Posted on by Glenn

Network+ : Advanced Networking Devices

  1. Network+ Certification (N10-007): Syllabus
  2. Network+ : Introductions and Resources
  3. Network+ : Network Models
  4. Network+: Cabling
  5. Network+ : Topologies
  6. Network+ : Ethernet Basics
  7. Network+ : Contemporary Ethernet
  8. Network+ : Installing a Physical Network
  9. Network+ : Booting and Getting On the Network
  10. Network+ : TCP/IP Basics
  11. Network+ : Subnetting
  12. Network+: Routing Protocols
  13. Network+ : Routing and Firewalls
  14. Network+ : TCP/IP Ports and Applications
  15. Network+ : Network Naming and Sharing Resources
  16. Network+ : Secure Networking
  17. Network+ : Advanced Networking Devices
  18. Network+ : IPv6
  19. Network+ : Remote Connectivity
  20. Network+ : WiFi
  21. Network+ : Virtualization
  22. Network+ : Mobile Networking
  23. Network+ : Building a Real-World Network
  24. Network+ : Managing Risk
  25. Network+ : Protecting Your Network
  26. Network+ : Network Monitoring
  27. Network+ : Network Troubleshooting
  28. Network+: Network Monitoring

Unit 17

Chapter 11

You should be (deeply) familiar with bridges and repeaters, hubs and switches, routers, firewalls and edge devices from your Network+ studies.

Be clear that the functions of many of the edge devices are more and more often all found merged in one box. Depending on the size of your enterprise, that box may be from Cisco, Juniper, Fortinet or many others. If you have less to spend you’ll be looking at free/community edition edge devices or software (which will often be called “firewalls” though they do much more).

VPNs

Layer 2

PPTP

Think Microsoft

MS RRAS

Site-to-site

Host-to-site

L2TP

Think Cisco

VPN Concentrator

Layer 3

IPsec

OpenVPN, or

Provides encryption at L3 to many VPN systems

GRE + IPsec

Layer 4

SSL / TLS

Secure website, or

SSL Tunnel VPNs (which still use a browser, usually with some network access via plugins)

Switches

Port security:

        1. Static learning
        2. Dynamic learning
        3. Sticky learning

Loop prevention

Flood guard

VLANs

Trunking: 802.1q

VLAN1: the Native VLAN

VLAN Tagging (only for VLAN2 and up)

Dangers of double-tagging

Segmentation

Interface properties

Switch port vs. Router port

Static vs. Dynamic

Inter-VLAN Routing

DHCP Relay Agent / DHCP Helper

Load Balancers

Scheduling:

        • Affinity
        • Round-robin

DNS round-robin

Content switch: Layer 7

Failover and Redundancy

Active-Passive

Active-Active

Virtual IPs

NIC Teaming / NIC Bonding / NIC Aggregation

IDS / IPS

Signature-based

Heuristic

Anomaly

Inline vs. Passive

In-band vs. Out-of-band

Detection and notification vs. detection and prevention

Snort

Host-based: HIDS

Network based: NIDS

Port Mirroring

Analytics

False positive

False negative

Crossover rate

SIEM: Security Incident Event Management

Functions:

      • Aggregation
      • Correlation
      • Automated Alerts and Triggers
      • Time synchronization
      • Deduplication
      • Log analysis

DLP: Data Lost Prevention

Cloud

email

USB

Proxy Servers

Forward

Reverse

Types of Firewalls

Packet filters (Layer 3)

NAT

Stateful packet filtering (Layer5)

ACLs

Application proxies (Layer 7)

Network proxies (Layer 3)

Host-based vs. Network-based

pfSense

https://www.pfsense.org/

“pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network. It can be configured and upgraded through a web-based interface, and requires no knowledge of the underlying FreeBSD system to manage.” – https://en.wikipedia.org/wiki/PfSense

A Comparison: Ubiquity, pfSense, Untangle