2.5 Network Services Flashcards
Web server
Responds to browser requests
- uses web browser protocol
- HTML, HTML5
Web pages stored on server
- your computer browser requests website from server and it will then be transmitted from server a d downloaded on own browser
- pages can be static or dynamic (real time)
File Server
Centralized storage of documents, spreadsheets, videos, pictures and other files
Standard system of file management
- windows: server message block (SMB)
- apple: apple filing protocol (AFP)
Front end hides the protocol
Print Server
Provides printing services for all network devices
May be software in a computer
- computer is connected to printer
May be built into the printer
Uses standard printing protocols
- SMB (sever message block)
- IPP (internet printing protocol)
- LPD (line printer daemon)
DHCP Server
Dynamic host configuration protocol
- automatic IP address configuration
- available on most home routers
- enterprises have multiple DHCP servers
DNS Server
Domain name system
- converts IP address to names and vice versa
Managed by ISP or IT department in enterprise
Proxy server
Intermediate server
- client makes request to proxy
- proxy performs request
- proxy examines what client sends and if safe , provides results back to client
Useful feature
- access control
- caching
- URL filtering
- content scanning
Mail server
Store incoming mail
Send outgoing mail
Usually managed by ISP or enterprise IT department
- one of most important services
Authentication server
Login authentication to resources
- centralized management
- usually an enterprise service
- –> not required on home network
- usually a set of same (redundant) servers, so if one goes down the other one kicks in
SIEM
Security Information and Event Management
- useful if you offer a lot of services
- logs security events and information
Shows Security alerts
- in real time
- consolidates logs from many devices
- has advanced reporting features
Data correlation
- links diverse data types over long period of time
Forensic analysis
- gathers details after an event
Syslog
Standard for message logging
- usually central logging receiver
- —– integrated into SIEM
Needs lots of disk space
Many will use WORM drive technology
- write once read many
- protects important security logs
IDS and IPS
Network based Intrusion Detection Service/ Intrusion Prevention System
How network administrators monitor for intrusions
Intrusions
- exploits against operating systems & applications
- buffer overflows
Detection vs prevention
Detection: alarm or alert
Preventions: stops before gets into network
All in one security appliance
Combines previous security features mentioned
AKA….
- Next-generation firewall
- Unified Threat Management (UTM)
- Web Security Gateway
Feautures
- URL filter/ content inspection
- malware inspection
- Spam filter
- network connectivity (CSU/DSU)
- Router, Switch
- Firewall
- IDS/IPS
- bandwidth shaper
Endpoint management Server
Manage all devices from one consul (one pane of glass)
- software installations
- driver installations
- security patches
- remote troubleshooting
Requires an agent (some kind of software) on each individual device
- server sends command
- agent executes
Legacy and embedded systems
Legacy
- Really old systems
Embedded
- purpose built devices
- don’t normally have direct access to operating system
- ex: alarm system, door system and time card
