WEBVTT

00:07.220 --> 00:09.020
Within any enterprise environment.

00:09.020 --> 00:13.280
We have to look at the different infrastructure concepts that go within our environment.

00:13.280 --> 00:18.290
That can include things as hardware, software, the different networks, our endpoint devices, and

00:18.290 --> 00:21.920
what most literally people miss is usually people themselves.

00:21.920 --> 00:23.900
So let's talk about hardware first.

00:23.930 --> 00:31.250
Hardware is any device or physical device that's installed or involved within your enterprise environment.

00:31.250 --> 00:35.270
This is often servers, switches, firewalls, you name it.

00:35.270 --> 00:40.220
If it has a physical construct to it and it's inside your network, it's considered a hardware specific

00:40.220 --> 00:42.710
device within your enterprise environment.

00:42.710 --> 00:43.880
Then there is software.

00:43.880 --> 00:49.430
Software usually resides on the hardware, and that software could be independent of the specific hardware,

00:49.430 --> 00:51.860
or it could be dependent upon the hardware itself.

00:51.860 --> 00:57.230
What I mean by that is if I've got a firewall that has specific software involved in it, then that

00:57.230 --> 01:04.010
is specific to the hardware itself However, I can also have software on a specific server or on another

01:04.010 --> 01:11.240
enterprise device that, while it is specifically designed to be on that hardware, it is interoperable

01:11.390 --> 01:17.300
outside of that hardware infrastructure where dependent upon the hardware that's utilizing that software

01:17.330 --> 01:20.540
goes hand in hand, i.e. a firewall or a switch.

01:20.540 --> 01:25.490
Whereas within a server I could have an application that just checks and monitors different data that's

01:25.490 --> 01:26.360
going through it.

01:26.390 --> 01:28.130
Then there's the network itself.

01:28.160 --> 01:33.110
Networks are usually comprised of different hardware, and that hardware usually has a software component

01:33.110 --> 01:37.850
that allows you to communicate from one point to another, whether it's from your client to a server,

01:37.850 --> 01:42.560
or from a server to the network, or from a client over the network to another client way out in the

01:42.560 --> 01:43.550
middle of nowhere.

01:43.610 --> 01:49.190
Uh, your network infrastructure usually comprises advanced infrastructure and hardware devices that

01:49.190 --> 01:53.810
interoperate between each other to create a seamless environment of communication.

01:53.870 --> 01:55.700
Then we have endpoint devices.

01:55.730 --> 02:02.270
Endpoint devices are a device or a piece of hardware that is utilized at the end of the network infrastructure.

02:02.270 --> 02:02.280
Structure.

02:02.310 --> 02:07.530
This is usually clients like a windows machine or a mac, or even a Linux.

02:07.770 --> 02:13.710
But it's not usually something that we would consider to be like a server or a firewall or a switch.

02:13.740 --> 02:19.500
And only devices are specifically at the end of the road when it comes to your network IoT devices.

02:19.530 --> 02:22.530
Then there's people that actually work within the environment itself.

02:22.530 --> 02:27.540
Those people are responsible for the maintenance, the operation, even the installation of new devices

02:27.540 --> 02:30.180
that are interacting within your enterprise environment.

02:30.210 --> 02:31.650
We can't forget about people.

02:31.650 --> 02:34.950
They are the framework and the foundation of any corporate environment.

02:34.950 --> 02:40.620
And people really determine how well or how ill your enterprise environment is within your different

02:40.620 --> 02:44.280
infrastructure environment, within the different enterprise environments.

02:44.280 --> 02:49.860
Most often we as our mental picture goes through, we look at an enterprise environment as being on

02:49.860 --> 02:55.530
prem or on premises, meaning that the physical hardware devoted to our enterprise environment is something

02:55.530 --> 02:56.820
that we can see and touch.

02:56.850 --> 03:02.220
If I have a server go down, I can physically walk into the server room, unplug it or mess around with

03:02.220 --> 03:08.700
it, jack into it, and then change the configuration files and actually move the cables in a purely

03:08.700 --> 03:14.730
virtual environment, I log into the system, and while I don't have necessary application to change

03:14.730 --> 03:17.220
cables, I can still change the configuration.

