Skip to main content


Showing posts from January 8, 2012

1.1.5 Proxies

A proxy server works by intercepting connections between sender and receiver. All incoming data enters through one port and is forwarded to the rest of the network via another port. By blocking direct access between two networks, proxy servers make it much more difficult for hackers to get internal addresses and details of a private network. The proxy is typically situated between the clients and the Internet, and it can be used to forward requests for many types of traffic and data transfers such as web and FTP. An HTTP proxy intercepts web access, and an SMTP proxy intercepts email. This protects the specific addresses of internal clients from being revealed to external servers and allows the proxy server to filter incoming and outgoing requests to prevent attacks and malware from reaching the client systems. A proxy server uses a network addressing scheme to present one organization-wide IP address to the Internet. The server funnels all user requests to the Internet and returns

1.1.4 Load Balancers

A load balancer is a network device that distributes the flow of network traffic between multiple network devices. The goal is to minimize network congestion and bottlenecks. Load balancers can be used to balance traffic to routers, web servers or other network devices either through round-robin techniques or more intelligent methods, e.g. taking into account the number of current connections or response time. It maximizes throughput and ensures the system has the capacity to handle incoming requests and ensure better allocation of resources A load balancer can be implemented as a software or hardware. Under the most common implementation, the load balancer splits the traffic intended for a website into individual requests that are then rotated to redundant servers as they become available (if a server that should be available is busy or down, it is taken out of the rotation). Load balancing allows the service to continue even in the face of server down time due to server failure o

1.1.3 Switches

Switches are multiport devices that improve network efficiency. Using switches improves network efficiency over hubs because of the virtual circuit capability. Switches also improve network security because the virtual circuits are more difficult to examine with network monitors. A switch is a network device used to segment networks into smaller, more manageable sections and relays packets between the segments. Switches can be used for security, load balancing and performance improvements in a network. A switch is able to inspect network packets and determine the source and destination to provide more efficient network flow and prevent network packets from one segment, from passing on to other network segments and causing network collisions. Mastering the hula hoop (picture on right) requires an ability to switch the hips from one side to another in a rhythmic fashion. Now you will not forget what a switch is. Switches map the Ethernet addresses of the nodes residing on each

1.1.2 Routers

A router links computers to the Internet, so users can share the connection. A router acts as a dispatcher, choosing the best path for information to travel so it's received quickly. Switches create a network. Routers connect networks. A router is a network device that connects several networks together and relays data between them. A router is comprised of the following components: network interfaces, routing protocol, routing table, router operating system, routing policy or set of rules. A router is a device that forwards data packets between computer networks. Routers work by providing a path between the networks. A router is connected to two or more data lines from different networks. When a data packet comes in on one of the lines, the router reads the address information in the packet to determine its ultimate destination. Then, using information in its routing table or routing policy, it directs the packet to the next network on its journey. Routers perform traffic

1.1.1 Firewalls

A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass. I.e. it examines each network packet, against a set of rules, to determine whether to forward it toward its destination. Firewalls are one of the first lines of defense in a network; it cannot, however, be considered the only such line. The basic purpose of a firewall is to isolate one network from another. There are different types of firewalls and they can be either stand-alone systems or included in other devices such as routers or servers. You can implement a firewall in either hardware or software form, or a combination of both. Firewalls can be located to monitor traffic between the internal and external networks. It can also be placed between internal networks. In any position, a firewall controls and monitors access between different networks

1.1 Explain the security function and purpose of network devices and technologies

Firewalls  Routers  Switches  Load Balancers  Proxies  Web security gateways  VPN concentrators  NIDS and NIPS (Behavior based, signature based, anomaly based, heuristic)  Protocol analyzers  Sniffers  Spam filter, all-in-one security appliances  Web application firewall vs. network firewall  URL filtering, content inspection, malware inspection 

Security+ SY0-301 Blueprint & Table Of Content

SY0-301 Certification Exam 1.0 Network Security 1.1 Explain the security function and purpose of network devices and technologies . Firewalls . Routers . Switches . Load Balancers . Proxies . Web security gateways . VPN concentrators . NIDS and NIPS (Behavior based, signature based, anomaly based, heuristic) . Protocol analyzers . Sniffers . Spam filter , all-in-one security appliances . Web application firewall vs. network firewall . URL filtering, content inspection, malware inspection 1.2 Apply and implement secure network administration principles . Rule-based management . Firewall rules . VLAN management . Secure router configuration . Access control lists . Port Security . 802.1x . Flood guards . Loop protection . Implicit deny . Prevent network bridging by network separation . Log analysis 1.3 Distinguish and differentiate network design elements and compounds . DMZ . Subnetting . VLAN . NAT . Remote Access . Telephony . NAC . Virtualiz