backup or application-level backup features to back up data.

Automation

Schedule Windows Server Backup or application-level backup features to back up data; consider automated backup solutions such as Microsoft System Center Data Protection Manager for larger infrastructures.

Back up the server

Health attribute

Continuity

Health area

Back Up

Health requirement

Provide a backup of the server that can be used to restore functionality.

Maintenance task

Back up the server.

Frequency

Daily

Owner

Operator

Manual

Use Windows Server Backup to back up the server.

Automation

Schedule Windows Server Backup to back up the server; use automated backup solutions such as Microsoft System Center Data Protection Manager for larger infrastructures.

Test the validity of server backups

Health attribute

Continuity

Health area

Back Up

Health requirement

Provide a backup of the server that can be used to restore functionality.

Maintenance task

Test the validity of server backups.

Frequency

Monthly

Owner

Operator

Manual

Restore the most recent backup to server hardware in a lab environment, and verify its validity.

Automation

N/A

Update the server's firmware (BIOS, RAID controllers, and so on)

Health attribute

All

Health area

Hardware

Health requirement

The server is current with the latest firmware.

Maintenance task

Update the server's firmware (BIOS, RAID controllers, and so on).

Frequency

As required

Owner

Administrator

Manual

See the server manufacturer's documentation.

Automation

N/A

Replace the server's uninterruptable power supply battery

Health attribute

Availability

Health area

Hardware

Health requirement

Ensure availability of the server during power outages.

Maintenance task

Replace the server's uninterruptable power supply battery.

Frequency

As required

Owner

Operator

Manual

N/A

Automation

N/A

Add memory resources to the system

Health attribute

Capacity

Health area

Hardware

Health requirement

Memory is available for current and expected workloads.

Maintenance task

Add memory resources to the system.

Frequency

As required

Owner

Administrator

Manual

Add physical memory to the system, or use Hyper-V Manager to allocate additional memory to the system.

Automation

Use Microsoft System Center Virtual Machine Manager to allocate additional memory to virtualized servers.

Add processing resources to the server

Title

Add processing resources to the server.

Health attribute

Capacity

Health area

Hardware

Health requirement

Processor time is available for current and expected workloads.

Maintenance task

Add processing resources to the server.

Frequency

As required

Owner

Administrator

Manual

Upgrade physical processors, or use Hyper-V Manager to allocate and limit virtual processors.

Automation

Use Microsoft System Center Virtual Machine Manager to add, allocate, and limit virtual processors for virtualized servers.

Allocate additional memory to servers experiencing memory pressure

Health attribute

Performance

Health area

Hardware

Health requirement

Memory is sized to handle the expected load at ordinary and peak times.

Maintenance task

Allocate additional memory to servers experiencing memory pressure.

Frequency

As required

Owner

Administrator

Manual

Add memory to physical servers, or use Hyper-V Manager to allocate additional memory to servers experiencing memory pressure.

Automation

Use Microsoft System Center Virtual Machine Manger on virtualized servers.

Allocate processing resources

Health attribute

Performance

Health area

Hardware

Health requirement

The processor configuration can handle the expected load at ordinary and peak times.

Maintenance task

Allocate processing resources.

Frequency

Weekly

Owner

Administrator

Manual

Add processing resources for physical servers, or use Hyper-V Manager to allocate virtual processors and adjust limits for virtualized servers.

Automation

Use Microsoft System Center Virtual Machine Manager on virtualized servers.

Configure the services open in Windows Firewall

Health attribute

Security

Health area

Network

Health requirement

Ensure that network access to the server is restricted except for required services.

Maintenance task

Configure the services open in Windows Firewall.

Frequency

As required

Owner

Administrator

Manual

Use Windows Firewall with Advanced Security.

Automation

Use Group Policy to configure Windows Firewall.

Restart the server if it does not respond remotely

Health attribute

Availability

Health area

Networking

Health requirement

The server can be managed remotely.

Maintenance task

Restart the server if it does not respond remotely.

Frequency

As required

Owner

Administrator

Manual

Log on to the server and restart it.

