Network devices like hubs, switches, routers, and firewalls are used to connect and secure computer networks. Hubs broadcast data to all ports but operate in half duplex mode, limiting network size. Switches can connect different network types but routers are needed to connect different network architectures using routing tables. Firewalls use rules and packet inspection to control incoming and outgoing network traffic for security. Intrusion detection and prevention systems monitor networks for threats but IPS can also block intrusions.
3. HUB:
Hub in computer network is used for connecting multiple computers or
segments of a LAN. Normally, it is used for Peer to Peer small Home
Network. LAN Hub receive data packets (frames) through one port and
broadcasts them through all other ports, so that all other computers or
other network devices can see all packets.
Operates in half duplex mode
Available in 4 to 24 port sizes. There is no routing table in hub, as We
find in router or switch.
4.
5. Benefits or advantages of Hubs
Following are the benefits or advantages of Hubs:
➨It can extend total distance of the network.
➨It does not affect performance of the
network seriously.
➨It is cheaper
.
➨It can connect different media types.
6. Drawbacks or disadvantages of Hubs
Following are the disadvantages of Hubs:
➨It does not have mechanisms such as collision detection
and retransmission of packets.
➨It does not operate in full duplex mode.
Dedicated Bandwidth
Network hubs share all their bandwidth between every connected
Network Size
Hubs are unable to support networks that are as large as switches
because hubs send all traffic to all devices on the network. The more
devices you add, the slower the network gets, eventually becoming
unusable.
Itcan not connect different network architectures such as token ring and
ethernet etc.
7. Types of Hub
Hubs (Passive andActive)
ACTIVE HUBS
An active hub is actually a multiport repeater. It is
normally used to create connections between
stations in a physical star topology. However,
hubs can also be used to create multiple levels
of hierarchy,. The hierarchical use of hubs
removes the length limitation of 10Base-T (100
m).
8. Passive Hubs
A passive hub is just a connector
. Itconnects the wires
coming from diferent branches. Ina star topology Ethernet
LAN, a passive hub is just a point where the signals coming
from different stations collide; the hub is the collision point.
This type of a hub is part of the media; its location in the
Internet model is below the physical layer
.
9. Repeaters
A repeater is a device that operates only in the physical
layer. Signals that carry information within a network can
travel a fixed distance before attenuation endangers the
integrity of the data. A repeater receives a signal and,
before it becomes too weak or corrupted, regenerates the
original bit pattern. The repeater then sends the refreshed
signal. A repeater can extend the physical length of a LAN,
10. Routers
A router is a three-layer device that routes packets based on
their logical addresses (host-to host addressing).
A router normally connects LANs and WANs in the Internet and
has a routing table that is used for making decisions about the
route. The routing tables are normally dynamic and are
updated using routing protocols.
The primary function of a router is to
connect networks together and keep certain kinds of broadcast
traffic under control. There are several companies that make
routers: Cisco, Linksys, Juniper, Netgear, Nortel (BayNetworks),
Redback, Lucent, 3Com, HP, Dlink.
11.
12.
13. FUNCTIONS OF A ROUTER
Restrict broadcasts to the LAN
Act as the default gateway.
Perform Protocol Translation (Wired Ethernet to
Wireless/WiFi, or Ethernet to CATV)
Move (route) data between networks
Learn and advertise loop free paths
Calculate 'best paths' to reach network destinations.
14. Routers can only learn and advertise routes
dynamically if they are using a routing protocol such
as RIP
,OSPF
, EIGRP
, IS-IS or BGP
. Otherwise, a
human has to configure the routes by hand, which is
called static routing.
Routing moves data on a hop-by-hop basis, what is
often called 'hot potato' routing. If a set of routers
ends up passing the data around in a circle, without
reaching the destination, it's calleda a 'routing loop'.
15. Gateway:
A gateway is a network node that connects two
networks using different protocols together. While
a bridge is used to join two similar types of
networks, a gateway is used to join two dissimilar
networks.
The most common gateway is a router that connects
a home or enterprise network to the internet. In
most IP-based networks, the only traffic that doesn't
go through at least one gateway is traffic flowing
among nodes on the same local area network (LAN)
segment -- for example, computers connected to the
same switch.
