COMPONENTS AND

DEVICES
PREPARED BY: JOHN PAUL B. VILLARIN
COMMON NETWORK
DEVICES
What is a Network Device?

Components used to
connect computers as well
as other electrical devices
together in order to share
resources such as printers
and fax machines.
ACCESS
POINT
An access point is a device that creates a wireless local area network,
or WLAN, usually in an office or large building. An access point
connects to a wired router, switch, or hub via an Ethernet cable, and
projects a WiFi signal to a designated area.

Wireless access points (APs) are a transmitter and receiver

(transceiver) device used to create a wireless LAN (WLAN).

APs typically are a separate network device with a built-in antenna,

transmitter, and adapter.

APs use the wireless infrastructure network mode to provide a

connection point between WLANs and a wired Ethernet LAN.
Today, the APs might provide many ports that can be used to easily increase
the network’s size. Systems can be added to and removed from the
network with no effect on other systems on the network. Also, many APs
provide firewall capabilities and Dynamic Host Configuration
Protocol (DHCP) service. When they are hooked up, they give client
systems a private IP address and then prevent Internet traffic from
accessing those systems. So, in effect, the AP is a switch, DHCP server,
router, and firewall.

APs come in all different shapes and sizes. Many are cheaper and designed
strictly for home or small office use. Such APs have low-powered antennas
and limited expansion ports. Higher-end APs used for commercial purposes
have high-powered antennas, enabling them to extend how far the wireless
signal can travel.
ANALOG
MODEM
An analog modem, usually just referred to as a modem (short for
modulator/demodulator), is a device that converts the digital signals
generated by a computer into analog signals that can travel over
conventional phone lines.

The modem at the receiving end converts the signal back into a format that
the computer can understand. Modems can be used as a means to
connect to an ISP or as a mechanism for dialing up a LAN.

Modems can be internal add-in expansion cards or integrated with the

motherboard, external devices that connect to a system’s serial or USB
port, or proprietary devices designed for use on other devices, such as
portables and handhelds.
CONTENT
FILTER
A content filter is any software that controls what a user is allowed to
peruse and is most often associated with websites.

Using a content filter, an employer can block access to pornographic

sites to all users, some users, or even just an individual user.

The filter can be applied as software on client machines (known

as client-side filters), on a proxy server on the network (a server-
side filter), at the Internet service provider (ISP), or even within the
search engine itself.

The latter is most commonly used on home machines, and an

example is Content Advisor in Internet Explorer.
FIREWALL
A firewall acts as a filter that monitors access between your operating
system and unwanted traffic or outside sources. In short, firewalls help
protect you from hackers or malware that may try to steal your
personal information.

Firewalls provide protection against outside cyber attackers by shielding

your computer or network from malicious or unnecessary network
traffic.

Firewalls can also prevent malicious software from accessing a computer

or network via the internet.

Firewalls can be configured to block data from certain locations (i.e.,

computer network addresses), applications, or ports while allowing
relevant and necessary data through.
IDS AND IPS
An Intrusion Detection System (IDS) is a passive detection system.
The IDS can detect the presence of an attack and then log that information. It
also can alert an administrator to the potential threat. The administrator then
analyzes the situation and takes corrective measures if needed.
Following are several variations on IDSs:
 Behavior based: A behavior-based system looks for variations in behavior
such as unusually high traffic, policy violations, and so on. By looking for
deviations in behavior, it can recognize potential threats and quickly respond.
 Signature based: A signature-based system, also commonly known as misuse-
detection IDS (MD-IDS), is primarily focused on evaluating attacks based on
attack signatures and audit trails. Attack signatures describe a generally
established method of attacking a system. For example, a TCP flood attack
begins with a large number of incomplete TCP sessions. If the MD-IDS knows
what a TCP flood attack looks like, it can make an appropriate report or
response to thwart the attack. This IDS uses an extensive database to
determine the signature of the traffic.
 Network-based intrusion detection system (NIDS): The NIDS
examines all network traffic to and from network systems. If it is
software, it is installed on servers or other systems that can monitor
inbound traffic. If it is hardware, it may be connected to a hub or switch
to monitor traffic.
 Host-based intrusion detection system (HIDS): HIDS refers to
applications such as spyware or virus applications that are installed on
individual network systems. The HIDS monitors and creates logs on the
local system.
 Protocol-based intrusion detection system (PIDS): The PIDS
monitors and analyzes protocols communicating between network
devices. A PIDS is often installed on a web server and analyzes traffic
HTTP and HTTPS communications.
 Application Protocol-Based Intrusion Detection System
(APIDS): The APIDS monitors application-specific protocols.
An Intrusion Prevention System (IPS) is a network device that
continually scans the network, looking for inappropriate activity. It can
shut down any potential threats. The IPS looks for any known
signatures of common attacks and automatically tries to prevent those
attacks. An IPS is considered a reactive security measure because it
actively monitors and can take steps to correct a potential security
threat.

