N10-007 Explain the functions and applications of various network devices

Network architecture

Explain the functions and applications of various network devices 

Router 

Routers are a common feature of networks of today and are used in networks varying from sm0all home offices to corporate spread over remote sites. These are devices that do the job of directing data around the network. As the data arrives, the router determines its destination of the data and determines the best way for the data to travel. The software configured network addresses are used by the router for determining the destination. They prove better than bridges and switches when it comes to functioning. All this also makes them more complex. A router needs minimum two network interfaces. The figure given below illustrates the working of a router.

Figure 1: The basic function of a router 

A router can be installed as a dedicated hardware device or as a server system.  

Dedicated Hardware Routers 

They offer greater levels of performance than the server based. The limitation with these is that they have only limited features as compared to their costs. The advantages of using these routers are:

  • Their performance in terms of speed is good; 
  • They are reliable than server-based routers; 
  • When it comes to efficacy against attacks they are better than the server-based 
  • routing solutions. 

 The disadvantages of these routers are: 

  • They are not pocket friendly; 
  • They need specialized and trained staff to manage them; 
  • Their use is limited. 

The features of the router determine the capabilities of the same. Where a basic router may route only one protocol between two networks interfaces of the same type; an advanced router may act as a gateway between two networks and two protocols. Features like firewall services, remote access functionality, security and authentication may also be provided.

Switch 

Switches have a more complex system of functioning than hubs. The role played by switches has increased considerable with the passage of time. Some of the advanced features of a switch are:

Power over Ethernet (PoE): As the name clearly indicates PoE, as a technology allows transmission of electrical power over a twisted pair Ethernet cable. Power and data are transferred simultaneously to provide power to remote devices. These remote devices can be remote switches, wireless access points etc. The primary advantage of this feature is that power is managed from a centralized unit. A UPS, Uninterrupted Power Supply is also required to be placed at the central unit. If PoE is not available then every remote device would have to be powered independently and be given an independent power supply.

Trunking: The term trunking means using multiple network cables or ports in a parallel set up. This is done to increase the link speed beyond the limits of a single port or cable. It works in the same way as link aggregation. To connect switches for setting up larger networks, higher capacity trunking links are used.

Port Mirroring: It is a part of the job of the network administrator to monitor network traffic and how a switch is working. This function is termed as port mirroring. For being able to use port mirroring, a copy of inbound and outbound traffic has to be configured. To examine the data that is forwarded to the port without interrupting the flow of the traffic a protocol analyzer is used.

Port Authentication: When users are authenticated on a port by port basis the function is termed as port authentication. Systems are allowed to connect to a LAN port only after authentication. If authentication fails, the systems are not allowed access any further. 802.1X is one such standard that is associated with wireless security.

Multilayer switch

It used to be that networking devices and the functions they performed were separate; bridges, routers, hubs, and more, existed but were separate devices. Over time, the functions of some individual network devices became integrated into a single device. This is true of multilayer switches.
A multilayer switch is one that can operate at both Layer 2 and Layer 3 of the OSI model, which means that the multilayer device can operate as both a switch and a router. Also called a Layer 3 switch, the multilayer switch is a high-performance device that actually supports the same routing protocols that routers do. It is a regular switch directing traffic within the LAN; in addition, it can forward packets between subnets.

Firewall

They are used to protect the private network from unauthorized users on public network. Firewalls can be software or hardware based. Firewall i.e. hardware based has two network cards one that connects to the public network and other that connects to the private network. The packets that are coming from the outside/inside of the network are examined and in case there is a suspicious packet it is dropped.

There are two types of firewalls such as:

  • Network based firewall
  • Host based firewall

Network based firewall

They firewall that uses a dedicated hardware to run is called as network-based firewall. They are basically hardware based.

Host based firewall

The firewall that resides on computer is called as windows based firewall or host based firewalls. They are basically software based.

