Network Devices
Understand the functions of routers, switches, firewalls, and IDS/IPS in network infrastructure.
Routers
Routers are networking devices that forward data packets between computer networks. They perform the traffic directing functions on the Internet and are essential for connecting different networks together.
Key Functions
- Path determination using routing tables
- Packet forwarding between networks
- Network address translation (NAT)
- Quality of Service (QoS) management
- Connecting LANs to WANs or the Internet
Types of Routers
- Core routers (backbone of the Internet)
- Edge routers (connect to other networks)
- Branch routers (connect remote offices)
- Wireless routers (provide Wi-Fi connectivity)
- Virtual routers (software-based routing)
Switches
Network switches are devices that connect devices together on a computer network by using packet switching to receive and forward data to the destination device. They operate at the data link layer (Layer 2) of the OSI model.
Key Functions
- Frame forwarding based on MAC addresses
- Learning MAC addresses of connected devices
- Preventing collisions in Ethernet networks
- Creating separate collision domains
- Supporting full-duplex communication
Types of Switches
- Unmanaged switches (basic plug-and-play)
- Managed switches (configurable features)
- Smart switches (limited management)
- Layer 3 switches (routing capabilities)
- PoE switches (Power over Ethernet)
Firewalls
A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. Firewalls act as a barrier between secure internal networks and untrusted external networks like the Internet.
Key Functions
- Packet filtering based on rules
- Stateful inspection of connections
- Application-level gateway services
- VPN support for secure remote access
- Intrusion prevention capabilities
Types of Firewalls
- Packet-filtering firewalls (basic filtering)
- Stateful inspection firewalls (track connections)
- Next-generation firewalls (advanced features)
- Proxy firewalls (application-level filtering)
- Cloud-based firewalls (as-a-service)
IDS/IPS Systems
Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are security appliances that monitor network traffic for suspicious activity and known threats. While IDS alerts administrators of potential threats, IPS takes action to block detected threats.
IDS Functions
- Monitoring network traffic for suspicious patterns
- Detecting known attack signatures
- Identifying policy violations
- Generating alerts for security incidents
- Providing forensic data for analysis
IPS Functions
- Actively blocking detected threats
- Dropping malicious packets
- Resetting connections when attacks are detected
- Applying security patches automatically
- Preventing data exfiltration
Device Comparison
The following table compares the key characteristics of routers, switches, firewalls, and IDS/IPS systems:
| Feature | Router | Switch | Firewall | IDS/IPS |
|---|---|---|---|---|
| OSI Layer | Layer 3 (Network) | Layer 2 (Data Link) | Layers 3-7 | Layers 3-7 |
| Primary Function | Connect networks | Connect devices | Filter traffic | Detect/Prevent threats |
| Decision Basis | IP addresses | MAC addresses | Security rules | Threat signatures |
| Security Focus | Low | Low | High | Very High |
| Typical Placement | Network edge | Within networks | Network perimeter | Network perimeter/segments |