An intrusion prevention system (IPS) is a network security tool (which can

be a hardware device or software) that continuously monitors a network
for malicious activity and takes action to prevent it, including reporting,
blocking, or dropping it, when it does occur.
Intrusion Detection VS
Intrusion Prevention :
What’s The Difference?
The main difference between an intrusion detection system
(IDS) and an intrusion prevention system (IPS) is that an
IDS is used to monitor a network, which then sends
alerts when suspicious events on a system or network
are detected. An IPS reacts to attacks in progress with
the goal of preventing them from reaching targeted
systems and networks. While IDS and IPS both have the
ability to detect attacks, the main difference is in their
responses to an attack. However, it’s important to note
that both IDS and IPS can implement the same
monitoring and detection methods.
 LOAD
BALANCER
A load balancer acts as the “traffic cop” sitting in front of your
servers and routing client requests across all servers capable of
fulfilling those requests in a manner that maximizes speed and
capacity utilization and ensures that no one server is overworked,
which could degrade performance. If a single server goes down, the
load balancer redirects traffic to the remaining online servers. When
a new server is added to the server group, the load balancer
automatically starts to send requests to it.
In this manner, a load balancer performs the following functions:
 Distributes client requests or network load efficiently across multiple
servers
 Ensures high availability and reliability by sending requests only to
servers that are online
 Provides the flexibility to add or subtract servers as demand
dictates.
PACKETSHAPER
The term traffic shaping describes the mechanisms used to
control bandwidth usage on the network. With this, administrators
can control who uses bandwidth, for what purpose, and what time
of day bandwidth can be used. Traffic shaping establishes priorities
for data traveling to and from the Internet and within the network.

A packetshaper essentially performs two key functions:

monitoring and shaping. Monitoring includes identifying where
usage is high and the time of day. After that information is obtained,
administrators can customize or shape bandwidth usage for the
best needs of the network.
ROUTER
A router is connected to at least two networks, commonly two LANs or
WANs (Wide Area Networks) or a LAN and its ISP.s (Internet
Service Provider.s) network. The router is generally located at
gateways, the places where two or more networks connect. Using
headers and forwarding tables, router determines the best path to
forward the packets. In addition, router uses protocols such as
ICMP (Internet Control Message Protocol) to communicate with
each other and configures the best route between any two hosts. In
a word, router forwards data packets along with networks.

In a common configuration, routers create larger networks by joining

two network segments. A small office/home office (SOHO) router
connects a user to the Internet. A SOHO router typically serves 1 to
10 users on the system.
A router derives its name from the fact that it can route
data it receives from one network to another. When a
router receives a packet of data, it reads the packet’s
header to determine the destination address. After the
router has determined the address, it looks in its routing
table to determine whether it knows how to reach the
destination; if it does, it forwards the packet to the next
hop on the route. The next hop might be the final
destination, or it might be another router.
HUB
Hubs are used in networks that use twisted-pair cabling to connect
devices. Hubs also can be joined to create larger networks.

Hubs receives data packets and passes on all the Information it

receives to all other computers connected to the hub. Information is
also sent to the computer that sent the information!

Hubs are simple devices that direct data packets to all devices
connected to the hub, regardless of whether the data package is
destined for the device. This makes them inefficient devices and
can create a performance bottleneck on busy networks.
Example:

If computer 1 wants to
communicate with
computer 3, the data
will be sent to all the
computers on the
network since hubs
do not know the
destination of the
information it
receives.
In its most basic form, a hub does nothing except provide a pathway
for the electrical signals to travel along. Such a device is called
a passive hub. Far more common nowadays is an active hub,
which, as well as providing a path for the data signals, regenerates
the signal before it forwards it to all the connected devices. In
addition, an active hub can buffer data before forwarding it.
However, a hub does not perform any processing on the data it
forwards, nor does it perform any error checking.

Hubs come in a variety of shapes and sizes. Small hubs with five or
eight connection ports are commonly called workgroup hubs.
Others can accommodate larger numbers of devices (normally up
to 32). These are called high-density devices.
SWITCH
Switches are key building blocks for any network. They connect
multiple devices, such as computers, wireless access points,
printers, and servers; on the same network within a building or
campus. A switch enables connected devices to share information
and talk to each other. Devices connect to switches via twisted-pair
cabling, one cable for each device.

