Networking
This is a guide on networking.
Hubs & Bridges
In this presentation, we'll take a look at Hubs and Bridges. Now, before getting into anything, I do want to note that you will probably not encounter either of these in any newer networks. These are lower level devices with respect to the OSI model. And they were a little more common in the earlier days of networking simply because they were less expensive. But, the price of hardware has dropped so much with respect to the higher level devices, which we'll come to that's switches and routers. That they have effectively replaced the use of hubs and bridges, but we'll still take a look at what they're about. So the hub does operate at the lowest layer,
[Video description begins] Hubs. [Video description ends]
Layer 1 of the OSI model. This is the physical layer. And essentially what that means is that there's really no programming, there's no intelligence of any kind built into a hub. Now, it still is a device that can connect several computers together, but the problem is any signal that is received on a hub is copied to all other ports. What that translates to is that they are noisy, so even if there are just two systems that want to communicate with each other plugged into a hub. Every other system on that hub, let's just say it's an eight port hub, so the other six will all see that traffic, they'll all hear it, for lack of a better word. So, this simply results in a lot of extra noise. The systems that don't need to pay attention to that conversation if you will, are still being interrupted. They're seeing the packets over their own ports and they have to stop whatever they're doing and examine that packet and say, well, that's not for me. And then they just discard it, so with a small amount of computers it's not terribly noisy. But as the number of computers grows, then it definitely starts to get a little too noisy for using hubs. Now there are two types, active and passive.
[Video description begins] Hubs: Active vs. Passive. [Video description ends]
And an active hub includes the ability to regenerate and boost the signal, this is also known as repeating, before it sends it off to other ports. And this can simply be due to the fact that any two systems might be pushing the limits of the distance that can be traveled. On a standard Ethernet network, the length of the cable in terms of the connection point between the hub and the computer, generally can't exceed a 100 meters. So if you have two systems that are both plugged into the hub, and each one is attached to a 50 meter cable, then it does have to travel that distance. Now that's a lot longer than what you would find in most office environments. But, it still can degrade, the longer it goes then the more it degrades. So the active hub, as long as it can determine what that signal was, it can essentially pause if you will and it can regenerate a fresh copy of the packet and send that along. So active hubs can actually be used to extend the length of a network. So you could have 100 meters, then an active hub. Then you could go another 100 meters, then another active hub, and you could just keep going. Passive hubs simply give you the physical connection point for the computers. It's not responsible for amplifying or regenerating the signal at all, therefore it cannot be used to extend the length of a network. But again, in most small office home office or SOHO networks, that kind of distance really isn't a factor. Now bridges do move up a layer.
[Video description begins] Bridges. [Video description ends]
They're at Layer 2 of the OSI model, so they are aware of addresses. But the only address that operates at Layer 2 is the physical address, or what's also known as the MAC address. So the key functions of a bridge include joining similar topologies together so that if I had one Ethernet network over there, and another Ethernet network over there, I could connect them together. And this allows you to divide any network that you might already have into smaller segments, or what's also known as collision domains. Now the reason it's referred to that as a collision domain is because when you are using hubs, everybody might be trying to transmit at the same time. And if packets end up on the wire at the same time they will literary collide with each other and they get destroyed, so you have to retransmit. So again, that's another problem with hubs, they result in more collisions. So you can use the bridge to separate these two sections. So again, if you started with one over here and one over here, the bridge can put them together and you do have a larger network now. But maybe it's the other way around. You already had a large network, but most of the people over on one side communicated only with people on their side. The same goes for the people on the other side, but once in a while they do need to talk to the other side. So the bridge, for lack of a better word, is smart enough to realize if a packet is destined for a host that's on the other side, because it knows about MAC addresses. So most of the time if the people over on one side are taking with each other and that's it, then nothing will get forwarded over the bridge to the other side. And the same goes in the opposite direction. As long as everybody's sort of talking with their own people, then it's relatively quiet on their sides. But then, again, if I need to send a packet to you and you're on the other side then the bridge can realize that. Because it sees all the of the MAC addresses on one side, and all of the MAC addresses on the other side so it knows where everybody is. So it will only allow the packets to cross that are destined for the other side. If you were to place a hub, another hub, in between those two networks, then everybody would still hear everybody. So that would be much more traffic and many more collisions. So basically, they're used to create these smaller sections where the people who only communicate with mostly their own people, can stay over there and not bother the people on the other side and again vice versa. Now there are some considerations with using bridges. If the packet being sent is a broadcast packet, and that happens a lot.
