Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Introduction to Computer Networks and Network Security.pptx
1. INTRODUCTION TO NETWORKS
Firewall
Core SW
Port 6
Gig
1/0/48
Port
1
Port
2
Gig
2/0/48
SLT WAN
Gig
1/0/23
Gig
1/0/23
Gig
1/0/4
Gig
1/0/23
Gig
1/0/24
Gig
2/0/4
Gig
1/0/5
Gig
2/0/5
Gig
1/0/7
Gig
2/0/7
AP POE SW
User Access SW Server SW
Gig
1/0/24
Gig
1/0/24
Access
Point Server
A network is a collection of computers, servers, mainframes, network
devices, peripherals, or other devices connected to allow data sharing.
Types of Networks
Personal Area Networks (PAN)
Local Area Networks (LAN)
Wired LAN
Wireless LAN
Campus Area Networks (CAN)
Metropolitan Area Networks (MAN)
Wide Area Network (WAN)
2. BUILDING BLOCKS OF MODERN NETWORK
Network Switches
A network switch is networking hardware that connects devices on a computer network by using packet
switching to receive and forward data to the destination device.
Switch Categories
Layer 2 Switches
Layer 3 Switches
POE Switches
Unmanageable / Manageable Switch
Modular Switch
3. BUILDING BLOCKS OF MODERN NETWORK
Network Routers
Router is a physical or virtual internetworking device that is designed to receive, analyze, and forward data
packets between computer networks.
Router Categories
Edge Routers
Core Routers
Virtual Routers
4. BUILDING BLOCKS OF MODERN NETWORK
Network Firewalls
A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based
on an organization’s previously established security policies.
Firewall Types based on Deployment
Hardware Firewalls
Software Firewalls
Cloud Firewalls
Firewall Types based on Method of Operation
Packet Filtering Firewalls
Stateful Filtering Firewall (E.g. Cisco ASA)
Application Layer Firewall (E.g. WAF)
Next generation Firewall (E.g. Cisco FTD, FortiGate)
6. BUILDING BLOCKS OF MODERN NETWORK
Small Form-factor Pluggable (SFP)
An SFP is a compact, hot-pluggable transceiver used for data communication applications over either fiber
optic or copper connection.
7. TCP/IP MODEL
A layered framework to allow communication across all types of computers.
Defines and references a large collection of protocols that allow computers to communicate.
The model is used as standard and different software and hardware implement it.
A networking model, breaks the functions into a small number of categories called layers.
Each layer includes protocols and standards that relate to that category of functions.
Each layer has a unique function distinct from other layers.
Specifies the “what” not the “how”.
9. NETWORK ADDRESSES
MAC Address
MAC address is the physical address, which uniquely identifies each device on a given network.
It is assigned to the NIC (Network Interface card) of each device that can be connected to the internet.
It stands for Media Access Control, and also known as Physical address, hardware address, or BIA
(Burned In Address).
It is globally unique; it means two devices cannot have the same MAC address.
It is 12-digit, and 48 bits long, out of which the first 24 bits are used for OUI(Organization Unique
Identifier), and 24 bits are for NIC/vendor-specific.
It is represented in a hexadecimal format on each device.
10. NETWORK ADDRESSES
IP Address (IPv4)
IPv4 stands for Internet Protocol
version 4.
IPv4 could be a 32-Bit IP Address.
IPv4 produces 4 billion addresses,
which are not enough for each device
connected to the internet on a planet.
11. NETWORK ADDRESSES
IP Address (IPv6)
IPv6 stands for Internet Protocol version 6.
IPv6 is a 128-bit hexadecimal address.
IPv6 can theoretically allows 2^128 combinations or 340 trillion, trillion, trillion addresses.
12. SWITCHING: VLANs
A virtual local area network (VLAN) is a virtualized connection that connects multiple devices and network
nodes from different LANs into one logical network.
VLANs increase the number of broadcast domains while decreasing their size.
VLANs reduce security risks by reducing the number of hosts that receive copies of frames that the
switches flood.
13. SWITCHING: SWITCH PORTS
Access Ports
A port that can be assigned to a single VLAN. This type of interface is configured on switch ports that are
connected to end devices such as workstations, printers, or access points.
Trunk Ports
A port that is connected to another switch. This type of interface can carry traffic of multiple VLANs, thus
enabling you to extend VLANs across your entire network.
14. SWITCHING: SWITCH PORT SECUIRTY
The switchport security feature offers the ability to configure a switchport so that traffic can be limited to only a
specific configured MAC address or list of MAC addresses.
15. SWITCHING: STP
Spanning Tree Protocol (STP)
Spanning Tree Protocol (STP) is a network protocol designed to prevent layer 2 loops.
It is standardized as IEEE 802.D protocol.
STP blocks some ports on switches with redundant links to prevent broadcast storms and ensure a loop-
free logical topology.
With STP in place, you can have redundant links between switches in order to provide redundancy.
With STP
Without
16. SWITCHING: PORT-CHANNELS
Port channels aggregate multiple physical interfaces into one logical interface to provide higher bandwidth,
load balancing, and link redundancy.
17. SWITCHING: MAC ADDRESS TABLE
The MAC address table is where the switch stores
information about the other Ethernet interfaces to which it is
connected on a network.
The table enables the switch to send outgoing data (Ethernet
frames) on the specific port required to reach its destination,
instead of broadcasting the data on all ports (flooding).
18. SWITCHING: STACKING & VPC
Standalone
Switch
Server 2
Server 1
Stacked
Switch
Server 2
Server 1
Nexus-SW-Cluster
Cisco Nexus 93K
mgmt0 mgmt0
Nexus-SW1
172.16.100.226
Nexus-SW1
172.16.100.227
Eth1/47 Eth1/47
Eth1/48 Eth1/48
VPC Peer Link
PO 93
VPC Keep Alive
Link
Server 1 Server 2
VPC Switch
Cluster
19. ROUTING: STATIC ROUTES
Static routes are manually added to a routing table through direct configuration.
Using a static route, a router can learn about a route to a remote network that is not directly attached to
one of its interfaces.
Static routes are configured in the global configuration mode using the ip route
DESTINATION_NETWORK SUBNET_MASK NEXT_HOP_IP_ADDRESS command.
The NEXT_HOP_IP_ADDRESS parameter is the IP address of the next-hop router that will receive
packets and forward them to the remote network.
20. ROUTING: DYNAMIC ROUTES
Dynamic routing is a mechanism through which routing information is exchanged between routers to
determine the optimal path between network devices.
A routing protocol is used to identify and announce network paths.
21. NETWORK SERVICES: DNS
The domain name system (DNS) is a naming database in which internet domain names are located and
translated into Internet Protocol (IP) addresses.
DNS maps the name people use to locate a website to the IP address that a computer uses to locate that
website.
22. NETWORK SERVICES: NAT
Network Address Translation (NAT) is a process in which one or more local IP address is translated into
one or more Global IP address and vice versa in order to provide Internet access to the local hosts.
Private network addresses are not allocated to any specific organization.
Anyone may use these addresses without approval from regional or local Internet registries.
23. NETWORK SERVICES: DHCP
Dynamic Host Configuration Protocol (DHCP) is a network management protocol used to dynamically
assign an IP address to nay device, or node, on a network.
DHCP is also used to configure the proper subnet mask, default gateway and DNS server information on
the node or device.
24. NETWORK SERVICES: NTP
Network Time Protocol (NTP) is an internet protocol used to synchronize with computer clock time sources
in a network.
NTP is an application layer protocol.
NTP uses a client-server architecture; one host is configured as the NTP server and all other hosts on the
network are configured as NTP clients.