diff --git a/dnaclab_linux/configuration_files/ntp.conf b/dnaclab_linux/configuration_files/ntp.conf
new file mode 100644
index 0000000..e69de29
diff --git a/dnaclab_linux/inventory.yml b/dnaclab_linux/inventory.yml
index d8743a4..4b98176 100644
--- a/dnaclab_linux/inventory.yml
+++ b/dnaclab_linux/inventory.yml
@@ -1,8 +1,24 @@
-home:
-  hosts:
-    ubuntu.dnaclab.net:
-    telemetry.dnaclab.net:
-    developer.dnaclab.net:
-    gitlab.dnaclab.net:
-  vars:
-    ansible_ssh_private_key_file = /home/vlad/.ssh/id_rsa
+---
+  all:
+    children:
+      services:
+        hosts:
+          ubuntu.dnaclab.net:
+      telemetry:
+        hosts:
+          telemetry.dnaclab.net:
+      developer:
+        hosts:
+          developer.dnaclab.net:
+      gitlab:
+        hosts:
+          gitlab.dnaclab.net:
+      test:
+        hosts:
+          test.dnaclab.net:
+      all_servers:
+        hosts:
+          ubuntu.dnaclab.net:
+          telemetry.dnaclab.net:
+          developer.dnaclab.net:
+          gitlab.dnaclab.net:
diff --git a/dnaclab_linux/prestage.yml b/dnaclab_linux/prestage.yml
index 5d71f2c..f39839f 100644
--- a/dnaclab_linux/prestage.yml
+++ b/dnaclab_linux/prestage.yml
@@ -1,8 +1,9 @@
 ---
 - name: Prestage server and install services [SYSLOG, FTP, TFTP, NTP]
-  hosts: all
+  hosts: services
   roles: 
     - common
+    - services
   become: yes
 
   tasks:
@@ -12,19 +13,6 @@
         update_cache: yes
         upgrade: yes
 
-    - name: Update apt cache and install required packages
-      apt:
-        name: "{{ item }}"
-      loop:
-        - curl
-        - tree
-        - syslog-ng
-        - vsftpd
-        - tftpd-hpa
-        - ntp
-        - ufw
-        - xrdp
-
     - name: Create a new regular user with sudo privileges
       user:
         name: "{{ create_user }}"
@@ -40,45 +28,6 @@
         state: present
         key: "{{ copy_local_key }}"
 
