Network+, Chapter 12 - Advanced Networking Devices, Mike Meyers + notes (intensified study deck)

Technically, you should call an L2TP VPN an ___

"L2TP/IPsec"

Name four actions of an IPS

1.Sending an alarm to the administrator 2.Dropping the malicious packets 3.Blocking traffic from the source address 4.Resetting the connection

What are four benefits of a content switch?

1.handling SSL certificates and cookies, on the content switch. 2.removes the workload from Web servers. 3.load balancing 4.can pass a cookie to HTTP requesters (Web browsers) so returning clients are sent to the same server.

A special multilayer switch that works at Layers 3 and 4 is basically a ____

A router that can use NAT as well as Port Forwarding. Note: This type of router can also query hidden Web servers continuously as well as send HTTP requests to a server that has a lower workload than the others.

Multilayer VLAN

Allows VLAN to VLAN routing. Layer 2 and 3 device. Cisco 3550.

Port mirroring

Allows all traffic on a switch to be inspected and analyzed. Like a port on a hub. Must be configured.

After creating the VLANs, you usually would do one of the two

Assign MAC addresses or Ports

Routers and Switches that can implement traffic shaping are commonly referred to as either ___ or simply ___

Bandwidth Shapers , Shapers

L2TP

Cisco VPN protocol that relies on IPsec for encryption and authentication. Routers are the tunnel endpoints.

VLAN Trunking Protocol(VTP)

Cisco switch updating protocol. One server switch updates many client switches.

Trunk port

Connects switches carrying all traffic.

Port authentication

Devices must be known to the network in order to use its services.

VLANs based on MAC addresses are known as ___

Dynamic VLANs.

Layer 2 switch

Forward frames based on MAC address

Layer 3 switch

Forwards packets based on IP address

___ can block incoming packets based on IP address, port number, or type of application. They can also fix certain packets.

IPS Note: IDS only alerts you of attacks without taking preventive action therefore it is called "passive"

L2TP generally uses ___ for all security needs.

IPsec

___ VLAN Trunk Protocol (VTP) reduces administration in a switched network. When you configure a new VLAN on one VPT server, the VLAN is distributed through all switches in the domain;Reducing the need to configure the same VLAN everywhere.

InterVLAN Routing Note: There is no way for data to get from one VLAN to another unless you use a router. Note 2: VPT is a Cisco-proprietary protocol that is available on most of the Cisco Catalyst series products.

Proxy server

Intercepts client requests. Acts upon them. Blocking those that do not meet its policies.

A computer specialized in discovering unauthorized access to a computer network by analyzing traffic on the network for signs of malicious activity.

Intrusion Detection System (IDS)

___often sit directly behind the firewall and provides a complementary layer of analysis that negatively selects for dangerous content; Actively analyzing and taking automated actions on all traffic flows entering the network.

Intrusion Prevention System (IPS)

__ is a network security/threat prevention technology that examines network traffic to detect and prevent vulnerability exploits.

Intrusion Prevention System (IPS) Note: Unlike the IDS (a passive system that scans traffic and reports back on threats), IPS is placed line in the direct communication path between source and destination.

IPS

Intrusion Prevention System. Not only detects intrusions but reacts to them. Blocking IP addresses of a DDS attack for example.

IDS

Intrusion detection system. Host-based = HIDS. Network-based = NIDS.

Transparent VPN state

It will not update and it will maintain its manual settings. Note: Transparent mode VLAN switches should be used when the overall VLAN configuration assignments do not apply.

Cisco made hardware that supported PPP traffic using a proprietary protocol called Layer 2 Forwarding (L2F). L2F did not come with encryption capabilities, so it was replaced by ___

L2TP

___allows multiprotocol traffic to be encrypted and then sent over any medium that supports point-to-point datagram delivery, such as IP or asynchronous transfer mode (ATM).

L2TP Note: is a combination of PPTP and Layer 2 Forwarding (L2F), a technology developed by Cisco Systems, Inc. L2TP presents the best features of PPTP and L2F.

___ forward traffic based on MAC addresses while a Layer 3 switch (also called a router) forwards traffic based on IP addresses.

Layer 2 switches

PPTP and L2TP work at the ___ layer.

Link

___ makes a group of servers appear to be a single server therefore; creating a server cluster.This is used to spread out the workload between the server cluster evenly to help prevent server overload.

Load balancing

Load balancing

Load is distributed between servers. Implementation approaches include: DNS, content switches, or a load balancer.

Aside from assigning ports to a VLAN, you can also assign ___ to determine their membership.

MAC addresses

The benefit of assigning ___ is that no matter the location you plug in at,it is always part of the same VLAN.

MAC addresses Note: This is very beneficial when using mobile devices.

Dynamic VLAN

MAC addresses are assigned to particular VLANs.

Networking devices, such as routers & advanced switches, that are required to be configured in-order to use them.

Managed Switches aka Managed Devices

When your computer connects to the RRAS server on the private network, ___ creates a secure tunnel through the Internet back to the private LAN.

PPTP

___allows multiprotocol traffic to be encrypted and then encapsulated in an IP header to be sent across an IP network or a public IP network, such as the Internet.

PPTP Note: can be used for remote access and site-to-site VNP connections. When using the Internet as the public network for VPN, the PPTP server is a PPTP-enabled VPN server with one interface on the Internet and a second on the Intranet.

A feature that requires network devices to authenticate themselves. This feature provides a form of protection to your network from rogue devices

Port Authentication

IEEE 802.1x is an IEEE Standard for port-based network access control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN.