[Video description begins] Bridges: Considerations. [Video description ends]
There are a lot of applications where broadcast is needed, then the bridge will forward the broadcast packet to the other side because it is essentially addressed to everyone. Therefore a bridge will say, well, if it's addressed to everyone then I have to forward this to the other side, okay? So, again, that increases the amount of noise. I'll tell you right now, routers don't do that, they don't forward broadcast packets. Now they also are unable to perform any kind of intelligent path selection, as the network grows there may be more than one root. So if I have let's say three or four different segments and a packet needs to go from segment A, maybe over to segment E and there are alternate paths between B, C, and D. Then the bridge is not really aware of which one is the best one to use. One might be shorter in terms of distance but it could also be busier in terms of traffic. But, again, a bridge is simply unaware of this, so the path between the sender and destination will always be the same. It simply cannot perform any kind of intelligent path selection, and again this is something that routers can do. So again, hubs and bridges probably not very common anymore, simply because of the expense really is not an issue anymore. So it's much more likely that you'll see switches and routers and of course we'll talk about those as well. But in the early days of networking this certainly was a method to reduce the traffic overall while still allowing everyone to communicate with everyone else.
Switches
Now in this presentation, we'll take a look at switches. And these are interconnection devices, very much like a hub, in that it is their job to connect multiple systems together. But a switch moves up a layer, where a hub operates at Layer 1 of the OSI model, the physical, the switch operates at Layer 2, the data link layer. It uses MAC addresses, so there's some intelligence built into a switch.
[Video description begins] Switches. [Video description ends]
And by using those MAC addresses, it can determine where to transmit data. And again, this provides centralized connectivity, similar to a hub, but much smarter. Now, this might seem to be similar to a bridge, which we just talked about. It also was aware of MAC addresses and operated at Layer 2, but there is still a difference. Switches, again, very much looked like a hub, in that there were typically multiport devices, let's just say eight ports, for example.
And in fact, if you set an eight-port switch next to an eight-port hub, on the surface you might not know the difference. But a bridge is a little more like a router, we'll talk about routers in the next presentation. But routers are not concerned with connecting individual computers together, they connect networks together. A bridge was very much the same, it was not concerned with connecting individual computers. It was concerned with connecting network segments so that you could isolate the traffic of segment one from segment two.
So typically, a bridge would only have two interfaces, one that connected to segment one and one that connected to segment two. And because it was aware of MAC addresses, if a packet was destined for a host within the same segment, the bridge would not forward it over to the other side. If it was destined for a MAC address on the other side, the bridge would do so. And this, again, helped to isolate the traffic, okay? But again, a bridge was just that network segment connection device, not one that connected 8, or 16, or 32 computers together.
So again, the switch essentially overtook the hub, the router overtook the bridge. So again, switches can examine the Layer 2 header information from the incoming packets. And based on this information, they forward those packets to only a specific port. So whereas a hub had no idea about any address, anything that came in one port went out over every other port, so everyone heard it. But a switch, again, can recognize that this physical port is connected to that physical computer, which has this physical address, or a MAC address, and it basically builds a table.
So again, let's just imagine we have a small eight-port switch. As soon as all eight systems send a packet through the switch, the switch now knows everyone's MAC address. So when system one wants to send packets to system five, or any other one, it doesn't matter, the switch knows where system five is based on the MAC address. And it is the only one that receives the packets. So this greatly improves the performance and reduces overhead when compared to hubs because, again, hubs sent the packets to everyone.
[Video description begins] Advantages/Disadvantages. [Video description ends]
So in terms of advantages and disadvantages, the advantage is, well, it absolutely could increase the available network bandwidth because there were so fewer packets that were flying around on the network because of the ability to filter traffic based on the MAC address. So this resulted in significant performance improvements of the network overall. And it could help regulate the flow of traffic and it significantly reduced collisions.
It can also increase security because, again, it is aware of addresses. So packets that are not supposed to be sent to any given system, simply don't go there. So with a hub, it's a lot easier for an attacker to pick up on all of the traffic because everything that's being sent is crossing over every port. In terms of disadvantages, the cost was a disadvantage, they were more expensive. And even today, a switch would still cost more than a hub. But again, in practical terms, the price has come down so much that, really, it's just not worth it to purchase a hub anymore.
And honestly, I think you might have trouble finding a hub. But overall, yes, they were more expensive, but not really an issue anymore. They can be a little more difficult to troubleshoot because if any two systems can't seem to be able to communicate, you have to identify which ports they're on. And if somebody maybe moved them to a different port or just to a different location, it can be difficult to know, well, where did they go? Where are they now?
Which physical port are they in? And the devices can be spoofed because there is intelligence. Then essentially this means that there's programming, and that can be spoofed. So an attacker can get into the switch and can reconfigure it so that packets that are supposed to be sent to, let's just say Joe, can actually be redirected off to the attacker. So proper design and configuration is needed to ensure that this doesn't happen. And finally, there are two categories of managed versus unmanaged.
