Introducing WAN Technologies

Question 1

Service provider networks are complex. They are mostly built of high-bandwidth fiber-optic media, using Dense Wavelength Division Multiplexing (DWDM), the Synchronous Optical Networking (SONET) in North America, and Synchronous Digital Hierarchy (SDH) in the rest of the world. These standards define how to transfer data over optical fiber over great distances

Answer 1

Dense Wavelength Division Multiplexing (DWDM)

Synchronous Optical Networking (SONET) - in North America

Synchronous Digital Hierarchy (SDH) - in the rest of the world

Question 2

Are devices that modulate and demodulate analog carriers to encode and retrieve digital information. A modem interprets digital and analog signals, enabling data to be transmitted over voice-grade telephone lines.

Answer 2

Modems

Question 3

Are used where a fiber-optic link terminates to convert optical signals into electrical signals and vice versa. You can also implement the converter as a router or switch module.

Answer 3

Optical fiber converters

Question 4

provides internetworking and WAN access interface ports that are used to connect to the service provider network. These interfaces may be serial connections or other WAN interfaces. With some types of WAN interfaces, you need an external device such as a CSU/DSU or modem (analog, cable, or DSL) to connect the router to the local point of presence (POP) of the service provider.

Answer 4

router

Question 5

Resides within the middle or backbone of the WAN, rather than at its periphery. To fulfil this role, a router or multilayer switch must be able to support multiple telecommunications interfaces of the highest speed in use in the WAN core. It must also be able to forward Internet Protocol (IP) packets at wire speed on all these interfaces.

Answer 5

core router or multilayer switch

Question 6

Are used when you are using the wireless medium for WAN connectivity. You can also use an access point instead of a wireless router.

Answer 6

Router with cellular connectivity features

Question 7

Data terminating equipment (DTE) and data communications equipment (DCE) are terms that were used in the context of WAN connectivity options that are mostly considered legacy today. The two terms name two separate devices. The DTE device is either a source or a destination for digital data. Specifically, these devices include PCs, servers, and routers. In the figure, a router in either office would be considered a DTE. DCE devices convert the data received from the sending DTE into a form acceptable to the WAN service provider.

Answer 7

DTE - (Data terminating equipment)

DCE - (Data communications equipment)

Question 8

Is a marking which separates a customer’s WAN equipment from the service provider’s equipment.

Answer 8

demarcation point

Question 9

The customer side of the demarcation point accommodates

Answer 9

Customer Premises Equipment (CPE)

Question 10

This topology establishes a circuit (a logical connection) between exactly two sites. It is also called a Layer 2 service as it creates a connection, via which it seems that both sites are on the same physical segment.

Answer 10

Point-to-point topology

Question 11

This topology features a central router or multilayer switch, acting as the hub, which is connected to all other remote devices, the spokes. All communication among the spoke networks traverses the hub.

Answer 11

Hub-and-spoke topology

Question 12

In this topology, each remote node on the periphery of a given service provider network has a direct logical connection, also called a circuit, to every other remote node. Any site can communicate directly with any other site. The key rationale for creating a full mesh environment is to provide a high level of redundancy.

Answer 12

Full mesh topology

Question 13

In this topology, almost, but not all remote nodes are inter-connected. It reduces the number of sites that have direct connections to all other nodes. Partial meshes are highly flexible topologies that can take various very different configurations.

Answer 13

Partial mesh topology

Question 14

Which provide permanent dedicated connections using point-to-point links with various capacities that are limited only by the underlying physical facilities and the willingness of enterprises to pay for these dedicated lines. A point-to-point link provides a pre-established WAN communications path from the customer premises through the provider network to a remote destination.

Answer 14

Dedicated communication links

Question 15

Can be either circuit-switched or packet-switched. It is important to differentiate between the two switching models

Answer 15

Switched communication links

Question 16

Circuit switching establishes a dedicated virtual connection, called a circuit between a sender and a receiver. The connection through the network of the service provider is established dynamically, before communication can start, using signaling which varies for different technologies.

Answer 16

Circuit-switched communication

Question 17

Using circuit switching does not make efficient use of the allocated fixed bandwidth due to the data flow fluctuations. In contrast to circuit switching, packet switching segments data into packets that are routed over a shared network

Answer 17

Packet-switched communication

Question 18

Instead of using a separate WAN infrastructure, enterprises today commonly take advantage of the global internet infrastructure for WAN connectivity. Previously, the internet was not a viable option for a WAN connection due to many security risks and lack of SLA, i.e. the lack of adequate performance guarantees.