Automation

Use Windows PowerShell scripts to restart the server.

Add network adapters to the server

Health attribute

Capacity

Health area

Networking

Health requirement

Network capacity is available for current and expected workloads.

Maintenance task

Add network adapters to the server.

Frequency

As required

Owner

Administrator

Manual

Add physical network adapters to the system, or use Hyper-V Manager to add network adapters to the system.

Automation

Use Microsoft System Center Virtual Machine Manager to add network adapters to virtualized servers.

Perform maintenance tasks for each role on the server

Health attribute

See the reliability workbook for each role.

Health area

See the reliability workbook for each role.

Health requirement

Ensure that each role running on the server is in a healthy state.

Maintenance task

Perform maintenance tasks for each role on the server.

Frequency

See the reliability workbook for each role.

Owner

See the reliability workbook for each role.

Manual

See the reliability workbook for each role.

Automation

See the reliability workbook for each role.

Notes

The reliability workbooks are available at www.microsoft.com/mof.

Repair file system errors

Health attribute

Availability

Health area

Storage

Health requirement

Maintain the integrity of the file system.

Maintenance task

Repair file system errors.

Frequency

As required

Owner

Administrator

Manual

Run Chkdsk.exe manually with the /f command-line option.

Automation

Use Windows PowerShell scripts.

Replace members of RAID arrays

Health attribute

Availability

Health area

Storage

Health requirement

RAID storage is consistent and fault tolerant.

Maintenance task

Replace members of RAID arrays.

Frequency

As required

Owner

Administrator

Manual

N/A

Automation

N/A

Free storage space

Health attribute

Capacity

Health area

Storage

Health requirement

Storage is available for current and expected workloads.

Maintenance task

Free storage space.

Frequency

Weekly

Owner

Operator

Manual

Use Windows Explorer to free disk space on each volume.

Automation

Notes

Verify and defragment each volume.

Add storage space to the server

Health attribute

Capacity

Health area

Storage

Health requirement

Storage is available for current and expected workloads.

Maintenance task

Add storage space to the server.

Frequency

Weekly

Owner

Administrator

Manual

Add physical storage space, or use Hyper-V Manager to add storage space.

Automation

Use Microsoft System Center Virtual Machine Manager to add storage space for virtualized servers.

Defragment storage devices

Health attribute

Capacity

Health area

Storage

Health requirement

Storage is available for current and expected workloads.

Maintenance task

Defragment storage devices.

Frequency

Weekly

Owner

Operator

Manual

Use Server Manager.

Automation

Use Group Policy to schedule a task to defragment storage devices on all servers.

Investigate and resolve warnings and errors in the event log

Health attribute

All

Health area

System

Health requirement

Ensure the overall health of the server.

Maintenance task

Investigate and resolve warnings and errors in the event log.

Frequency

Daily

Owner

Operator

Manual

Use Server Manager.

Automation

N/A

Configure Windows Time service synchronization

Health attribute

Availability

Health area

System

Health requirement

Ensure that time synchronization is configured across servers.

Maintenance task

Configure Windows Time service synchronization.

Frequency

As needed

Owner

Operator

Manual

Use Net.exe or W32tm.exe to configure time synchronization.

Automation

Use Group Policy to configure time synchronization for all servers.

Configure audit logging

Health attribute

Security

Health area

System

Health requirement

Ensure that audit logging is working as expected.

Maintenance task

Configure audit logging.

Frequency

As required

Owner

Administrator

Manual

Use local Group Policy.

Automation

Use Group Policy to configure audit logging for all servers.

Configure event logging to ensure that events are logged

Health attribute

Security

Health area

System

Health requirement

Ensure that event logging is working as expected.

Maintenance task

Configure event logging to ensure that events are logged.

Frequency

As required

Owner

Administrator

Manual

Use Server Manager.

Automation

Use Group Policy to configure event logging.

Archive event logs

Health attribute

Security

Health area

System

Health requirement

Ensure that event logging is working as expected.