[Video description begins] Managed vs. Unmanaged. [Video description ends]
And managed is often referred to as an intelligent switch because it has its own IP address and a configuration interface. And typically, you connect to it using a special software application, or even just a browser, or a dedicated management port. But it allows you to get in there and configure it. Whereas unmanaged is a device that can perform switching without any user intervention. It's essentially plug-and-play, you just set it up and plug in the systems, and really, that's it. But with that you cannot control the functions of that type of switch.
And that you know is a little bit limiting, but can often be more cost-effective for smaller deployments because they're probably cheaper. So ultimately, switches are much smarter than hubs, and will dramatically improve the performance of your network. So really, that is what you want to go with. And then managed versus unmanaged, really, is up to you, depending on the needs of your environment.
Routers
In this presentation, we'll talk about routers, which are intelligent devices used to determine the best path for transmitting data between networks. Now, I'll come back to that point in a moment, but we say intelligent because routers maintain tables that are used to store network addresses. Now, someone has to program these tables initially, and the network addresses represent the routes that are available to that router.
But if I program router one with a set of routes and you program router two with a set of routes, and those two routers are able to see each other, then they can actually exchange that information. So any routes that I know about but you don't, and vice versa, can be shared by the two routers. So each one literally can become smarter, if you will. And routers can transmit data across multiple networks. So if, for example, you had a single, very large network, you could divide it up into several smaller IP subnets, but each subnet is still a different network.
So with routers, you can still have everyone connected to everyone but in a very efficient manner. So routers move up a layer in the OSI model, they operate at Layer 3, which is the network layer. So as such, they're more concerned with networks than individual computers. Now, they can support various network types. It can be a LAN or a WAN. And in terms of the physical cabling, it could be copper or fiber. As long as it runs on TCP/IP, then routers can route the traffic appropriately.
[Video description begins] Key Functions. [Video description ends]
So in terms of the key functions, and these are some of the points that I said I'd come back to, they connect multiple networks together, unlike a switch or a hub. Recall that switches and hubs were responsible for connecting computers together within a network. But routers are not concerned with that, they connect network one to network two. They don't really care about any individual computer on the network.
Routers also do not forward broadcast packets. You might recall when we talked about bridges, that they do. Because it was addressed to every system, then the bridge would say, all right, I'll forward that across to all of the other systems on the other side. But routers don't do that, they create a boundary. So if, for example, your LAN has a router that then connects you to the Internet, broadcast packets that might land on the internal interface of the router are absolutely not forwarded out on to the Internet.
[Video description begins] Broadcast domains are broken up. [Video description ends]
Clearly, we don't want that. But the other key function is to determine the best route to the destination. So again, routers are able to communicate with each other and exchange those routing tables. So they can make decisions based on two characteristics. The distance, which is not really measured in miles or kilometers, it's how many routers have to be crossed between point A and point B.
That's sometimes referred to as distance vector routing. And that's fine in many cases, but even though one path might be shorter than another one, there could be a lot of congestion along that path. So if there's an alternate that maybe is a little bit longer, but it's not as busy, then it can actually take that route instead. Now that's dependent on which protocols are enabled on the routers, but they can do that. They can kind of step back, if you will, and examine characteristics of the routes and try to determine which one is the best route. But ultimately, again, the router is not concerned with connecting the computers together but rather the networks. So if I have LAN 1 on one side
[Video description begins] Interconnecting LANs. [Video description ends]
and LAN 2 on the other side and a WAN sits between them, such as the Internet, then routers are absolutely required to get from LAN A to LAN B. Because we cannot connect switches together across a WAN link. It just doesn't understand it because it needs the IP address information to determine the routes. But switches do not operate on IP address, they operate on MAC address. That's too far down, okay? So the routers are the devices required for interconnecting LANs across a WAN or, really, across any other configuration. There doesn't have to be a WAN in between. But as soon as you have two separate networks, regardless of where they are, if they want to talk to each other, you must have a router in between them.
Access Points, Repeaters, & Extenders
In this presentation, we'll talk about access points. And officially, an access point is any point that enables users to access a network. But the term here is much more commonly used when referencing a wireless access point. So if you consider someplace like an office environment where there's a physical wired network, then your access point is any data port in the wall. So we generally don't refer to those as access points.
So with wireless, it is quite simply just any point that allows you to connect to the network wirelessly. So you might think of it as a wireless wall port. But you can have as many access points as you want, as long as they all connect to the same network, they simply give you access. Now, they don't perform any kind of routing functions or anything like that, they simply give you access to the network.
