Advanced Networking Devices | CompTIA Network+ N10-007 | 2.3

In this video you will learn about advanced networking devices such as a: multilayer switch, wireless controller, load balancer, IDS/IPS, proxy server, VPN concentrator, AAA/RADIUS server, UTM appliance, NGFW/Layer 7 firewall, VoIP PBX, VoIP gateway, & content filters.

Multilayer Switch

A multilayer switch (MLS) is a computer networking device that switches on OSI layer 2 like an ordinary network switch and provides extra functions on higher OSI layers.  Multi-layer switching combines layer 2, 3, and 4 switching technologies and provides high-speed scalability with low latency.  Multi-layer switching can move traffic at wire speed and also provide layer 3 routing.  There is no performance difference between forwarding at different layers because the routing and switching is all hardware based.  Multi-layer switching can make routing and switching decisions based on the following:

• MAC address in a data link frame
• Protocol field in the data link frame
• IP address in the network layer header
• Protocol field in the network layer header
• Port numbers in the transport layer header

Wireless (WLAN) Controller

A wireless LAN (WLAN) controller is used in combination with the Lightweight Access Point Protocol (LWAPP) to manage light-weight access points in large quantities by the network administrator or network operations center (NOC).  The WLAN controller manages network access points that allow wireless devices to connect to the network.

Load Balancer

In computing, load balancing refers to the process of distributing a set of tasks over a set of resources (computing units), with the aim of making their overall processing more efficient.  Load balancing can optimize the response time and avoid unevenly overloading some compute nodes while other compute nodes are left idle.  A load balancer is a device that acts as a reverse proxy and distributes network or application traffic across a number of servers.  Load balancers are used to increase capacity (concurrent users) and reliability of applications.

IDS (Intrusion Detection System)

An intrusion detection system is a device, or software application that monitors a network or systems for malicious activity or policy violations that might not be detected by a firewall. Typical threats detected by an IDS include attacks against services, malware attacks, data-driven attacks, and host-based attacks. To detect these threats, a typical IDS uses signature-based detection, detection of unusual activities (anomalies), and stateful protocol analysis.  Any intrusion activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources and uses alarm filtering techniques to distinguish malicious activity from false alarms. A true IDS does not block attacks, but some products and services referred to as an IDS actually have characteristics of an IPS (intrusion prevention system).

IPS (Intrusion Prevention System)

An intrusion prevention system, also known as an intrusion detection prevention system (IDPS), is a technology that keeps an eye on a network for any malicious activities attempting to exploit a known vulnerability. An IPS’s main function is to identify any suspicious activity and either detect and allow (IDS) or prevent/block (IPS) the threat.

Proxy Server

A proxy server is a server application or appliance that acts as an intermediary for requests from clients seeking resources from servers that provide those resources. A proxy server thus functions on behalf of the client when requesting service, potentially masking the true origin of the request to the resource server. Instead of connecting directly to a server that can fulfill a requested resource, such as a file or web page, the client directs the request to the proxy server, which evaluates the request and performs the required network transactions. If the proxy server does not have the requested page, it downloads the page on behalf of the client, sends the page to the client, and retains a copy of the page in its cache. This serves as a method to simplify or control the complexity of the request, or provide additional benefits such as load balancing, privacy, or security. Proxy servers can also be used for anonymous surfing.

VPN Concentrator

A VPN concentrator is a type of networking device that provides secure creation of VPN connections and delivery of messages between VPN nodes.  A VPN concentrator primarily adds the capabilities of a VPN router by adding advanced data and network security to the communications.  It has the ability to create and manage a large quantity of VPN tunnels.  VPN concentrators are typically used for creating site-to-site VPN architectures where they can do the following:

• Establish and configure tunnels
• Authenticate users
• Assign tunnels/IP addresses to users
• Encrypt and decrypt data
• Ensure end-to-end delivery of data

AAA/RADIUS Server

Remote Authentication Dial-In User Service is a network protocol, operating on ports 1812 & 1813, that provides centralized authentication, authorization, and accounting (Triple A) management for users who connect and use a network service. Users who want access to a network or an online service can contact a RADIUS server and provide a username & password to attempt to gain access. The server would then authenticate or decline access to the network or service.

UTM Appliance

Unified Threat Management is an approach to information security where a single hardware or software installation provides multiple security functions. UTM devices provide firewall, remote access, VPN support, web traffic filtering with anti-malware, and network intrusion prevention. This contrasts with the traditional method of having point solutions for each security function. UTM simplifies information-security management by providing a single management and reporting point for the security administrator rather than managing multiple products from different vendors. UTM devices may be specialized boxes that are placed between the organization’s network and the internet, but they can also be virtual machines using cloud-based services. UTM appliances have gained popularity since 2009, partly because the all-in-one approach simplifies installation, configuration and maintenance. Such a setup saves time, money and people when compared to the management of multiple security systems.

NGFW/Layer 7 Firewall

A next-generation firewall is a part of firewall technology, combining a traditional firewall with other network device filtering functions, such as an application firewall using line-in deep packet inspection (DPI), intrusion prevention system (IPS) packet filtering, network & port address translation, stateful inspection, and VPN support.  Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).

VoIP PBX

An IP PBX (Internet Protocol private branch exchange) is a system that connects telephone extensions to the public switched telephone network (PSTN) and provides internal communication for a business.  An IP PBX is a PBX system with IP connectivity and may provide additional audio, video, or instant messaging communication utilizing the TCP/IP protocol stack.  Voice over IP (VoIP) gateways can be combined with traditional PBX functionality to allow businesses to use their managed intranet to help reduce long distance expenses and take advantage of the benefits of a single network for voice and data (converged network).

VoIP Gateway

A VoIP gateway is a hardware device that converts telephony traffic into packets of data for transmission over the internet, bridging the analog, cellular, and IP network.  Depending on where the voice signal originates from, the gateway will convert the voice signal into the proper form for receipt by the destination network.  If the voice signal originates from the PSTN, a VoIP gateway can convert the analog signal into packets of data and send it to the IP-based phone system, and vice-versa.

Content Filter

Content filtering is the use of a program to screen and/or exclude access to web pages or email deemed objectionable. Content filtering is used by companies as part of their firewalls, and also by SOHO personal computers. Content filtering works by specifying content patterns, such as text strings or objects within images, that if matched, indicate undesirable content that is to be screened out. A content filter will then block access to this content.