Port Authentication With 802.1x port-based authentication, 1. The supplicant provides credentials. such as user name/password or digital certificate, to the authenticator. 2.Authenticator forwards credentials to authentication server for verification. 3. Authentication server determines the validity of supplicant's credentials (client device) to decide whether or not to allow access to resources on the protected side of the network.

___ also known as SPAN (Switched Port Analyzer), is a method of monitoring network traffic. With this enabled, the switch sends a copy of all network packets seen on one port (or an entire VLAN) to another port, where the packet can be analyzed.

Port Mirroring

___ is increasingly used for any type of situation where an administrator needs to inspect packets coming to or from certain computers

Port Mirroring

An approach to mirroring network traffic that involves forwarding a copy of each packet from one network switch port to another.

Port Mirroring Note: Many advanced switches have the capability to mirror data from any or all physical ports on a switch to a single physical port.

Secure Sockets Layer virtual private network(SSL VPN)

Portal and tunnel flavors. SSL provides security.

A caching server must act as a web proxy server so it can serve those requests. After a web proxy server receives requests for web objects, it either serves the requests or forwards them to the origin server (the web server that contains the original copy of the requested information).

Proxy caching

The primary goal of __ is to provide priority, including dedicated bandwidth, controlled jitter and latency, and improved loss characteristics. __ technologies provide the elemental building blocks that will be used for future business applications in campus, WAN, and service provider networks.

QoS Note: QoS policies help prioritize traffic based on certain rules.

___ refers to the capability of a network to provide better service to selected network traffic over various technologies, including Frame Relay, Asynchronous Transfer Mode (ATM), Ethernet 802.1 networks, SONET, and IP-routed networks that may use an or all of these underlying technologies.

Quality of Service (QoS)

QoS

Quality of Service. Sets limits for how much bandwidth differing services consume.

A special remote access server program, originally only available on Windows Server

Routing and Remote Access Service (RRAS)

VPN Clients connect to the VPN server using a standard Web browser, with the traffic secured using ___.

SSL

___ work at the Application layer and offer an advantage over Link- or Internet-based VPNs because they don't require any special client software.

SSL VPNs

___ is a form of VPN that can be used with a standard Web browser.

SSL VPNs Note: In contrast to the traditional Internet Protocol Security (IPSec) VPN, an SSL VPN does not require the installation of specialized client software on the end users' computers.

The two most common types of SSL VPNs are ___ and ___.

SSL portal VPNs and SSL tunnel VPNs

802.1Q

Standard for trunking allowing VLANs that span many vendors switches.

Trunking

The process of transferring VLAN data between two or more switches.

___allows you to control the flow of packets entering or exiting your network by the type of packet or set rules.

Traffic Filtering aka Traffic Shaping Note: Many advanced routers & switches are able to implement QoS through bandwidth management.

What is the default VLAN?

VLAN 0

Static VLAN

VLAN assigned to switch ports.

Cisco moved the endpoint on the local LAN from a server program to a VPN-capable router, called a ___

VPN concentrator

Directly connecting two Cisco ____ to connect two separate LANs permanently is slow, but inexpensive.

VPN concentrators

VLAN

Virtual LAN. Splits one physical broadcast domain into many virtual ones.

Cisco uses a proprietary protocol known as ___ that automates the process of updating multiple VLAN switches at the same time.

Virtual Trunk Protocol (VTP)

VPN

Virtual private network. Creates a tunnel between end-points allowing for secure communications

Routing and Remote Access Service (RRAS)

Windows program that creates VPN connections using PPTP to create the tunnels.

Content switches

Work at the Application layer. These devices are designed to work with Web servers,meaning that they are able to read incoming HTTP & HTTPS requests.

L2TP differs from PPTP in that it has no ___or ___

authentication or encryption

When you assign each port to a VLAN, this means that any computer that plugs into that port ___

becomes a permanent member of that port's VLAN

When changes are made to the VLAN configuration of the server switch ___

client switches associated with it, update in a matter of minutes.

Cisco provides free client software to connect a single faraway PC to a Cisco VPN. This creates a ___ to ___ connection.

client-to-site

a content switch is also called a ___

content filter network appliance.

The process of implementing a connection between two VLANs with a router is called ___.

interVLAN routing

Name three features multilayer switches have to offer.

load balancing, quality of service, and network protection

Any device that works at multiple layers of the OSI seven-layer model,that provides more than a one service, is known as a ___

multifunction network device

A ___needs option or features for configuring ports to work at Layer 2 or Layer 3. Cisco uses the term "switchport" and "router port" to differentiate between the two types of ports.

multilayer switch Note: Can configure any port on a multilayer switch to act as a switchport or a router port, depending on your needs.

The ___ provides the resource either by connecting to specific server or by serving it from a cache. In some cases, it may alter the client's request or the server's response for various purposes.

proxy server

A ___ is a computer that offers a computer network service to allow clients to make indirect network connections to other network services.

proxy server Example: A client connects to the proxy server, then requests a connection, file, or other resource available on a different server.

When you need to control how much of bandwidth is used for particular devices or applications, you should use ______

quality of service (QoS) policies to prioritize traffic based on certain rules. Note: This can control the levels of bandwidth usage of a protocol, computer, user, Virtual LAN, or IP address.

Data transfer between two VLANs cannot be accomplished without a ___.

router

What are the 3 states of Virtual Trunk Protocol (VTP) ?

server, client and transparent

Using a dedicated highspeed connection between two faraway LANs enabling two separate LANs to function as a single network as if in the same building is called a ___

site-to-site VPN

VLANs based on ports are the most popular kind of VLAN and are typically referred to as ___

static VLANs