<a href="https://colab.research.google.com/github/brendanpshea/intro_to_networks/blob/main/Networks_02a_Infrastructure.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

# Networking Fundamentals: An Introduction to Modern Network Infrastructure
#### Brendan Shea, PhD

Imagine trying to hand-deliver messages to everyone you want to communicate with, or walking to a library every time you need information. Computer networks solve these problems by connecting devices together, letting them share information and resources. When you send a text, stream a movie, or print a document to a printer down the hall, you're using a network.

### What Makes Up a Network?

A **computer network** is like a city's infrastructure. Just as a city has roads, traffic lights, and delivery services, a network has cables, devices that direct traffic, and services that deliver data. Here's what's involved:

1. Basic Components
   - **Nodes**: Any device on the network (computers, phones, printers)
   - **Links**: Connections between nodes (cables or wireless)
   - **Network Devices**: Special equipment that helps everything work together

2. Key Players in Networks
   - Your devices (like your laptop) request and receive data
   - Network equipment carries and directs the data
   - Servers store and provide information and services

### Network Infrastructure Components

Think of network infrastructure like the pieces that make up a postal system. Here's what we'll explore in this book:

1. Traffic Directors
   - **Routers** are like post offices, directing data between networks
   - **Switches** are like mail sorters, connecting devices in the same area
   - **Load Balancers** are like having multiple clerks to handle busy times

2. Security Guards
   - **Firewalls** are like security checkpoints, controlling what gets in and out
   - **Intrusion Detection Systems** are like security cameras watching for suspicious activity
   - **Intrusion Prevention Systems** are like security guards who can stop threats

3. Information Managers
   - **Proxy Servers** are like personal assistants handling requests
   - **Storage Systems** (NAS/SAN) are like filing cabinets for data
   - **Content Delivery Networks** are like having local stores instead of one central warehouse

4. Wireless Systems
   - **Access Points** are like cell towers for your local network
   - **Controllers** are like control towers managing multiple access points

5. Special Services
   - **Virtual Private Networks** create secure tunnels through public networks
   - **Quality of Service** ensures important traffic gets through first
   - **Time to Live** controls how long data survives in the network

### How Networks Work Together

Here's a typical day in the life of a network:

1. Morning
   - Employee logs in through VPN from home
   - Firewall checks their credentials
   - They access files on the storage system

2. Midday
   - Teams hold video conferences
   - QoS ensures calls stay clear
   - CDN delivers training videos efficiently

3. Afternoon
   - Wireless users roam the building
   - Load balancers handle busy periods
   - Proxy servers cache frequent requests

### Why Understanding Networks Matters

Networks affect daily life in many ways:

1. Personal Use
   - Streaming your favorite shows
   - Gaming with friends online
   - Sharing photos with family

2. Business Use
   - Working from home
   - Collaborating with teams
   - Serving customers

3. Future Trends
   - More connected devices
   - Faster wireless networks
   - Cloud-based services

In the following sections, we'll explore each part of the network in detail. You'll learn:
- How each component works
- Why it's needed
- How it connects with other parts
- Common problems and solutions

Whether you're watching Netflix, sending emails, or playing online games, understanding networks helps you make sense of the technology that connects our world. Let's dive into each piece of this fascinating system.

## Hardware vs Software: Understanding Physical and Virtual Network Appliances

Modern networks rely on various specialized devices to handle specific tasks. These **network appliances** traditionally existed as physical hardware but now often appear in virtual form as software running on standard servers. Understanding the difference between physical and virtual appliances helps network administrators make informed decisions about infrastructure design.

A **physical appliance** is a dedicated hardware device built for a specific networking purpose. These devices contain specialized processors, memory, and often custom circuits designed to perform their tasks efficiently. When you can reach out and touch a router or pick up a network switch, you're working with a physical appliance.

Physical appliances offer these advantages.

1. Dedicated Hardware Performance
   - Purpose-built processors and circuits
   - Optimized for specific networking tasks
   - Reliable under high loads

2. Physical Network Control
   - Direct connection to network cables
   - Hardware-level security features
   - Easy physical access for maintenance

3. Independence from Other Systems
   - Stand-alone operation
   - No reliance on host servers
   - Separate power and cooling systems

A **virtual appliance** is a software application that provides the same functionality as its physical counterpart. These programs run on standard servers and can be deployed, moved, or modified without touching any hardware. Virtual appliances have transformed how we build and manage networks.