16. Gateways can take several forms and perform a
variety of tasks. These include:
Web application firewall - filters traffic to and from
a web server and look at application-layer data.
API, SOA or XML gateway - manages traffic
flowing into and out of a service, microservices-
oriented
architecture or an XML-based web service.
17. Network Security Devices
Assurance of network security is one of the most important moments for safe
and correct working of the computer systems and networks. The network
security includes assurance of the limited access to sensitive information, the
protection from unauthorized access, risks and potential security threats, and
enhancement of network performance.
There are few types of network securitydevices:
active devices - firewalls, antivirus scanning devices, content filtering devices,
which block the surplus traffic;
passive devices, such as intrusion detection appliances, which identify and
report on unwanted traffic;
preventative devices - penetration testing devices and vulnerability
assessment appliances, which scan the networks and identify potential
security problems;
Unified Threat Management (UTM) devices, such as firewalls, content
filtering, web caching, which serve as all-in-one security devices.
18. Network Security Devices(firewall)
A firewall is a network security system designed to prevent
unauthorized access to or from a private network. Firewalls can
be implemented as both hardware and software, or a
combination of both.
Its primary objective is to control the incoming and outgoing
network traffic by analyzing the data packets and determining
whether it should be allowed through or not, based on a
predetermined rule set.
All messages entering or leaving the intranet pass through the
firewall, which examines each message and blocks those that do
not meet the specified security criteria.
19.
20. Firewall Filtering Techniques
There are several types of firewall techniques that will prevent potentially harmful information
from getting through:
Packet Filter: Looks at each packet entering or leaving the network and accepts or
rejects it based on user-defined rules. Packet filtering is fairly effective and transparent
to users, but it is difficult to configure. Inaddition, it is susceptible to IPspoofing.
Application Gateway: Applies security mechanisms to specific applications, such
as FTP and Telnet servers. This is very effective, but can impose a performance
degradation.
Circuit-level Gateway: Applies security mechanisms when a TCP or UDP connection is
established. Once the connection has been made, packets can flow between the hosts
without further checking.
Proxy Server: Intercepts all messages entering and leaving the network. The proxy
server effectively hides the true network addresses.
21. Stateful Multilayer Inspection Firewall
Stateful multilayer Inspection Firewall is a combination of all the firewalls that
mentioned above.
They can Filter packets at Network layer using ACLs, check for legitimate
sessions on the Session Layers and they also evaluate packets on the
Application layer (ALG).
Stateful Multilayer Inspection Firewall can work on a Transparent mode
allowing direct connections between the client and the server which was
earlier not possible.
Next Generation Firewall (NGFW)
Firewalls called nextgeneration firewalls (NGFW), work by filtering network and
Internet traffic based upon the applications or traffic types using specific ports.
Next Generation Firewalls (NGFWs) blend the features of a standard firewall with
quality of service (QoS) functionalities in order to provide smarter and deeper
inspection.
22. How does a firewall work?
There are two access denial methodologies used
by firewalls. A firewall may allow all traffic
through unless it meets certain criteria, or it may
deny all traffic unless it meets certain criteria
(see figure 3).The type of criteria used to
determine whether traffic should be allowed
through varies from one type of firewall to
another.
23. on wh ich netw ork layer it op erates at. A
f re w all deter mi nes wh at traff ic to let throu gh depe
discuss ion on netwo rk lay rs and arc hitecture follows.
Figure 3: Ba sic Fire w all Op era tion.
Types of Firew al l
24. VPN
A VPN is a virtual private network, which is a dedicated and encrypted
connection between the host computer to a secure server. A VPN
connects your personal computer to the proxy server within your
organisation. Effectively, everything you do online, if connected through
a VPN, will send the encrypted request to a proxy server. The proxy will
then send the request to the internet and send the encrypted response
back to you.
25. IDS/IPS
Intrusion detection systems (IDS) and intrusion prevention
systems (IPS)are reporting tools that identify and protect
networks from intrusion.
IDS and IPSare network monitors. They analyse all network
traffic based on a set of rules defined by the administrator.
The main difference between IDS and IPSis that IDS just flags
the administrator whenever a problem is detected whereas an
IPSwill attempt to prevent the intrusion once it’s identified.