Chapter 7 - Network Devices Flashcards
Firewalls
Can be software or hardware
Control access and egress of network traffic
Prevent in authorised access to a private network
Protects company network and data
Protects from intrusion and attack.
! It doesn’t prevent viruses or malware!
Software Firewall
Host based Runs on a PC or sever Is configurable software Since windows XP a software firewall included in the OS Protects just the host
Hardware Firewall (Network)
Typically a device
Can run in a server
Segregated a LAN from devices on an untrusted network
Protects entire network
Packet Filtering
Accepts or rejects packets entering and leaving the network through configurable criteria.
Application Gateway
Applies security mechanisms to specific application
Circuit level gateway
Applies security mechanisms to TCP and UDP connections working on port numbers
Proxy server
Hides network addresses
Only exposes the public network to the internet
Can’t see used addresses of the private network
Routers
Lester 3 - Network Layer
Connects networks
Forwards packets to tiger networks based on IP address
Is a gateway device
Focuses on network port Hong of address
Connects LAN to WAN, LAN to LAN, LAN to ISP
Broadband router
Connects both computer together and to the internet
It perform as switching and routing (Layer 3 - Network switch)
Edge router
Placed on edge of your ISP
Subscriber edge router
Connects to ISP edge router
Core router
Inside of network and not connected to public internet
Hub
Layer 1 physical device Connects hosts or LAN segments Broadcasts to all ports All hosts or segments see the packets Is not aware of addressing
Switch
Data link layer 2
Swear of addressing
Spends packets to a specific port by learning MAC Addresses
Prevents looping by supporting VLAN and spanning tree protocol (STP)
Improves bandwidth by not flooding network with in necessary traffic like a hub does
Ethernet Switch port parameters
1/ Interface speed, it can have auto negotiator speed sensing or manually set
2/ duplex
3/ Auto Media Dependant Interface Crossover (mdix)
Which enables a switch to re work a connection digitally to use a straight through cable where a cross over cable is needed
Normally wires 1 and 2 transmit and 3 and 6 receive
Auto sensing reduces changes needing to be made but requires more performance
Bridge
Operates at data link layer 2 Joins two seperate network segments Enables communications between segments using the same protocol Uses MAC Address Can be used to extend a network
! Bridges don’t connect networks. They connect different portions of the same network.!
Bridge additional functions not provided by a switch
Enables connection of dissimilar media and different network architecture.
Media - UPS and Fiber
Architecture- Token ring and Ethernet
Bridge types
1/ Local Bridge
Directly connects segments of the same LAN
2/ Remote Bridge
Creates a WAN link between LANs using the same network address. (1 LAN in one building and a second in another building)
3/ Wireless Bridge
Provides wireless connectivity from Ethernet ports and can benefit devices if a bridge connects to a switch
Extends segment with wireless capability
- They us a MAC Address Table which enables communication when needed while keeping traffic in segments segregated from other segments*
Modems
Enables computer to transmit data using phone lines Is a modulator/demodulator device RS-232 standard 56kbos mx speed Converts digital and analog information
- Analog transmit over phone line
- Modulation is converting from digital to analog
- demodulate is concerting analog to digital
Modem Types
1/ Hardware
Dial up modem where processing occurs in the modem
2/ Software
Lost cost
Easy to upgrade
Computer processes the data
Wireless access point (WAP)
Used to provide a host with wireless connection
Extends wireless range
Acts like a bridge between wire and wireless networks
Can be a multi purpose device but single function devices are more efficient
They can!
Strengthen security as you need to know connection information and they extend wireless range.
Rogue Access Point
In authorised access point that is connected to a company network which provides attackers with access to company LAN over wifi.
Evil Twin
A phishing attack
Attacks sets up a legitimate looking access point using possibly a portable host to harvest data
Media Converters
Adapter used to enable segments or networks using different media to connect and exchange signals.
Physical layer 1 device
They’re cost effective and flexible to use
Can convert multi mode fiber to single mode
Can convert electrical signals to light waves
Enables signal boost between devices
Some converters operate at Layer 2 data link
Media converter characteristics
Help expand network distance
Implement Wave a length Division Multiplexing (WDM) to boost fiber performance
Retain investment into existing infrastructure
Wireless range extender
Extends radio frequency range of wireless transmissions
Layer one physical device to extend Ethernet network
Simply passes on data traffic to extend
Allows devices to connect to a WLAN outside WAP normal range
Don’t place extender at very edge of WAP range as it won’t be a very strong signal. Have overlap.
Distance from a wireless extender depends on?
1/ Transmitter Power
2/ Gain of antenna
3/ Clients transmitter and receiver
!you just stay within range of the extender!
VoIP End Points
Is voice over IP Protocol
hardware and software needed to make use of internet as a transmission medium
Voice Data
Sent using IP instead of Public Switched Telephone Network (PSTN)
Need to be signed into an application and configure as a contact
VoIP Benefits
Cost saving
Media, Protocol and applications service
Software base VoIP devices
Use direct VoIP data conversations where you can
Call switching and connection manage
Call recording and auto attend
Conference call
Translation language
End points
Typically an IP Phone that’s TCP/IP aware and connected directly by data link
Plugged into an Ethernet switch it hub
10 or 100Base5 with auto negotiate interfaces
Multiple end points
Assign server devices to ring upon receiving a call
Allows call answer from any geographical location
