2.4 Network Services

Question 1

DNS server

Answer 1

• Domain Name System
  – Convert names to IP addresses
  – And vice versa
• Distributed naming system
  – The load is balanced across many different servers
• Usually managed by the ISP or IT department
  – A critical resource

Question 2

DHCP server

Answer 2

• Dynamic Host Configuration Protocol
  – Automatic IP address configuration
• Very common service
  – Available on most home routers
• Enterprise DHCP will be redundant
  – Usually running on central servers

Question 3

File server

Answer 3

• Centralized storage of documents,spreadsheets, videos, pictures, and any other files
  – A fileshare
• Standard system of file management
  – SMB (Server Message Block),
  Apple Filing Protocol (AFP), etc.
• The front-end hides the protocol
  – Copy, delete, rename, etc.

Question 4

• Centralized storage of documents,spreadsheets, videos, pictures, and any other files
  – A fileshare
• Standard system of file management
  – SMB (Server Message Block),
  Apple Filing Protocol (AFP), etc.
• The front-end hides the protocol
  – Copy, delete, rename, etc.

Answer 4

File server

Question 5

Print server

Answer 5

• Connect a printer to the network
  – Provide printing services for all network devices
• May be software in a computer
  – Computer is connected to the printer
• May be built-in to the printer
  – Network adapter and software
• Uses standard printing protocols
  – SMB (Server Message Block), IPP (Internet
  Printing Protocol), LPD (Line Printer Daemon

Question 6

• Connect a printer to the network
  – Provide printing services for all network devices
• May be software in a computer
  – Computer is connected to the printer
• May be built-in to the printer
  – Network adapter and software
• Uses standard printing protocols
  – SMB (Server Message Block), IPP (Internet
  Printing Protocol), LPD (Line Printer Daemon

Answer 6

Print server

Question 7

Mail server

Answer 7

• Store your incoming mail – Send your outgoing mail
• Usually managed by the ISP or the IT department
  – A complex set of requirements
• Usually one of the most important services – 24 x 7 support

Question 8

• Store your incoming mail
  – Send your outgoing mail
• Usually managed by the ISP or the IT department
  – A complex set of requirements
• Usually one of the most important services – 24 x 7 support

Answer 8

Mail server

Question 9

Syslog

Answer 9

• Standard for message logging
  – Diverse systems, consolidated log
• Usually a central logging receiver
  – Integrated into the SIEM (Security Information Event Manager)
• You’re going to need a lot of disk space
  – No, more. More than that.

Question 10

• Standard for message logging
  – Diverse systems, consolidated log
• Usually a central logging receiver
  – Integrated into the SIEM (Security Information Event Manager)
• You’re going to need a lot of disk space
  – No, more. More than that.

Answer 10

Syslog

Question 11

Web server

Answer 11

• Respond to browser requests
  – Using standard web browsing protocols
• HTTP/HTTPS
  – Pages are built with HTML, HTML5
• Web pages are stored on the server
  – Downloaded to the browser
  – Static pages or built dynamically in real-time

Question 12

• Respond to browser requests
  – Using standard web browsing protocols - HTTP/HTTPS
  – Pages are built with HTML, HTML5
• Web pages are stored on the server
  – Downloaded to the browser
  – Static pages or built dynamically in real-time

Answer 12

Web server

Question 13

Authentication server

Answer 13

• Login authentication to resources
  – Centralized management
• Almost always an enterprise service
  – Not required on a home network
• Usually a set of redundant servers
  – Always available
  – Extremely important service

Question 14

Spam

Answer 14

• Unsolicited messages
  – Email, forums, etc.
• Various content
  – Commercial advertising
  – Non-commercial proselytizing
  – Phishing attempts
• Significant technology issue
  – Security concerns, resource utilization,
  storage costs, managing the spam

Question 15

• Unsolicited messages
  – Email, forums, etc.
• Various content
  – Commercial advertising
  – Non-commercial proselytizing
  – Phishing attempts
• Significant technology issue
  – Security concerns, resource utilization,
  storage costs, managing the spam

Answer 15

Spam

Question 16

• Login authentication to resources
  – Centralized management
• Almost always an enterprise service
  – Not required on a home network
• Usually a set of redundant servers
  – Always available
  – Extremely important service

Answer 16

Authentication server

Question 17

Spam gateways

Answer 17

• Unsolicited email
  – Stop it at the gateway before it reaches the user
  – On-site or cloud-based

