the first subcategory of Asset Management (ID.AM-1) is as follows:
Physical devices and systems within the organization are inventoried.
There are many ways to accomplish this goal. If your organization is small, you may just keep track of all your computer and network devices in a simple Microsoft Excel spreadsheet. If your organization is larger, you may utilize software that automatically scans your network to create a catalog of all attached devices, and you may want to use inventory tags with barcodes so you can track hardware assets. But one way or another, keeping an inventory of all your physical devices and systems is a vital element of cybersecurity.
Although the Framework doesn’t prescribe specific solutions, it does offer a set of links to other cybersecurity frameworks which it calls Informative References. For example, ID.AM-1 includes references to related information found in the CIS Controls, COBIT controls, ISA/IEC standards, and other NIST standards. You can cross-reference these Information References to gain additional insight into each of the subcategories.
Chapter 5
Servers and Virtualization
IN THIS CHAPTER
Learning what network operating systems do
Examining what makes a good server
Looking at the different packaging options for servers
Taking a quick look at virtualization
Servers are the lifeblood of any network. They provide the shared resources that network users crave, such as file storage, databases, email, web services, and so on. Choosing which servers your network needs and selecting the type of equipment you use to implement your servers are among the key decisions you’ll make when you set up a network.
In this chapter, I take a quick look at what is important in a server. First, I cover the basic functions of a server operating system. Then I survey the various types of servers most networks need. Then I turn my attention to important matters to consider when selecting the kind of hardware a server should run on. And finally, I look quickly at the idea of virtualizing your entire server environment.
Understanding Network Operating Systems
The server operating system is what enables your server computers to function as servers rather than as ordinary Windows clients. Server operating systems provide essential functions such as providing basic security services, sharing disk storage and printers, and so on. Here are some of these core server operating system features:
Network services
Obviously, a server operating system must provide networking capabilities in order for it to function on a network. If your client computers can’t connect to your servers, your network will be useless. For this reason, it’s a good idea to make sure your server computers are equipped with more than one network interface. That way, if one of the interfaces fails, the other can pick up the slack and keep your server connected to your network.
In addition to basic network connectivity, one of your servers will typically be responsible for providing some essential software services that are required to keep a network operating in an efficient manner. One of these is called Dynamic Host Configuration Protocol (DHCP); it’s the service that recognizes computers and other devices that want to join the network, providing each with a unique address so that all the devices on the network can identify one another. For more information about this vital service, refer to Book 2, Chapter 5.
A second basic service that is provided by one of the servers on your network is called Domain Name System (DNS). This service is what enables people to use network names instead of the actual addresses that are handed out by DHCP. It’s also the service that enables people to browse the World Wide Web using addresses such as www.dummies.com
rather than cryptic addresses. For more information about this important service, please refer to Book 2, Chapter 6.
File-sharing services
One of the most important functions of a server operating system is to share resources with other network users. The most common resource that’s shared is the server’s file system — organized disk space that a server must be able to share (in whole or in part) with other users. In effect, those users can treat the server’s disk space as an extension of their own computers’ disk space.
The server operating system allows the system administrator to determine which portions of the server’s file system to share.
Although an entire hard drive can be shared, it isn’t commonly done. Instead, individual folders are shared. The administrator can control which users are allowed to access each shared folder.
Because file sharing is the reason why many network servers exist, server operating systems have more sophisticated disk management features than are found in desktop operating systems. For example, most server operating systems can manage two or more hard drives as though they were a single drive. In addition, most can create a mirror — an automatic backup copy of a drive — on a second drive.
Multitasking
Only one user at a time uses a desktop computer; however, multiple users simultaneously use server computers. As a result, a server operating system must provide support for multiple users who access the server remotely via the network.
At the heart of multiuser support is multitasking, which is the capability of an operating system to execute more than one program (a task or a process) at a time. Multitasking operating systems are like the guy who used to spin plates balanced on sticks on the old Ed Sullivan Show back in the 1950s. He’d run from plate to plate, trying to keep them all spinning so they wouldn’t fall off the sticks — and just for grins, he was blindfolded or rode on a unicycle.
Although multitasking creates the appearance that two or more programs are executing on the computer at one time, in reality, a computer with a single processor can execute only one program at a time. The operating system switches the CPU from one program to another to create the appearance that several programs are executing simultaneously, but at any given moment, only one of the programs is actually executing. The others are patiently waiting for their turns. (However, if the computer has more than one CPU, the CPUs can execute programs simultaneously, which is multiprocessing.)
For multitasking to work reliably, the server operating system must completely isolate the executing programs from each other. Otherwise, one program may perform an operation that adversely affects another program. Multitasking operating systems do this by providing each task with its own unique address space that makes it almost impossible for one task to affect memory that belongs to another task.
Directory services
Directories are everywhere — and were, even in the days when they were all hard copy. When you needed to make a phone call, you looked up the number in a phone directory. When you needed to find the address