Section 11 Part two

Load Balancer Active/Active Setup

both load balancers are active and share the traffic simultaneously. Traffic is distributed between the two load balancers based on pre-defined rules.

Load Balancer Active/Active Setup Usage

Suited for high-traffic environments where load distribution is essential for optimal performance.

Load Balancer Active/Active Setup Advantage

Enhances capacity and reliability of the service. Reduces risk of downtime.

Load Balancer

a device or software that evenly distributes network or application traffic across multiple servers to prevent any single server from becoming overburned, which improves overall performance and reliability.

Hardware Load Balancers

physical devices specifically designed for load balancing. Typically more powerful.

Software Load Balancers

can run on standard hardware or in cloud environments. They offer more flexibility and are often more cost-effective.

Load Balancer Active/Passive Setup

One load balancer is active and handles all the traffic while the other remains passive (idle) as a standby. Improves reliability not performance.

Load Balancer Active/Passive Usage

Ideal for scenarios where uninterrupted service is critical but where simultaneous operation of two load balancers is not necessary.

Load Balancer Active/Passive Advantage

Provides a reliable backup, ensuring continuity of service

802.1x

is an IEEE standard for post-based Network Access Control (PNAC). It is used to authenticate devices that are attempting to connect to a LAN or WLAN.

EAP (Extensible Authentication Protocol)

is a framework frequently used in network access control for various authentication methods.

EAP

is designed to support multiple authentication mechanisms, including passwords, tokens, certificates, and public key encryption. Part of IEEE 802.1X standard for network access control.

Packet filtering Firewalls

the most basic type, which inspects packets or permits or denies them based on source and destination IP addresses, ports, protocols. (No longer used)

Stateful Inspection Firewalls

more advanced than packet filtering, these firewalls track the state of active connections and make decisions based on the context of the traffic. (All firewalls based on this)

Web Application Firewall (WAF)

are specifically designed to protect web apps by filtering and monitoring HTTP traffic between web app and the internet. They are effective in preventing web app attacks such as XSS, SQL injection, and session hijacking.

WAFs operate at the application layer and apply a set of rules to an HTTP conversation.

True

Unified Threat Management (UTM)

provide a comprehensive solution that combines multiple security features and services in a single device. These include features like anti-virus, anti-spyware, ids & ips

Advantage of UTM

is the simplicity and ease of management as it consolidates multiple security features, ideal for medium and small businesses.

NGFW

more advanced version of a firewall, integrating things like deep packet inspection, intrusion prevention, and application awareness

Deep Packet Inspection (DPI)

NGFW go beyond port/protocol inspection and blocking to inspect the data with the packets themselves.

Difference between UTM and NGFW is

NGFW’s are more customizable

WAF is considered in Layer 7 in OSI

True

What layer is firewall under

Layer 4

What layer is proxy under

Layer 7

VPN

is a technology that creates an encrypted connection over a less secure network. It establishes secure communication paths through the internet between two distant networks.

Tunneling

The encapsulation of a protocol- deliverable message within a second protocol.

TLS (Transport Layer Security)

operates at level 4 of OSI model. Type of tunnel that uses TLS/SSL encryption of data; uses port 443.

L2TP

is a standard protocol for tunneling L2 traffic over an IP network. Hybrid of Layer 2 forwarding. Creates a point to point tunnel between communication endpoints. Uses IPsec as the security mechanism.

IPSec

a standalone VPN protocol, a security mechanism for L2TP, provides secure authentication and encryption.

IPSec Components

Authentication Header
Encapsulating Security Payload

Authentication Header

provides authentication, integrity, and non-repudiation, has replay protection using sequence number.

Encapsulating Security Payload

provides encryption to protect confidentiality of transmitted data.

Two modes for IPSec

Tunnel Mode
Transport Mode

Tunnel Mode

Payload and headers are protected; final destination is hidden. must decrypt packet at each hop.

Transport Mode

Payload protected; final destination is visible; can be routed w/o decryption.

SD-WAN

overlays your network and its going to allow for efficient network traffic that allows applications to be used correctly and efficiently. making data routing more efficient.

SASE

is a cloud native networking architecture that combines network security functions with WAN capabilities to support the dynamic secure access needs of organizations. It merges SD-Wan capabilities with comprehensive security services.