[Video description begins] Repeaters and Extenders. [Video description ends]
Now, they also have repeaters and extenders. And those functions themselves operate all the way down at the physical layer, Layer 1 of the OSI model. It's just designed to improve the signal range and the strength by amplifying any signal they receive. So the idea here is that if you do have, let's just say, one Wi-Fi router, well, it has a pretty limited range. So once you start to get to the maximum distance, your signal strength is going to be pretty poor.
But if you put a repeater/extender at that point, then you can extend the range of the network to whatever distance the repeater can reach. So even at home, you could do this if you have a fairly large house with a lot of floors, you might find that the signal is not very good on the top floor if the router is on the bottom floor. So you can extend the range using a repeater and/or an extender.
[Video description begins] Coverage. [Video description ends]
So this simply helps to improve the coverage. So, again, the original wireless router has whatever its range is, but it's obviously limited. So a Wi-Fi repeater can pick up on the wireless signal, and then simply pass it on, just repeat it to extend the range. And they can actually operate wirelessly or with a wire. So you can actually wire the repeater to the original router, and it can then repeat that signal coming in over the wire wirelessly. That depends on the make and model, but you can do either. You can just pick up on the signal wirelessly and boost it along.
Or you can receive the signal over a wire and then transmit that over the Wi-Fi. But either way, they just extend the coverage. So, of course, this is something that you would likely see in a hotel or an airport, where a single wireless router would just never be able to cover that amount of space. So there are access points and/or repeaters and extenders all over the place, with overlapping ranges. So that no matter where you go, you are always in range of a repeater, or an extender, or quite simply an access point. And as long as you have that, you are able to connect to the network.
Network Controllers
In this presentation, we'll take a look at your PC's Network Interface Card or what's more commonly referred to as the NIC. And this typically is how you simply connect your PC to a switch or any other networking device, but it's how you network.
[Video description begins] PC Network Interface Card (NIC). [Video description ends]
Now, NICs can be either wired or wireless, and this refers to the physical connection, of course. So if it's wired, there's a physical port on the back of the interface where you connect the standard Ethernet cable. But if you're in an environment such as a small office or home office that maybe does not have a wired network, then you can install a wireless NIC, and this typically has an antenna coming out of the back. And it allows you to connect to a Wi-Fi network just like smartphone or a tablet might.
[Video description begins] Network Device Interface. [Video description ends]
So any type of device that wants to network requires at least one interface. So the NIC is your interface, but they can be either hard-wired or modular. Now, the modular means that it's a card. You can insert it into a slot of your motherboard, and this certainly facilitates easy replacement. If something were to go wrong with that device, or you just want to upgrade, you can just pop out the old one and put in a new one.
But the hardwired interface means that it's physically soldered right onto the motherboard. So as soon as you install the motherboard, you already have a network interface. And that's certainly convenient, because you don't need a card at that point. But if something were to physically break on that connector, it's not particularly replaceable. Now that said, even if it were to break, as long you had an open slot on the motherboard, you could still install a modular unit and you could continue networking.
[Video description begins] NIC Properties. [Video description ends]
Now, most NICs will have certain properties that can be configured. And speed and duplex are some of the common examples of things that can be set. Now, most of them will have default values in place, and you generally don't have to change them. But there may be a situation where a particular device on the other end does need a specific configuration. So these settings can be adjusted. Now, the speed is just quite literally the megabits per second value. And that might be 10 megabits per second, 100 megabits per second, a gigabit per second.
So typically these will automatically detect what the setting is and adjust accordingly. So that's actually the auto negotiate feature. But if you need to set it statically, you generally can. You can just go to the properties of the device from your operating system and set the appropriate value. But duplex refers to the direction of traffic. So duplex, quite literally, just by itself, means that traffic can go in both directions. Now, the opposite of that is known as simplex. We typically don't see that in network communications. But an example would be just listening to the radio in your car.
A transmission only comes one way, that's simplex. Then there's a full and a half characteristic, which means can communication occur at the same time between two systems. So again, coming back to duplex, that is two-way. So we can both send and receive. Half duplex, however, means that we have to take turns. I can send but while I'm sending, you have to listen. And then vice versa, while you are sending I have to listen. So that's half duplex. And an example of that would be a standard phone call. Now, we could both speak at the same time on a phone call, but by the normal rules of communication, we generally don't. One person speaks, the other person listens.
So you take turns. So that would be an example of half duplex. But if we were, for example, arguing with each other and everybody's trying to be heard over the other person, that would be full duplex. Now, in normal communications, if we are arguing with each other we might find it rather difficult to actually communicate but that still is full duplex. But that's not an issue with network interface cards. Both systems can send and receive at the same time. That's full duplex. And this, of course, facilitates faster communication. And then there's another setting known as Wake on LAN.