Virtual appliances provide these benefits.

1. Flexibility and Scalability
   - Quick deployment of new instances
   - Easy adjustment of resources
   - Rapid recovery from failures

2. Cost Effectiveness
   - Lower hardware expenses
   - Reduced power consumption
   - Shared physical infrastructure

3. Management Advantages
   - Remote configuration
   - Automated updates
   - Simplified backup and recovery

Both types of appliances perform essential network functions.

1. Data Movement
   - **Routers** direct traffic between different networks
   - **Switches** connect devices within the same network
   - **Load Balancers** distribute traffic across multiple servers

2. Security
   - **Firewalls** control access to and from networks
   - **Intrusion Detection Systems** monitor for suspicious activity
   - **Intrusion Prevention Systems** actively block threats

3. Storage
   - **Network-Attached Storage** provides file-level data storage
   - **Storage Area Networks** offer block-level storage access
   - **Proxy Servers** cache and control access to resources

The choice between physical and virtual appliances depends on several factors.

1. Performance Requirements
   - Processing speed needs
   - Network throughput demands
   - Real-time operation needs

2. Infrastructure Constraints
   - Available rack space
   - Power and cooling capacity
   - Network connectivity options

3. Business Considerations
   - Budget limitations
   - Staff expertise
   - Growth projections

Modern networks often employ a hybrid approach, using physical appliances for critical high-performance needs and virtual appliances for flexibility and cost savings. This combination allows organizations to leverage the strengths of both technologies while minimizing their weaknesses.

## Network Traffic Control: Routers, Switches, and Load Balancers

Network traffic control devices form the core infrastructure of modern networks. These devices work together at different **network layers** to ensure data reaches its intended destination efficiently and reliably. You might have heard about the OSI model's seven layers - in this section, we'll focus mainly on Layer 2 (Data Link) where **MAC addresses** are used, and Layer 3 (Network) where **IP addresses** are used. Understanding how each device manages network traffic helps explain why all are necessary for a well-functioning network.

A **router** serves as a traffic director between different networks. Operating at Layer 3 of the network, routers use **IP addresses** (like 192.168.1.1) to determine where data should go. Think of IP addresses like street addresses - when data needs to travel from one network to another, the router reads the destination IP address and determines the best path for that data to take. Modern routers perform several important functions.

1. Path Selection
   - Finding the optimal route for data packets
   - Avoiding congested network segments
   - Routing around failed connections

2. Network Separation
   - Maintaining boundaries between networks
   - Creating subnetworks for better organization
   - Managing different IP address ranges

3. Traffic Management
   - Prioritizing important data
   - Filtering unwanted traffic
   - Converting between network protocols

A **network switch** connects devices within the same local network. Operating at Layer 2, switches use **MAC addresses** (like 00:1A:2B:3C:4D:5E) to identify devices. Think of a MAC address as a device's unique serial number - no two devices should have the same MAC address. Unlike older network hubs that simply broadcast all data to every connected device, switches are intelligent devices that learn which MAC address connects to each port.

Switches handle data in several ways.

1. Device Connection
   - Linking computers, printers, and servers
   - Managing multiple simultaneous connections
   - Operating at full network speed

2. Traffic Direction
   - Sending data only to intended recipients
   - Learning device locations automatically
   - Preventing unnecessary traffic

3. Network Enhancement
   - Supporting virtual networks
   - Monitoring connection quality
   - Providing power to connected devices

A **load balancer** helps distribute work across multiple servers or network paths. These devices ensure no single server becomes overwhelmed while others sit idle. Load balancers use various methods to accomplish their tasks.

1. Traffic Distribution
   - Spreading requests across servers
   - Monitoring server health
   - Redirecting traffic from failed servers

2. Performance Optimization
   - Choosing fastest available servers
   - Reducing response times
   - Managing server capacity

3. Reliability Improvement
   - Providing failover capability
   - Maintaining session persistence
   - Enabling server maintenance without downtime

These devices work together across different network layers in a typical configuration. Understanding which layer each device operates at helps explain how they work together. For example, when you visit a website.

