Let’s Talk about Network Devices

Before talking about Network Devices let’s first talk about OSI.

The Open Systems Interconnection(OSI) model was developed as a way to help disparate computing systems communicate with each other.

Most of the Network devices do function at more than one level of the Open Systems Interconnection(OSI) reference model.

When it comes time to determine where they fit into the model, you must first determine the highest level at which they operate.

So to determine where it fits we need to know what they do and how that relates to the OSI model.

Layer -1 Device

Analog modem

• The word modem is actually derived from a contraction of a modulator/demodulator.
• modems were developed to take digital signals coming from a digital node and convert it to an analog signal to be placed on the wire.
• In return, it would accept an analog signal from the wire and convert it to a digital signal that the node could understand.
• They were developed to create connections b/w network segments via the public switched telephone network (PSTN) using the plain old telephone system(POTS)

HUB

• A hub functions as a concentrator/repeater in that it doesn’t care where the signal comes from or where it's going.
• it takes the electrical signal that arrives on a port and replicates that signal out all of the other ports.
• A hub may have just a few ports or may have many ports.
• HUB is not common in modern networking.

Layer -2 Device

Switch

• A switch utilizes an application-specific integrated circuit(ASIC)chip.
• The ASIC chip has specific programming that allows the switch to learn when a device is on the network and which ports its connected to via that device’s layer 2 MAC address.
• A switch may have just a few ports or may have many ports.
• A switch can be very simple, or it can be highly complex and programmable.
• A switch will only communicate with the local network devices.

WAP(Wireless access point)

• A WAP is a specific type of network bridge that connects wireless network segments with wired network segments.
• The most common type of WAP bridges 802.11 wireless network segments with 802.3 Ethernet network segments.
• A WAP will only communicate with local network devices.

Layer -3 Device

Multilayer switch(MLS)

• An MLS provides normal Layer 2 network switching services, but it will also provide Layer 3 or higher OSI model services.
• The most common MLS is a Layer 3 switch.
• Layer 3 switch not only utilizes an ASIC chip for switching but that ASIC chip is also programmed to handle routing functions. This allows the device to communicate and pass data to non-local network devices.
• An MLS is a highly programmable and complex network device

Router

• A router is the most common network device for connecting different networks together utilizing the OSI model’s layer 3 logical network information.
• The router uses software programming for decision making as compared to the switch use of an ASIC chip.
• The router uses this programming to keep track of different networks and what it considers to be the best possible route to reach those networks.
• A router can communicate to local as well as non-local networks.

Security Devices

Firewall

• A firewall can be placed on routers or hosts or can be its own device.
• It functions at multiple layers of the OSI model.(layer -2,3,4 & 7)
• It blocks packets from entering or leaving the network.

stateless firewalls

Stateless firewalls watch network traffic and restrict or block packets based on source and destination addresses or other static values.

→faster performance and low memory utilization

stateful firewalls

Stateful Firewalls use the concept of a state table where it Stores the state of legitimate connections.

→high security

• It’s the first line of defense in protecting the internal network from outside threats.

Intrusion Detection System (IDS)

• An IDS is a passive system designed to identify when a network breach or attack against the network is occurring.
• Usually designed to inform a network administrator when a breach or attack has occurred through log files, SMS, or email notification.
• An IDS cannot prevent or stop a breach
• It receives a copy of all traffic and evaluates it against a set of standards.

Signature-based: known malware signature
Anomaly-based: suspicious changes
Policy-based: specific declared security policy.

• Deployed at the host level. (HIDS)

Intrusion Prevention System (IPS)

• An IPS is an active system designed to stop a breach or attack from succeeding in damaging the network.
• Usually designed to perform an action or set of actions to stop malicious activity.
• It will inform network administrators through the use of log files, SMS, email notification.
• All traffic on the network segment flows through the IPS to either enter or leave the segment.
• The best placement on the network is between a router and a destination network segment.
• It’s programmed to make an active response to the situation.
  →block the offending IP address.
  →close down the vulnerable interface.
  →terminate the network session
  →redirect the attack

Optimization and performance device

Load balancer

• A load balancer may also be called a content switch or content filter.
• a network appliance that is used to load balance between multiple hosts that contain the same data spreading out the workload for greater efficiency.
• commonly used to distribute the requests to a server farm among the various servers helping to ensure that no single server gets overloaded.

Proxy server

• A proxy server is an appliance that requests resources on behalf of client machines.
• It’s often used to retrieve resources from outside intrusted networks on behalf of the requesting client.
• It hides and protects the requesting client.
• It can also be utilized to filter allowed content
• It can increase network performance by caching commonly requested web pages.