It takes many different services to keep a network running. In this video, you’ll learn about DNS, DHCP, file sharing, print servers, mail servers, Syslog, web servers, authentication, spam gateways, all-in-one security appliances, load balancers, proxy servers, SCADA, legacy systems, embedded devices, and IoT (Internet of Things).
Here’s an image of a pretty common data center, where you have rack after rack after rack of equipment. And you can see there is a lot of equipment on one row of this, and there are many rows in this particular data center. There is a lot of technology in this data center, and there are many different services running on each of these individual racks. In this video, we’ll look at different services that you might expect to find in a data center like this one.
We’re all very used to typing in a website into our browser address bar. So we might go to google.com or professormesser.com. But behind the scenes, there is some work done to convert that fully qualified domain name to an IP address.
The device that’s doing that conversion is a DNS server. DNS, of course, stands for Domain Name System, and it’s responsible not only for resolving an IP address from a fully qualified domain name. It can also provide that same service in reverse and provide much more as well.
This is a distributed platform with thousands and thousands of DNS servers running on the internet at any particular time. And the load across these DNS servers is distributed primarily based on the domain names that they support. So there are a group of servers that support professormesser.com. And anytime you type in my website, it accesses either those servers or a cached version of information from those servers to be able to provide you with the appropriate IP address. This is something that’s usually managed by your service provider, or you may have a number of internal DNS servers that’s managed by your local organization.
Another important service is DHCP, or Dynamic Host Configuration Protocol. This is the protocol that’s able to automatically assign IP address and other configuration settings anytime you start your computer. You don’t have to remember IP addresses or type anything in. DHCP will take care of all of that work for you.
This is a widely used service that you will see not only on a local network at home, but also the networks that we would use in our enterprise. And in the enterprise, we tend to have multiple DHCP servers for redundancy. If one DHCP server is suddenly unavailable, we have other servers that can still provide IP address information for devices on the network.
File-sharing provides a way to centrally store information so that you and other people in the organization can easily access it. This is a great way to share spreadsheets, documents, and anything else that you need to share with other people within your organization or with people that may be outside of your organization.
There’s usually a standard type of file service. If you’re running in Windows, you probably have a service that is using SMB, or Server Message Block. If you have Mac OS in your environment, you’re probably using Apple Filing Protocol. There are many different standards for sharing information, and it depends on the applications and the operating systems that you happen to be using.
Most of the time, you don’t even know if you’re using SMB, AFP, or some other type of file-sharing system. The operating system tends to hide those protocols. So all you see is a file management front end where you can drag, drop, rename, and modify the files that are stored in that folder.
Although a great deal of our work is done digitally, there is still times when we need to print information onto a piece of paper. To be able to do that, we’re going to use a printer. But we need some type of service that will manage the process of receiving these print jobs, queuing them up inside of the printer, and then making sure that all of those print jobs print successfully on those printing devices.
Sometimes this is a separate computer that is connected to the printer, and that separate computer is running the print service software, or it may be built into the printer itself. There may be a network card that you slide in. That card not only provides your interface to the network, it also provides the print service software.
If you were to look at the documentation for your printer, you’ll probably see that it supports a number of different protocols for printing across the network, such as SMB, which is Server Message Block, IPP, which is the Internet Printing Protocol, and LPD, which is the Line Printer Daemon.
Email continues to be one of the most popular applications used around the world. And of course, we need email servers so that we can send and receive these email messages. These email servers may be in the cloud and managed by your internet service provider or cloud service provider, or you may have local email servers in your own data center that you’re managing yourself.
This is one of those rare services that has a very high uptime expectation. You always expect your email to be flowing, and you always expect there to be access to your email messages. And as system administrators, we have to make sure that we’re planning, designing, and implementing email services so that they are available as much as possible.
If you’re managing switches, routers, servers, firewalls, and almost any other type of device on your network, then you’re probably collecting log files on all of those devices. Often, you’ll want to consolidate all of those log files back to one central database. And the protocol that allows you to do that is syslog.
