2.4 Network Services

Data Centers Overview

• Composed of rows of 19-inch racks containing various computing systems.

Key Network Services in Data Centers

• DNS (Domain Name System):

• Converts fully qualified domain names (e.g., www.professormesser.com) to IP addresses.

• Facilitates web browsing by allowing browsers to communicate with web servers using IP addresses.

• Distributed naming system; operates multiple servers for redundancy.

• DHCP (Dynamic Host Configuration Protocol):

• Automatically assigns IP address settings to devices on the network.

• Ensures automatic configuration for network connectivity (IP addresses, DNS, etc.).

• Usually has multiple servers for redundancy.

• Configurable settings include lease time (e.g., 1 week) and IP address range (e.g., 10.10.10.1 to 10.10.10.199).

• File Server:

• Centralized device for storing files, accessible from any network-connected device.

• Communicates using protocols like SMB (Windows) or AFP (macOS).

• Print Server:

• Connects printers to the network, allowing shared access for users.

• Can be hardware or software-based.

• Protocols used: SMB, IPP (Internet Printing Protocol), LPD (Line Printer Daemon).

• Mail Server:

• Sends and receives emails for an organization.

• Critical for communication; often monitored with 24/7 support.

Log Management

• Uses protocols like syslog for centralized log collection to simplify access for administrators.

• Security Information and Event Management (SIEM) stores and analyzes logs for security and system health.

Web Servers:

• Respond to browser requests using HTTP or HTTPS.

• Can serve static or dynamic web pages using languages such as HTML/HTML5.

Authentication Servers:

• Centralize usernames and passwords for user access across various services in an organization.

• Critical for maintaining security and user access; often require redundancy.

Spam Management:

• Email clients have spam folders to filter unsolicited messages.

• Can include email gateways for categorizing and filtering spam before it reaches the internal mail server.

Security Consolidation:

• Organizations may use next-generation firewalls or Unified Threat Management (UTM) devices.

• Functions include URL filtering, intrusion detection/prevention, bandwidth shaping, and more.

Load Balancers:

• Distribute network traffic among multiple servers to maintain uptime and performance.

• Monitor server health and can offload tasks like TCP or SSL processing to optimize performance.

Proxy Servers:

• Provide additional security by mediating requests between users and the Internet.

• Allow for URL filtering, access control, and caching.

SCADA/ICS Systems:

• Supervisory Control and Data Acquisition systems, used in industrial environments to manage and monitor machinery.

• Access is often tightly controlled and segmented from other networks for security.

Legacy Systems:

• Older systems that are crucial for specific services but may be hard to support or remove from the data center.

Embedded Systems:

• Purpose-built systems with restricted access, often used in specialized applications like alarm or access control systems.

Internet of Things (IoT):

• Increasingly present in both enterprise and home environments, involving smart devices and appliances.

• Security is paramount; frequently segmented on separate networks to reduce risks.