The difference between hubs and switches is in how the devices deal
with the data they receive. Whereas a hub forwards the data it
receives to all the ports on the device, a switch forwards it to only
the port that connects to the destination device. It does this by the
MAC address of the devices attached to it and then by matching the
destination MAC address in the data it receives.
By forwarding data to only the connection that should
receive it, the switch can greatly improve network
performance. By creating a direct path between two
devices and controlling their communication, the switch
can greatly reduce the traffic on the network and
therefore the number of collisions.

Collisions occur on Ethernet networks when two devices

attempt to transmit at exactly the same time. In addition,
the lack of collisions enables switches to communicate
with devices in full-duplex mode.
In a full-duplex configuration, devices can send data to
and receive data from the switch at the same time.
Contrast this with half-duplex communication, in which
communication can occur in only one direction at a
time. Full-duplex transmission speeds are double that
of a standard half-duplex connection. So, a 100Mbps
connection becomes 200Mbps, and a 1000Mbps
connection becomes 2000Mbps, and so on.

The net result of these measures is that switches can

offer significant performance improvements over hub-
based networks, particularly when network use is high.
Irrespective of whether a connection is at full or half duplex, the
method of switching dictates how the switch deals with the data it
receives. The following is a brief explanation of each method:

 Cut-through: In a cut-through switching environment, the packet

begins to be forwarded as soon as it is received. This method is
fast, but it creates the possibility of errors being propagated
through the network, because no error checking occurs.
 Store-and-forward: Unlike cut-through, in a store-and-forward
switching environment, the entire packet is received and error-
checked before being forwarded. The upside of this method is that
errors are not propagated through the network. The downside is
that the error-checking process takes a relatively long time, and
store-and-forward switching is considerably slower as a result.
 Fragment-free: To take advantage of the error checking
of store-and-forward switching, but still offer
performance levels nearing that of cut-through
switching, fragment-free switching can be used. In a
fragment-free switching environment, enough of the
packet is read so that the switch can determine
whether the packet has been involved in a collision. As
soon as the collision status has been determined, the
packet is forwarded.
HUB AND SWITCH
CABLING
The ports on a hub to which computer systems are
attached are called Medium-Dependent Interface
Crossed (MDI-X). The crossed designation is derived
from the fact that two of the wires within the connection
are crossed so that the send signal wire on one device
becomes the receive signal of the other. Because the
ports are crossed internally, a standard or straight-
through cable can be used to connect devices.
Another type of port, called a Medium-Dependent Interface (MDI)
port, is often included on a hub or switch to facilitate the
connection of two switches or hubs. Because the hubs or switches
are designed to see each other as simply an extension of the
network, there is no need for the signal to be crossed. If a hub or
switch does not have an MDI port, hubs or switches can be
connected by using a crossovercable between two MDI-X ports.
The crossover cable uncrosses the internal crossing. Auto MDI-X
ports on more modern network device interfaces can detect
whether the connection would require a crossover, and
automatically chooses the MDI or MDI-X configuration to properly
match the other end of the link.
MULTILAYER SWITCH
 A multilayer switch also referred as a Layer 3 switch,
is a device used in computer networking that combines the
functions of a traditional switch, router, and other network devices.

 It provides an efficient way to connect different networks and

layers of the network architecture. It is an advanced form of a
Layer 3 switch that provides faster data transfer speeds,
increased security, and improved scalability.

 Additionally, it can provide support for multiple protocols such as

IPv4, IPv6, Ethernet, VLANs etc. With its ability to handle traffic
from different networks simultaneously, it can help organizations
reduce their networking costs by eliminating the need for multiple
devices.
CONTENT
SWITCH
A content switch examines the network data it receives,
decides where the content is intended to go, and forwards it.
The content switch can identify the application that data is
targeted for by associating it with a port. For example, if data
uses the Simple Mail Transfer Protocol (SMTP) port, it could
be forwarded to an SMTP server.

Content servers can help with load balancing because they can
distribute requests across servers and target data to only the
servers that need it, or distribute data between application
servers. For example, if multiple mail servers are used, the
content switch can distribute requests between the servers,
thereby sharing the load evenly. This is why the content switch
is sometimes called a load-balancing switch.
A content switch can distribute incoming data to specific
application servers and help distribute the load.

The devices we traditionally call switches work at Layer 2

of the OSI model and simply direct incoming frames to
the appropriate exit port based on their
destination MAC address. Content switches, however,
also inspect the contents of the data packet all the way
from Layer 4 right up to Layer 7 and can be configured
to do all sorts of clever things depending on what they
find.
 THE END.
THANK YOU FOR LISTENING!