1. External Communication
   - Your computer's network card provides its MAC address to the switch (Layer 2)
   - The switch passes your request to the router (Layer 2 to Layer 3)
   - The router uses IP addresses to send your request to the internet (Layer 3)
   - The load balancer receives the returning data and picks the best server to handle it

2. Internal Communication
   - Switches handle device-to-device traffic
   - Router manages subnetwork communication
   - Load balancer monitors internal server health

3. Performance Management
   - Router optimizes external paths
   - Switch maximizes internal speed
   - Load balancer ensures resource availability

Network administrators must consider several factors when deploying these devices.

1. Network Requirements
   - Expected traffic volume
   - Number of connected devices
   - Geographic distribution

2. Performance Needs
   - Required response times
   - Bandwidth demands
   - Reliability expectations

3. Growth Planning
   - Future expansion needs
   - Technology upgrades
   - Capacity increases

Understanding how routers, switches, and load balancers work together helps network administrators design and maintain efficient networks. Each device plays a crucial role in moving data from source to destination while maintaining network performance and reliability.

##  Security First: Firewalls, IDS/IPS, and Network Protection

Network security works like the security system of a building. Just as a building needs different security measures working together - locks on doors, security cameras, and alarm systems - networks need multiple layers of protection. Let's explore the main security devices that protect modern networks.

A **firewall** acts as a security guard for your network. Much like a guard checking IDs at a building entrance, a firewall examines network traffic and decides what to allow or block. Modern firewalls work at multiple network layers to provide different types of protection. Here's a simple example of firewall rules:

| Source IP     | Destination IP | Port | Action | Purpose                    |
|--------------|----------------|------|--------|----------------------------|
| Any          | 192.168.1.10   | 80   | Allow  | Web server access         |
| 192.168.1.0  | Any           | 443  | Allow  | Secure web browsing       |
| 10.0.0.5     | 192.168.1.20  | 3389 | Allow  | Remote desktop access     |
| Any          | Any           | 25   | Block  | Block external email      |

These rules show how a firewall makes decisions. For example, it might allow web traffic (port 80) to your web server while blocking potentially dangerous email traffic (port 25) from unknown sources.

Firewalls use several methods to protect networks.

1. Traffic Filtering
   - Checking source and destination addresses
   - Blocking unauthorized connection attempts
   - Controlling which programs can access the network

2. Access Control
   - Managing which devices can communicate
   - Restricting access to sensitive resources
   - Creating separate security zones

3. Traffic Monitoring
   - Logging connection attempts
   - Tracking suspicious activity
   - Alerting administrators to problems

An **Intrusion Detection System (IDS)** works like a security camera system. It watches network traffic and looks for suspicious activity. When it spots something concerning, it alerts network administrators. For example, an IDS might detect these patterns:

1. Repeated failed login attempts from the same source
2. Unusual data transfers during off-hours
3. Known malware signatures in network traffic
4. Port scanning activity from inside the network
5. Unexpected protocol usage or packet structures

Think of an IDS like a motion sensor that triggers an alert but doesn't stop the intruder.

IDS systems monitor networks in several ways.

1. Pattern Recognition
   - Looking for known attack signatures
   - Identifying unusual traffic patterns
   - Detecting policy violations

2. Network Analysis
   - Monitoring data flows
   - Checking protocol usage
   - Examining packet contents

3. Response Actions
   - Generating alerts
   - Creating activity logs
   - Notifying administrators

An **Intrusion Prevention System (IPS)** takes security a step further. While an IDS just watches and reports, an IPS actively blocks threats - like a security guard who not only spots trouble but also steps in to stop it. Here's how IDS and IPS compare:

| Aspect        | IDS                          | IPS                           |
|--------------|------------------------------|-------------------------------|
| Position     | Copy of traffic              | In-line with traffic         |
| Action       | Detects and alerts           | Detects and prevents         |
| Response     | Passive (after the fact)     | Active (real-time)          |
| Impact       | No network slowdown          | May affect network speed     |
| Risk Level   | No risk of blocking valid traffic | May block valid traffic |

For example, if someone attempts a password-guessing attack, an IDS would simply report it, while an IPS would automatically block that IP address after a certain number of attempts.

IPS systems protect networks through these actions.