HIDS

An organization that cares for its security has both NIDS and HIDS where NIDS works on the incoming/outgoing traffic and HIDS works on the individual computers.

Figure 2: HIDS

IDS/IPS

Intrusion Detection System

An IDS is a dedicated hardware based device that inspects incoming packets looking for intrusion. An ID monitors packets for viruses, illegal attempts in the network and other attacks.

There are two kinds of intrusion detection systems.

  • Network-based intrusion detection systems
  • Host-based intrusion detection systems

Network-based intrusion detection systems: They are deployed on the hardware. The location of network-based intrusion detection system is on the network edge.

Host-based intrusion detection systems: these systems do not need any dedicated hardware they can be deployed on the host based systems. They do not require any specific hardware for deployment.

Intrusion Prevention System

It is a device that monitors the network or suspected behavior and upon seeing any malicious activity it acts in real-time to prevent those activities. Network based intrusion prevention systems monitors the network and when they find any malicious activity they simply drop that packet but allow rest of the packets to travel through the network. Intrusion prevention system makes decision based on the content of the application rather than permitting or denying traffic based on IP addresses and port numbers. There are two kinds of intrusion prevention systems.

1) Host based intrusion prevention systems: It does not need is a dedicated hardware and they can be easily configured on a simple computer.

2) Network based intrusion prevention systems: It requires a dedicated hardware. They provide real-time security to the network.

Access point (wireless/wired)

Communication between the wireless devices and the wired LAN takes place through a base station, which is AP (access point). The AP acts as a bridge between a wireless and wired LAN. APs need to stay connected to the wired network and are not mobile, hence they end up becoming a part of the wired network. There may be several access points or a single access point influencing the extent of the area that is covered.

Figure 3: An Infrastructure Wireless Topology

(Single AP)

Point-to-Point Networks: In this form of network the communication link is formed directly between two points. This form of network is very often used in wireless backbone systems. The advantages of this system are: Cables are not used in this and as a result it is an economical set up. These networks are easy to set up and do not require do not need special devices. The disadvantage is that if the wireless link fails the communication is broken. The figure given below illustrates Point-to-Point Networks.

Figure 4: Point-to-Point Wireless Topology

Point-to-Multipoint Networks: In this form of network the design is such that multiple wired networks are linked. Signals travel from a central node. Examples of these central nodes are base stations of cellular, access points of a WLAN or a satellite. The main function of this topology is to interconnect multiple locations so that resources can be shared and access be made. A base station known as the hub is used to establish contact between points communication with the base station. These are used by large campuses, interconnected branches and WISP (Wireless Internet Service Providers). The quality of the central node and each connecting node determines the reliability quotient.

Mesh Networks: These networks are a common feature in the wireless world. Just as in the case of wired mesh, in wireless mesh network too every node is connected to the other node. This type of topology extends the transmission distance as signal is transmitted from one computer to the other. It is a cost effective network to use. This form of topology has multiple advantages. The main ones are:

  • The network is considered to be self healing. This term is used in the sense that the network has the ability to adapt to network failures because of the fact that there are interconnected links between devices.
  • The network is scalable. It is expandable without the use of expensive cables.
  • The network is one of the most reliable networks. The multiple paths ensure that data reaches its destination.
  • As this network runs without costly cables it is a cost effective option.

Hybrid Networks: Hybrid Topologies as the name suggests is a combination of two or more topologies. It is always the need that would decide what type of topology to adopt for a particular system and a combination of topologies may be the ideal answer. The figure given below illustrates a hybrid topology.

Content filter
A content filter is any software that controls what a user is allowed to peruse and is most often associated with websites. Using a content filter, an employer can block access to pornographic sites to all users, some users, or even just an individual user. The filter can be applied as software on client machines (known as client-side filters), on a proxy server on the network (a server-side filter), at the ISP, or even within the search engine itself. The latter is most commonly used on home machines and an example would be Content Advisor in Internet Explorer.

