1.6 Troubleshoot Connectivity Remotely Flashcards
1.6.1 Supporting Remote Users
1.6.2 Remote Access with Telnet, SSH, and RDP
TELNET
Telnet provides a standard method of emulating text-based terminal devices over the data network. Both the protocol itself and the client software that implements the protocol are commonly referred to as Telnet. Telnet servers listen for client requests on TCP port 23.
A Telnet connection is called a virtual terminal (vty) session. Rather than using a physical device to connect to the server, Telnet uses software to create a virtual device that provides features of a terminal session with access to the server’s command line interface (CLI).
Telnet provides a way to use a computer, connected via the network, to access a network device as if the keyboard and monitor were directly connected to the device.
SSH
The Secure Shell (SSH) protocol offers an alternate and secure method for server access. SSH provides the structure for secure remote login and other secure network services. It also provides stronger authentication than Telnet and supports transporting session data using encryption. SSH servers listen for client requests on TCP port 22.
PuTTY
Tera Term
PuTTY is a popular free and open-source terminal emulator program. This client application supports SSH, Telnet, and rlogin. Terra Term is another free and open-source terminal emulator that includes a macro scripting language and plugins. PuTTY and Tera Term can both use the SSH protocol for connections. Both assume that an SSH server, such as the one available with OpenSSH, is running on the destination device. OpenSSH is distributed with a wide range of operating systems, including various Linux distributions, Windows, and MacOS.
RDP
Remote Desktop Protocol (RDP) was created by Microsoft. It uses a client-server model in which the client can connect to an RDP server that is running on a remote system to display the graphical user interface of the remote device. RDP servers and clients are included with Windows, and are available for OS X, Linux, and Unix via xrdp, which is a free and open-source implementation of the Microsoft RDP server.
RDP
Remote Desktop Protocol (RDP) was created by Microsoft. It uses a client-server model in which the client can connect to an RDP server that is running on a remote system to display the graphical user interface of the remote device. RDP servers and clients are included with Windows, and are available for OS X, Linux, and Unix via xrdp, which is a free and open-source implementation of the Microsoft RDP server.
VNC
Other operating systems can also perform these functions. For example, in macOS, remote access functionality is provided by the Screen Sharing feature, which is based on Virtual Network Computing (VNC). Any VNC client can connect to a Screen Sharing server. VNC is a freeware product that is similar in functionality to RDP and works over port 5900.
1.6.4 Understanding VPNs
To securely communicate and share resources over a network that is not secure, such as the internet, a Virtual Private Network (VPN) is used. The most common types of VPN are used to access a corporate private network either by remote users or by remote corporate sites.
A VPN uses dedicated secure connections, routed through the internet, from the corporate private network to the remote user. When connected to the corporate private network, remote access VPN users become part of that network and have access to all services and resources as if they were physically connected to it. VPNs are also used to connect branch offices and other facilities to the corporate network.
VPNs are commonly deployed in one of the following configurations: site-to-site or remote-access.
Site-to-Site VPN
A site-to-site VPN is created when VPN terminating devices, also called VPN gateways, are preconfigured with information to establish a secure tunnel. VPN traffic is only encrypted between these devices. Internal hosts have no knowledge that a VPN is being used.
Remote-Access VPNs
A remote-access VPN is dynamically created to establish a secure connection between a client and a VPN terminating device. For example, a remote access SSL VPN is used when you check your banking information online.
A remote-access VPN creates a virtual tunnel between an user device and a remote network through the public internet. Over this VPN tunnel the user connects to the private network and has remote access to permitted services and resources. A site-to-site VPN is created when VPN terminating devices, also called VPN gateways, are preconfigured with information to establish a secure tunnel.
Remote-access users must install a VPN client on their computers to form a secure connection with the corporate private network. Special routers can also be used to connect computers to the corporate private network. The VPN software encrypts data before sending it over the internet to the VPN gateway at the corporate private network. VPN gateways establish, manage, and control VPN connections, also known as VPN tunnels. Windows supports several VPN types, however, for some VPNs, third-party software may be required. The Cisco AnyConnect VPN client is shown in the figure.
1.6.5 Network Management Systems
Network management systems (NMS) are used to collect data from network devices such as switches, routers, access points, and client devices. The data collected is used to provide insights into the health of the network.
An NMS also gives the network administrator the ability to control these devices operate and interact with one another.
Network management refers to two related concepts. First is the process of configuring, monitoring, and managing the performance of a network. Second is the platform that IT and network operations teams use to complete these tasks. Modern network management platforms provide advanced analytics, machine learning, and intelligent automation to continually optimize network performance. As organizations adapt to a more distributed workforce, these network management systems are increasingly deployed in cloud and hosted environments.
Network management systems collect data from connected network devices such as switches, routers, access points, and client devices. They also give network administrators control over how those devices operate and interact with one another. The data captured from these devices is used to proactively identify performance issues, monitor security and segmentation, and accelerate troubleshooting.
Network management systems typically use Simple Network Management Protocol (SNMP) and Remote Network Monitoring (RMON) to gather information from network devices. Host operating systems have management platforms that allow monitoring and configuration of many host computers.
Network management systems are deployed using two operational models: Cloud Based, On-Premises
1.6.7 Scripts, Automation, and Programmability
Automation involves creating systems that operate themselves. Network automation is the process of automating the configuring, managing, testing, deploying, and operating of physical and virtual devices within a network.
A scripting language such as Python can be used to create programs that automate network management processes, thus creating management and operational efficiencies while saving on the costs associated with manual network management.