2.0 Networking Implementations
2.1 Devices, their Features, and their Appropriate Placement
Networking Devices
Layer 2 Switch - Forwards based on MAC, connects networks, may provide Power over Ethernet (PoE)
Layer 3 Capable Switch - Includes routing capabilities, multilayer switch
Router - Routes traffic between IP subnets, connects networks
Hub - Multiport repeater, OSI Layer 1, everything is half duplex (send or receive
Access Point - Point of connection to the network, often used for wireless access
Bridge - Connects different physical networks, OSI Layer 2, traffic based on MAC
Wireless LAN Controller - Centralized management of Wireless Access Points (WAP)
Load Balancer - Distribute traffic load across multiple servers, provides fault tolerance, configurable, TCP offload (protocol overhead), SSL offload (encrypting/decrypting), Caching, Prioritization (QoS), Content switching (App-based balancing)
Proxy Server - Sits between the users and the external network, receives the user requests and sends the request on their behalf. Useful for caching info, access control, URL filtering, content scanning. The proxy understands the way the application works (http, ftp).
Cable Modem - Broadband, Data Over Cable Service Interface Specification (DOCSIS), Speeds of 4 Mbits/s - 250 Mbit/s are common, gigabit speeds possible
DSL Modem - Asymmetric Digital Subscriber Line (ADSL), download is faster than upload speeds, uses POTS lines, 52 Mbit/s down, 16 Mbit/s up are common, 10,000 ft limit from central office (CO)
Repeater - Receives a signal, regenerates and resends the signal out, OSI Layer 1
Voice Gateway - Converts between VoIP protocols and PSTN (public switch telephone network) protocols, often built into the VoIP PBX (private branch exchange)
Media Converter - Converts signal to another media and sends it back out
Intrusion Prevention System (IPS) - Stops an intrusion
Intrusion Detection System (IDS) - Alerts if an intrusion is found
Firewall - Filters traffic by port number or application, can encrypt traffic between sites, can act as a router, offers Network Address Translation (NAT) and dynamic routing (BGP), sits and the ingress/egress of a network
VPN Headend - VPN concentrator, purpose built device to provide high speed encryption/decryption through hardware, software-based options available, sometimes built into OS software.
Networked Devices
Voice over Internet Protocol (VoIP) Phone - Desk phone, often powered over ethernet
Printer - Office/networked printer, all-in-one device,
Physical Access Control Devices - Card readers, biometric authentication
Cameras - CCTV, IP addressable, often powered over ethernet
Heating, Ventilation, and Air Conditioning (HVAC) Sensors - Connected through network to allow for centralized control of HVAC systems.
Internet of Things (IoT) - Good idea to segment IoT devices to limit security issues
Refrigerator - Wirelessly connected appliances
Smart Speakers - Bluetooth or otherwise
Smart Thermostats - Connected through an app over the internet
Smart Doorbells - Camera, connected through the internet
Industrial Control Systems (ICS)/Supervisory Control And Data Acquisition (SCADA) - Large scale, multi-site industrial equipment management. Network that manages power generation, refining, manufacturing, etc.