Question 18

• Unsolicited email
  – Stop it at the gateway before it reaches the user
  – On-site or cloud-based

Answer 18

Spam gateways

Question 19

All-in-one security appliance

Answer 19

• Next-generation firewall, Unified Threat Management (UTM) / Web security gateway
• URL filter / Content inspection
• Malware inspection
• Spam filter
• CSU/DSU (access to WAN)
• Router, Switch
• Firewall
• IDS/IPS (Intrusion Detection System, Intrusion Prevention System)
• Bandwidth shaper * VPN endpoint

Question 20

• Next-generation firewall, Unified Threat Management (UTM) / Web security gateway
• URL filter / Content inspection
• Malware inspection
• Spam filter
• CSU/DSU (access to WAN)
• Router, Switch
• Firewall
• IDS/IPS (Intrusion Detection System, Intrusion Prevention System)
• Bandwidth shaper * VPN endpoint

Answer 20

All-in-one security appliance

Question 21

Load balancers

Answer 21

• Distribute the load
  – Multiple servers
  – Invisible to the end-user
• Large-scale implementations
  – Web server farms, database farms
• Fault tolerance
  – Server outages have no effect
• Very fast convergence

Question 22

• Distribute the load
  – Multiple servers
  – Invisible to the end-user
• Large-scale implementations
  – Web server farms, database farms
• Fault tolerance
  – Server outages have no effect
• Very fast convergence

Answer 22

Load balancers

Question 23

Load balancer features

Answer 23

• Configurable load - Manage across servers
• TCP offload - Protocol overhead
• SSL offload - Encryption/Decryption
• Caching - Fast response
• Prioritization - QoS
• Content switching - Application-centric balancing

Question 24

• Configurable load - Manage across servers
• TCP offload - Protocol overhead
• SSL offload - Encryption/Decryption
• Caching - Fast response
• Prioritization - QoS
• Content switching - Application-centric balancing

Answer 24

Load balancer features

Question 25

Proxy server

Answer 25

* An intermediate server – Client makes the request to the proxy – The proxy performs the actual request – The proxy provides results back to the client * Useful features – Access control, caching, URL filtering, content scanning

Question 26

SCADA / ICS

Answer 26

* Supervisory Control and Data Acquisition System – Large-scale, multi-site Industrial Control Systems (ICS) * PC manages equipment – Power generation, refining, manufacturing equipment – Facilities, industrial, energy, logistics * Distributed control systems – Real-time information – System control – Requires extensive segmentation – No access from the outside

Question 27

* Supervisory Control and Data Acquisition System – Large-scale, multi-site Industrial Control Systems (ICS) * PC manages equipment – Power generation, refining, manufacturing equipment – Facilities, industrial, energy, logistics * Distributed control systems – Real-time information – System control – Requires extensive segmentation – No access from the outside

Answer 27

SCADA / ICS

Question 28

* An intermediate server – Client makes the request to the proxy – The proxy performs the actual request – The proxy provides results back to the client * Useful features – Access control, caching, URL filtering, content scanning

Answer 28

Proxy server

Question 29

Legacy and embedded systems

Answer 29

* Legacy systems – Another expression for “really old” – May also be “really important” – Learning old things can be just as important as learning the new things * Embedded systems – Purpose-built device – Not usual to have direct access to the operating system – Alarm system, door security, time card system

Question 30

* Legacy systems – Another expression for “really old” – May also be “really important” – Learning old things can be just as important as learning the new things * Embedded systems – Purpose-built device – Not usual to have direct access to the operating system – Alarm system, door security, time card system

Answer 30

Legacy and embedded systems

Question 31

IoT (Internet of Things) devices

Answer 31

* Appliances – Refrigerators * Smart devices – Smart speakers respond to voice commands * Air control – Thermostats, temperature control * Access – Smart doorbells * May require a segmented network – Limit any security breaches

Question 32

* Appliances – Refrigerators * Smart devices – Smart speakers respond to voice commands * Air control – Thermostats, temperature control * Access – Smart doorbells * May require a segmented network – Limit any security breaches

Answer 32

IoT (Internet of Things) devices

Question 33

* Domain Name System – Convert names to IP addresses – And vice versa * Distributed naming system – The load is balanced across many different servers * Usually managed by the ISP or IT department – A critical resource

Answer 33

DNS server

Question 34

* Dynamic Host Configuration Protocol – Automatic IP address configuration * Very common service – Available on most home routers * Enterprise DHCP will be redundant – Usually running on central servers

Answer 34

DHCP server