Networking Devices

Networking Devices

• Networking devices are used to allow end devices to access the resources on a network, they are used to extend a network and even interconnect different networks together.

• There are various types of networking devices which has specific roles and responsibilities.

Hub

• A hub is a legacy networking device which was used to interconnect end devices to create a network.

• It will accept an inbound electrical signal from a source and rebroadcast the same signal out of all other ports on the hub, except the port which received the signal.

• Hubs are considered to be obsolete and no longer being used on modern networks.

Switches

• A switch is an intermediary device which is used to interconnect end devices and other network components. 

• Additionally, switches are used to extend a local area network. 

• In the field of networking, there are two (2) types of switches, these are Layer 2 and Layer 3 switches.

Layer 2 switches

• Layer 2 switches are able to extend a network and forward Frames to their destination by observing the destination MAC address within a Frame.

• Each Frame to enter an interface on the switch, the source MAC address is recorded and stored in the Content Addressable Memory (CAM) table of the switch. 

• Therefore, creating a table which has each port on the switch and the location of each MAC address.

Layer 3 switches

•  Layer 3 switches operate at both Layer 2 and Layer 3 of the OSI model. 

• These devices has the capability to read both MAC addresses from Frame and IP addresses from Packet. 

• Layer 3 switch are used to provide basic routing capabilities without having to implement an actual or dedicated router on the network.

Router

• A router is a device which is used to interconnect two (2) or more different IP networks. 

• These devices observes the destination IP address within the header of an IP packet, then uses the routes from the Routing Table to make its decision to forward the packet to its intended destination. 

• Since routers are able to read and understand IP (Internet Protocol), they are considered to be Layer 3 devices due to their capabilities of reading IP information from packets.

Access point

• Access Points (APs) are used to extend a physical local area network onto a wireless network, allowing users with laptops and smart devices to connect to the corporate or home physical network. 

• These devices simply emit a radio frequency on the 2.4Ghz and  5Ghz wireless spectrum. All modern day laptops, smartphones and tablets are capable of operating on these frequencies.

Wireless LAN controller

• On a corporate network, there may be a lot of Access Points (APs) located at many locations, whether on the same compound as the IT department and even at our branch locations. 

• Imagine having to make a change to one access point (AP) at the head office but also this change is required on all other APs, this is can be tedious task and time consuming if it's done manually. 

• A WLC is used to centrally management and monitor all Access Points (APs) on a corporate Wireless LAN by providing a single management interface.

Repeater

• A repeater is simply a device which allows networking professionals to extend the range of the signals from a networking cable or a wireless Access Point.

• This device simply takes a signal and regenerate the same signal.

• Commonly found on wireless networks.

Load balancer

• A load balancer is designed to distribute load between multiple devices

• Provide fault tolerance

• A Virtual IP address is an IP address that does not change as compared to the IP address on the physical network interface card.

• Active/active - Distribute the load equally between all active servers.

• Active/passive - Distribute load to the active system only and failover to the standby system if the active system is offline.

Scheduling Techniques of Load Balancers

• Round robin

• Weighted round robin

• Least connection

• Weighted least connection

Proxy server

• Filter URLs.

• Perform caching.

• Content filtering.

• Conserves Internet bandwidth.

• Forward Proxy - Intercepts and forwards internal clients requests to the Internet.

• Reverse Proxy - Intercept and forwards request from systems on the external network to the internal network.

DSL/Cable modem

• These devices allows home users to connect to the internet via their Internet Service Provider (ISP) network.

• These devices usually has the features of a router, switch and wireless router.

Voice gateway

• A voice gateway is a device which allows an organization to use Voice over IP (VoIP).

• This device allows an organization to interconnect their VoIP network wit a telecommunication provider's network.

Media converter

• Allows you to convert one media type to another.

Intrusion prevention system (IPS)/intrusion detection system (IDS) device

• An Intrusion Prevention System (IPS) is an appliance which is used to detect and block security threats either on a host system or a network.

• All traffic flowing through the IPS appliance will be screened for any malicious code or potential attacks on the network. 

• If a possible threat has been detected, the IPS sensor will trigger an alert and block the malicious traffic/payload from either entering or leaving the network. 

• One very important point to note, the IPS appliance is placed behind the firewall and not in front of it facing the internet. 

• If the appliance is facing the internet (untrusted zone), there may be a lot of alerts triggered by the IPS sensor. 

• Some of these alerts may be false positives or even unsolicited traffic.

• IDS is a reactive security solution which detects intrusions and alerts only.

• IDS does not have the capabilities to stop the intrusion.

• IDS does not sit in-line to network traffic but receives a copy of the traffic from a network switch.

Firewall

• Firewalls are typically used to filter malicious or unwanted inbound and outbound traffic of a network. 

• However, with the rise of botnets, ransomware, and advanced persistent threats (APTs), legacy firewalls are no longer efficient in prevent these modern day threats. 

• Next-generation firewalls (NGFW) are designed to monitor, detect and prevent any existing and new threats to arise.

VPN headend

• The Virtual Private Network (VPN) headend is simply a device which allows multiple inbound VPN connections from remote users and branch offices.

• This is commonly referred to as a VPN Concentrator.

Networked devices

• Networked devices are simply the devices which uses the network within an organization.

• The following are examples of common networked devices within many networks:

  • Voice over Internet Protocol (VoIP) phones

  • Network printers

  • Physical access control devices

  • IP Cameras

  • Heating, ventilation, and air conditioning (HVAC) sensors

  • Internet of Things (IoT)

  • Smart refrigerator

  • Smart speakers

  • Smart thermostats

  • Smart doorbells

  • Industrial control systems (ICS) / supervisory control and data acquisition (SCADA)