1. Active Defense
   - Blocking malicious connections
   - Dropping suspicious packets
   - Resetting compromised connections

2. Threat Prevention
   - Stopping attacks in progress
   - Preventing malware spread
   - Blocking unauthorized access

3. System Protection
   - Shielding vulnerable systems
   - Protecting sensitive data
   - Preventing service disruption

These security devices work together to create multiple layers of protection.

1. Outer Defense
   - Firewall screens all incoming traffic
   - IDS monitors for suspicious activity
   - IPS blocks identified threats

2. Internal Security
   - Firewall separates network segments
   - IDS watches internal traffic
   - IPS protects critical systems

3. Ongoing Protection
   - Continuous traffic monitoring
   - Regular security updates
   - Threat pattern updates

Network administrators must consider several factors when implementing security.

1. Security Needs
   - Types of threats to defend against
   - Sensitive resources to protect
   - Regulatory requirements

2. Performance Impact
   - Traffic inspection overhead
   - Response time effects
   - System resource usage

3. Management Requirements
   - Configuration complexity
   - Monitoring needs
   - Update procedures

Understanding how firewalls, IDS, and IPS work together helps create strong network security. Like a well-designed building security system, each component plays a vital role in protecting network resources from threats.

#### Graphic: Routers, Switches, and Firewall

In [None]:
# @title
## @title
%%html
<!DOCTYPE html>
<html>
<head>
  <meta charset="UTF-8">
  <title>Network Traffic Visualization</title>
  <style>
    body {
      font-family: Arial, sans-serif;
      margin: 20px;
    }
    #network-container {
      position: relative;
      width: 800px;
      height: 350px; /* Increased height for more space */
      margin: 0 auto;
      border: 1px solid #ccc;
      box-sizing: border-box;
      padding-bottom: 50px; /* Additional padding to prevent cutoff */
    }
    #connection-lines {
      position: absolute;
      top: 0;
      left: 0;
      width: 800px;
      height: 350px;
      pointer-events: none;
      z-index: 0;
    }
    .device {
      position: absolute;
      font-size: 2rem;
      text-align: center;
      width: 3rem;
      line-height: 3rem;
      transition: transform 0.3s, background-color 0.3s;
      z-index: 1;
    }
    .label {
      display: block;
      font-size: 0.8rem;
      margin-top: -4px;
      text-align: center;
    }
    /* Device Positions */
    #lan1-z1 { top: 50px; left: 80px; }
    #lan1-z2 { top: 50px; left: 180px; }
    #switch1 { top: 180px; left: 130px; font-size: 1.8rem; }
    #firewall { top: 160px; left: 300px; font-size: 2.5rem; }
    #router { top: 160px; left: 420px; }
    #switch2 { top: 180px; left: 560px; font-size: 1.8rem; }
    #lan2-v1 { top: 50px; left: 510px; }
    #lan2-v2 { top: 50px; left: 610px; }

    /* Highlight Style */
    .highlight {
      transform: scale(1.3);
      background-color: yellow;
      border-radius: 50%;
      padding: 5px;
    }

    /* Explanation Box */
    #explanation {
      width: 800px;
      margin: 20px auto;
      min-height: 150px; /* Increased height for more content */
      font-size: 1rem;
      border: 1px solid #ccc;
      padding: 10px;
      white-space: pre-line;
      background-color: #f9f9f9;
      box-sizing: border-box;
      overflow-y: auto; /* Added scroll for extensive content */
    }

    /* Controls */
    #controls {
      text-align: center;
      margin-top: 10px;
      padding-bottom: 20px; /* Added padding to ensure visibility */
    }
    #controls label {
      margin-right: 10px;
    }
    #controls select {
      margin-right: 20px;
      padding: 5px;
    }
    #controls button {
      padding: 5px 10px;
      margin-right: 10px;
      font-size: 1rem;
    }

    /* Code Blocks */
    pre {
      background: #eaeaea;
      padding: 10px;
      margin: 10px 0;
      border-radius: 4px;
      font-family: monospace;
      overflow-x: auto;
    }
  </style>
</head>
<body>