Answer 18

Internet-based communication links

Question 19

Is a Layer 2 technology which defines virtual circuits (VCs). Each VC represents a logical end-to-end link mapped over the physical service provider’s Frame Relay WAN. An enterprise can use a single router interface to connect to multiple sites using different VCs.

Answer 19

Frame Relay

Question 20

Is built on a cell-based architecture rather than on a frame-based architecture. ATM cells are always a fixed length of 53 bytes. Small, fixed-length cells are well-suited for carrying voice and video traffic because this traffic is intolerant of delay. Video and voice traffic do not have to wait for larger data packets to be transmitted.

Answer 20

ATM technology

Question 21

Is an Internet Engineering Task Force (IETF) standard that defines a packet label-based switching technique, which was originally devised to perform fast switching in the core of IP networks. This technique helped carriers and large enterprises scale their networks as increasingly large routing tables become more complex to manage.

Answer 21

MPLS (Multipleprotocol Label Switching)

Question 22

Many municipal governments, often working with service providers, are deploying wireless networks. Some of these networks provide high-speed internet access at no cost or for substantially less than the price of other broadband services.

Answer 22

Municipal Wi-Fi

Question 23

Broadband refers to wireless internet access delivered through mobile phone towers to computers, mobile phones, and other digital devices. Devices use small radio antenna to communicate with larger antenna at the phone tower, via radio waves.

Answer 23

Cellular/Mobile

Question 24

Is a general term for the internet services from a mobile phone or from any device that uses the same technology. A mobile phone subscription does not necessarily include a mobile data subscription.

Answer 24

Mobile Internet or Mobile Data

Question 25

A mobile technology that increased the capacity and speed of the wireless link compared to 2G and 3G technologies. It introduced novelties, such as using a different radio interface, and core network improvements.

Answer 25

Long-Term Evolution (LTE)

Question 26

Acronyms refer to the mobile wireless technologies and standards, and stand for second, third, fourth, and fifth generations of mobile wireless technologies. Each new generation is an evolution of the previous one. Each generation defines its own standards and with each new generation the access bitrates continue to increase.

Answer 26

2G/3G/4G/5G

Question 27

Is a high-speed bi-directional internet connection made through geostationary communications satellites. Internet-by-satellite speed and cost nowadays compare with DSL broadband offerings. Satellite Internet is typically used in locations where land-based internet access is not available or for temporary installations that are mobile.

Answer 27

Satellite Internet

Question 28

Provides high-speed broadband service with wireless access and provides broad coverage similar to a cell phone network rather than through small Wi-Fi hotspots. WiMAX is a wireless technology for both fixed and mobile implementations. WiMAX operates in a similar way to Wi-Fi, but at higher speeds, over greater distances, and for a greater number of users.

Answer 28

Worldwide Interoperability for Microwave Access (WiMAX)

Question 29

Single-homed ISP connectivity is used in cases when a loss in internet connectivity is not as problematic to a customer (although the internet is typically a vital resource). Single-homed customers use only one service provider for the internet uplink, and use only one physical uplink to connect to the ISP, so there is no redundancy.

Answer 29

Single-homed

Question 30

With a single ISP, customers can still achieve redundancy if two links toward the same ISP are used, effectively making a customer dual-homed. The dual-homed design could also be configured to load balance traffic over both of the links, but the dual-home redundancy option cannot protect the customer if the ISP has an outage.

Answer 30

Dual-homed

Question 31

If a customer network is connected to multiple ISPs, the solution is said to be multihomed. The customer is responsible for announcing their own IP address space to upstream ISPs. The customer should avoid forwarding any routing information between ISPs, or they become a transit provider between the two ISPs.

Answer 31

Multihomed

Question 32

To enhance resiliency, a customer can have two links to each ISP, making the solution dual-multihomed. This dual-multihomed solution gives an organization the most redundancy possible. This set up would probably be the connectivity option of choice for a data center or a large enterprise with plenty of resources, as it would be the most costly option.

Answer 32

Dual-multihomed

Question 33

is a technology that secures communication across an untrusted network. By definition, as per Request for Comments (RFC) 2828, a VPN is “a restricted-use, logical (for example, artificial or simulated) computer network that is constructed from the system resources of a relatively public, physical (for example, real) network (such as the internet), often by using encryption (located at hosts or gateways), and often by tunneling links of the virtual network across the real network.”

