Networking Devices

Question 1

Hub

Answer 1

• “Multi-port repeater”
• Traffic going in one port is repeated
to every other port
• OSI Layer 1
• Everything is half-duplex
• Becomes less efficient as network speeds increase
• 10 megabit / 100 megabit
• Difficult to find today

Question 2

Bridge

Answer 2

• Imagine a switch with two to four ports
• Makes forwarding decisions in software
• Connects different physical networks
• Can connect different topologies
• Gets around physical network
size limitations / collisions
• OSI Layer 2 device
• Distributes traffic based on MAC address
• Most bridges these days are wireless access points
• Bridges wired Ethernet to wireless

Question 3

Switch

Answer 3

• Bridging done in hardware
• Application-specific integrated circuit (ASIC)
• An OSI layer 2 device
• Forwards traffic based on data link address
• Many ports and features
• The core of an enterprise network
• May provide Power over Ethernet (PoE)
• Multilayer switch
• Includes Layer 3 (routing) functionality

Question 4

Router

Answer 4

• Routes traffic between IP subnets
• OSI layer 3 device
• Routers inside of switches sometimes
called “layer 3 switches”
• Layer 2 = Switch
• Layer 3 = Router
• Often connects diverse network types
• LAN, WAN, copper, fiber

Question 5

Firewall

Answer 5

• Filters traffic by port number
• OSI layer 4 (TCP/UDP)
• Some firewalls can filter through OSI layer 7
• Can encrypt traffic into/out of the network
• Protect your traffic between sites
• Can proxy traffic
• A common security technique
• Most firewalls can be layer 3 devices (routers)
• Usually sits on the ingress/egress of the network

Question 6

Wireless access point (WAP)

Answer 6

• Not a wireless router
• A wireless router is a router and
a WAP in a single device
• WAP is a bridge
• Extends the wired network
onto the wireless network
• WAP is an OSI layer 2 device

Question 7

Converting media

Answer 7

• OSI Layer 1
• Physical layer signal conversion
• Extend a copper wire over a long distance
• Convert it to fiber, and back again
• You have fiber
• The switch only has copper ports
• Almost always powered
• Especially fiber to copper

Question 8

Wireless range extender

Answer 8

• Wireless never seems to stretch far enough
• We can’t always choose where
to install an access point
• Extend the reach of a wireless network
• A wireless repeater

Question 9

VoIP endpoint

Answer 9

• Some people still communicate using voice
• We now send this using VoIP
• The device can now be anything
• Traditional phone handset, desktop application,
mobile device app

Question 10

Multilayer switches

Answer 10

• A switch (Layer 2) and router (Layer 3) in the same
physical device
• Layer 2 router?
• Switching still operates at OSI Layer 2, routing still
operates at OSI Layer 3
• There’s nothing new or special happening here

Question 11

Wireless networks everywhere

Answer 11

• Wireless networking is pervasive
• And you probably don’t just have a single access point
• Your access points may not even be in the same building
• One (or more) at every remote site
• Configurations may change at any moment
• Access policy, security policies, AP configs
• The network should be invisible to your users
• Seamless network access, regardless of role

Question 12

Wireless LAN controllers

Answer 12

• Centralized management of WAPs
• A single “pane of glass”
• Deploy new access points
• Performance and security monitoring
• Configure and deploy changes to all sites
• Report on access point use
• Usually a proprietary system
• Wireless controller is paired with the access points

Question 13

Balancing the load

Answer 13

• Distribute the load
• Multiple servers
• Invisible to the end-user
• Large-scale implementations
• Web server farms, database farms
• Fault tolerance
• Server outages have no effect
• Very fast convergence

Question 14

Load balancer

Answer 14

• Configurable load
• Manage across servers
• TCP offload
• Protocol overhead
• SSL offload
• Encryption/Decryption
• Caching
• Fast response
• Prioritization
• QoS
• Content switching
• Application-centric balancing

Question 15

IDS and IPS

Answer 15

• Intrusion Detection System / Intrusion Prevention
System
• Watch network traffic
• Intrusions
• Exploits against operating systems, applications, etc.
• Buffer overflows, cross-site scripting, other
vulnerabilities
• Detection vs. Prevention
• Detection – Alarm or alert
• Prevention – Stop it before it gets into the network

Question 16

Identification technologies

Answer 16

• Signature-based
• Look for a perfect match
• Anomaly-based
• Build a baseline of what’s “normal”
• Behavior-based
• Observe and report
• Heuristics
• Use artificial intelligence to identify

Question 17

Proxies

Answer 17

• Sits between the users and the external network
• Receives the user requests and sends the request
on their behalf (the proxy)
• Useful for caching information, access control,
URL filtering, content scanning
• Applications may need to know how to
use the proxy (explicit)
• Some proxies are invisible (transparent)
Application proxies
• Most proxies in use are application proxies
• The proxy understands the way the application works
• A proxy may only know one application, i.e., HTTP
• Many proxies are multipurpose proxies
• HTTP, HTTPS, FTP, etc.

Question 18

VPN concentrator

Answer 18

• Virtual Private Network
• Encrypted (private) data traversing a public network
• Concentrator
• Encryption/decryption access device
• Often integrated into a firewall
• Many deployment options
• Specialized cryptographic hardware
• Software-based options available
• Used with client software
• Sometimes built into the OS

Question 19

Remote access VPN

Answer 19

• On-demand access from a remote device
• Software connects to a VPN concentrator
• Some software can be configured as always-on

Question 20

AAA framework

Answer 20

• Identification - This is who you claim to be
• Usually your username
• Authentication - Prove you are who you say you are
• Password and other authentication factors
• Authorization
• Based on your identification and authentication,
what access do you have?
• Accounting
• Resources used: Login time, data sent and received,
logout time

Question 21

RADIUS (Remote Authentication Dial-in User Service)

Answer 21

• One of the more common AAA protocols
• Supported on a wide variety of platforms and devices
• Centralize authentication for users
• Routers, switches, firewalls
• Server authentication
• Remote VPN access
• 802.1X network access
• RADIUS services available on almost any
server operating system

Question 22

UTM / All-in-one security appliance

Answer 22

• Unified Threat Management (UTM) /
Web security gateway
• URL filter / Content inspection
• Malware inspection
• Spam filter
• CSU/DSU
• Router, Switch
• Firewall
• IDS/IPS
• Bandwidth shaper
• VPN endpoint

Question 23

Next-generation Firewalls (NGFW)

Answer 23

• The OSI Application Layer
• Layer 7 firewall
• Can be called different names
• Application layer gateway
• Stateful multilayer inspection
• Deep packet inspection
• Requires some advanced decodes
• Every packet must be analyzed, categorized,
and a security decision determined

Question 24

VoIP technologies

Answer 24

• PBX (Private Branch Exchange)
• The “phone switch”
• Connects to phone provider network
• Analog telephone lines to each desk
• VoIP PBX
• Integrate VoIP devices with a corporate phone switch
• VoIP Gateway
• Convert between VoIP protocols and
traditional PSTN protocols
• Often built-in to the VoIP PBX

Question 25

Content filtering

Answer 25

• Control traffic based on data within the content
• Data in the packets
• Corporate control of outbound and inbound data
• Sensitive materials
• Control of inappropriate content
• Not safe for work
• Parental controls
• Protection against evil
• Anti-virus, anti-malware