<div id="network-container">
  <svg id="connection-lines">
    <!-- LAN1 lines -->
    <line x1="100" y1="80" x2="140" y2="180" stroke="gray" stroke-width="2"/>
    <line x1="200" y1="80" x2="150" y2="180" stroke="gray" stroke-width="2"/>
    <!-- Switch1 -> Firewall -->
    <line x1="160" y1="180" x2="320" y2="170" stroke="gray" stroke-width="2"/>
    <!-- Firewall -> Router -->
    <line x1="340" y1="160" x2="420" y2="160" stroke="gray" stroke-width="2"/>
    <!-- Router -> Switch2 -->
    <line x1="445" y1="160" x2="580" y2="180" stroke="gray" stroke-width="2"/>
    <!-- LAN2 lines -->
    <line x1="530" y1="80" x2="570" y2="180" stroke="gray" stroke-width="2"/>
    <line x1="630" y1="80" x2="580" y2="180" stroke="gray" stroke-width="2"/>
  </svg>

  <!-- Devices -->
  <div class="device" id="lan1-z1">
    🧟
    <span class="label">Z1</span>
  </div>
  <div class="device" id="lan1-z2">
    🧟
    <span class="label">Z2</span>
  </div>
  <div class="device" id="switch1">
    🖧
    <span class="label">Switch 1</span>
  </div>
  <div class="device" id="firewall">
    🔥
    <span class="label">Firewall</span>
  </div>
  <div class="device" id="router">
    🌐
    <span class="label">Router</span>
  </div>
  <div class="device" id="switch2">
    🖧
    <span class="label">Switch 2</span>
  </div>
  <div class="device" id="lan2-v1">
    🧛
    <span class="label">V1</span>
  </div>
  <div class="device" id="lan2-v2">
    🧛
    <span class="label">V2</span>
  </div>
</div>

<div id="explanation">
  You are **Zombie Z1**. Select a destination, then click "Start."
</div>

<div id="controls">
  <label for="destination">Destination:</label>
  <select id="destination">
    <option value="z2">Z2 (LAN1)</option>
    <option value="v1">V1 (LAN2)</option>
    <option value="v2">V2 (LAN2)</option>
  </select>
  <button onclick="startScenario()">Start</button>
  <button onclick="nextStep()">Next Step</button>
</div>

<script>
  /*
    Devices:
      Z1: MAC=00:AA:BB:CC:DD:01, IP=192.168.10.101 (User)
      Z2: MAC=00:AA:BB:CC:DD:02, IP=192.168.10.102
      V1: MAC=00:AA:BB:CC:DD:11, IP=192.168.20.201
      V2: MAC=00:AA:BB:CC:DD:12, IP=192.168.20.202

    Scenarios:
      - Internal: Z1 -> Z2
      - External: Z1 -> V1 or V1 -> V2
  */

  let steps = [];
  let currentStep = 0;

  // Internal scenario: Z1 -> Z2
  const internalScenario = [
    {
      highlights: ["lan1-z1"],
      text:
        "<strong>Step 1: Packet Creation</strong><br><br>" +
        "You (Z1) initiate the transmission of data to Z2 within the same Local Area Network (LAN1).<br>" +
        "The packet is encapsulated with your device's source IP address <strong>192.168.10.101</strong> and the destination IP address <strong>192.168.10.102</strong>."
    },
    {
      highlights: ["switch1"],
      text:
        "<strong>Step 2: Switch Processing</strong><br><br>" +
        "The packet arrives at Switch 1. The switch consults its <strong>MAC Table</strong> to determine where to forward the packet.<br><br>" +
        "<strong>Switch 1 MAC Table:</strong><br>" +
        "<pre>Port1: Z1 (00:AA:BB:CC:DD:01)\nPort2: Z2 (00:AA:BB:CC:DD:02)</pre>" +
        "Since the destination MAC address <strong>00:AA:BB:CC:DD:02</strong> corresponds to Z2 on Port2, the switch knows to forward the packet directly to Z2."
    },
    {
      highlights: ["lan1-z2"],
      text:
        "<strong>Step 3: Packet Delivery</strong><br><br>" +
        "Switch 1 forwards the packet directly to Z2. Because both Z1 and Z2 are on the same LAN, the packet does not need to pass through the Firewall or Router.<br>" +
        "The packet is successfully delivered to Z2, completing the internal transmission."
    }
  ];

