PACE-IT, Security+1.1: Introduction to Network Devices (part 1)

Introduction to
network devices I.

Instructor, PACE-IT Program – Edmonds Community College
Areas of Expertise Industry Certifications
 PC Hardware
 Network Administration
 IT Project Management
 Network Design
 User Training
 IT Troubleshooting
Qualifications Summary
Education
 M.B.A., IT Management, Western Governor’s University
 B.S., IT Security, Western Governor’s University
Entrepreneur, executive leader, and proven manger
with 10+ years of experience turning complex issues
into efficient and effective solutions.
Strengths include developing and mentoring diverse
workforces, improving processes, analyzing
business needs and creating the solutions
required— with a focus on technology.

Open Systems Interconnection model.
– Basic network devices.
PACE-IT.

Introduction to network devices I.

The Open Systems
Interconnection (OSI) model
was developed as a way to help
disparate computing systems
communicate with each other.
This layered approach to networking has an added benefit of
helping to create a secure networking environment as well.
Security can be placed at the various layers of the OSI model to
create a layered security arrangement that will vastly improve the
security of an overall network.
Knowing networking devices and where they fit into the reference
model will help the security engineer to create a more safe,
secure, and efficient network.

Switch.
» A switch utilizes an application-specific integrated circuit (ASIC)
chip and is considered a Layer 2 OSI device.
• The ASIC chip has specific programing that allows the switch
to learn when a device is on the network and which ports it is
connected to via that device’s Layer 2 MAC address.
» Managed switches allow for security to be placed on the
individual switch ports, creating a more secure networking
environment.
» A switch will only communicate with local network devices.
– Wireless access point (WAP).
» A WAP is a specific type of network bridge that connects
(bridges) wireless network segments with wired network
segments and is considered a Layer 2 OSI device.
• The most common type of WAP bridges 802.11 wireless
network segments with 802.3 Ethernet network segments.
» All WAPs are capable of utilizing encryption to help ensure a
secure networking environment.
» A WAP will only communicate with local network devices.

Multilayer switch (MLS).
» An MLS provides normal Layer 2 network switching services,
but it will also provide Layer 3 or higher OSI model services.
» The most common MLS is a Layer 3 switch.
• It not only utilizes an ASIC chip for switching, but that ASIC
chip is also programed to handle routing functions. This
allows the device to communicate and pass data to non-local
network devices.
» The MLS commonly implements security at Layer 2 and higher
of the OSI model.
– Router.
» The router is the most common network device for connecting
different networks together utilizing the OSI model’s Layer 3
logical network information.
» The router uses software programming for decision making, as
compared to the switch’s use of an ASIC chip.
» Firewalls and access control lists (ACLs) are commonly placed
on routers to help secure networks.

Firewall.
» A firewall can be placed on routers or hosts (software based) or
can be its own device (network appliance).
» It functions at multiple layers of the OSI model.
• Usually at layers 2, 3, 4, and 7.
» It blocks packets from entering or leaving the network.
• Via stateless inspection: the firewall will examine every
packet against a set of rules. Once the packet matches a rule,
the rule is enforced, and the specified action is taken.
• Via stateful inspection: the firewall will only examine the
state of the connection between networks. Specifically, when
a connection is made from an internal network to an external
network, the firewall will not examine any packets returning
from the external connection. As a general rule, external
connections are not allowed to be initiated with the internal
network.
» It is the first line of defense in protecting the internal network
from outside threats.
• Consider it the police force of the network.

Load balancer.
» A load balancer may also be called a content switch or content
filter.
• Can be implemented to increase the security of the network
by limiting or filtering the content that is allowed.
» A network appliance that is used to load balance between
multiple hosts that contain the same data—spreading out the
workload for greater efficiency.
• Commonly used to distribute the requests (workload) to a
server farm among the various servers, helping to ensure that
no single server gets overloaded.
– Proxy server.
» A proxy server is an appliance that requests resources on
behalf of client machines.
» It is often used to retrieve resources from outside untrusted
networks on behalf of the requesting client.
» It hides and protects the requesting client.
» It can also be utilized to filter allowed content.
» It can increase network performance by caching commonly
requested Web pages.

The OSI model was created to help disparate computing systems
communicate with each other. An added benefit to the OSI networking
model is that security can be added to the different layers, allowing for a
highly secure interconnected network.
Topic
Open Systems
Interconnection model.
Summary
Switches are Layer 2 devices that forward packets based on MAC
addresses. Managed switches allow for security settings to be established
for each individual port. WAPs are used to add wireless networking to the
traditional wired network. All WAPs are capable of utilizing encryption. The
MLS operates at more than one layer of the OSI model. The Layer 3 switch
is the most common MLS. Routers operate at Layer 3 of the OSI model and
often contain firewalls. Firewalls are capable of operating at more than one
layer of the OSI model and can be considered the police force of the
network. Load balancers are used to increase the efficiency of a network
and may also be used to filter allowed content. Proxy servers are used to
request content on behalf of clients from untrusted networks.
Basic network devices.

This workforce solution was 100 percent funded by a $3 million grant awarded by the
U.S. Department of Labor's Employment and Training Administration. The solution was
created by the grantee and does not necessarily reflect the official position of the U.S.
Department of Labor. The Department of Labor makes no guarantees, warranties, or
assurances of any kind, express or implied, with respect to such information, including
any information on linked sites and including, but not limited to, accuracy of the
information or its completeness, timeliness, usefulness, adequacy, continued availability
or ownership. Funded by the Department of Labor, Employment and Training
Administration, Grant #TC-23745-12-60-A-53.
PACE-IT is an equal opportunity employer/program and auxiliary aids and services are
available upon request to individuals with disabilities. For those that are hearing
impaired, a video phone is available at the Services for Students with Disabilities (SSD)
office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call
425.354.3113 on a video phone for more information about the PACE-IT program. For
any additional special accommodations needed, call the SSD office at 425.640.1814.
Edmonds Community College does not discriminate on the basis of race; color; religion;
national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran
status; or genetic information in its programs and activities.

PACE-IT, Security+1.1: Introduction to Network Devices (part 1)

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Andere mochten auch

Andere mochten auch (20)

Ähnlich wie PACE-IT, Security+1.1: Introduction to Network Devices (part 1)

Ähnlich wie PACE-IT, Security+1.1: Introduction to Network Devices (part 1) (20)

Mehr von Pace IT at Edmonds Community College

Mehr von Pace IT at Edmonds Community College (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

PACE-IT, Security+1.1: Introduction to Network Devices (part 1)