And this is usually a feature that system administrators of larger networks might take advantage of when they want to do upgrades or configurations to all of the computers on the network at more or less the same time. They typically would do this maybe late at night when no one is around. But, of course, many of the computers would be either in a sleep state or turned off. So if the device itself and the computer at the BIOS level, if they both support Wake on LAN, then an administrator can send from some kind of management application, a packet known as a wake-up packet.
And as soon as that hits the adapter, it instructs the system to come out of sleep and or turn on so that they can be managed. They can receive the update or whatever configuration is coming down from the network administrator. Now, again, these settings are typically on, but they might be in a default state. So you might want to verify what their setting is. And if you aren't sure, most of them do have an auto negotiate option or an auto enable setting. So just check to see what it is, and if it's something that you feel does need to be set, you certainly can set it to an appropriate value.
Cable & DSL Modems
Now in this presentation we'll talk about modems, which are hardware devices used to connect to a remote network. Or perhaps more commonly, to the Internet. Now, for those of you who may be a little bit younger, you may have never seen a modem. But back in the original days of the Internet just becoming available, this was the only way that you could get on the Internet. Now, I'll talk about that in greater detail in a moment, but the term itself is a contraction of modulate and demodulate. And that referred to the process of converting analog signals or electrical signals into digital signals. So that you can send and receive data over the plain old telephone line. And eventually, the cable line, but we'll come to that in a moment as well.
[Video description begins] Dial-Up Modems. [Video description ends]
So again, back in the early days of the Internet, we needed dial up modems to establish an Internet connection through to our Internet service provider using the standard telephone line. So, for example, an external modem was a little device that just sat on your desk. And one line would be plugged into the phone jack of your house. And the other line would be plugged into your computer. And you literally made a phone call to your Internet service provider.
[Video description begins] Internet Service Provider is abbreviated as ISP. [Video description ends]
That would establish the connection. And once you had that connection then yes, you were able to get on the Internet. But you could not use your own home phone while you had this connection, nor could you receive a call. If somebody called you, it would ring up busy. So apart from that inconvenience, it was painfully slow. By today's standards, it is thousands of times slower. A maximum speed of 56 kilobits per second was as high as it ever got in terms of dial-up connections. These days, we have hundreds of megabits per second. So you can imagine how much slower that would be compared to today's Internet speeds. So along came the digital subscriber line, or DSL, which was a very
[Video description begins] Digital Subscriber Line (DSL). [Video description ends]
popular method for transferring digital signals over a standard telephone line. So as its name indicates, digital subscriber line, it's already digital. So we actually didn't need to modulate and/or demodulate, although most people still referred to it as a DSL modem, just because it performed the same function, okay? So the DSL modem was used to connect to your Internet service provider, but in very short order superseded the dial-up modem because it had significantly faster speeds. Even the early DSL modems were still hundreds of times faster than dial-up was. And certain models have built-in Wi-Fi capabilities as well, although that didn't come along until quite a bit later. But these days, DSL is still around, so chances are you would get a wireless DSL modem as well.
[Video description begins] Cable Modems. [Video description ends]
And then cable modems came out around the same time as DSL. These are also hardware devices, but they used coax cable TV lines to provide high-speed Internet access. And these were always on. Even with the original DSL, you still had to establish a connection through to your Internet service provider before you could go online, okay? But you could at least use your phone if you had a DSL connection, because it used different frequencies. So that was nice. But with cable modems it was always on, you didn't have to establish any connection whatsoever.
And even though it used TV lines, again, it used a different frequency, so you could absolutely still watch TV and be online at the same time. And this also offered much faster data transfer rates compared to dial-up. So both cable modems and DSL really took off as soon as they came out. Almost everyone abandoned modems as quickly as they could. But the problem was that DSL and cable modems weren't available everywhere. They were in most cities, but for a long time they did not reach into rural areas. So in fact, it's still possible today that you may still find a modem somewhere, but pretty rare by today's standards.
Patch Panels
In this presentation, we'll talk about structured cabling, patch panels and network racks. And to begin, structured cabling, while that is an official term, honestly is a fancy term for being nice, neat and organized. Imagine just even a small office, but all of the interconnection devices, your switches, your routers, and your connection through to your ISP. Are in one little, small server room. Then maybe there's three or four offices, of course, that want to connect to everything else.
Well, you could just all buy very long network cables and run it from your computer, out your door, along the floor, into the server room. And then connect it to one of the switches. That would certainly work. But if everyone did that, of course, you would end up tripping over all of the cables and everything would really be a mess. So clearly we don't do that. There is a data port in the wall, you just plug into the wall. But that port has to have a cable running from it that ultimately ends up in that server room. And then from that point it still needs a way to be able to connect to everything else that's in there. So you could still just run them fairly haphazardly and, you know, everything would work.