  // External scenario: Z1 -> V1
  const externalScenarioV1 = [
    {
      highlights: ["lan1-z1"],
      text:
        "<strong>Step 1: Packet Creation</strong><br><br>" +
        "You (Z1) decide to send data to V1 located in a different Local Area Network (LAN2).<br>" +
        "The packet is prepared with your source IP address <strong>192.168.10.101</strong> and V1's destination IP address <strong>192.168.20.201</strong>."
    },
    {
      highlights: ["switch1"],
      text:
        "<strong>Step 2: Switch Processing</strong><br><br>" +
        "Switch 1 receives the packet and checks its <strong>MAC Table</strong>.<br><br>" +
        "<strong>Switch 1 MAC Table:</strong><br>" +
        "<pre>Port1: Z1 (00:AA:BB:CC:DD:01)\nPort3: Firewall (00:AA:BB:CC:DD:FF)</pre>" +
        "Since V1 is on a different LAN, the switch forwards the packet to the Firewall connected via Port3."
    },
    {
      highlights: ["firewall"],
      text:
        "<strong>Step 3: Firewall Inspection</strong><br><br>" +
        "The packet reaches the Firewall, which inspects it based on predefined <strong>Firewall Rules</strong> to ensure security.<br><br>" +
        "<strong>Firewall Rules:</strong><br>" +
        "<pre>ALLOW 192.168.10.0/24 -> 192.168.20.0/24\nDENY all other traffic</pre>" +
        "The packet matches an <strong>ALLOW</strong> rule, permitting it to pass through the Firewall."
    },
    {
      highlights: ["router"],
      text:
        "<strong>Step 4: Router Processing</strong><br><br>" +
        "After passing the Firewall, the packet is sent to the Router. The Router examines its <strong>Routing Table</strong> to determine the appropriate path for the packet.<br><br>" +
        "<strong>Router Routing Table:</strong><br>" +
        "<pre>192.168.10.0/24 -> LAN1 Interface\n192.168.20.0/24 -> LAN2 Interface</pre>" +
        "Based on the destination IP address <strong>192.168.20.201</strong>, the Router forwards the packet toward LAN2."
    },
    {
      highlights: ["switch2"],
      text:
        "<strong>Step 5: Switch2 Processing</strong><br><br>" +
        "Upon entering LAN2, Switch 2 receives the packet and consults its <strong>MAC Table</strong> to identify the correct port for V1.<br><br>" +
        "<strong>Switch 2 MAC Table:</strong><br>" +
        "<pre>Port1: V1 (00:AA:BB:CC:DD:11)\nPort2: V2 (00:AA:BB:CC:DD:12)</pre>" +
        "The switch recognizes V1's MAC address and forwards the packet accordingly."
    },
    {
      highlights: ["lan2-v1"],
      text:
        "<strong>Step 6: Packet Delivery</strong><br><br>" +
        "V1 successfully receives the packet from LAN1. The external data transfer is now complete."
    }
  ];

