Peer-to-peer networksIn a peer-to-peer (P2P) network, all systems connected to the network can act as clients or servers. A client is a system that makes a request for a resource or service on the network; a server is the system providing the resource or service. In this type of networking environment, all systems are considered equal because they can all play the same roles on the network — either as client or server or as both client and server.
The recommended number of systems in a P2P network usually involves ten or fewer systems because of the lack of centralized administration. As a network administrator working in a P2P environment, you will constantly run from machine to machine to perform administrative tasks. Typically, a P2P network involves each system running a desktop operating system, such as Windows 8.1 to provide network functionality.
Notice that client A provides a network resource — a printer — as does client D. This shows that client A is acting as both a server and a client, which is the purpose of a P2P network.
Because a central machine doesn’t store files in a P2P network, your networking environment isn’t based on the centralized administration approach. With centralized administration, you (as network administrator) could perform network administration tasks for the entire network from one place. Looking back to the figure, you can see that because all four computers act as peer servers (meaning they all act as servers to one another), you need to do the administration on all four computers — a major disadvantage of P2P networking.
Some examples of the administration you must perform on each system are creating user accounts on each computer and managing file and folder sharing from each system. Here, for example, if you want Bob to log on to client A, you would create the Bob account on client A. At the same time, if you want Sue to log on to client B, you would create the Sue account on client B. Because the Bob account doesn’t exist on client B, Bob can’t log on to that computer even though he might be able to access the files on client B from client A. This leads to a distributed administration model because your work is spread across multiple machines.
The major advantage of P2P networking is that you save money by not needing to purchase a central server, which can cost thousands of dollars in hardware and software. Too, with a P2P network, you also don’t have to purchase a separate network operating system (NOS). A NOS, required on a server-based network (discussed in the next section), is designed for networking services (such as Dynamic Host Configuration Protocol [DHCP], web, file, and print services) and allows the server to share its files and printers with clients on the network. The cost of the NOS, and the licenses to have clients connect to the server, is where a number of large companies spend most of their IT budget. Licensing is expensive!
Server-based (client-server) networksServer-based networking, also known as client-server networking, is the networking model that most companies usually choose for ten or more workstations on a network. Unlike a P2P network, server-based networking uses a central machine (the server) that delivers network services to the workstations. Once again, these network services could be services such as file and print sharing, user account authentication, or web services.
The benefit of a client-server configuration is that you can leverage centralized administration by performing the bulk of your work on the one server. For example, if you need to create user accounts for each of the ten users, you create the ten accounts on the one server. Compare that with a P2P network, where one account is created on each system. As the administrator of this network, you create all shared directories on the server along with user accounts so that the server may verify the credentials of a client who attempts to log on to the network. All users on the network connect to this server to save and retrieve files.
Tighter security is another benefit of using a server-based networking model. Creating a more secure environment is easier with a server-based network because your resources and user accounts are not spread across multiple machines. You can focus on the server because it contains the files, folders, and user accounts. When a user logs on to the network, the logon request is sent to the server, which verifies that the username and password are valid. After a user is logged on, the server allows the user access to resources, such as files and printers, that the user has permission to use. this figure illustrates a server-based networking environment.
Notice that the client systems connect to the server to access the printer. In this environment, all systems have a defined role: They are either a client or a server — but not both.
The disadvantage of using a server-based environment is the cost of purchasing the server hardware and the NOS. When designing your networking model, make sure that you work with someone familiar with software licensing so you get the best bang for your buck!
Server rolesWhen creating a network, you can install servers that provide a number of different types of functionality to the network. Following is a list of the common types of server roles that exist on networks today:
- Web server: A web server delivers web pages to clients using the HTTP or HTTPS protocol. Web servers host public websites or intranet sites used inside a company.
- File server: A file server stores data documents such as Microsoft Word, Excel, and PowerPoint files. The file server typically offers permission capabilities so that you can control who can access what files.
- Print server: A print server is used to share printers with network clients and queue print jobs while they are waiting to be printed.
- DHCP server: A DHCP server is responsible for handing out IP addresses to clients on the network so that you do not need to run around to each client and manually configure an IP address.
- DNS server: A DNS server is responsible for translating fully qualified domain names such as www.gleneclarke.com to its IP address.
- Proxy server: A proxy server is responsible for sending requests to the Internet on behalf of the user. A proxy server adds a layer of security, in that the user is not sending the request to the Internet directly. A proxy server typically has NAT features and policy features to control which websites users are allowed to access.
- Mail server: A mail server is responsible for sending and receiving email for users within the company.
- Authentication server: An authentication server stores all of the usernames and passwords for the network in a database, and is responsible for verifying the username and password of the users when they log onto the network. Before accessing files on a file server or reading email, users typically must authenticate to the authentication server first.
Internet appliances and legacy systemsServers are not the only types of devices that are found on networks. Networks may also contain a number of appliance devices that provide different functionality to the network. The following is a list of common appliances, or devices, connected to the network:
- UTM: A Unified Threat Management appliance is a device that integrates multiple security features into one appliance. UTM typically combines a firewall, an intrusion detection and prevention system, and an antivirus system that checks all incoming data for viruses.
- IDS: An Intrusion Detection System (IDS) is a device that monitors network activity and sends out notification when suspicious network activity is detected. The notification could be sent as an email message or as a text message to the administrator’s mobile device.
- IPS: An Intrusion Prevention System (IPS) is similar to an IDS; however, when it detects suspicious activity it can take corrective action to help prevent the activity from continuing. An example of corrective action would be to deny the system access to the network.
- Legacy/embedded systems: Networks may also have a number of legacy or older systems present on the network to run older applications that may still be needed by the company.