Chapter 2 Networking Appliances, Applications, and Functions

Router

Connects multiple networks together enabling communication across the internet

Network Desrination

The destination IP address or network that the router can send packets to

Netmask

Used to define the size of the network for the corresponding destination.

Gateway

What packets are sent through to reach their destination

Interface

A network connection on the router through which packets will be sent

Static routes

Manually configured in the router these don’t change unless someone manually modifies them

Dynamic Routes

Automatically calculated by the router using routing protocols such as OSPF, RIP, or BGP

Switch

Connects devices within a network, forwarding based on MAC addresses

unmanaged switch

A simple plug-and-play device that cannot be configured

Managed switch

Can authenticate users and devices through 802.1x network access protocol (port based authentication). Allows setting configuration, traffic management, and creation of VLANs

PoE Switch

Provides data connection and electrical power to devices through the same network cable

Layer 2 Switches

Use MAC addresses to forward data to devices (simple networks)

UTM firewalls - unified threat management

Provide malware inspection, data loss prevention (DLP), content filtering, and URL filtering.

NGFWs - New Generation Firewalls

Combine traditional capabilities with advanced application-aware security and threat intelligence. Operate at layer 7 and use advanced behavioral analysis and monitoring.

Layer 4 Firewall

The gatekeeper of network traffic entrusted with basic packet filtering. Ensures three way handshake takes place.

Layer 7 Firewalls

Examines the network traffic at the application layer. Identifies, manages, and controls specific applications, user actions, and content.

Stateless Firewall

Basic packet filtering looking at each packets header and based on this it decides whether the packet should pass through or be blocked

Stateful Firewall

Analyzes data deeply making informed decisions operating at layer 3 and 4. This device knows the size and format of each type of network packet.

IDS (Intrusion Detection System)

Actively looks for suspicious activity and flags any potential threats. Analyzes patterns and anomalies in data traffic and alerts administration.

IPS (Intrusion Prevention System)

Continually analyzes network traffic and takes immediate action in blocking or preventing malicious activity.

Load Balancer

Allocates incoming network traffic among several identical servers or resources to enhance resource efficiency

Least connections algorithm

Load balancer sends traffic to the server with the fewest active connections.

Least response time algorithm

Load balancer sends traffic to the server with the lowest average response time to ensure faster processing

IP Hash Algorithm

Uses a hash of clients IP addresses to consistently route requests to the same server

Proxy Server

An intermediary between clients and servers forwarding requests and responses while providing additional functionalities such as caching, filtering, and anonymity.

URL Filtering

Checks to see if websites are on a block list to see whether the request should be blocked

Content Filtering

Examines content on the requested web page and based on the filters set up the request may be blocked based on text, images, or other elements.

Web page caching

Reduces bandwidth and speeds up access by storing frequently accessed web pages on the local network.

NAS Device - Network Attached Storage

A storage device connected to a network that allows multiple users and devices to store and access files centrally. These devices appear as a local drive on your computer.

SAN Storage Area Network

High speed network that connects servers to storage devices. Provides block level access which allows the data to be written and referred to as a logical unit.

FC SANs

Commonly used in large enterprises, requires specialized hardware including fiber channel switches and host bus adaptors (more expensive) highly reliable.

iSCSI - Internet Small Computer Systems Interface

A protocol that allows SANs to use standard Ethernet networks instead of FC hardware. Uses TCO/IP to send storage data over local or WANs. Not as fast as FCP most cost effective option (medium sized organizations)

Wireless Access Point (AP)

A networking device that acts like a bridge connecting wireless devices such as computers, laptops, and smartphones to a wired network using WiFi

Content Delivery Network (CDN)

A network of geographically distributed servers that deliver web content and multimedia efficiently to users based on their geographic location. These devices store caches of data in different locations around the globe.

VPN - Virtual Private Network

Creates encrypted tunnels that protect data as it travels across potentially untrusted networks.

Tunneling

A network technique used to secure and encrypt data as it travels across potentially untrusted networks.

Tunnel mode

User create a VPN session from a remote location. During this AH and ASP are both encrypted.

Always on Mode

Applied during the creation of a site-to-site VPN to build a point-to-point connection between two sites in possession of their own VPNs. Connection is available all the time. Both AH and ESP are encrypted.

Transport Mode

Used during the creation of an IPSec tunnel with an internal network using client/server-to-server communication. Only the ESP is encrypted.

DH key exchange

A method that allows two parties to generate a shared secret key over an insecure channel.

QoS

Prioritizes and manages network traffic to ensure performance and reliability

TTL

Limits the lifespans of packets to prevent network congestion and loops.