Hub
‘An OSI layer 1 device
Mult-port repeater
Everything is half duplex
Becomes less ecient az speeds increace =
‘Sitch
‘An OSI layer 2 device
‘Hardware bridging ASICs very fast!)
‘Forwards trai based on MAC address
‘The core ofan enterprise network
‘High bandwidth - Many simultaneous packets
An OS! layer 3 device
+ Routes trafic between IP subnets
“+ Routersinsde of switches are sometimes
called “ayer 3 switches”
+ Layer 2= Switch, Layer 3= Router
* Often connects diverse network types -
LAN, WAN, copper, ver
Firewall
+05! layer 4 (TCP/UDP), some firewalls filter
through Ost layer 7
Filters traffic by port number
+ Can encrypt traffic into/out of the network
and between sites
+ Can proxy trafic -A common secuitytechniqu
‘Most firewalls can be layer 3 devices (routers)
4
Content Fiters
* Contrl traffic based on network dat
‘Filter email -avoid malicious software,
phishing, and viruses
‘Filter URLs Hter by web site category
Load balancer
* Distributes the load over
many physical servers
+ Adds fault-tolerance
* Can cache and prioritize traffic
* Very common in large environments
Packet shaper, trae shaper
* Control by bandwidth usage
or datarates
* Set important applications tohave
higher proves than other apps
+ Manage the Quality of Service (QoS)
VPN concentrator
* The connection point
for remote users
* Traffic is encrypted across the
Internet and decrypted on the
internal private networkS.
+ Mosi reals can be layer 3 devices (outers)
Wireless Acces Point
‘Ostlayer 2 device
“AAP isa bridge -makes forward
decisionsbased on MAC address
Uses standard phone lines
POTS modems now used for
+ backup and uty functions
Intrusion detection/prevention system
‘Protects aginst OS and application ep
‘Detection = alerts but does nt stp the attack
‘Prevention -blocs the attack
PPP (Point-to-Point Protocel)
‘ Authentiation, compression, ror detection, mutlak
* Uredin many physel networking emcironments
‘Layer 2 protoeal
PPTP (Point to Point Tunneling Protec)
TP protocol cantrls the tunnel
* GRE (Generic Routing Encapsulation) isthe tunnel
* Authentiaton -MS-CHAP? (Microsoft Challenge
Handshake Authentication Protocol)
“Encryption -EAP-TLS (Extensible Authentication
Protecel~ Transport Layer Security)
SSL VPN (secre Sockets Layer VP
1 Uses common SL protec (ep/443)
| No big VPN cents
IPsec internet Protocl Security)
* Security for OS! ayer 3
* Confidentiitv and inteeriv/antcenlav