Networking

What is DHCP?
DHCP Lease Time Management

The IP address information assigned by DHCP is only valid for a limited

period of time, and is known as a DHCP lease. The period of validity is
called the DHCP lease time. When the lease expires, the client can no
longer use the IP address and has to stop all communication with the IP
network unless he requests to extend the lease “rent” via the DHCP lease
renewal cycle. To avoid impacts of the DHCP server not being available at
the end of the lease time, clients generally start renewing their lease
halfway through the lease period. This renewal process ensures robust IP
address allocation to devices. Any device asking for a new IP version 4
address at arrival on the network and not receiving an answer will use
automatic private internet protocol addressing (APIPA) to select an
address. These addresses are in the network range 169.254.0.0/16.

Usage Scenarios

There are four key DHCP usage scenarios: 1. Initial Client Connection: the
client requests from the DHCP server an IP address and other parameter
values for accessing network services 2. IP Usage Extension: the client
contacts the DHCP server to extend usage of its current IP address 3.
Client Connection After Reboot: the client contacts the DHCP server for
confirmation that it can use the same IP address being used before reboot
4. Client Disconnection: the client requests the DHCP server to release its
IP address.

DHCP Options

DHCP options can be used to automatically provide clients with information

on the network services it can use. This is a very efficient way to push the
IP address of the time server, the mail server, the DNS server and the
printer server. This can also be used to provide a file name and a file server
that will be used by the client to start a specific boot process – mainly used
for IP phones and Wi-Fi access points, but can also be used for auto-
installing clients and servers with PXE (Preboot eXecution Environment).
Implementation of DHCP Service

The original and most comprehensive implementation of the DHCP service

is offered by the Internet Systems Consortium (ISC). Supporting both IPv4
and IPv6, ISC DHCP offers a complete open source solution for
implementing DHCP servers, relay agents, and clients. Other DHCP Server
products include the Microsoft DHCP server.

The DHCP service can be enhanced by DHCP failover to bring high

availability and load balancing of traffic. The ISC DHCP Failover relies on
having a pair of collaborating servers – a primary (master) server and a
secondary (backup) server. A TCP-based communication channel, called a
failover channel, then has to be set up between the two servers.

What is an ad server?
Ad servers are the technological engines that allow advertisers and
publishers to optimize, manage, and distribute ads across a multitude of
paid channels. Based on a combination of advertising campaign settings
such as audience segments, budget, and timeline, ad servers calculate in
real-time the best ads to load for specific audiences on an array of devices,
retail, and media channels.

What is the difference between first-party and third-party ad servers?

A highly diverse cross-section of needs and challenges call for different

types of ad servers: first-party ad servers are run by publishers offering ad
space on their sites for direct or programmatic campaigns. This type
accepts a range of creative assets to fill ad inventory using customizable
parameters to reach an audience and then measure performance through
clicks, impressions, and viewability. Third-party ad servers are owned by
external parties and are utilized by advertisers aiming to reach particular
audiences and campaign goals with finer control over their creatives to
interact with multiple publishers at once. Importantly, these ad servers
centralize campaign management and measurement as ads appear and
engage shoppers, streamers, and browsers across publisher sites.
How does an ad server work?

As audiences browse the web, listen to podcasts or stream video, ad

servers talk to one another to showcase a digital campaign in fractions of a
second. When users open a website, the browser calls a publisher’s web
server for the page’s content. This process loops in ad servers to
dynamically serve up the most relevant ads by adapting to campaign
parameters, simplifying the ad buying and planning process for digital
advertising.

What is ad server technology?

Ad server technology is a type of adtech employed to deploy and optimize

digital campaigns from building brand-specific creatives to automating how
they reach audiences. The technology relies on servers talking to one
another to programmatically buy, sell, and place an ad in front of the most
relevant audiences at the right time across a spectrum of media channels.
One of the many capabilities of an ad server is the delivery of ads across
visual, audio, and interactive formats to meet and augment digital customer
journeys across advertising campaigns.

How do ad servers relate to DSPs and/or SSPs?

