Network + Part 5

Infrastructure as a Service. Also, Hardware as a Service. Outsource your equipment. Still responsible for the management and security. Good for hosting your website on a 3rd party server where you provide the site.

Software as a Service. On demand software with no local installation. Central management of data and applications. Examples are email servers.

Platform as a service. No servers, no software, no maintenance team, someone else handles the platform while you handle the development. No direct control over infrastructure. Help build an app with less coding. An example is salesforce.

Available to everyone on the internet.

Several organizations share the same resource.

You own a virtualized local data center.

A mix of public and private.

Desktop as a Service. Virtual desktop infrastructure over a network. Does not have a big impact on memory or CPU but needs high bandwidth.

Scale up or down as needed.

Define servers and hardware as code. Can be duplicated.

Entire application instances can be instantly provisioned.

Site to site private network to encrypt through the internet.

Connects users on the Internet.

Virtual private cloud endpoint. Direct connection between cloud provider networks.

When you lose control of which Virtual Machines are connected to which applications. You have more open than necessary. This is why detailed documentation is necessary.

When something malicious breaks out of the VM and attacks the host.

Voice over Internet Protocol.

Internet of Things

Supervisory Control and Data Acquisition System. PC manages the industrial equipment and receives feedback. Security Risk.

Industrial Control Systems

• Similar to a Multiport Repeater. Traffic going in one port is repeated to every other port. OSI Layer 1.
• Everything is half-duplex, send or receive. Less efficient as more devices are added.

An oldschool switch. The ports on a modern switch are all bridges. An OSI Layer 2 device because it distributes traffic based on MAC addresses.

• Each port is a bridge. Application specific integrated circuit. (ASIC) Makes forwarding decisions based on MAC addresses so it is a layer 2 device. Has many ports and features such as (PoE) Power over Ethernet.
• There are router Layer 3 hybrids available called a multi-layer switch.

Routes traffic between IP subnets. OSI Layer 3 device. Can also connect different types of cabling and networks, such as fiber to copper, WAN to LAN.

A wireless access point that acts like a bridge between a wired router and wireless device. Uses MAC addresses so it is Layer 2.

Broadband transmission across multiple frequencies. Different traffic types for different devices such as phone, internet, TV. This is called DOCSIS, Data Over Cable Service Interface Specification.

ADSL, Asymmetric Digital Subscriber Line. Uses telephone lines. Download speed is faster than the upload speed.

Receives a signal, regenerates, and resends. Can connect one type of wire to another such as fiber to copper. Layer 1.

A switch and router in one device.

Centralized management of access points. Performance and security monitoring. Configure and deploy changes to all sites. Generate reports.

Distributes the load by sending traffic through the least used ports. Allows for multiple servers and is invisible to the end user. Allows for larger scale and fault tolerance. Data can also be cached.

Intrusion Detection System. Intrusion Prevention System.

A device in between users and the external network. The proxy acts as a relay that handles sending and receiving of data. A proxy just for applications is called an application proxy.

Handles the VPN’s encrypted data traversing a public network. Often integrated into a firewall.

Private branch exchange. Similar to a switch but for phones. Replaced by VoIP PBX.

Filter traffic by port number or application. Next generation firewalls, NGFW will recognize the applications being used. Encrypt traffic by enabling a VPN between sites. Layer 3 device, can also be built into a router, allowing for dynamic routing and NAT.

Chooses the connections based on the number of hops throughout the network. Even if it is not the fastest way.

Information is passed between routers that is related to the current connectivity. Will choose the fastest connection. One version is OSPF, Open Shortest Path First.

A combination of distance vector and link state protocols.

Border Gateway Protocol. Determines route based on paths, network policies, or configured rule sets.

A list of directions for your packets. A table with many routes to your destination. Packets stop at every router and ask for directions.

When a packet passes through a router. Has TTL in IPv4 and a hop limit in IPv6 to avoid a packet looping forever.

A route to use when no other routes are found. Destination of 0.0.0.0/0

• Used by the router to determine which routing protocol has priority.
• 

Controls bandwidth usage or data rates. Set important applications to have higher priorities than other applications.

| Preamble | SFD | Destination MAC | Source MAC | | Type | FCS |

7 bytes. 56 ones and zeros that says this is the beginning of the Ethernet frame.

Start Frame Delimiter. 1 byte. Designates the end of the preamble.

6 bytes.

6 bytes.

2 bytes. Describes the data contained in the payload.

46-1500 bytes. Layer 3 and higher data.

Frame check sequence. 4 bytes. Checks that the frame was not corrupted.

When 2 devices on a half-duplex Ethernet hub sends information simultaneously.

• CS – Carrier sense. Is there a signal available that we can use to send some data.
• MA – Multiple Access. More than one device.
• CD – Collision Detect. Sends a jam to clear the collision.
• Used in Half Duplex Ethernet.