Network Host Services | CompTIA A+ 220-1001 | 2.5

In this video you will learn about networked host services such as: various server roles, internet appliances, and legacy & embedded systems.

Web Server

A web server is server software, or hardware dedicated to running this software, that can satisfy client requests on the World Wide Web. A web server can contain one or more websites. A web server processes incoming network requests over HTTP and several other related protocols. The primary function of a web server is to store, process and deliver web pages to clients. The communication between client and server takes place using hypertext transfer protocol. Pages delivered are most frequently HTML documents, which may include images, style sheets and scripts in addition to the text content. Web hosting has become essential in business and education, and setting up a web server is a common task for an IT professional.

File Server

A file server is a server that provides access to files. A file server acts as a central file storage location that can be accessed by multiple systems. File servers are typically computers with a single large drive or a RAID array for storage. File servers are commonly found in enterprise settings, such as company networks, but they are also used in schools, small organizations, and even home networks. Dedicated servers are used only for storage. A computer that shares storage and also performs standalone tasks is known as a non-dedicated server. A network-attached storage (NAS) device is a type of file server designed to store large amounts of data in a central location on the network.

Print Server

A print server is a type of server that connects printers to client computers over a network. It accepts print jobs from the computers and sends the jobs to the appropriate printers, queuing the jobs locally to accommodate the fact that work may arrive more quickly than the printer can actually handle. Ancillary functions include the ability to inspect the queue of jobs to be processed, the ability to reorder or delete waiting print jobs, or the ability to do various kinds of accounting (such as counting pages, which may involve reading data generated by the printer(s)). Print servers may be used to enforce administration policies, such as color printing quotas, user/department authentication, or watermarking printed documents. A print server may be a networked computer with one or more shared printers. Alternatively, a print server may be a dedicated device on the network, with connections to the LAN and one or more printers. Dedicated server appliances tend to be fairly simple in both configurations and features. Print server functionality may be integrated with other devices such as a wireless router, a firewall, or both.

DHCP Server

A DHCP (Dynamic Host Configuration Protocol) server is a network server that automatically provides and assigns IP addresses, default gateways and other network parameters to client devices. A DHCP server automatically sends the required network parameters for clients to properly communicate on the network. Without it, the network administrator has to manually set up every client that joins the network, which can be cumbersome, especially in large networks. DHCP servers usually assign each client with a unique dynamic IP address, which changes when the client’s lease for that IP address has expired. DHCP server functions are included in SOHO routers and are typical roles for domain controllers on small to medium business (SMB) networks. On larger networks, DHCP servers are often separate physical or virtualized servers.

DNS Server

A Domain Name System (DNS) is the phonebook of the internet. Humans access information online through domain names, like TechnologyGee.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load internet resources. DNS server functions are included in SOHO routers. Separate DNS servers can be used for larger networks. A DNS server communicates with other, larger DNS servers if the requested addresses are not in its database.

Proxy Server

A proxy server is a server application or appliance that acts an intermediary for requests from clients seeking resources from servers that provide those resources. A proxy server thus functions on behalf of the client when requesting service, potentially masking the true origin of the request to the resource server. Instead of connecting directly to a server that can fulfill a requested resource, such as a file or web page, the client directs the request to the proxy server, which evaluates the request and performs the required network transactions. If the proxy server does not have the requested page, it downloads the page on behalf of the client, sends the page to the client, and retains a copy of the page in its cache. This serves as a method to simplify or control the complexity of the request, or provide additional benefits such as load balancing, privacy, or security. Proxy servers can also be used for anonymous surfing.

Mail Server

A mail server is the computerized equivalent of your neighborhood mailman. A mail server sends or receives email on a network. Every email that is sent passes through a series of mail servers along its way to its intended recipient. An SMTP (Simple Mail Transfer Protocol) server is used to send outgoing email, and either a POP3 (Post Office Protocol version 3) or IMAP (Internet Message Access Protocol) server is used to receive mail.  Mail server apps are available from many vendors.