Advertisers count on DSP (demand side platform) marketplaces to access

publisher inventory and purchase placements for video ads, display ads,
and mobile ads. Amazon DSP is one such example that allows advertisers
and agencies to buy media placements to be programmatically delivered
on Amazon websites, publisher sites, and third-party exchanges.
Publishers looking to sell ad slots leverage supply-side platforms that
automate sales of digital ad events on a spectrum of user-facing mediums,
known as publisher ad servers. Amazon Publisher Services offers cloud-
based services and tools that allows digital publishers to effectively
monetize their content and inventory, while bringing transparency to the
forefront of digital ad supply spend.

Ad server networks, DSPs, and SSPs are elements to programmatic

advertising that give advertisers the flexibility to buy and sell ads in an
automated way.
What are examples of ad servers?

While there are multiple types of ad servers, Sizmek Ad Suite is a great

example. Sizmek Ad Suite is a multichannel, third-party ad server for
advertisers and agencies executing digital advertising strategies to build
creatives, manage and optimize campaigns, and measure insights in
delivering premium ad experiences with relevance and ease. Ad authors
can export and generate files such as banners or video with Sizmek Ad
Suite, offering fluidity and freedom to move creatives between ad servers.

How are ad servers measured?

Ad servers drive revenue on a range of event-driven delivery metrics such

as cost per impression, cost per click, and cost per conversion when an ad
is shown. Additional capabilities such as managed services, training and
support, and advanced measurement analysis and features further add to
earnings. Ad servers charge fees associated with delivering ads to viewers
based on digital channel, format, analytics, and viewability metrics. Base
fees typically tally how many times an ad is loaded and shown per industry
standard guidelines, or impressions. Fees may also factor in when an ad is
clicked and leads to a purchase.

DNS
All computers on the Internet, from your smart phone or laptop to the
servers that serve content for massive retail websites, find and
communicate with one another by using numbers. These numbers are
known as IP addresses. When you open a web browser and go to a
website, you don't have to remember and enter a long number. Instead,
you can enter a domain name like example.com and still end up in the right
place.
A DNS service such as Amazon Route 53 is a globally distributed service
that translates human readable names like www.example.com into the
numeric IP addresses like 192.0.2.1 that computers use to connect to each
other. The Internet’s DNS system works much like a phone book by
managing the mapping between names and numbers. DNS servers
translate requests for names into IP addresses, controlling which server an
end user will reach when they type a domain name into their web browser.
These requests are called queries.

Types of DNS Service

Authoritative DNS: An authoritative DNS service provides an update
mechanism that developers use to manage their public DNS names. It then
answers DNS queries, translating domain names into IP address so
computers can communicate with each other. Authoritative DNS has the
final authority over a domain and is responsible for providing answers
to recursive DNS servers with the IP address information. Amazon Route
53 is an authoritative DNS system.
Recursive DNS: Clients typically do not make queries directly to
authoritative DNS services. Instead, they generally connect to another type
of DNS service known a resolver, or a recursive DNS service. A recursive
DNS service acts like a hotel concierge: while it doesn't own any DNS
records, it acts as an intermediary who can get the DNS information on
your behalf. If a recursive DNS has the DNS reference cached, or stored
for a period of time, then it answers the DNS query by providing the source
or IP information. If not, it passes the query to one or more authoritative
DNS servers to find the information.

A DNS Server is a computer that completes the process of name resolution

in DNS. DNS Servers contain zone files that enable them to resolve names
to IP addresses and IP addresses to names. When queried, a DNS Server
will respond in one of three ways:

 The server returns the requested name-resolution or IP-resolution

data.
 The server returns a pointer to another DNS Server that can service
the request.
 The server indicates that it does not have the requested data.

DNS Servers might, during the course of preparing to return the requested
resolution data, query other DNS Servers, but beyond that, DNS Servers
do not perform any other operations.
There are three main kinds of DNS Servers — primary servers, secondary
servers, and caching servers.

Primary Server

The primary server is the authoritative server for the zone. All

administrative tasks associated with the zone (such as creating
subdomains within the zone, or other similar administrative tasks) must be
performed on the primary server. In addition, any changes associated with
the zone or any modifications or additions to RRs in the zone files must be
made on the primary server. For any given zone, there is one primary
server, except when you integrate Active Directory services and Microsoft
DNS Server.

