The knowledge of network architecture is a must for those students who want to prepare for cybersecurity or IT security exams.
This article explains various subtopics pertaining to network architecture and will give a profound explanation with relevant real-life examples.
Network Defense-in-Depth
Network defense-in-depth involves different defensive measures in order to guard the data and resources. This is a strategy that includes multiple layers; hence, if one layer does not succeed, the other layers will still protect.
Real-Life Example: A Health Organization
A hospital’s firewalls act as its IT infrastructure’s first line of defense against intruders who want to access sensitive patient data, intrusion detection systems alert the security team should an attacker make it past the firewall, and encryption protocols secure sensitive data even in case an attacker has successfully accessed it. This multi-layered defense minimizes chances of a successful breach.
Basic Network Concepts
Basic knowledge of some of the concepts about networking is necessary to get information relating to other more complex topics. These concepts include:
- Protocols: The protocols are the sets of rules that describe how data is transmitted. The most common protocol used is TCP/IP.
- Topologies: It describes the physical arrangement of the network. Examples include star and mesh.
- Transmission Media: These are the physical media through which data is transmitted. The examples include fiber optics and copper cables.
Example: Small Business Network
The star topology also links all devices to a central switch. This facilitates management and troubleshooting. “Tech Innovations” relies on the use of TCP/IP protocols for reliable communication over this small business segment for employees’ easy file sharing and access to applications.
The OSI Model
The OSI model is a conceptual model that provides a basic background to understand network interactions. It is composed of seven layers, each playing a certain role:
- Physical Layer: This layer handles the hardware connection.
- Data Link Layer: It is in charge of node-to-node data transfer.
- Network Layer: The routing and forwarding concerns rest with this layer.
- Transport Layer: Reliability in data transfer is guaranteed by it.
- Session Layer: It manages the sessions between applications.
- Presentation Layer: It translates data formats.
- Application Layer: Through it, the end-user applications interact.
Scenario: User Unable to View a Website
Suppose a user at an organization reports that they cannot access a particular website. As a network technician, your task is to trace the trouble spot by using the OSI model as the basis for where the problem is happening.
- Step 1: Physical Layer – Layer 1
Start checking the physical connections.
Cable and Connectors: This includes a check if all the cables and connectors of the Ethernet are plugged in securely with no damage. Testing for cable integrity can be done using a cable tester.
Power: Power to the networking devices, such as routers, switches, and access points, should be turned on and working. The status of devices can be identified by their LED indicators.
NICs: There should be a working NIC in the client’s machine. You can execute ipconfig Windows) or ifconfig (Linux) to view the status of NIC.
If all appears fine here, proceed to the following.
- Step 2: Data Link Layer (Layer 2)
You should verify here that data can be delivered between devices on the same local network:
MAC Address Table: Check the MAC address table on the switch for the user’s device. For instance, the command show mac address-table is utilized on Cisco switches.
ARP Cache: Confirm that the ARP cache is correct. If needed, you can clear the ARP cache on the user’s device and the switch.
Ping Test: From the command prompt, ping the switch to test for connectivity to the switch. If the ping is not returned, suspect a possible problem with the physical connection or switch configuration.
If the data link layer checks out, move on to the network layer.
- Step 3: Network Layer (Layer 3)
This layer is responsible for routing data packets:
IP Address and Subnet Mask: The user’s device must have a valid IP address and subnet mask. Verify the settings using the ipconfig or ifconfig command.
Default Gateway: Client must have a default gateway properly configured. The client should be able to ping the default gateway.
Routing Issues: You can trace the route packets take to reach the website by using the traceroute command. If the trace fails at a particular hop, that could mean there is a routing problem that needs to be investigated.
If no issues can be found here, continue to the transport layer.
- Step 4: Transport Layer (Layer 4)
In here, you have to verify the proper protocols for communication:
Protocol: Verify that appropriate transport-level protocols are in use. Utilize the use of netstat to identify whether there are active connections and what their states are.
Firewall Configuration: There should not be any firewall in the way of necessary web traffic ports. This would usually be port 80 for HTTP and port 443 for HTTPS. It would also include firewalls on a user’s device locally and other network firewalls.
If all are working correctly in this layer, move to the session layer.
- Step 5: Session Layer (Layer 5)
This layer is responsible for sessions between applications:
Session establishment – Verify whether the application (web browser) is able to establish a session with the server. One may use a utility like telnet to test connectivity to the web server on the right port.
Session Timeout: Check that no session timeout or disruption may be occurring.
If the session layer is functioning properly, then move on to the presentation layer.
- Step 6: Presentation Layer – Layer 6
This layer translates the format of data:
Data Formats: Verify if the data transferred or received is in the correct format; for example, if a website requires encoding of a specific type, then the browser connecting to it should be able to use the same encoding.
Encryption Issues: If the website is HTTPS, then make sure the SSL/TLS certificates are valid and that there are no encryption issues.
If the presentation layer is clean, application layer is next.
- Step 7: Application Layer (Layer 7)
This is the layer at which user applications communicate with the network:
Logs Review server logs-if you have access to the logs-to find if there is an issue at the server side of things that may be causing this problem.
Application Configuration: The browser should first be checked regarding its settings and configuration to see if it is set right. It may be proxy settings or some other configuration that creates the problem in connecting.
Error Messages: Any error messages flashing on the browser should be researched. Standard errors like “404 Not Found” or “500 Internal Server Error” give some idea about the problem.