Maintenance task

Archive event logs.

Frequency

Weekly

Owner

Administrator

Manual

Use Server Manager.

Automation

Use Windows PowerShell scripts.

Disable unnecessary services

Health attribute

Security

Health area

System

Health requirement

Limit the attack surface area of the server operating system.

Maintenance task

Disable unnecessary services.

Frequency

As required

Owner

Administrator

Manual

Use Server Manager.

Automation

Use Microsoft System Center Configuration Manager.

Perform a full virus and malware scan

Title

Perform a full virus and malware scan.

Health attribute

Security

Health area

System

Health requirement

The server is free of viruses and malware.

Maintenance task

Perform a full virus and malware scan.

Frequency

Weekly

Owner

Operator

Manual

Use the antivirus application to perform a full, manual scan of the server.

Automation

Schedule the antivirus application to perform a full, automatic scan of the server.

Update the server operating system with operating system, application, and anti-malware updates

Health attribute

Security

Health area

Updates

Health requirement

The server operating system is current with operating system, application, and malware updates.

Maintenance task

Update the server operating system with operating system, application, and anti-malware updates.

Frequency

Weekly

Owner

Administrator

Manual

Log on to each server, and download and install operating system, application, and anti-malware updates.

Automation

Use Microsoft System Center Virtual Machine Manager or Windows Server Update Services 3.0 to automatically update Hyper-V servers.

Health Risks

ID

Description

Probability (1–100%)

Impact (1–5)

Exposure

Mitigation strategy

1

Server backup fails to restore functionality.

5%

5

5

Test server backups in a lab environment.

2

Multiple failures cause RAID arrays to fail.

5%

5

2

Check RAID integrity regularly.

3

The server is compromised by malware.

30%

4

5

Update the server with the latest security and malware updates; perform regular malware scans.

4

The server hardware failed.

5%

4

3

Perform scheduled backups.

5

The uninterruptable power supply fails during a power outage.

10%

4

3

Test the uninterruptable power supplies to ensure that power fails over to them.

6

Unauthorized access to the server operating system occurs.

20%

4

3

Restrict access to the server operating system by pruning membership of security groups, especially the Administrators group; audit access to the server operating system.

7

Unauthorized access to system resources occurs.

20%

4

2

Configure file and share permissions to restrict access to only those groups requiring it; audit access to system resources.

8

The server is bound by inadequate resources.

30%

3

3

Verify workload requirements, and upgrade server hardware as required.

9

File system failures result in lost files.

5%

3

3

Test file system integrity, and repair the file system.

Standard Changes

Proposed standard change

Category verified?

Approved by

Date for change development complete

Date for change release

Configure auditing on the server.

Prune accounts from the local Administrators group of the server operating system.

Configure permissions on shared folders.

Restrict remote access to the server.

Configure access attempt auditing.

Configure account lockout auditing.

Reset locked-out accounts.

Change the local Administrator account password.

Back up application-level data.

Back up the server.

Test the validity of server backups.

Update the server's firmware (BIOS, RAID controllers, and so on).

Replace the server's uninterruptable power supply battery.

Add memory resources to the system.

Add processing resources to the server.

Allocate additional memory to servers experiencing memory pressure.

Allocate processing resources.

Configure the services open in Windows Firewall.

Restart the server if it does not respond remotely.

Add network adapters to the server.

Perform maintenance tasks for each role on the server.

Repair file system errors.

Replace members of RAID arrays.

Free storage space.

Add storage space to the server.

Defragment storage devices.

Investigate and resolve warnings and errors in the event log.

Configure Windows Time service synchronization.

Configure audit logging.

Configure event logging to ensure that events are logged.

Archive event logs.

Disable unnecessary services.

Perform a full virus and malware scan.

Update the server operating system with operating system, application, and anti-malware updates.

Acknowledgments

The Microsoft Operations Framework team acknowledges and thanks the people who produced Reliability Workbook for Windows Server 2008 R2. The following people were either directly responsible for or made a substantial contribution to the writing and development of this guide.