But again, it's not very neat, it's not very organized, it's difficult to know which system is plugged in where. So structured cabling really is just applying some kind of organization to everything. You bundle all the cables together. You tie them with plastic ties or grommets, maybe run them through cable troughs. Maybe even use heat shrink, which is just a plastic wrap that you apply some heat to and it shrinks and tightens up. But this does really supply safety and aesthetics. You can label all of the cables. You can label the ties and/or the clips and you can even use floor covers.
If a wire does have to cross over some point of the floor, there are little troughs that you can lay on the floor. Usually rubber ones that open up and you can lay the wires inside of them and then close them over so that people don't trip over them. But ultimately it really is just organizing everything and getting all that cable out of the way so people won't trip over it.
[Video description begins] Patch Panels. [Video description ends]
So as mentioned, the data port in the wall that we see in our offices has to come out somewhere. So this is the other end where it comes out, the patch panel. So the wire itself that is connected to the data port in your wall runs through the walls and comes out in that server room. But the other end does not have a standard network connector on it. It's just bare wires so a technician hard wires those wires to the back side of a patch panel.
Then it's labeled so you know where the other end of this is. So you can take the very first data port and you can run the cable through to office one, and again, it's hardwired on both sides. So really it's nothing more than an extension cord, but it's a nice, neat extension cord and then we can label it, say this is office one. And then we run all the other ones, and we hardwire them all and we say this is office two and office three. And we just keep going until everything is wired. Then you put your switches below the patch panel, and then all you have to do is run a little short wire from the patch panel to the switch. And you do that for every port of the patch panel, and now everyone is connected. So essentially, it's just a means to centralize all of the connections so all of those wall ports in all of the office all end up at the patch panel.
[Video description begins] Mounted hardware assembly containing multiple ports. [Video description ends]
That's what you use to connect to the switches. Okay, so again, it's used in LAN environments to house all of those multiple cable connections. And the ports are simply used to connect everyone to everyone else, so we can manage those cables both incoming and outgoing. And again, label everything, tie it up all nice and neat. And we know exactly which port is which, and there are no wires scattered all over the place or laying on the floor.
[Video description begins] Types of Patch Panels. [Video description ends]
So there are a few different types of patch panels. They're really just based on the number of ports they contain. They come usually in varieties of 12, 24 or 48, and then they also can carry various cable specifications. Now these Cat cables that you see here stands for category. And 5E, 6, 6A and 7 are just different transmission specifications for what we call standard Ethernet networks.
[Video description begins] Examples are: Cat5E, Cat6, Cat6A, and Cat7. [Video description ends]
Some of them are a little faster, some of them have different characteristics. But they all use the same physical connector. It just looks a little bit larger than a phone jack. But it's what we all just think of as a standard network cable, really. So again, they all centralize at the patch panel, then you connect the patch panel to your switches, and now everyone can see everyone. So that typically works fine in small to medium sized environments. But once you get up into the very large, then we start seeing network racks.
[Video description begins] Network Racks. [Video description ends]
And these are metal frame chassis that can stack and organize all of those different networking components. Including the patch panels, the switches, and the routers. So again, in very large environments you may have thousands of data ports. So they all need to be connected still in a central location for optimal organization. So the racks, again, just give you that extra space and there can be as many racks as you need. It depends on the size obviously, but again, still the patch cords can be used to connect any given patch panel to a switch.
And really that's, again, all you're doing. The cord in the back of the patch panel is simply representative of the other end of your wall jack in your office. So again, it's really nothing more than an extension cord. You know, patch panels themselves don't do anything in terms of switching, routing, or bridging, or anything like that. It's just a bunch of extension cords so I can get all of my cables in a single place. And then centrally connected to all of the other actual networking devices.
Power over Ethernet (PoE)
In this presentation we'll take a look at Power over Ethernet, or PoE. This is a technology used for wired Ethernet LANs that enables electrical current to be carried over data cables as an alternative to a power cord. Essentially what began to happen was that, as networks grew in functionality and more and more devices were able to network. We started to find situations where we needed to place a network device where there was no power.
And a common example of this is when implementing a wireless access point. It was very common to place these devices up in the ceiling so that they wouldn't be seen. But, of course, we tend not to find standard power outlets in the ceilings. So here we had this device that needed to be powered, but nowhere to plug it in. So Power over Ethernet delivers both the data and the power. Now, you have to have a device that is, of course, capable of accepting this. It has to be specifically designed for PoE. But if it is, then you only need to run the data cable to that device and basically that's it. We don't need a second power cable. Now, as this became a little more common, it was realized that a little more standardization was needed to support different types of devices.