Load balancer

Network servers are the workhorses of the network. They are relied on to hold and distribute data, maintain backups, secure network communications, and more. The load of servers is often a lot for a single server to maintain.
This is where load balancing comes into play. Load balancing is a technique in which the workload is distributed between several servers. This feature can take networks to the next level; it increases network performance, reliability, and availability.

A load balancer can be either a hardware device or software specially configured to balance the load.

Hub

These are simple network devices. These are not very costly and yet provide everything that is necessary to construct a small network. Hubs with higher number of ports are easily available for networks with higher capacity. The figure given below illustrates a workgroup hub.

Figure 5: A Workgroup Hub

A twisted pair cable is used to connect a computer to a hub. An uplink port allows a hub to be connected to another hub for building bigger networks. Hubs are primarily of two kinds:

  • Active Hubs: Data signal is regenerated by these hubs before forwarding it to the other ports on the device. Active Hubs require a power supply. For smaller workgroup hubs, external power adapter is used and in the case of larger units the power supply is in built.
  • Passive Hubs: Passive Hubs can only be seen on older networks. These do not need any power supply and do not regenerate data signal.

The figure illustrated below shows how a connection between a Hub and a Workstation is made.

Figure 6: Connection between a Hub and a Workstation

The basic functions of a hub are:

  • Regeneration of the signal;
  • To take data from a connected device and forwarding it to other ports. The figure given below illustrates how a hub functions.

Figure 7: Working of a Hub

Hubs are being replaced with switches as the need for bandwidth is increasing day by day.

Analog modem

A modem, short for modulator/demodulator, is a device that converts the digital signals generated by a computer into analog signals that can travel over conventional phone lines. The modem at the receiving end converts the signal back into a format that the computer can understand. Modems can be used as a means to connect to an ISP or as a mechanism for dialing up a LAN.

Modems can be internal add-in expansion cards or integrated with the motherboard, external devices that connect to a system’s serial or USB port, or proprietary devices designed for use on other devices, such as portables and handhelds.

Packet shaper

The demand for bandwidth on networks has never been higher. Internet and intranet applications demand a large amount of bandwidth. Administrators must ensure that despite all these demands, adequate bandwidth is available for mission-critical applications while few resources are dedicated to spam or peer-to-peer downloads. To do this, you need to monitor network traffic to ensure that data flows as you need it to.

Packet shaper also called traffic shaping describes the mechanisms used to control bandwidth usage on the network. With this, administrators can control who uses bandwidth, for what purpose, and what time of day bandwidth can be used. Traffic shaping establishes priorities for data traveling to and from the Internet and within the network.

A bandwidth shaper, as shown in Figure 8, essentially performs two key functions—monitoring and shaping. Monitoring includes identifying where bandwidth usage is high and the time of day. After that information is obtained, administrators can customize or shape bandwidth usage for the best needs of the network.

Figure 8: A bandwidth shaper (packing shaper)

VPN concentrator

They are used to manage large number of remote sessions and also provide site-to-site connectivity. In case of large number of VPN sessions a simple computer cannot handle so VPN concentrators are used. For example Cisco VPN 3000 series concentrator is a widely used device.

Figure 9: Cisco VPN 3000

VPN concentrators provide various features such as high-performance, security and fault tolerance. They save a large amount of money by allowing larger number of clients to access to the company’s network through their local ISP. Some of the characteristics that make VPN concentrators popular are as follows:

1) Ease with which they can be deployed

2) Performance and scalability

3) Security

4) Fault tolerance

5) Management interface

6) Ease with which they can be upgraded

The majority of VPN concentrators support the following tunneling protocol:

1) Internet protocol security (IPsec)

2) Point-to-Point tunneling protocol

3) layer 2 tunneling protocol (L2TP)

4) L2TP/IPsec

5) Network Address Translation (NAT) transparent IPsec