  // External scenario: Z1 -> V2
  const externalScenarioV2 = [
    {
      highlights: ["lan1-z1"],
      text:
        "<strong>Step 1: Packet Creation</strong><br><br>" +
        "You (Z1) decide to send data to V2 located in a different Local Area Network (LAN2).<br>" +
        "The packet is prepared with your source IP address <strong>192.168.10.101</strong> and V2's destination IP address <strong>192.168.20.202</strong>."
    },
    {
      highlights: ["switch1"],
      text:
        "<strong>Step 2: Switch Processing</strong><br><br>" +
        "Switch 1 receives the packet and checks its <strong>MAC Table</strong>.<br><br>" +
        "<strong>Switch 1 MAC Table:</strong><br>" +
        "<pre>Port1: Z1 (00:AA:BB:CC:DD:01)\nPort3: Firewall (00:AA:BB:CC:DD:FF)</pre>" +
        "Since V2 is on a different LAN, the switch forwards the packet to the Firewall connected via Port3."
    },
    {
      highlights: ["firewall"],
      text:
        "<strong>Step 3: Firewall Inspection</strong><br><br>" +
        "The packet reaches the Firewall, which inspects it based on predefined <strong>Firewall Rules</strong> to ensure security.<br><br>" +
        "<strong>Firewall Rules:</strong><br>" +
        "<pre>ALLOW 192.168.10.0/24 -> 192.168.20.0/24\nDENY all other traffic</pre>" +
        "The packet matches an <strong>ALLOW</strong> rule, permitting it to pass through the Firewall."
    },
    {
      highlights: ["router"],
      text:
        "<strong>Step 4: Router Processing</strong><br><br>" +
        "After passing the Firewall, the packet is sent to the Router. The Router examines its <strong>Routing Table</strong> to determine the appropriate path for the packet.<br><br>" +
        "<strong>Router Routing Table:</strong><br>" +
        "<pre>192.168.10.0/24 -> LAN1 Interface\n192.168.20.0/24 -> LAN2 Interface</pre>" +
        "Based on the destination IP address <strong>192.168.20.202</strong>, the Router forwards the packet toward LAN2."
    },
    {
      highlights: ["switch2"],
      text:
        "<strong>Step 5: Switch2 Processing</strong><br><br>" +
        "Upon entering LAN2, Switch 2 receives the packet and consults its <strong>MAC Table</strong> to identify the correct port for V2.<br><br>" +
        "<strong>Switch 2 MAC Table:</strong><br>" +
        "<pre>Port1: V1 (00:AA:BB:CC:DD:11)\nPort2: V2 (00:AA:BB:CC:DD:12)</pre>" +
        "The switch recognizes V2's MAC address and forwards the packet accordingly."
    },
    {
      highlights: ["lan2-v2"],
      text:
        "<strong>Step 6: Packet Delivery</strong><br><br>" +
        "V2 successfully receives the packet from LAN1. The external data transfer is now complete."
    }
  ];

  function clearHighlights() {
    document.querySelectorAll('.device').forEach(el => {
      el.classList.remove('highlight');
    });
  }

  function startScenario() {
    const dest = document.getElementById("destination").value;
    if (dest === "z2") {
      steps = internalScenario;
    } else if (dest === "v1") {
      steps = externalScenarioV1;
    } else {
      steps = externalScenarioV2;
    }
    currentStep = 0;
    clearHighlights();
    document.getElementById('explanation').innerHTML = "Click 'Next Step' to begin.";
  }

  function nextStep() {
    if (!steps.length) {
      document.getElementById('explanation').innerHTML =
        "Please select a destination and click 'Start.'";
      return;
    }
    clearHighlights();
    if (currentStep < steps.length) {
      const step = steps[currentStep];
      step.highlights.forEach(id => {
        const element = document.getElementById(id);
        if (element) {
          element.classList.add('highlight');
        }
      });
      document.getElementById('explanation').innerHTML = step.text;
      currentStep++;
    } else {
      document.getElementById('explanation').innerHTML =
        "Scenario completed. Select a new destination or restart.";
      currentStep = steps.length; // Prevent further steps
    }
  }
</script>

</body>
</html>


## Section 5: Proxy Servers: Managing and Controlling Network Access

When you type a website address into your browser, your computer typically makes a direct connection to that site. But in many organizations, there's something in the middle: a **proxy server**. Like a personal assistant handling your mail, a proxy server receives your requests, makes those requests on your behalf, and then delivers the responses back to you. This simple idea - being an intermediary - makes proxy servers powerful tools for security, performance, and control.

Let's look at the three main types of proxy servers through real-world examples.

1. Forward Proxy
   Think of this like a personal shopper. You give them your shopping list, and they go to the stores for you. The stores only see the shopper, not you.
   - Your computer asks the proxy to get www.example.com
   - The proxy makes the request using its own address
   - The website sees the proxy's address, not yours
   - Common in schools and businesses for controlling internet access

2. Reverse Proxy
   This works more like a receptionist. Visitors don't get your direct office number; they talk to the receptionist who then connects them to you.
   - External users try to reach your company's web server
   - They connect to the proxy instead
   - The proxy forwards valid requests to the actual server
   - Commonly used by websites to protect their servers

3. Transparent Proxy
   Imagine an automatic door that opens for you - you might not even know it's there, but it's controlling your path.
   - Users don't know they're using a proxy
   - No configuration needed on user devices
   - Often used for content filtering
   - Common in public WiFi hotspots

Here's what happens when you try to visit a website through each type of proxy.

| Step | Forward Proxy | Reverse Proxy | Transparent Proxy |
|------|--------------|---------------|-------------------|
| 1. Request | You → Proxy | You → What you think is the server | You → Internet |
| 2. Processing | Proxy checks if allowed | Proxy receives request | Proxy intercepts automatically |
| 3. Forwarding | Proxy → Website | Proxy → Real server | Proxy → Website |
| 4. Response | Website → Proxy → You | Server → Proxy → You | Website → Proxy → You |

Proxy servers can do many useful things with this middle position.

