if you've ever worked in a data center or you have an organization that has a data center then this picture probably looks familiar it's row after row after row of 19-inch racks and those racks have inside of them many different types of computing systems in this video we'll look at many different kinds of network services and see what types of things might be running inside of this company's data center almost every organization and every data center has inside of it a dns server dns stands for domain name system and it's a service that's primarily responsible for converting between fully qualified domain names and ip addresses so if you go into a browser and type www.professormesser.com that browser will ask the dns server what's the ip address of www.professormesser.com that ip address will be provided to the browser and from that point forward the browser uses the ip address of my web server to communicate back and forth to your browser dns is a distributed naming system which means you might have many different dns servers in your environment and outside of your organization you're probably communicating with many other dns servers as well as you can probably tell this conversion process between a fully qualified domain name and an ip address is critical for the entire communications process it's usually managed by your local i.t department or an internet service provider and they usually have multiple dns servers to ensure that this service is always available to your users another common service that you'll find in a data center is a dhcp server this stands for dynamic host configuration protocol and this is the service that automatically assigns and configures ip address settings on your local device this is a service that we've become very accustomed to having we can plug in or connect to anyone's network and we're automatically provided ip addresses dns settings and everything else we need to be able to communicate on that network if you have a wireless router or cable modem that's used for internet connectivity then that device probably is also running a dhcp server inside of it if you're in an enterprise i.t department there will probably be multiple dhcp servers to provide redundancy should one dhcp server become unavailable here's a very simple dhcp configuration on a home router you can see that the lease time is set to one week that's how long someone can retain a single ip address before they have to check back in and renew that address and there's a range of ip addresses that are assigned by this dhcp server starting at 10.1.10.10 all the way through 10.1.10.199 now that you can connect to the network you can also store files on the network in a file server this is a centralized storage device usually with a set of folders that you can use to store all of your information and because these are stored on the network you can log in from any device and have access to your personal files the operating system you're using has a common way to communicate to this file server if you're in windows you're probably using smb or the server message block if you're using mac os you're probably using afp or the apple filing protocol from a user's perspective they have no idea what protocols are in use on the network all they see is some type of file management front end and then they can copy files delete files rename files or do anything else they would do on this file system located on the centralized file server if you work in an enterprise environment we usually connect printers to the network and then we put those printers in centralized areas that are close to the users we're able to connect to the network by using a print server this is usually hardware or software that allows us to connect this printer to the network so that everyone can access that centralized resource this print server may be software that's running on a computer that has a printer connected to it and everyone on the network would send their print jobs to this computer so that the print server can then access those jobs and print them on the printer many printers might also have a hardware card like the one you see here that plugs into the back of the printer allows the printer to connect directly to an ethernet connection some printers also have wireless print servers inside so you can simply connect to the wireless network to provide those print services there are usually some standardized protocols that allow you to send these print jobs to a print server and usually you'd be running smb or server message block especially if you're running windows but you can also use ipp or the internet printing protocol or lpd or the line printer daemon another important service that often requires 100 uptime and availability is a mail server this is the server responsible for sending and receiving mail for your organization because the service is so critical it's often managed by our local it team or we may be using an isp or cloud-based service to provide these mail services we often know very quickly if there's a problem with the mail services because practically everyone in the organization is using them that's why there's usually a 24-hour a day seven day a week support service and if the mail server has a problem you instantly can have someone connect to that service to see exactly how to troubleshoot the problem we've already mentioned a number of services for example the dns server the dhcp server the file server and others with all of these systems there are logs and messages that are important for administrators to be able to have access to instead of having the administrator manually access the individual logs that are located on each individual service we can consolidate all of those logs back to a central database one of the protocols that allows us to consolidate these log files is called syslog this is a very common standard if your system collects logs then it probably has the option to send those logs to a centralized database using syslog in many organizations we use a security information and event manager to collect all of these log files we usually refer to this as a sim as you can imagine log files take a lot of room so the sim usually has a very large drive array and we're able to store a large number of files over a very extended period of time many organizations will have one or many different web servers and those servers are responsible for responding to browser requests that you would make from your computer these use standard protocols such as http or https and they build pages out using specialized languages such as html or html5 these pages could be static pages that are simply transferred across the network or the web server may be responsible for dynamically creating the page and then sending that page down to the browser in an enterprise we might often start our day by logging in to our local computer or we may be connecting from a vpn and we would use a username and password to provide that authentication and often the authentication that we would use between all of these different services is identical so how does the enterprise use the same authentication method across all of these different servers in most cases the organization's using an authentication server which centralizes all of those usernames and passwords to a single service this isn't something we would commonly use on a home network because we don't have a lot of services that we're logging into on our local network but on an enterprise network there are many different services that we would want to access and this centralized authentication server provides us with a way to not only provide access to those services but do it in a way that our usernames and passwords are protected as you can imagine if the authentication server is not available then no one would be able to log in and use any of the resources on your network for that reason this is considered to be a very critical resource and it's very common for organizations to have multiple authentication servers on their network for redundancy your mail client probably has a separate folder already configured inside of it called spam that spam folder takes any messages which may be unsolicited attempts at getting your attention and puts all of those messages into a spam folder so that you don't have to read them the content of these spam messages can vary widely these could be commercial attempts to get you to buy something it might be someone trying to get you to click on a link that sends you to a malicious website or maybe a phishing attempt which is trying to get you to give away some of your personal information managing all of