There’s usually a central server called a SIEM. This stands for Security Information and Event Manager. The SIEM is a central consolidation point for all of your log files, and it allows you to correlate information together, even across very diverse systems. Since you’re bringing back a lot of log information to one central point, it’s very common that your syslog server have a lot of log space available, because you will be keeping logs for a very long time across many different systems.
If you’re accessing information from a browser, then you’re connecting to a web server. A web server is one that responds to all of these browser requests and generally is using the HTTP or HTTPS protocol. That, of course, is the Hypertext Transfer Protocol and Hypertext Transfer Protocol Secure. Developers build pages in a protocol known as the Hypertext Markup Language, or HTML, and those are web files that are stored on the web server. Your browser accesses those files, interprets the HTML, and presents to you the graphical display in your browser.
If you’ve ever connected to your corporate network and provided your username and password, then you’ve probably interacted with an authentication server. You’ll sometimes hear this referred to as AAA server, which stands for Authentication, Authorization, and Accounting. The primary job of the authentication server is to check your username and password, and then provide access to whatever services you might need. This usually has a centralized database, so that you can easily administer all of the users on your network all from one central point.
You don’t generally see an authentication server on a home network primarily because there’s not a lot of services that you would need to connect to. And secondly, we usually will just use a username, password, and share that among our family members.
But in an enterprise environment, we have to provide the highest levels of security, and we do that by making sure that everyone has their own set of credentials. Since the authentication server is an important step to gain access to every other resource in the organization, we usually create redundant authentication servers so that if one happens to fail, we’re still able to authenticate.
Most organizations are collecting a lot of different types of information, and we need somewhere to store that information. One of the most common places is a database server. Database servers store information in database tables.
You can think of these tables as a very large spreadsheet, and they have the ability to connect tables to each other to form a relational database. That way, you can have separate links where different types of data have relationships to other types of data in other tables. This creates relationships between different tables and allows you to easily link data together and find exactly what you’re looking for.
A standard language used to store and retrieve information from this database is known as Structured Query Language. You’ll hear this referred to as S-Q-L, or SQL. You’ll see SQL mentioned in some of the popular database servers such as Microsoft SQL Server, MySQL, and others.
Have you noticed that the time and the date on your computer is always very accurate? We’re able to get that level of accuracy because your computer has talked to an NTP server, or Network Time Protocol. This is more important than you might think because we use time for so many different things on the network, not only to compare log files across multiple systems, but many of our encryption technologies require that all of your systems are running with the correct date and the correct time.
We will generally have one or more NTP servers running. They are referencing a central clock so that all of them have exactly the right date and time. And then on your local computer, whether you’re running Windows, macOS, Linux, or any other operating system, there is an NTP client. Your NTP client is configured to access a particular NTP server, and it checks in with that server periodically to make sure that the date and time are always accurate.
All of us have received unsolicited emails known as spam. And often, we have a separate filter that puts spam into a separate folder or keeps it out of our inbox. We’re able to perform that function thanks to a spam gateway. This is often a separate service that’s in the cloud or on a separate server that evaluates every email message that’s coming in, determines if it might be legitimate or might be spam, and then categorizes it properly in your email system.
You’ll notice sometimes that you have to go into your spam folder to see if you can find legitimate messages because this process is not always 100% accurate. This is an important service that keeps the unsolicited information away from your eyes and allows you to focus on what’s important in your email inbox.
Many organizations will put an all-in-one security appliance on the outside of their network between them and the internet. Sometimes we refer to this as a next generation firewall, a Unified Threat Management system, or UTM, or perhaps a web security gateway. These devices have many different functions, all combined into one single device.
This will have URL filtering or content inspection. It might be looking for malware either in the email messages or real-time network traffic. It could have a spam filter built into it. It might even have a CSU/DSU for connecting to older wide area network connections.