Answer 33

VPN (Virtual Private Network)

Question 34

Logical networks, independent of physical architecture.

Answer 34

Virtual

Question 35

Independent of IP addressing and routing schemes (noncryptographic approaches). Secure confidentiality, message integrity, and origin authentication (cryptographic approaches).

Answer 35

Private

Question 36

Interconnected computers, devices, and resources that are grouped to share information.

Answer 36

Network

Question 37

Site-to-site VPN and remote-access VPN. A site-to-site VPN connects two entire networks, is statically configured and serves traffic of many hosts. A remote-access VPN connects an individual endpoint over the internet to the VPN device at the edge of the remote network.

Answer 37

Deployment mode

Question 38

IP Security (IPsec) VPN, Secure Sockets Layer (SSL) VPN, MPLS VPN, and hybrid VPNs combining multiple technologies.

Answer 38

Underlying technology

Question 39

VPNs enable organizations to use a cost-effective, third-party internet transport to connect remote offices and remote users to the main corporate site. The use of VPNs therefore eliminates expensive, dedicated WAN links.

Answer 39

Cost savings

Question 40

VPNs enable corporations to use the internet infrastructure, which makes it easy to add new users. Therefore, corporations can expand capacity without adding significant infrastructure. For instance, a corporation with an existing VPN between a branch office and the headquarters can securely connect new offices by simply making a few changes to the VPN configuration and ensuring that the new office has an internet connection.

Answer 40

Scalability

Question 41

VPNs allow mobile workers, telecommuters, and people who want to extend their work day to take advantage of high-speed, broadband connectivity, such as DSL and cable, to gain access to their corporate network.

Answer 41

Compatibility with broadband technology

Question 42

Cryptographic VPNs can provide the highest level of security by using advanced encryption and authentication protocols that protect data from unauthorized access. The two available options are IPsec and SSL.

Answer 42

Security

Question 43

VPNs connect entire networks to each other, such as connecting branch offices, home offices, or business partners networks to the main office network. Each site has a VPN capable device, called VPN gateway. Routers, firewalls, and other security appliances, such as the Cisco Adaptive Security Appliance (ASA), can act as VPN gateways.

Answer 43

Site-to-site

Question 44

VPNs are used to connect individual hosts to remote networks over the internet. These VPNs support the need of telecommuters, mobile users, and enterprise customers to access remote networks and applications. Individual hosts typically connect to internet via broadband connections.

Answer 44

Remote-access

Question 45

IPsec is a framework of open standards that spells out the rules for secure communications. IPsec relies on existing algorithms to implement cryptographic functions. The framework allows technologies to be replaced over time. When cryptographic technologies become obsolete, it does not make the IPsec framework obsolete.

Answer 45

IPsec tunnel

Question 46

Although IPsec provides a secure method for tunneling data across an IP network, it has limitations. IPsec does not support IP broadcast or IP multicast, for example, it cannot be used when exchanging messages from protocols that rely on these features, such as routing protocols.

Answer 46

Generic Routing Encapsulation (GRE) over IPsec

Question 47

Is a Cisco proprietary software solution that simplifies the device configuration when there is a need for many VPN connections. With Cisco DMVPN, a hub-and-spoke topology is first implemented. The configuration of this network is facilitated by a multipoint GRE tunnel interface, established on the hub.

Answer 47

Cisco Dynamic Multipoint Virtual Private Network (DMVPN)

Question 48

IPSec VTI is a feature that associates an IPsec tunnel endpoint with a virtual interface. Traffic is encrypted or decrypted when it is forwarded from or to the tunnel interface and is managed by the IP routing table. Using IP routing to forward the traffic to the tunnel interface simplifies the IPsec VPN configuration compared to the conventional process, allowing for the flexibility of sending and receiving both IP unicast and multicast encrypted traffic on any physical interface.

Answer 48

IPsec virtual tunnel interface (VTI)

Question 49

A cryptographic VPN

Answer 49

IPSec VPN

Question 50

A client in remote-access VPN

Answer 50

SSL enabled browser

Question 51

Is a device that can act as VPN gateway, to terminate VPNs

Answer 51

Firewall

Question 52

Is a site-to-site VPN solution that implements hub-and-spoke topology and facilitates establishment of direct spoke-to-spoke connections

Answer 52

Cisco DMVPN

Question 53

Is a site-to-site VPN solution that enables secure exchange of broadcast and multicast traffic

Answer 53

GRE over IPSec VPN