these spam messages can be complex it's already difficult to identify the spam message and then we also have to manage what we do with those messages once they're identified there are obviously security concerns we have to think about where we're going to store this information and for how long we're going to keep these spam messages stored in our databases some organizations will have a separate mail gateway in their network in this example that mail is being sent and received from the internet through a firewall that then sends it to the mail gateway on a screen subnet these mail gateways can also be stored in the cloud and there may be a third party provider that's being used to provide that functionality once the mail is scanned it can then be sent to the internal network and stored on a local internal mail server this gives us the opportunity to categorize mail as spam or to completely reject the mail and prevent its access to the internal server many organizations have begun consolidating many of their security functions on the network to a single device often this is a next generation firewall but you may find older systems that do this called a unified threat management device or a utm some people often refer to this as a web security gateway these devices can perform many different security functions for example you may have url filtering or content inspection built into the device these may be able to identify malware or the transfer of files that may contain malware these could be a spam filter on their own you might also have other networking features such as csu dsu capabilities which allow you to connect to a wide area network these devices often act as routers and they usually might also have switch interfaces on the back of these devices and of course they act also as a firewall so you can allow or disallow certain traffic flows through your network these devices can often act as intrusion detection systems or intrusion prevention systems which can block known attacks from traversing the network these devices can also act as bandwidth shapers or quality of service devices so that different applications can be prioritized in real time and if you need people to connect to the network that are outside of your facility you might want to use an encrypted tunnel through a virtual private network in an enterprise environment we're very sensitive to downtime if a server becomes unavailable the user may not be able to complete certain tasks or they may not be able to buy anything from us because the server's not responding to be able to provide continuous uptime and availability we need multiple servers and the way that you would distribute the load across those servers is with a load balancer the load balancer is responsible for checking in with all of the servers that are connected to it and if one particular server becomes unresponsive it simply removes that server from the load and continues operating with the remaining servers this is usually the primary reason a load balancer is installed is to have multiple servers and be able to distribute the load across all of those devices since the load balancer is sitting in the middle of these conversations it can also make changes to the way certain protocols might work for example it's common for a load balancer to offload tcp so that it has a constant connection between all of the servers connected to it this load balancer might also be providing ssl offloading so all of the encryption and decryption from these servers is happening on the load balancer instead of having the servers manage that process themselves these load balancers can commonly cache information so that requests from the internet may not have to go down to a server instead the load balancer may already have that information in a cache and can simply respond back to the internet without involving any of the connected servers we can also perform some very advanced configurations of the traffic going through this load balancer so we might configure certain web pages or certain applications to have priority over others we might also tell the load balancer that certain applications should prioritize to certain servers and other applications or web pages can be moved to other servers this content switching capability allows the load balancer to optimize communication with the servers that can respond the best some organizations have installed proxy servers to add additional security to their internet communications as the name implies a proxy sits in the middle of a conversation users will make a request to the proxy the proxy then makes the request to the third party service receives a response from that service and then examines the response to make sure nothing within that response is malicious once everything is checked and everything looks okay that response is then sent to the end user this means that we can put a lot of security controls into the proxy the proxy connect is access control so it may require a username and password to gain access to the internet it can perform caching it can filter by url and many other security capabilities as well if you work in an industrial environment then you're probably already familiar with scada or ics this stands for the supervisory control and data acquisition system you might also hear this referred to as an industrial control system or ics the scada systems are responsible for control and management of these industrial machines so if you are part of a power company and you have power generation equipment or your manufacturing company with these large manufacturing equipment you might use scada to be able to manage those devices scada allows us to see exactly what's happening on these devices and to be able to manage and control these devices across the network as you can imagine these power generation systems and manufacturing equipment can be very expensive systems and an outage of these systems might have a dramatic impact for those reasons scada systems are usually segmented from the rest of the network and you very often need additional rights permissions and connections to even gain access to these very important systems one common theme with data centers is once a service is installed it's very difficult to get that service removed from the data center and often devices and services may sit in the data center for 10 years or even more we often refer to these systems as legacy systems and although they're very old they usually have an extremely important service that's running on them very often these legacy systems are running on older software or older hardware and it might be very difficult to resolve a problem with this device just because the software and hardware are not well supported or may be difficult to obtain another type of service you might find in your data center is an embedded system these are systems where you normally don't have access to the operating system or any other aspect inside of the device instead it is a purpose-built device that's designed for you to only have access to the service or the application that that device provides this might be something like an alarm system or a door security system or perhaps the time card system that you use to keep track of when people come to work and when they leave those devices commonly don't have an operating system that we can update or even view and because of that we rely on the manufacturer of these purpose-built systems to be able to provide us with support and ongoing maintenance and one of the newest category of systems that you now find in the enterprise are internet of things devices or iot we're starting to find an increasing number of iot devices not only on our enterprise networks but our home networks it seems that everything we're connecting to a power plug in our home is also connecting to our network for example we're starting to see appliances such as refrigerators and ovens connect to the wireless network we have smart devices like speakers that are responding to our voice commands or we might have air control systems that allow us to manage the temperature of a room all from a centralized app on our mobile device these iot devices may also be responsible for access at our facilities so they might be a smart doorbell or they might be responsible for unlocking a door or garage this is another case where the security of these devices is relatively important we wouldn't want somebody gaining access to our systems because they have access to these iot devices so commonly we segment iot devices onto their own network or we can have additional security and limit anyone else from accessing those systems you