1.8 Modern networks

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/14

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

15 Terms

1
New cards

Infrastructure layer/data plane

  • Processes network frames and packets

  • Forwarding/trunking/encrypting/NAT

  • Does the heavy-lifting

<ul><li><p>Processes network frames and packets</p></li><li><p>Forwarding/trunking/encrypting/NAT</p></li><li><p>Does the heavy-lifting</p></li></ul><p></p>
2
New cards

Control layer/control plane

  • Manages the actions of the data plane

  • Routing/session/NAT tables

<ul><li><p>Manages the actions of the data plane</p></li><li><p>Routing/session/NAT tables</p></li></ul><p></p>
3
New cards

Application layer/management plane

  • Configuring and managing a device

  • SSH, a browser, API, etc.

<ul><li><p>Configuring and managing a device</p></li><li><p>SSH, a browser, API, etc.</p></li></ul><p></p>
4
New cards

SD-WAN

  • Everything used to be in one data centerā€¦ now itā€™s distributed across multiple locations/the cloud

<ul><li><p>Everything used to be in one data centerā€¦ now itā€™s distributed across multiple locations/the cloud</p></li></ul><p></p>
5
New cards

Application aware

  • SD-WANs know which app is in use, and makes routing decisions based on that

6
New cards

Zero-touch provisioning

  • Remote equipment is automatically configured to know where to reach any service no matter its location/no matter what changes are made

7
New cards

Transport agnostic

  • No matter what medium is used for connection, the SD-WAN can connect you to any service

  • Ex. fiber, 5G, DSL, modem, etc.

8
New cards

Central policy management

  • All SD-WAN network configs are made to all devices via one centralized management console

  • No need to go to each individual router

9
New cards

Data center interconnect (DCI)

  • Multiple data centers are connected together

  • Apps can be distributed anywhere at any time without worrying about IP addresses/routing/connectivity/etc.

10
New cards

Virtual Extensible LAN (VXLAN)

  • Supports thousands of customers across the world

  • Can support 16 million virtual networks

  • These virtual networks are connected to each other via a layer 3 (routing) network

11
New cards

VXLAN Process

  • An original ethernet frame from one data center is encapsulated by a VXLAN, UDP, and IP header

  • It would think itā€™s just going over an ethernet connectionā€¦ nope! Itā€™s being sent across the internet to a completely different data center!

  • Itā€™s decapsulated at the other data center

<ul><li><p>An original ethernet frame from one data center is encapsulated by a VXLAN, UDP, and IP header</p></li><li><p>It would think itā€™s just going over an ethernet connectionā€¦ nope! Itā€™s being sent across the internet to a completely different data center!</p></li><li><p>Itā€™s decapsulated at the other data center</p></li></ul><p></p>
12
New cards

Zero-touch architecture

  • Every user/device/etc. is inherently untrusted

13
New cards

Least privilege access

  • Only the minimum amount of access is given to people to complete their jobs, nothing more

14
New cards

Policy-based authentication

  • Uses adaptive identity

  • Location/organizational relationship/role/connection type/IP address/etc. are all being considered

  • Authenticating from inside the org building vs. from another country over VPN

15
New cards

Secure Access Service Edge (SASE)

  • A next-gen, cloud-based ā€˜VPNā€™

  • Moves security tech into the cloud where app data is

  • Clients are installed on all devices and security process is automated; no action needed

Explore top notes

Explore top flashcards