03:17.250 --> 03:23.340
However, in modern technology, we often have an on prem network that is also using virtualization

03:23.340 --> 03:24.390
as a subset.

03:24.420 --> 03:26.220
This is for different purposes.

03:26.220 --> 03:27.960
Within an on prem network.

03:27.960 --> 03:32.940
I usually have a higher data speed, a higher throughput, it's more leverage, it's more secure.

03:32.940 --> 03:37.470
And I may need that within the different data sets that are operating within my enterprise environment.

03:37.500 --> 03:42.270
However, a virtual network provides the advantages of fast scaling.

03:42.270 --> 03:45.180
I can encompass more users rapidly.

03:45.270 --> 03:50.370
Uh, it's quicker for data sets across the world, meaning that I may have somebody in Italy that needs

03:50.370 --> 03:51.600
to access the information.

03:51.600 --> 03:55.980
And since it's virtual, that's easier to get Ahold of than, say, if the enterprise environment was

03:55.980 --> 03:56.580
on prem.

03:56.580 --> 04:00.930
So it provides that little bit of availability to it in a virtual environment.

04:00.930 --> 04:04.770
However, in modern technology, we do a hybrid network architecture.

04:04.770 --> 04:06.780
This allows us to keep what's secure.

04:06.810 --> 04:07.440
Secure.

04:07.440 --> 04:10.380
And I may have data that I need fast, secure access to.

04:10.410 --> 04:11.700
With robust speeds.

04:11.700 --> 04:13.890
And then there may be data that I need.

04:14.250 --> 04:21.330
Availability to across the world or scalability where I need the capability to expand my network architecture

04:21.360 --> 04:25.230
very quickly, which is an advantage of a virtual network.

04:25.260 --> 04:28.200
By combining the two, I get the best of both worlds.

04:28.200 --> 04:33.060
Within a serverless architecture, we are literally calling something serverless because there is no

04:33.060 --> 04:33.540
server.

04:33.570 --> 04:39.480
This is something that we fairly recent in development that allows us to literally expand our capabilities

04:39.480 --> 04:42.360
very quickly in a serverless environment.

04:42.360 --> 04:46.920
I know I keep on saying serverless like you should automatically know what it is, but it truly is a

04:46.920 --> 04:48.690
environment that has no server.

04:48.690 --> 04:52.830
This provides us a lack of management, which means I don't have to go through and constantly address

04:52.830 --> 04:52.950
it.

04:52.950 --> 04:57.270
I don't have to log into it every day and change the little idiosyncrasies within an environment on

04:57.270 --> 04:58.470
a day to day basis.

04:58.500 --> 05:04.170
It's also event driven, meaning that if an event occurs, then we go through, and if this happens,

05:04.170 --> 05:06.610
then this happens in auto scales.

05:06.610 --> 05:13.270
If I have the capability or if I need more, uh, expandability or more capability to handle more users,

05:13.270 --> 05:19.840
it can auto scale very quickly to encompass more users simultaneously interacting with that serverless

05:19.840 --> 05:20.860
architecture.

05:20.890 --> 05:24.550
An example of this would include AWS or Azure, or even Google iCloud.

05:24.550 --> 05:30.400
Within a virtual environment, virtualization is set up into three different important points.

05:30.400 --> 05:32.710
Isolation is usually the primary point.

05:32.710 --> 05:36.640
If I make something virtual, I can isolate it from the rest of my network.

05:36.670 --> 05:41.950
That provides me a secure environment to do testing and maybe do some bug hunting, maybe even some

05:41.950 --> 05:42.850
malware analysis.

05:42.850 --> 05:48.190
By providing an isolated network within a virtualization, I can literally go through and fool around

05:48.190 --> 05:52.510
with it without the perceived problem of accidentally screwing something up.

05:52.570 --> 05:56.440
Uh, it's not uncommon, especially in a virtualized environment, to play around with things.

05:56.440 --> 06:00.520
We obviously don't want to go to a production environment and start tweaking the settings, and now

06:00.520 --> 06:02.590
we've got our network going all over the place.