Secondary Servers

Secondary servers are backup DNS Servers. Secondary servers receive all

of their zone files from the primary server zone files in a zone transfer.
Multiple secondary servers can exist for any given zone — as many as
necessary to provide load balancing, fault tolerance, and traffic reduction.
Additionally, any given DNS Server can be a secondary server for multiple
zones.

In addition to primary and secondary DNS Servers, additional DNS Server

roles can be used when such servers are appropriate for a DNS
infrastructure. These additional servers are caching servers
and forwarders.

Caching Servers

Caching servers, also known as caching-only servers, perform as their name suggests;
they provide only cached-query service for DNS responses. Rather than maintaining
zone files like other secondary servers do, caching DNS Servers perform queries,
cache the answers, and return the results to the querying client. The primary difference
between caching servers and other secondary servers is that other secondary servers
maintain zone files (and do zone transfers when appropriate, thereby generating
network traffic associated with the transfer), caching servers do not.
What are Anti-Virus Servers
Antivirus Servers
Before discussing the antivirus servers, just take a little view of antivirus.
Basically, viruses can be one of the major dangerous threats to an
organization, lost important data and taking computer systems out of order.
Antivirus for Windows Servers defends information on servers operating
under Microsoft Windows from every kind of malicious application. This
invention was planned specially for high-performance business servers that
experience intense loads.

Antivirus Server version presents the most dominant security to overcome

virus bugs on your server or servers. It provides facility equally as primary
security of a file server itself, and, through its discretionary plug-ins, as
security for different server subsystems, for instance electronic mail and
firewall or proxy. Different security measures are offered for these servers:
1. SMTP Server
2. MS Exchange Server 2000/2003/2007
3. MS Proxy/ISA Server
4. Lotus Domino Server
5. MS Sharepoint Server (including Office Sharepoint Server 2007)
 

Integration with the Operating System

Different antivirus server version has been completely experienced with all
versions of Windows Servers (opening with NT 4.0 and till at Windows
Server 2008, as well as Windows Storage Server 2003 and Windows
Datacenter Server 2008). It is completely optimized to take benefit of
numerous computer systems and has been pressure tested still on
machines with a great amount of processors to confirm outstanding
strength and scalability of its machinery.

Extraordinary concern has been taken to make sure 100% compatibility

with superior server machinery such as the volume shadow copy or VSS
and file replication services or FRS, assuring that your server will work
perfectly under every situation.

User Interface
Although the Server version holds both the user environments of antivirus,
straightforward and improved in server practice typically the improved user
interface will be in use (not including for the terminal server). The improved
user interface provides you access to all the working of antivirus, therefore
making it achievable to entirely configure it for broad scanning.

The most important principle is supposed “antivirus task” based examining.

Initially, you describe the tasks used to scan for viruses, as well as the
ordinary parameters. Then, you work on these tasks (possibly
occasionally). Each task creates various outcomes; certainly, you can work
with these outcomes afterwards. Resident safety is also a particular kind of
task.

Advantages
Antivirus servers have so many advantages; some of them are as
following:

1. Flexible management
2. Strong performance
3. Efficient safety
4. System requirements
 

Strong performance:
A fresh antivirus engine, fill corresponding of server resources, optimized
antivirus checking technique and the elimination of trusted practices from
scanning, all raise the product’s working and lesser the quantity of
computing resources essential to execute antivirus scans.

Positive safety against new viruses:

The fresh antivirus engine offer more efficient safety techniques against
spiteful programs. The intelligent analyzer recognizes with a high extent of
chances any spiteful character in programs, even if their name is not
included in the antivirus record. The function copy the launch of a program
in a secluded virtual setting, making it achievable to examine the actions
executes by the program and conclude whether it is potentially damaging.

Reliability:
In the happening of a break down or mandatory shutdown the application’s
usually restart make sure stable system safety while the diagnostics
system conclude the reason of the break down.

Real-time antivirus protection and scanning:

Strong Anti-Virus for Windows Servers examine all records that are
opened, used or customized and purify or deletes all contaminated
documents. Moreover, doubtful files or a record is isolated in a quarantine
region before to experience advance study. The request scans particular
region of the system according to a plan or on command.

