Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N10-005 ) © 2012 The McGraw-Hill Companies, Inc. All.

Slides:



Advertisements
Similar presentations
Encrypting Wireless Data with VPN Techniques
Advertisements

Defining Network Infrastructure and Security
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
5-Network Defenses Dr. John P. Abraham Professor UTPA.
1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
Module 5: Configuring Access for Remote Clients and Networks.
SCSC 455 Computer Security Virtual Private Network (VPN)
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
1 Configuring Virtual Private Networks for Remote Clients and Networks.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Hands-On Microsoft Windows Server 2003 Networking Chapter 1 Windows Server 2003 Networking Overview.
MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 10 Configuring Remote Access.
Remote Networking Architectures
© Wiley Inc All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 8: Virtual LANs (VLANs)
Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
Virtual Private Network (VPN) © N. Ganesan, Ph.D..
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.
Virtual Private Network
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Natalie De Koker, Lindsay Haley, Jordan Lunda, Matty Ott.
Understanding VPN Concepts Virtual Private Network (VPN) enables computers to –Communicate securely over insecure channels –Exchange private encrypted.
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
Network+ Guide to Networks 6 th Edition Chapter 10 Virtual Networks and Remote Access.
1 Chapter Overview Network devices. Hubs Broadcast For star topology Same as a repeater Operate at the physical layer 2.
Configuring Routing and Remote Access(RRAS) and Wireless Networking
Chapter 20: Getting from the Office to the Road: VPNs BAI617.
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
Chapter Overview Network Communications.
Chapter 10 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Explain how the functions of the application layer,
12-Sep-15 Virtual Private Network. Why the need To transmit files securely without disclosing sensitive information to others in the Internet.
Chapter 13 – Network Security
1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
11.59 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
Module 8 Configuring Mobile Computing and Remote Access in Windows® 7.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.
Module 11: Remote Access Fundamentals
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
Advanced Networking Devices
Hands-On Microsoft Windows Server Introduction to Remote Access Routing and Remote Access Services (RRAS) –Enable routing and remote access through.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Page 1 TCP/IP Networking and Remote Access Lecture 9 Hassan Shuja 11/23/2004.
1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Connecting to the Network Introduction to Networking Concepts.
Chapter 4 Version 1 Virtual LANs. Introduction By default, switches forward broadcasts, this means that all segments connected to a switch are in one.
Lecture 10 Page 1 CS 236 Online SSL and TLS SSL – Secure Socket Layer TLS – Transport Layer Security The common standards for securing network applications.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT Introduction to Network Security Instructor.
Defining Network Infrastructure and Network Security Lesson 8.
MTA Network Fundamental Cram Sesion
HELLO WORLD!!! Run Project 2: WELCOME Subject: Virtual LAN’s
Chapter 5: Inter-VLAN Routing
Chapter 10: Advanced Cisco Adaptive Security Appliance
Cengage Learning: Computer Networking from LANs to WANs
Advanced Networking Devices
Presentation transcript:

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Advanced Networking Devices Chapter 12

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Objectives Discuss client/server and peer-to-peer topologies Describe the features and functions of VPNs Configure and deploy VLANs Implement advanced switch features

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Overview

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Introduction to advanced network devices Simple devices each work at one OSI layer Advanced devices work at multiple layers Home router really a multilayer switch CompTIA’s logical network topologies –The way network systems are organized –Client/server, peer-to-peer, VPN, and VLAN

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Three parts to Chapter 12 Logical network topologies VLAN in depth Multilayer switches

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Logical network topologies

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Logical network topologies –Beyond physical or signaling topologies –Software architecture model –Roles computers play in network Servers Clients

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Client/server topologies –Dedicated servers –Dedicated clients Servers Clients –Earliest networks used this model –Novell NetWare servers

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure 12.1 A simple client/server network

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure 12.2 Novell NetWare in action

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Peer-to-peer topologies –Microsoft’s early Windows versions –Any system server, client, or both –Depends on configuration –Windows 9x common example –Lack of security a problem – no user accounts Permissions Read Only or Full Control Available to anyone connected over network

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure 12.3 Sharing options in Windows 98

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Peer-to-peer today –Adopted by every modern operating system –Now offers more robust security User accounts More advanced permissions

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure 12.4 µTorrent downloading

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Peer-to-peer and client/server today –Updated – linked to individual applications – client and server Outlook a dedicated client MS Exchange Server a dedicated server –Peer-to-peer (P2P) applications Act as both client and server File-sharing applications –Bit Torrent, LimeWire, DC++

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Virtual private network (VPN) –VPN over Internet Alternative to expensive remote connections Connection using an encrypted tunnel –Data encrypted and decrypted at endpoints –Connecting computers must have same network ID as network –Tunneling protocols: PPTP and L2TP

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure 12.5 VPN connecting computers across the United States

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure 12.6 Typical tunnel

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure 12.7 Endpoints must have their own IP addresses.