[Video description begins] Next Generation PoE. [Video description ends]
So the IEEE 802.3bt specification was defined and/or perhaps refined, and more commonly known as Next Generation PoE. But it was powerful enough to support a variety of devices including kiosks, terminals, LED lighting, security card readers and security cameras as well. So it's not always a scenario where there maybe isn't power, but it just makes it a little simpler because you don't have to run power. So we can still just run that single data cable to the device and it receives both its data and its power over the same cable.
Ethernet over Power
In our previous presentation, we talked about a specification known as Power over Ethernet. In this presentation, we will take a look at the exact opposite, Ethernet over Power. And this is a technology used to transmit data using common electrical wiring, or quite simply, the power circuits that are in your house or your building. Now in order to function properly, an electrical outlet and Ethernet over power adapters are required, and both devices have to be on the same electrical circuit. So if you aren't certain, if it's maybe something in your house, you can just try turning a breaker on and off to find out what goes off and what comes back on each time you flip it.
But the idea here is that you may have scenarios where you need to connect any given device to your network but you can't really run a data cable. You don't want to bust out the walls or anything like that. You don't have an Ethernet connection. And maybe your Wi-Fi just cannot reach that area. And again, it's not all that uncommon, even in houses, for the Wi-Fi to be pretty weak in one area of the house if it's very far away from the Wi-Fi and a lot of walls in between. So essentially what you do is you plug in this device to the power and it has an Ethernet connection on the side, or the bottom, or somewhere. And then you plug in another one at the end where the device is, that needs to connect.
And you literally use the existing power cables that run between the two devices to carry the Ethernet signal. At the end of the day it's all just copper wire. So as long as these devices are configured correctly, with respect to the specifications and the protocols that they use, then they can send both data and power over those same copper wires. So ultimately, this allows you to connect that device to your network where it might not be very easy to do so using more traditional methods.
[Video description begins] Configuring Ethernet over Power. [Video description ends]
It's a fairly simple setup process, you just plug in the devices, and again, there's one on either end. So one at the side of the router, for example, and one at the side of the computer. And generally, there is some kind of a negotiation process on the device itself. So it's usually something like just pressing a button on the device and that essentially starts looking for a partner device. And as soon as you do that on both devices, they discover each other, they realize that they are there. And then they can start simply sending data back and forth between themselves. And anything that is then plugged into either side is able to network. So you literally use your power cables in your house as your wiring for your data signals. And this, of course, avoids having to do anything in terms of installing any additional cables. So this can certainly be a good option if you do have a system that really does not have any other means to connect.
Firewalls
In this presentation we'll take a closer look at the basic implementation of a firewall, which can be both hardware or software-based. Now, we'll take a look at each one in a moment. But ultimately, firewalls are used to allow or deny a connection based on a set of rules. You can also implement packet filters, which use rules that are based on IP addresses and ports. And there are types that are known as stateful, which means that there's a filter being implemented and it maintains the entire session state information. In other words, it keeps track of everything that's happened between the two endpoints for the entire duration of the communication. It's like recording a phone call, if you will. And ultimately, they help to protect against outside threats, of course, such as hackers or intruders. So then, looking at the hardware firewall first,
[Video description begins] Hardware Firewalls. [Video description ends]
this is typically a specialized network appliance that is perhaps rack mounted or it might just be a smaller box-type unit. But it's placed between the network and the untrusted network. Now, that essentially means on one side of it is your internal LAN and on the other side is, typically, the Internet. Then you configure port and IP address rules, and it's essentially based on what you feel is acceptable traffic. Any kind of website, for example, that you want to be exposed to the Internet is an example of desired traffic. So if I have a web server, then I need to make sure that port 80 for HTTP is allowed through the firewall. But let's say you also have a database server behind the firewall.
Then you would want to make sure that the protocols for the database server would not be allowed through the firewall. So that can help to protect that database server. And they can act in various roles as well depending on the functionality of the device. But they can act as a content filter to, again, allow or deny based on the content. They can also be used as a VPN concentrator, meaning that's the single point where all of your outside users access your network through a VPN. And, in some cases, they can be used for what's known as a honeypot. And this is quite literally something that appears to be of interest to an attacker. But really it's just a trap, if you will, it's a set up to entice them to go after that, but there's nothing there. So that's what's known as a honeypot. So the idea is, of course, to quite literally catch them in the act, so to speak.
[Video description begins] Software Firewall. [Video description ends]
Now, a software firewall is running on a host as an application. Typically, you might find this in small office or home computers. It's usually only port-based. Which, again, simply means that this port is allowed, this port is not allowed. But it can still control Internet access per application. There are certain applications that you would, of course, want to be able to get to the Internet, while others should not. And there are a lot of different applications that might try. Not for browsing, of course, but just to be able to go out and get updates, for example.