WSUS
How does WSUS work?
WSUS works as a Windows Server role. You can deploy one or more
WSUS servers depending on the number of client machines—including
server machines whose updates you want to manage through WSUS—and
other technical considerations in your organization’s IT network.

If you deploy more than one WSUS server, you can decide to connect one
or more WSUS servers to Microsoft Update. The servers connected to
Microsoft Update can act as an update source for the other WSUS servers
in the IT network.

The WSUS servers that provide updates to other WSUS servers are called
upstream servers. You can limit the number of upstream servers to one
since one WSUS server can synchronize all other WSUS servers. This
approach also helps limit the number of WSUS servers exposed to the
internet.

However, if many downstream servers try to synchronize from an upstream

server simultaneously, it can create intranet bandwidth and performance
issues. Therefore, you should optimize the synchronization process for
efficient performance.
You can deploy multiple WSUS servers as needed in multi-tier hierarchies
to distribute updates more effectively to client machines located across
various geo-locations. If you also manage mobile devices that join and
leave your organization’s IT network infrequently, you can allow them to get
updates from the nearest WSUS server.

Once you have finalized the architecture and set up the upstream and
downstream servers, you should allow and connect client machines to get
updates from WSUS servers. Accordingly, whenever updates are available,
you can review and test those updates and then distribute them to specific
client machines. You can also define groups to manage client machines
categorically and distribute updates based on group policies.

What are WSUS Server modes?

You can deploy WSUS servers in two different modes:

1. Autonomous Mode
2. Replica Mode

Autonomous Mode: This is the default installation option for Windows

Server Update Services, and it helps implement distributed administration.
A WSUS server set up in this mode only gets updates from an upstream
server, but you should separately review, approve, and distribute the
updates to the client machines connected to this server.

Replica Mode: This mode helps implement centralized administration. You

don’t need to manage WSUS servers deployed in this mode separately.
These servers get updates, approval statuses, and distribution policies
from the upstream server.

Benefits of WSUS
Microsoft regularly releases several updates for its products, including
critical updates, security updates, drivers, service packs, and tools, among
others. Installing these updates on client machines is essential to patch
security vulnerabilities and ensure client machines work as expected.
However, manually reviewing, approving, and installing updates is a
tedious, time-consuming process. Moreover, manually ensuring all client
machines received appropriate updates is error-prone and can make your
IT environment vulnerable to cyberthreats.

Using Windows Server Update Services, you can centralize and automate
update management for Microsoft products. This helps you determine how
and when to distribute updates and which machines require a specific
update.

You can also scan to discover client machines pending update installations
and schedule updates without interrupting employee productivity. This
approach also helps save your corporate internet bandwidth as WSUS
servers use your corporate intranet to distribute updates.

If you maintain a downstream server in a different branch location, you can

allow the downstream server in your branch location to receive updates
directly from Microsoft Update. With this approach, you can overcome
bandwidth limitations between your central and branch locations.

As WSUS is a server role component of Windows Server operating system,

it doesn’t require additional licensing if you’ve already purchased Windows
Server licenses.

Potential limitations of WSUS

Windows Server Update Services is known for having three primary
limitations you may experience:

1. You can only run WSUS on a Windows Server. Depending on your IT

infrastructure’s scale, this may require you to purchase a significant
amount of additional Windows Server licenses.
2. While Windows Server Update Services can distribute updates for
Microsoft products, its ability to support third-party software
applications is limited, and distributing third-party updates with WSUS
can become cumbersome.

3. Windows Server Update Services doesn’t support client machines

running non-Windows operating systems like Linux distributions or
macOS. This implies you have to depend on additional patch
 management solutions to manage non-Windows machines in your IT
environment.

How to extend WSUS

You can implement third-party patch management or update management
solutions to overcome the challenges with WSUS. With this approach, you
can augment, optimize, or extend WSUS functionality.

For example, implementing an appropriate patch management

solution helps improve how effectively you can manage third-party updates.
Similarly, you can gain better visibility into your IT infrastructure, improve
patch compliance and reporting, and manage Windows update scheduling
more efficiently.

What is a Web Proxy Server?