The TCP/IP Model
The TCP/IP model is an older, shorter version of the OSI model. It contains four layers:
- Link Layer: it combines physical and data link layer
- Internet Layer: provides addressing and routing
- Transport Layer: reliable communication TCP, fast but less reliable communication UDP
- Application Layer: supports an application layer protocols like HTTP, FTP
Application Scenario: Web Browsing
When a device connects to the Internet, it establishes a request to the server via the utilization of the TCP/IP model. It is in this transport layer that ensures that the packets are delivered in a reliable manner, and it’s the application layer that defines the Web protocols.
Encapsulation
In encapsulation, data is wrapped with protocol information at each OSI or TCP/IP model layer. This has made the transmission of data more effective and guaranteed proper formatting against each layer.
Example: Sending an Email
This would involve encapsulation of the data at each layer in sending an email: the formatting of the email at the application layer; at the transport layer, adding TCP headers; at the internet layer, adding IP addresses; and finally, the link layer preparing the data for transmission across the network.
Network Access, Internet, and Transport Layer Protocols
Protocols are necessary to allow devices to communicate. The critical protocols are:
Ethernet: Protocol used within LANs.
IP: Provides addressing and routing.
TCP: Ensures that data are transmitted reliably.
Application: Home Networking
In the standard home network, locally, devices communicate over Ethernet. When any device accesses the internet, IP routes data to and from the ISP, and TCP ensures accurate packet delivery.
Application Layer TCP/IP Protocols
The Application layer will be described by defining a number of protocols which bring to life certain functionalities. The most commonly used protocols include:
- HTTP/HTTPS: For web browsing.
- FTP: For file transfers.
- SMTP: used to send and receive e-mails.
Scenario: E-commerce Website
An e-commerce website serves its customers using the HTTPS protocol so that all transactions made on the site are securely transmitted. An application layer protocol ensures secure transmission of data between the user’s browser and the server once the user places the order.
Transmission Media
The medium through which data travels is called the transmission medium. The most frequent types of media are:
- Wired Media: including coaxial cables and fiber optics.
- Wireless Media: including Wi-Fi and cellular networks.
Example: Corporate Office
Then, at the corporate office, a fiber optic cable can be installed for high-speed internet connectivity and Wi-Fi is also to be provided in order to allow wireless access through mobile devices. In this way, employees will get both speed and flexibility.
LAN Technologies and Protocols
A local area network is intended to connect devices within a small area. Some of the widely used technologies for LAN include Ethernet, Wi-Fi.
Example: University Network
A university would use Ethernet for the wired connections and Wi-Fi for mobile devices. This allows students to access any online resources while on campus with ease.
LAN Physical Network Topologies
Network topology is used to describe the geometric layout of various elements that make up a computer network, such as links, nodes, etc. The most common topologies include:
- Star Topology: All devices are connected to one central host.
- Bus Topology: All devices share one communication line.
- Ring Topology: Each device connects to two others, in a ring.
Example: Office Layout
In an office environment, usually, a star topology is in place because it is easier to manage. If one device goes down, the rest of the network is not affected, so businesses are good to use.
WAN Technologies and Protocols
WANS or Wide Area Networks connect more than one LAN over increased distances. Some of the common technologies used to implement this type of network include MPLS and rented lines.
Example: Global Corporation
A WAN of a multinational corporation connects various country office sites to share resources with effective communication, irrespective of the geographical distances.
Converged Protocols
The converged protocols support the same network carrying different kinds of traffic such as voice, video, and data. It simplifies the management of a network with cost-effectiveness.
Example: VoIP Services
The added benefit of VoIP to an enterprise is that it can make calls over its existing data network. This convergence can reduce the need for separate voice and data networks, thereby streamlining operations.
Micro-Segmentation
Micro-segmentation is a process of segmenting a network into smaller segments that enhances both security and performance. Each segment can have its own security policies, hence reducing risks of lateral movement by any attacker in case of an incident.
Sample: Data Center Security
This will isolate the sensitive application from less critical applications in the data center. In that case, although one segment is compromised, another segment would remain safe.
Wireless Local Area Networks (WLAN)
It connects devices wirelessly in a limited area. WLANs are in wide usage in houses, offices, and public places.
Example: Coffee Shop Wi-Fi
A coffee shop offers its clients free Wi-Fi. It permits its patrons to have their mobile devices connected by simply using the WLAN implemented by the store to enhance customer service experience.
Next Generation Wireless Technologies: ZigBee, Li-Fi, RFID
ZigBee
It is a low-power wireless communication protocol that can be used in applications requiring a small range of coverage, for instance, smart home devices.
Example: Smart Home Automation
With ZigBee, multiple devices in a smart home can communicate with one another to perform tasks automatically-for example, lighting and heating-for convenience and to save energy.
Li-Fi
Li-Fi is a way of wireless communication at high speed using light for the transmission of data.
Example: Museum Exhibit
A museum might use Li-Fi to provide information about exhibits directly to visitors’ smartphones. It reroutes data through light coming from LED lamps.
RFID
Radio Frequency Identification, or RFID, is a technology that uses electromagnetic fields to auto-identify and track tags attached to objects.
Example: Inventory Management
RFID tags utilized by retailers for inventory tracking can enhance the handling of stocks and reduce losses.
Cellular Networks
Cellular networks are wireless communications over wide areas through cell towers.
Example: Mobile Phone Services
Mobile phone service providers offer voice and data services through cellular networks, which help people connect with others and browse the internet as they move.
Satellite Communication
Satellite communication is a technology for sending data over long distances, generally to and from remote places lacking conventional infrastructure.
Example: Accessing the Internet Globally
In rural areas, this form of satellite internet services helps bridge gaps in connectivity where wired options aren’t possible, thus bridging the digital divide.
Conclusion
Knowledge of network architecture and its components is fundamental to any learner undertaking cybersecurity and IT security certification. Understanding concepts and their application in the real world will help the candidate appreciate the complexities of modern networks and the stringent security measures being introduced.