06:02.650 --> 06:05.140
Uh, sometimes machines don't like to be messed with.

06:05.140 --> 06:09.100
And so if you change your setting and then you change again, you change again.

06:09.130 --> 06:14.020
The machine freezes up, which just causes all kinds of problems within our enterprise environment.

06:14.140 --> 06:19.180
It wasn't that long ago when I worked for a different company where we went through and management came

06:19.180 --> 06:20.740
out and said, oh, let's change this.

06:20.770 --> 06:23.320
And then it went down to the tech two level.

06:23.320 --> 06:25.090
And they said, well, let's change this to encompass this.

06:25.120 --> 06:25.690
Well, that didn't work.

06:25.690 --> 06:26.680
Let's change this.

06:26.710 --> 06:32.860
So 5 or 6 different iterations later with working with tech two inside the environment in a production

06:32.860 --> 06:35.050
environment, the system just stopped operating.

06:35.050 --> 06:36.040
It just didn't like it.

06:36.040 --> 06:36.970
And this is bad.

06:36.970 --> 06:41.320
We do not want our production environment to stop operating or to make it to where we can't actually

06:41.320 --> 06:42.250
do anything with it.

06:42.250 --> 06:46.780
By utilizing an isolated virtualized environment, we can mess around with those settings, see how

06:46.780 --> 06:50.830
they interact with the different software, see how it's interacting with our other environments, all

06:50.830 --> 06:55.630
in a virtualized setting where if it stops working, no harm, no foul, we reboot it, we start from

06:55.630 --> 06:56.050
scratch.

06:56.050 --> 07:00.640
And once we've identified the solution, then we roll that out to our production environment.

07:00.640 --> 07:04.030
We can also do resource pooling inside of a virtualized environment.

07:04.030 --> 07:08.120
What I mean by that is inside of a server environment, I have all kinds of resources.

07:08.120 --> 07:13.940
I may have 128GB of Ram, and more than enough CPU power to do anything and everything that I want to

07:13.940 --> 07:14.420
do.

07:14.450 --> 07:20.060
And so by doing resource pooling, I can build out different virtualized environments, all with a set

07:20.060 --> 07:26.540
of Ram, maybe eight gigabytes of Ram, and set apart literally 30 different machines to do 30 different

07:26.540 --> 07:29.300
processes and pool those different resources.

07:29.330 --> 07:34.520
I can also do snapshot and cloning when my example before, when we talked about how I've got an environment

07:34.520 --> 07:40.130
that I can roll out new fixes on, I can literally take a snapshot of a production server or a production

07:40.130 --> 07:45.920
machine, snap that into a virtualized setting, and then work on that virtualized setting in isolation

07:45.920 --> 07:47.300
in order to make it roll out.

07:47.330 --> 07:51.500
It's not unnatural to see something in a virtualized setting, and then want to clone it so that we

07:51.500 --> 07:52.910
can fool around with it some more.

07:52.940 --> 07:57.200
Maybe I'm messing around with one isolated environment, and I said, well, that's pretty good, and

07:57.200 --> 08:00.710
I don't want to screw with it, but maybe I want something else so I can continue to work on it.

08:00.710 --> 08:02.540
But if that doesn't work, I want to keep this one.

08:02.540 --> 08:07.460
I simply clone the machine, and then I can have an exact copy of that original virtualized machine

08:07.460 --> 08:10.940
machines roll out into a new virtualized machine that then I can start messing around with.

08:10.970 --> 08:12.410
This is referred to as cloning.

08:12.440 --> 08:15.770
There's two types of hypervisors when it comes to virtualized systems.

08:15.770 --> 08:17.600
There's type one and then type two.

08:17.630 --> 08:21.920
This is something that you will need to memorize when you're going through your CIS exam.

08:21.920 --> 08:22.970
It's real simple.

08:23.000 --> 08:28.160
A type one virtualized or hypervisor system is a bare metal machine, meaning it's operating at the

08:28.160 --> 08:30.470
core function of your system.