The internet works intricately, and people rarely think about it. The risk of
that is the looming danger of crimes such as identity theft and data security
breaches. Different individuals use proxy servers or Virtual Private
Networks (VPN) to protect themselves. A proxy server is a web server that
acts as a gateway between a client application, for example, a browser,
and the real server. It makes requests to the real server on behalf of the
client or sometimes fulfills the claim itself. 
Web proxy servers have two primary purposes, namely to filter requests
and improve performances. Additionally, there are proxy servers that sit
between web servers and web clients known as a reverse proxy. Reverse
proxy servers pass on requests from web clients to web servers. They are
used to cache images and pages to reduce the load on web servers
significantly.
The Importance for Network Security
The OSI model takes a complex system and breaks it into several discrete
layers based upon the various tasks fulfilled by networking protocols. This
abstraction makes it easier to troubleshoot issues, identify security risks, and
describe network-layer attacks.

As a theoretical model, the OSI model is not necessary for modern networking
protocols to operate. However, it does make it easier to identify security risks
and analyze the capabilities of cybersecurity solutions, making it an invaluable
tool for network security.

7 Layers of OSI Model

The OSI model is broken up into seven layers. Each layer fulfills an
important role within the networking stack and communicates with other
layers by exchanging protocol data units (PDUs).

The layers in the OSI model are commonly referred to by name or number
(1-7). From lowest-level to highest-level they are:

1. The Physical Layer

The physical layer is where the raw bitstream is physically transmitted over
a physical medium. The Layer 1 PDU is the “symbol”. This includes
translating bits to electricity, light, or radio signals and controlling the rates
at which they are sent over the chosen medium.

2. The Data Link Layer

The data link layer breaks data to be transmitted into frames for
transmission at the physical layer. It also manages connections between
two different nodes, including setting up the connection, identifying and
correcting any bit errors that occur at the physical layer, and terminating the
connection once the session is complete.

3. The Network Layer

At the network layer, the focus expands from a point-to-point link to include
many interconnected nodes within a network. Network-layer devices
operate on packets and are responsible for routing traffic to its destination
based on IP addresses. 

4. The Transport Layer

The transport layer is the first of four “host” layers with the rest referred to
as “media” layers. The transport layer PDU is the “segment” or “datagram”.
This layer manages the transmission of data between nodes, including
ensuring that data arrives in the correct sequence and that any errors are
corrected. The Transmission Control Protocol (TCP) operates at Layer 4

#5. The Session Layer

The session layer manages sessions between nodes and acts on the
“data” PDU. Session management includes setup, authentication,
termination, and reconnections.

#6. The Presentation Layer

The presentation layer is primarily responsible for translating data from

network data to the formats expected by an application. For example, data
encodings and encryption are managed at Layer 6.

#7. The Application Layer

The application layer includes protocols designed for end-users. For

example, HTTP is a Layer 7 protocol designed to transmit data between a
web server and a client.
 Network Layers: OSI vs TCP/IP

The OSI model is only one networking model. Another is the TCP/IP model,
which predates the OSI model and maps more closely to the protocols that
implement the networking stack.

The TCP/IP model breaks the network stack into four layers:

 Application Layer: This single layer maps to the Application, Presentation,

and Session layers of the OSI model. Some protocols that operate at this
layer include HTTP, SMTP, and DNS.

 Transport Layer: This layer maps to the Transport layer of the OSI model.
TCP and the User Datagram Protocol (UDP) operate at this layer.

 Internet Layer: The Internet layer is equivalent to the Network Layer in the

OSI model. This layer is primarily covered by the Internet Protocol (IP), but
ARP, IGMP, and ICMP also operate at this layer.

 Network Access Layer: This layer combines the Physical and Data Link
layers from the OSI model. Ethernet, Token Ring, ATM, and Frame Relay are
examples from the TCP/IP Protocol Suite that operate at this layer.

The OSI model is more theoretical, describing the various tasks that must be
accomplished to enable application-layer data to be transmitted via electricity,
light, or radio waves. The TCP/IP model is more practical and maps closely to
actual network protocols.

Advantages of the OSI Model

OSI provides a mental model for how networking works, including

describing all of the various functions that are performed to make network
communications possible. This model makes it easier to troubleshoot
issues with network protocols, to examine the security of networking
protocols, and discuss various network-level attacks.