Modern Network Environments Flashcards
Software Defined Networking (SDN)
Enables network management through software applications
SD-WAN
SDN applied to WAN connections
What are the three distinct planes of SDN ?
Data, control, and application plane
Data plane
Responsible for packet forwarding
Control plane
Manages network traffic and policies
Application plane
Hosts network
Central policy management
Network admin sets policies and manages all devices from a single interface
Application Aware
Intelligently identify applications and can prioritize traffic based on requirements
Zero-Touch Provisioning
Network devices can automatically download configuration settings from a central location
Transport Agnostic
Flexibility with the type of connectivity used
VXLAN (Extensible)
Enhances the scalability of large-scale cloud computing environments
Layer 2 Encapsulation VXLAN
VXLAN encapsulates Ethernet frames within UDP packets
VXLAN Encapsulation Limit
16.8 million (24 bit) VLANs
Data center interconnect (DCI)
Stretching of layer 2 networks across geographically dispersed data centers
What does DCI allow ?
Seamless mobility of virtual machines between data centers without changing underlying network configurations
Zero Trust
A security model based on strict identity verification and considering all users as potential threats
Policy-based authentication
All users are to be authenticated and continuously validated
What are some authentication policies ?
MPA, biometrics, and behavioral analytics
Authorization in ZTA
Access to resources is granted on a per-session basis
Least privilege
Users, systems, and programs are granted only minimum levels of access/permissions
What does least privilege minimize?
Potential damage from accidental or malicious actions by limiting access rights
Secure access service edge/ security service edge (SASE/SSE)
Combines network security functions with WAN capabilities
What does SSE focus on?
Centralizing various security services like secure web gateways, CASB, ZTNA
What does SASE provide?
Secure network connectivity and access to resources regardless of location
Infrastructure as a code (IaC)
Key practice in cloud computing that involves managing and provisioning computing infrastructure through definition files
Automation in IaC
Enabling rapid and consistent environment setups
Playbooks, templates, and reusable tasks
Define and orchestrate the steps needed for infrastructure setup, modification, and management
Configuration drift
Environments current state deviates from its intended state
What does IaC aid in maintaining ?
Compliance with defined standards and policies by automating configurations and deployments
What does IaC ensure with upgrades?
Less disruption and that all changes are version controlled and reversible
Dynamic Inventories
Resources are automatically discovered and managed based on real time data
Where are dynamic inventories essential ?
Environments that need to adjust quickly to changing demands or configurations
Source control
Provide a system for tracking changes, collaborating, and maintaining integrity of code
Version control
Keeps track of every modification to the code
Central repository
Single source of truth for all code changes
Conflict identification
Automatically detect conflicts for prevention of overwrites
Branching
Diverge from the main line of development
What concepts and functionalities did IPv6 introduce?
Improve routing efficiency, simplify network configuration, and enhance security
How will IPv4 and IPv6 work concurrently ?
With compatability strategies
Tunneling
Transmits IPv6 packets over an existing IPv4 network infrastructure. Encapsulate IPv6 packets within IPv4
Dual stack
Devices run both IPv4 and IPv6 simultaneously
NAT64
Translates IPv6 into IPv4 addresses and vice versa