On the back, maybe router and switch interfaces, along with firewall functionality, IPS functionality, and even ways to shape the bandwidth to minimize the impact of certain applications on the network. And there might even be VPN functionality that allows you to connect securely to other sites, or to have end users connect directly to this device over a secure channel.
One of the ways that organizations maintain the uptime and availability of their services is to have those services running on a load balancer. Load balancers are designed to connect many different devices all at the same time and be able to share the load across those many systems.
So an organization might build a web server farm with multiple web servers, and they have those web servers connected to a load balancer. As incoming requests are received, those requests are distributed evenly across all of those servers. If one of those servers was to fail, the load balancer would automatically know that that server was no longer communicating and would take it out of the rotation.
The remaining devices on that load balancer would then share the load with that server now out of the picture. This gives the technicians time to evaluate the problem, resolve that issue, and put the server back onto the load balancer, where the load balancer will automatically know that it’s back in service and begin sending additional requests to the server now that it’s up and running. This process occurs very quickly, and the end users have no idea that an outage even occurred.
Some organizations will take advantage of a proxy server for either inbound or outbound communication. A proxy server receives a request from a client. It then makes that request on behalf of the client to that service, receives the response from that service, and evaluates the response. If everything within that response looks appropriate and is secure, it then now sends that response to the end user.
This is primarily used as a security tool, but it could also be used for access control. It can provide some level of caching. It also has the ability to do content scanning so that you can limit what type of information is able to be received through that proxy server. Often, the proxy server is sitting invisibly in the network, and the end users have no idea that there is a proxy that is evaluating the inbound and outbound traffic from their device.
If you work in an organization that has a lot of industrial equipment, then you’re probably familiar with SCADA or ICS. SCADA is the Supervisory Control and Data Acquisition System. You might also see this referred to as a Industrial Control System, or ICS. So if you work for a company that provides power services, maybe you work in the oil and gas industry or a manufacturing company, you’re probably very familiar with controlling that large-scale equipment using the SCADA technology.
This is a specialized system that allows you to view, manage, control, and maintain these systems remotely. And it does it all across the network, which obviously means that we need a very secure network so that no one else gains access to these very valuable, and in many cases, very important systems. Most organizations with these SCADA systems will have a completely segmented network that is only accessible either by physically visiting that particular part of the network or accessing it through a very controlled system.
One of the interesting characteristics of technology is once you set it up and turn it on, it will go forever as long as it has power and the system continues to be working properly. And it’s not unusual to walk through a data center and see equipment that was installed 10, 15, 20 years ago, or even longer. We usually refer to these older systems as legacy systems.
Just because something is old doesn’t mean that it’s not important. And in many cases, these legacy systems can be very important, which is probably the reason that they haven’t been swapped out already. And you may find that learning how to manage and maintain the legacy system can be just as important as managing and maintaining the brand new systems.
Another important service might be an embedded system. An embedded system is a purpose-built device where very often we do not have direct access to the operating system that is running on that embedded system. For example, if you think about a fire alarm system or a time clock system, these are usually self-contained units where you are interacting with those devices on a daily basis, but you don’t directly interact with the operating system.
It’s up to the manufacturer of that equipment to provide you with the tools to support it. But very often, it’s a system that doesn’t require a lot of ongoing maintenance. The manufacturer of the system will usually give you everything you need to be able to keep that system up and running, but very often you don’t have to do a lot of ongoing maintenance with an embedded system.
Another category of services that has become very popular are IoT devices, or internet of Things. This is a broad category of devices which could be appliances such as refrigerators or coffeemakers. It might be smart devices where you can talk to the device and have it perform a series of functions. Or maybe this deals with air conditioning or heating controls within your organization.
Some IoT devices can provide access through a doorbell or garage door. And one of the challenges with IoT devices is that the companies making refrigerators or speakers or thermostats are very good at making those appliances and air control systems, but they may not be good at connecting to networks and maintaining security of those networks. For that reason, you may want to put these IoT devices on their own segmented network to limit any access that could occur should someone gain access to an IoT device.