08:30.500 --> 08:35.300
If I were to take my laptop, wipe it from everything, and then put Linux on it, it is now a Linux

08:35.300 --> 08:38.300
machine that is operating at a hypervisor level.

08:38.300 --> 08:41.300
One aspect with a type two hypervisor.

08:41.330 --> 08:44.360
This lays on top of the existing operating system.

08:44.360 --> 08:49.550
So this is what we probably see in something like VirtualBox or virtual machines where I've got my windows

08:49.550 --> 08:50.090
environment.

08:50.090 --> 08:55.670
That is my core operating system, but then I'm laying on top of it a VirtualBox program that has a

08:55.670 --> 08:57.170
Linux box on top of it.

08:57.200 --> 09:01.970
In my example with the last lecture that we talked about, I was showing you a virtualized system on

09:01.970 --> 09:03.530
top of my windows system.

09:03.530 --> 09:08.390
This is indicative of a type two hypervisor where it lays on top of the operating system.

09:08.420 --> 09:10.100
Finally, we have containerization.

09:10.100 --> 09:13.190
Now, containerization and virtualization often get confused.

09:13.220 --> 09:20.180
Virtualization involves emulating hardware and booting a full fledged operating system within the environment.

09:20.210 --> 09:26.660
Containerization, in contrast, leverages the host machine's operating system kernel, allowing for

09:26.660 --> 09:29.660
faster startup and more efficient resource utilization.

09:29.660 --> 09:32.570
While there are some vast similarities between the two.

09:32.600 --> 09:36.500
What you really need to know about containerization is that it's a faster spin up time than what you

09:36.500 --> 09:38.000
may see in a virtualized system.

09:38.000 --> 09:40.820
It's very much isolated, just like a virtualized system.

09:40.820 --> 09:44.030
I'm portable, just like a virtual system, sort of.

09:44.060 --> 09:44.330
Right.

09:44.360 --> 09:50.360
So with a virtual system, if it's sitting on top of a hard drive on top of a desktop computer, that's

09:50.360 --> 09:56.810
not really portable, but on my laptop, if I have virtualization on on a virtual box, obviously that's

09:56.810 --> 09:58.700
portable, but that's because my laptop is portable.

09:58.700 --> 10:00.320
That's not what we're referring to here.

10:00.320 --> 10:05.900
With containerization, we're truly portable, meaning that we can move the device or we can move the

10:05.900 --> 10:08.030
the kernel as we see fit.

10:08.060 --> 10:09.780
And then there's resource efficiency.

10:09.810 --> 10:12.690
Containerization is a lot more efficient than virtualization.

10:12.720 --> 10:17.580
The problem with virtualization is I'm stealing from the main operating system in the type two, where

10:17.580 --> 10:19.830
I'm taking it all in a type one, right.

10:19.860 --> 10:20.580
And a type two.

10:20.610 --> 10:22.290
We're going to dedicate so much Ram to it.

10:22.320 --> 10:25.920
We're going to dedicate so many processors and it's stealing from that core machine.

10:25.920 --> 10:28.080
And that's normal for this type of system.

10:28.110 --> 10:33.240
However, with containerization we have a lot more resource efficiency where it can overlap with one

10:33.240 --> 10:36.090
another and it just provides a more streamlined process.

10:36.270 --> 10:41.490
A lot of times you'll see virtualization for things like I just explained where I'm a at home user and

10:41.490 --> 10:46.080
I'm using virtualization one, two, three, four different machines, and I'm spinning those different

10:46.080 --> 10:47.490
machines to interact with one another.

10:47.520 --> 10:53.070
In containerization, I'm using more containerization in an enterprise environment where I'm literally

10:53.070 --> 10:57.150
containing a different server or a different complexities of an enterprise environment.

10:57.150 --> 11:01.170
That's where containerization is utilized, because I need that resource efficiency.

11:01.170 --> 11:03.780
I need that ability to quickly expand.

11:03.810 --> 11:06.180
Containerization has a faster spin up time.

11:06.180 --> 11:10.230
It's better for capabilities, aspects of it, and it still provides us that isolation.