IT PRO.TV Network Plus n10-006 001 Various Network Devices

IT PRO.TV Network Plus 001 Various Network Devices.mp4
n10-006

CompTIA N10-006 1.0 Network Architecture
Part I

In this episode, Ronnie and Daniel take you through some of the various network devices that you will most likely encounter as a network tech in the field. They explain in great detail network appliances like routers, switches, firewalls, and even intrusion detection/prevention systems.

1.1 Explain the functions and applications of various network devices
Router (Diagram)
Used to connect dissimilar networks
Dissimilar networks will be on different subnets
Usually connecting private networks to/through public network
Used to separate broadcast domains
Any network nodes that can receive each other's broadcast traffic is in the same broadcast domain
Has multiple interfaces for connecting networks
Works on Layer 3 of the OSI model
Network Layer
Internet Protocol (IP)
Data packets
Learns networks through the building of a Routing Table
Routing tables are built automatically through the use of routing protocols
RIP
OSPF
EIGRP
Routing tables can also be made up by entering Static Routes
Static Routes are manually entered paths to different networks
3 basic types of router uses
Access
SOHO devices that access the internet and provide internet access
Fairly inexpensive devices
Distribution
Aggregates data from multiple access routers and funnels them to a main centralized site
Higher capabilities than that found in access routers
Core
Internet backbone router with highspeed throughput
Has multiple interfaces
Supports multiple protocols
Switch (Diagram)
Used to connect network nodes and separate collision domains
Works on Layer 2 of the OSI model
Data-link Layer
Frames
LLC and MAC
Logical Link Control
Gives functionality of flow control, acknowledgements and error checking
Media Access Control
Used like a traffic cop to control access to the physical media
Carrier Sense Multiple Access w/ Collision Detection (CSMA/CD)
MAC Addresses
48-bit hexadecimal address
Hard coded on network interface cards
Each MAC address is unique
Learns which MAC address is connected to which port on the switch
MAC Address Table
Switch keeps a table containing all the learned MAC addresses and their corresponding switch port
Data is passed in Frames
Data is sent only to the port that is connected to the destination host
Reduces collisions
Each port is its own Collision Domain
Great for all networks, particularly large enterprise-level businesses
Multilayer Switch (Diagram)
Does both switching and routing
Works on both Layer 2 and Layer 3 of the OSI model
Firewall (Diagram)
Appliance or software designed to permit or deny network traffic governed by a list of rules called an Access Control List (ACL)
This is done for the purposes of security
Can be a dedicated appliance or a feature of another appliance like a router
Cisco ASA
Sonicwall
Examples of software based Firewalls
Windows Firewall
PFSense
IPTables
Inspects incoming and/or outgoing packets
Packets can be filtered by...
Source address
Destination address
Port/Protocol
HIDS (No Diagram)
Host-based Intrusion Detection System
Software application that runs on a computer
Inspects traffic looking for intrusion specific footprints
Viruses, rootkits, malware, etc.
Also takes a baseline of the system which allows the HIDS to know if any critical or specified files have been changed
Alerts the user to unauthorized changes
SANS "What is a Host Intrusion Detection System?"
IDS/IPS (Diagram)
Intrusion Detection System (IDS)
Network appliance that checks for signs of intrusion
Modified log files
Modified system files
Malware/spyware, virus, worm
Passive
Alarms are tripped after the fact
Other than alerts, there is no countermeasures taken
Intrusion Prevention System (IPS)
Network Appliance that checks for signs of intrusion in real time
Actively working to prevent intrusion
3 types of detection
Signature detection
Looks for known avenues or patterns of intrusion
Statistical anomaly detection
Creates a statistical analysis of normal network usage and then looks for abberations
Because of the statistical nature, new threats are detected before a signature can become available
Stateful protocol analysis detection
AKA Deep Packet Inspection
Has a knowledge base of how each protocol is supposed to work and then checks each packet for deviation
Access Point (wireless/wired) (Diagram)
Wireless Access Point
Appliance that facilitates the connection of wireless
enabled hosts to a network and/or the Internet
Most Wireless APs have routing capability built-in
Complies with 802.11x standards (a/b/g/n/etc.)
Connects by wire to network/internet appliance
Wired Access Point
Any appliance that facilitates a network connection via a wired media
Hub
Switch