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. PPTP VPNs –Point-to-Point Tunneling Protocol (PPTP) –Advanced version of PPP –One endpoint on client—other on Routing and Remote Access Service (RRAS) –Clients use a virtual NIC that acquires a DHCP address –Client connects to RRAS, PPTP creates tunnel over Internet

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure 12.8 RRAS in action

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure 12.9 VPN connection in Windows

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure VPN on a Macintosh OS X system

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. L2TP VPNs –Layer2 Tunneling Protocol (L2TP) –Cisco developed –Good features of PPTP plus… –Added support to run on most connections –Moved the endpoint on the local LAN VPN concentrator can be endpoint Can connect two remote LANs using two VPN concentrators

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. L2TP has no authentication or encryption –Usually uses IPSec for security –Technically should be “L2TP/IPSec” VPN –Connects client to LAN or LAN to LAN –VPN clients in all OSs support L2TP/IP Sec

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Site-to-site VPNs –Used to connect two LANs separated by a WAN or the cloud –Uses a VPN concentrator –Slower, but cheaper, than dedicated leased line between LANS

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Cisco 2811 Integrated Services Router

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. SSL VPNs –VPNs using Secure Sockets Layer –Work at the Transport layer –Don’t require any special client software –Clients connect using Web browser –Traffic secured using SSL –Two most common types are SSL Portal and SSL Tunnel VPNs

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. SSL VPNs (cont.) –SSL portal VPNs Client accesses VPN and is presented with a secure Web page Able to access anything on that page, such as , data, links, etc.

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. SSL VPNs (cont.) –SSL tunnel VPNs Client browser runs an active control, such as Java or Flash Enables much greater access to VPN-connected network Creates a more typical client-to-site connection than SSL portal VPNs User must have sufficient permissions to run active browser controls

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Alternatives to PPTP, L2TP, and SSL –Majority of VPNs use PPTP or L2TP –Open VPN using Secure Shell (SSH) –Pure IPSec using IPSec tunneling

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. VLANs in depth

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. VLAN –Virtual Local Area Network (VLAN) –Used by all but smallest LANs

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Serious networks are complex –Remote incoming connections –Public Web or servers –Wireless networks –String of connected switches –Tremendous amount of traffic –Security Issues

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. VLANs as solution –Separate networks with multiple switches –Segment networks using switches Break up broadcast domains Serious networks have more than one switch Trunking connects VLANs on separate switches One port on each switch is trunk port Inter-Switch Link (ISL) Cisco form of trunking

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Switch with two VLANs

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Two switches, each with a VLAN 2 and a VLAN 1

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Trunk ports

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. VLANs today –Every Ethernet switch uses IEEE 802.1Q –Connect switches from different sources

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Configuring a VLAN-capable switch –Connect to Web server on switch –Cisco Catalyst models –Simple switches at Layer 2 (use MAC addresses) –Managed switches use Layer 3 (IP addresses) –Define the VLANs –Assign MAC addresses or ports to VLANs

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Catalyst 2950 Series Device Manager

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Defining VLANs in Cisco Network Assistant

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Assigning a port to a VLAN

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Virtual Trunk Protocol (VTP) –Large networks with many VLANS would require a LOT of manual updates –VTP is a proprietary Cisco protocol that automates updating multiple VLAN switches –Three states: Server, Client, or Transparent –Updating configuration of the Server switch updates all other switches in the Client state in minutes – Transparent doesn’t update

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. InterVLAN routing –Each VLAN a separate broadcast domain –Need router to communicate between –Problems with physical routers –Some switches can do InterVLAN routing –Cisco 3550 Supports VLANs and virtual routers Works at Layers 2 and 3

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure One router connecting multiple VLANs

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Cisco 3550

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Setting up interVLAN routing

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Multilayer switches

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Multilayer switches & InterVLAN routing –Example: Cisco 3550 Supports VLANs and virtual routers Works at Layers 2 and 3 –On Layer 2 switches, ports do not have IP addresses –On a router, every port MUST have an IP address (due to routing table) –Multilayer ports can be configured either way

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Load balancing –Load balancing: many servers look like one –Creates a server cluster –Requests are distributed evenly –Many load balancing methods –Common to use advanced network devices

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. DNS load balancing –Oldest and most common method –Each server has its own IP address –Multiple A records for one FQDN –DNS server cycles through A records –Windows DNS “Enable round robin” –BIND DNS server has more features –Requires multiple DNS servers

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Multiple IP addresses, same name

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Enabling round robin

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Using a multilayer or content switch –Client cache problem with DNS load balancing –Hide all Web servers behind one IP address –Special multilayer switch (Layers 3 and 4) Is a router performing NAT and port forwarding Queries hidden Web server

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Using a content switch for load balancing –Works at Layer 7 (Application) –Works with Web servers –Reads incoming HTTP and HTTPS requests –Handles SSL certificates and cookies –Takes workload off Web servers –Passes cookies to Web browsers

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Layer 7 content switch

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. QoS and traffic shaping –Quality of Service (QoS) Controls bandwidth use Rules-based policies prioritize traffic –Traffic shaping Bandwidth management Controls flow of packets in or out Guarantees a certain amount of bandwidth and/or latency Popular where IT must control user activities

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure QOS configuration on a router

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Network protection –Intrusion protection/intrusion detection –Port mirroring –Proxy serving –Port authentication

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Intrusion detection/intrusion prevention –Intrusion detection system (IDS) Inspects incoming packets Network based IDS (NIDS) Host-based IDS (HIDS) Reporting –Intrusion protection system (IPS) Adds capability to react to attacks Can block incoming packets on-the-fly

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Diagram of network-based IDS

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure OSSEC HIDS

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Port mirroring –Mirrors data from ports to a single port –Works like a configurable promiscuous port –Allows inspection of traffic to or from certain computers

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Proxy serving –Proxy server between clients and external servers –Intercepts requests from clients –Makes requests itself on behalf of clients –Client must not use DNS to access the type of server that is proxied HTTP, SSL, FTP, Gopher, SOCKS

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Setting a proxy server in Mozilla Firefox

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Web proxy at work

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure Squid proxy software

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Port authentication –Authentication at point of connection –Critical for AAA authentication RADIUS, TACACS+, 802.1X –Many switches and WAPs support it

Mike Meyers’ CompTIA Network+ ® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N ) © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Figure X configuration on a Cisco 2811

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.