So you'd be surprised at how many applications are actually going out onto the Internet. So you can tighten things up by just disallowing any particular application from being able to be accessed from the outside. But, of course, if the operating system itself becomes compromised, then really so does the firewall. So it's important to stay on top of everything. If you are relying on software-based firewalls, you know, you need to make sure that everything is kept current, they're kept up to date, and that the firewall remains running, of course. Now content filters, we mentioned earlier, they can be a part of a firewall or perhaps a separate device entirely. But the idea behind content filters means that they can analyze packets.
They can quite literally examine the content, and then they'll either allow or deny the request based on the rules that you set up. So some common filters include executables, emails, or certain known undesirable websites. So you typically configure these with respect to what is acceptable content, and what is not. So, again, you might want to block certain things or certain applications because they simply could be harmful. Or maybe they just would take up too much bandwidth, like torrents, for example. If everybody at work started downloading torrents, you'd be chewing up all of your bandwidth. But, you know, it's up to you to decide what's desirable or what is necessary versus what is undesirable. And once you implement those, again, the content filter is able to examine that traffic and say yes, this is good, no, that's no good. And hopefully you can get the ideal configuration for your needs and your environment.
Cloud-Based Network Controllers
We'll introduce a concept known as the cloud-based network controller. But before we get into any of that, let's just think about traffic. I've used the term network traffic a number of times and I'm sure you've heard it. But even more general than that, let's just consider regular traffic. In other words, cars on the road. When you have a lot of traffic to deal with, there needs to be a way to manage the traffic. We have rules that we have to learn. We paint lines on the roads to indicate the lanes. We have stop signs and traffic lights and any other various types of mechanisms that route the traffic appropriately. So again, we're not all just driving all over the place and smashing into each other.
So network traffic actually needs the same kind of management. Particularly, once you get into wireless environments and you have an awful lot of traffic to deal with. Now, this really wouldn't be applicable to something like a home or a small office wireless router. You set up your router and away you go. But imagine an environment such as a university campus. They might need to blanket the entire campus with wireless. So that no matter where you go, you can connect. This might involve hundreds or even thousands of access points.
So now we've got traffic that can enter into the environment from all of these different places. Now, that's fine. We like this of course, but from a management perspective, this is very demanding. Every one of those Wi-Fi access points needs to be configured, it needs some kind of management. So without a network controller, your choice is essentially go and configure and manage and maintain every one of them manually. Not a particularly attractive option, again, if you're dealing with thousands. So the network controller can gather information from all of those wireless access points in a process known as backhaul.
[Video description begins] On-premise controllers use a process called wireless backhaul. [Video description ends]
In other words, the communication is tunneled back to the controller. And this includes information known as control-plane and data-plane. And control-plane information, this essentially represents the instructions. Again, just like the traffic lights and the lanes painted on the roads, this is the means to manage the traffic. And then the data-plane is the actual traffic itself. So these access points report this information back to the controller, and you can gather it up and get a much better picture of what the traffic looks like in your environment.
And based on that information, you can configure all of the access points using the network controller. So you have some kind of application whereby you can publish some kind of policy, for example, that goes back to the access points and implements the configuration that you want. So now I don't have to connect to each one manually. I use the network controller to configure all of my access points based on the information that I've received back from them.
So again, that's an on-premise controller and that's perfectly fine. But again, if you're dealing with a very large environment, and perhaps again using the university campus as an example, well, you might not just have one campus, you could have many campuses. So they can be, of course, very physically separated from each other as well, so now I have to deal with those other campuses in remote locations. Again, that can all be done, but a cloud-based network controller is simply a service to which you can subscribe.
[Video description begins] Cloud-managed wireless LAN. [Video description ends]
Now all of your campuses can report all of their traffic information back to this location in the cloud. They all connect to a virtual controller, and it's just located in the public cloud, and they simply are able to then be configured from the cloud-based location.
[Video description begins] Access points connect to a virtual controller. [Video description ends]
And you as an administrator can access that information from anywhere. As long as you have Internet access, you could be anywhere in the world, just sign in to your cloud subscription and you see absolutely all of the information coming back from all of your access points. And you can reconfigure anything that you want for any particular access point from that cloud-based location. So it's just very convenient.
And essentially, it avoids you having to not only configure the access points themselves manually but the network controller application itself does not need to be installed anywhere. It doesn't need to be maintained or updated, it's just a service from the cloud. So it's kept up to date and kept current by the cloud provider. So again, this is much more a configuration that you would likely see in a very large implementation of wireless networks as opposed to the small office or home office. But it certainly is an option for anyone who does need to maintain that type of environment.