Authentication Server

An authentication server provides a network service that applications use to authenticate the credentials, usually account names and passwords, or their users. Usernames and permissions are stored in this central server, which provides security certificates to users and records user logins to the network. When a client submits a valid set of credentials, it receives a cryptographic ticket that it can subsequently use to access various services. Authentication is used as the basis for authorization, which is the determination whether a privilege may be granted to a particular user or process, privacy, which keeps information from becoming known to non-participants, and non-repudiation, which is the ability to deny having done something that was authorized to be done based on the authentication.

Syslog Server

In computing, syslog is a standard for messaging logging. It allows separation of the software that generates messages, the system that stores them, and the software that reports and analyzes them. Each message is labeled with a facility code, indicating the software type generating the message, and assigned a severity level. Syslog servers are used to collect syslog messages in a single location in addition to tracking events that happen on devices on a network. A syslog server might be a physical server, a standalone virtual machine, or a software-based service.

Internet Appliances

Internet appliances are single-purpose devices that are used to perform specific tasks on an IP network.

UTM

Unified Threat Management is an approach to information security where a single hardware or software installation provides multiple security functions. UTM devices provide firewall, remote access, VPN support, web traffic filtering with anti-malware, and network intrusion prevention. This contrasts with the traditional method of having point solutions for each security function. UTM simplifies information-security management by providing a single management and reporting point for the security administrator rather than managing multiple products from different vendors. UTM devices may be specialized boxes that are placed between the organization’s network and the internet, but they can also be virtual machines using cloud-based services. UTM appliances have gained popularity since 2009, partly because the all-in-one approach simplifies installation, configuration and maintenance. Such a setup saves time, money and people when compared to the management of multiple security systems.

IDS

An intrusion detection system is a device, or software application that monitors a network or systems for malicious activity or policy violations that might not be detected by a firewall. Typical threats detected by an IDS include attacks against services, malware attacks, data-driven attacks, and host-based attacks. To detect these threats, a typical IDS uses signature-based detection, detection of unusual activities (anomalies), and stateful protocol analysis.  Any intrusion activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources and uses alarm filtering techniques to distinguish malicious activity from false alarms. A true IDS does not block attacks, but some products and services referred to as an IDS actually have characteristics of an IPS (intrusion prevention system).

IPS

An intrusion prevention system, also known as an intrusion detection prevention system (IDPS), is a technology that keeps an eye on a network for any malicious activities attempting to exploit a known vulnerability. An IPS’s main function is to identify any suspicious activity and either detect and allow (IDS) or prevent/block (IPS) the threat.

End-Point Management Server

An end-point management server allows for IT departments to centrally manage and distribute operating system updates and software/application updates. End-point management servers also provide a single administrative console for managing device security policies, asset inventory, and compliance reporting for supported devices.

Legacy and Embedded Systems

A legacy system is an old method, technology, computer system, or application program that is still in use. Often referencing a system as “legacy” means that it paved the way for the standards that would follow it. This can also imply that the system is out of date or in need of replacement. Maintaining legacy systems is often necessary when newer products are not compatible with legacy applications (for example, applications that can run only under MS-DOS or old versions of Windows). If a legacy operating system and its applications can be run in a virtualized environment, the problems of maintaining old hardware are eliminated.

An embedded system is a computer system that has a dedicated function within a larger mechanical or electrical system, such as machine control, point-of-sale systems, or ATMs, are often also legacy systems. It is embedded as part of a complete device often including electrical or electronic hardware and mechanical parts. Because an embedded system typically controls physical operations of the machine that it is embedded within, it often has real-time computing constraints. Embedded systems control many devices in common use today. Ninety-eight percent of all microprocessors manufactured are used in embedded systems.

Legacy and embedded systems both present big potential security risks. If a legacy system or an embedded system has network or internet connectivity, it theoretically could be attacked or used as a bot to attack other systems.

Issues that need to be taken into consideration when deciding whether to update a legacy or embedded system:

  • Will the existing data be usable with newer apps?
  • Can the existing program run with current operating systems?
  • Will changes in network security, wireless, or internet standards (such as the changeover to IPv6) cause problems with the application?
  • Can a proprietary application be licensed to run in a virtual machine?
  • Does existing hardware used in the embedded system work with the new operating system?
  • Does the embedded application run on current embedded operating systems?  If not, is an updated version available?