Advanced Networking Devices Flashcards
an encrypted tunnel between a computer or remote network and a private network through the Internet
virtual private network (VPN)
a virtual cable created in a VPN in which VPN software on the client creates a virtual NIC and creates a local IP address along with the IP information of a local network; that first IP address allows it to connect to a private network; the “cable” connects the client to a VPN server
VPN tunnel
an advanced version of PPP for VPNs; the server endpoint is an RRAS program; when the remote computer connects to the server, the protocol creates a secure tunnel through the Internet to the private LAN; every OS has a program that supports this protocol; for security, this protocol uses autentication and encryption
Point-to-Point Tunneling Protocol (PPTP)
remote access server program on a Windows server for VPN connections
Routing and Remote Access Service (RRAS)
VPN protocol that combines PPTP and L2F and adds the ability to run a VPN on almost any connection, such as Ethernet, telephone, and optical connections; the server is a VPN concentrator; Cisco provides free client software to connect to the Cisco VPN; does not use encryption or authentication, relying on IPSec for all its security needs; every OS’s VPN client supports these VPNs
Layer 2 Tunneling Protocol (L2TP)
Cisco protocol used in the L2TP VPN protocol
Layer 2 Forwarding (L2F)
the VPN-capable router used in an L2TP connection rather than a VPN server program
VPN concentrator
a VPN that offers advantages over Data Link or Network based VPNS since they don’t require special client software; clients connect to the server using a Web Browser, with traffic secured by TLS
SSL VPN
SSL VPN where the client accesses the VPN via a secure Web page
SSL portal VPN
SSL VPN where the client runs some kind of active control (ex. Java) through the Web browser; much greater access than portal VPN, and is more like a typical host-to-site connection; need sufficient permissions
SSL tunnel VP
VPN that uses UDP datagrams through a TLS tunnel rather than TCP segment for delay-sensitive applications like voice over VPN; ex., Cisco AnyConnect…
Datagram TLS (DTLS) VPN
VPN that enables direction VPN connections between multiple locations rather than having traffic pass through a central location
dynamic multipoint VPN (DMVPN)
VPN that uses Ipsec tunneling, such as Cisco IOS Easy VPN
IPSec VPN
protocol that is paired with IPSec for encryption in some VPNs
Generic Routing Encapsulation
form of managed device configuration where configuring is done through a dedicated port that is connected to a segregated switch
out-of-band management
a router with out-of-band management capabilities, like management URL?, modem connection, and console port
console outer
process of transferring VLAN traffic between two or more switches
trunking
a configuration port on each switch in a VLAN-enabled network that sends/receives all traffic between the switches
trunk port
the VLAN designation for a trunk port
native VLAN
VLAN that is based on ports
static VLAN
VLAN that is based on MAC Addresses; never used today
dynamic VLAN
a vulnerability of native VLANs that lets an attacker access VLANs that they shouldn’t; modern network now set the native VLAN to an unused VLAN
double-tagging attack
proprietary Cisco protocol that automates the updating of multiple VLAN switches; changes on the server are reflected on the client switches, while “transparent” switches hold their configuration
VLAN Trunking Protocol (VTP)
tool offered with VTP for minimizing broadcast traffic
VTP pruning