-    - name: Configure UFW to allow inbound NTP, SSH, SYSLOG, FTP connections
-      ufw:
-        rule: allow
-        direction: in
-        port: "{{ item.port }}"
-        proto: "{{ item.proto }}"
-      loop:
-        - port: '22'
-          proto: tcp
-        - port: '123'
-          proto: udp
-        - port: '514'
-          proto: udp
-        - port: '23'
-          proto: tcp
-        - port: '3389'
-          proto: tcp
-        - port: '69'
-          proto: udp
-        - port: '5140'
-          proto: tcp
-        - port: '5141'
-          proto: tcp
-        - port: '5142'
-          proto: tcp
-
-
-    - name: UFW - Deny all other incoming traffic by default
-      ufw:
-        state: enabled
-        policy: deny
-        direction: incoming
-
-    - name: Block all IPv6 incoming connections
-      ufw:
-        rule: deny
-        direction: in
-        proto: ipv6
-
     - name: Send Webex Teams message via BOT to confirm playbook completion
       community.general.cisco_webex:
         recipient_type: toPersonEmail
diff --git a/dnaclab_linux/roles/common/vars/main.yml b/dnaclab_linux/roles/common/vars/main.yml
index 1a35c55..92093c2 100644
--- a/dnaclab_linux/roles/common/vars/main.yml
+++ b/dnaclab_linux/roles/common/vars/main.yml
@@ -1,10 +1,25 @@
 $ANSIBLE_VAULT;1.1;AES256
-34323466633533666237623830316138373237326134336236613536633664373564633163613230
-3938393338663632613061646365613630373635613536360a613039306363616432633030306334
-33353839346339393965616234323561306338626533363238306662383938626364303061633332
-6230623361393438610a383230376431373034306331376536313831633366373665393866373338
-65313334623131323931353436623265623033396266623364313934383865386532623630336164
-32653432613065303363303730353864353739633530376637333662303134613339353062303932
-33646466383561373264333734626364663763393766666664653365386230393562626563376265
-63303939363932636266303566363062643166343064343762313339353839326361383062653036
-6232
+37306465323037623364336366393036643966666232653964313436383333633133353232636166
+3232373132386263633466643139313732656537383239310a303935333732353632383736356235
+61326134633862343632343035646637306135646532353264363533383233663034623162663263
+6235616361396435310a313862636162316238336237383938613139366534616537343638306237
+63616535313636303666616137336366626561393162336134656166313837633933326631363430
+39656335303261656637626663383065633265306438323839373239663634316439623730303532
+65383231393738633436356139633665316533383734316434313430393163396636613366373435
+30613839633164363032333434643738353335363666326430396461633331623532346465323361
+37356136306466663132383133653435666666383831646262356166633737656266376135653530
+31363531663366623539363963363766633264356363636133343938323738376630333664666535
+32386230633461623164373338373032313635393137366131336633366137396135343665633330
+33633336386633373437393939343430623164626534633264333031323633613666363738653764
+35373565636233336639393463306534326536383438656334343733333036346463613962643066
+36396634336366396533353038356361326437646538313464653438353231653636366334336437
+34313334326539326338343036633732666465653662373961653566663361396231666566343064
+37633133343463633833643735333637333531326161356263643261653462643362386336623961
+35623864346665633130306233356133346633646238353839393136353439383266343732666535
+63613634663962636436653639396266343166363362663161633562623136343363373037633437
+65386432333634343437313139323466666635313330323831313034616230636465353236383635
+35393138363462333839616261306361386466386662323835376436323462326238363161623339
+64636661623431336266356531373736636337316462333266623266643031613533343632643731
+65653337393562636635326262663639353037336231323332313364616438366362623238393262
+39633134313262616639633637386339353761343339646632356436303061613662643738323736
+36656337333134306363
diff --git a/dnaclab_linux/roles/services/tasks/main.yml b/dnaclab_linux/roles/services/tasks/main.yml
new file mode 100644
index 0000000..6c6b412
--- /dev/null
+++ b/dnaclab_linux/roles/services/tasks/main.yml
@@ -0,0 +1,59 @@
+---
+- name: Install required packages
+  apt:
+    name: "{{ item }}"
+  loop:
+    - curl
+    - tree
+    - syslog-ng
+    - vsftpd
+    - tftpd-hpa
+    - ntp
+    - ufw
+  
+- name: Configure UFW to allow inbound NTP, SSH, SYSLOG, FTP connections
+  community.general.ufw:
+    rule: allow
+    direction: in
+    port: "{{ item.port }}"
+    proto: "{{ item.proto }}"
+  loop:
+    - port: '22'
+      proto: tcp
+    - port: '123'
+      proto: udp
+    - port: '514'
+      proto: udp
+    - port: '23'
+      proto: tcp
+    - port: '3389'
+      proto: tcp
+    - port: '69'
+      proto: udp
+    - port: '5140'
+      proto: tcp
+    - port: '5141'
+      proto: tcp
+    - port: '5142'
+      proto: tcp
+
+- name: UFW - Deny all other incoming traffic by default
+  community.general.ufw:
+    state: enabled
+    policy: deny
+    direction: incoming
+
+- name: Block all IPv6 incoming connections
+  community.general.ufw:
+    rule: deny
+    direction: in
+    proto: ipv6
+
+- name: Apply NTP configuration file
+  ansible.builtin.copy:
+    src: ./configuration_files/ntp.conf
+    dest: /etc/ntp.conf
+    owner: root
+    group: root
+    mode: '0644'
+    backup: yes