Menu
Welcome to ExamNotes by CertBlaster! Here we will look at some of the specific services provided by network servers and other network hosts. We will examine the purpose and properties of various servers, internet appliances, and legacy systems.
Specialized servers are the key to efficient web content delivery for mail, file print, addressing, and name services as well as user authentication. We will now break them down.
A Web server is used by companies to deliver web based content over HTTP. This can be done privately, in the case of an internally accessed company webpage, or publicly over the internet.
A File server is primarily used to establish a central location where users can store and share content such as documents, media files, and spreadsheets. The computer hosting the service is attached to the local network. An NAS (Network Attached Storage) device is often used in this type of application. However, this is not the same as an internet based file server which uses the FTP protocol and is accessed using FTP client software.
A Print server is a network connected, shared device that manages and distributes print “jobs” to the printers it controls. Users and administrators can manage print jobs through the queue, which displays all jobs received by the server and their status. A single user can manage their own jobs and an administrator can manage all jobs. While print servers as computers are still a part of many networks, stand-alone wired and wireless network based printers exist that contain built-in print servers.
A DHCP server is responsible for delivering IP addressing and related configuration information to its clients using the Dynamic Host Configuration Protocol. This service has saved countless man-hours and address duplications. The DHCP server uses an assigned address range, called a scope, in order to provide addresses to hosts without duplication along with any other necessary information such as subnet masks and gateway information. These addresses are leased to the host for a predefined period of time, after which they are refreshed or renewed.
DNS servers have made user interaction on the internet dramatically simpler. DNS servers translate Fully Qualified Domain Names (FQDN) into IP addresses. Once a server performs this translation, the translation information is stored in its database for quicker access. The DNS (Dynamic Name Server) is joined to the Dynamic Name System which allows it to consult with other DNS servers when necessary. A new server will do this frequently but over time, less frequently as it consults its local database first.
A Proxy server is a dedicated computer or network device that handles all external requests made by users on the network. When the Proxy server receives a request for a webpage, it checks its internal cache of previous requests and if found delivers the content quickly, providing improved performance. If the content is not cached, the Proxy will either connect to or act as a firewall and perform private to public NAT (Network Address Translation). The Proxy is capable of masking the client IP address, blocking specified traffic, and filtering out malicious traffic.
A Mail server can conceptually be considered an email server as it handles email. Email is customarily sent using an email client software package, which allows emails to be composed and sent. This same program will also check your mail server for any inbound messages. There are two main types of mail servers: incoming and outgoing. The outgoing server will use the Simple Mail Transport Protocol (SMTP) to send traffic to other mail servers en route to the destination. Delivery to the destination client is achieved using one of two incoming server types: POP3 (Post Office Protocol 3) and IMAP (Internet Message Access Protocol). To summarize, you send email using an SMTP configured mail server and receive email using either a POP3 or IMAP server. These can be separate servers or hosted on the same server.
An Authentication server is usually an application running on a server, such as Active Directory for example. This internet or network appliance handles authentication by providing a user, or device, access to designated resources on the network as determined by the administrator.
Syslog is a protocol that allows network devices to send TCP messages to a Syslog server regarding network events such as logon/logoffs, errors, and maintenance. The syslog server maintains a database of these devices and events for use by administrators.
The Unified Threat Management (UTM) is a way to reduce cost and administrative overhead by combining multiple security features, such as router, firewall, and content filters, into a single hardware appliance in order to protect the network from unwanted or malicious traffic. The UTM is generally positioned between the Internet and the protected network. Here is a look at some of the possible elements.
UTM
The Intrusion Detection System (IDS) is one of the earliest network intrusion monitoring devices and is often found as a feature of a UTM, router, and server. It comes in two primary configurations, either as a network based NIDS, that will monitor an entire network, or as a Host based solution HIDS, when individual workstations have this capability. The IDS signals an alarm when suspicious activity is detected. However, this solution lacks the capability to block traffic.
An Intrusion Protection System (IPS) takes the IDS concept and evolves it to detect an alert condition before it enters the network and drops or blocks the connection. This is an effective approach but is not a replacement for IDS. The IPS is vulnerable to encrypted network traffic, making a layered approach the optimum solution as opposed to “either or”.
Endpoints are any devices, such as computers, tablets, smartphones, and laptops, that require network access. The endpoint server inspects the endpoints to see if they meet the established policy criteria before they can access the network. Endpoint condition includes the status of software updates/patches and anti-malware updates.
When considering network servers and devices, remember that you will encounter networks that are comprised of a mix of new(er) and legacy (= old) hardware. A single computer hosting multiple services, such as file and print or web and email, is not uncommon. Also, you will encounter services that are embedded in the firmware. Many routers, particularly the consumer grade or SOHO designs, have services such as DHCP and Proxy built in.
That’s it for Objective 2.5. Good Luck on the test. You are getting closer…
Click here to go back to the A+ Main Domain 2.0 Table of Content
By continuing to browse this site, you accept the use of cookies and similar technologies that will allow the use of your data by CertBlaster in order to produce audience statistics- see our privacy policy.