1. Content Filtering
   - A school blocks social media during class hours
   - A business prevents access to malicious websites
   - A library filters inappropriate content
   Example rule: "Block all sites categorized as 'Gaming' from 9AM to 5PM"

2. Performance Improvements
   - Saving a copy of frequently visited websites
   - Compressing images to save bandwidth
   - Distributing loads across multiple servers
   Example: When 100 users request the same video, download it once and share the local copy

3. Security Protection
   - Hiding internal network addresses
   - Scanning downloads for viruses
   - Recording who accesses what
   Example log entry:
   ```
   Time: 09:15:22
   User: jsmith
   Request: www.example.com
   Action: Allowed
   Bandwidth: 1.2MB
   ```

Here's a simple example of how proxy settings work in practice.

| What | Without Proxy | With Forward Proxy |
|------|--------------|-------------------|
| School Student | Direct: "I want Facebook" | Student → Proxy: "I want Facebook"<br>Proxy: "Not during class hours" |
| Remote Worker | Direct: "I need company files" | Worker → Proxy: "I need company files"<br>Proxy: "Let me verify your identity first" |
| Website Access | Your IP: Visible to site | Proxy IP: Site only sees proxy |

Network administrators need to balance several factors when setting up proxies.

1. Speed vs Security
   - More checking = More delay
   - Example: Virus scanning adds 1-2 seconds per download
   - Solution: Cache popular content locally

2. Access vs Control
   - Too strict = Frustrated users
   - Too loose = Security risks
   - Example: Allow YouTube but limit video quality

3. Visibility vs Privacy
   - Monitor for security
   - Respect user privacy
   - Example: Log access attempts but not specific content

Understanding proxy servers helps explain why your school can block games, your work can monitor internet usage, and websites can handle millions of visitors. Whether you notice them or not, proxies play a crucial role in making modern networks more secure and efficient.

## Storage Solutions: Understanding NAS and SAN

Imagine you're organizing a library. You could put books on individual desks (like storing files on personal computers), but that makes sharing difficult. Instead, you might create a central library (network storage) where everyone can access the books. In computer networks, we have two main ways to create this "digital library": **Network-Attached Storage (NAS)** and **Storage Area Network (SAN)**.

### Network-Attached Storage (NAS)

Think of a NAS like a filing cabinet that everyone in the office can access over the network. Just as multiple people can get documents from the same filing cabinet, multiple computers can access files on a NAS simultaneously.

Here's what happens when you use a NAS:

1. You want to open a document
   - Click on "Company Files" on your computer
   - Your computer asks the NAS for the file
   - The NAS sends the file back to you
   - Just like walking to the filing cabinet and taking out a folder

A typical home or small business NAS might be configured like this:

| Folder | Who Can Access | What They Can Do | Example Use |
|--------|---------------|------------------|-------------|
| Family Photos | Everyone | View only | Holiday pictures |
| Home Videos | Parents | Full access | Vacation recordings |
| Documents | Each user | Own folder access | Personal files |
| Media | Everyone | Read & Play | Movies and music |

NAS devices serve different purposes.

1. File Sharing
   - The marketing team stores and shares large design files
   - The family keeps all photos in one place
   - Teachers share worksheets with students
   Example: "Everyone on the team can access and edit ProjectX files"

2. Backup Storage
   - Computers automatically back up every night
   - Users store important files in a safe place
   - Photos and videos get archived
   Example backup schedule:
   ```
   Daily: Changed files only
   Weekly: All user files
   Monthly: Entire system
   ```

3. Media Streaming
   - Family members watch movies from any device
   - Office plays background music
   - Security cameras store recordings
   Example: "Watch your movie from the living room TV, bedroom tablet, or phone"

### Storage Area Network (SAN)

While a NAS is like a filing cabinet, a SAN is more like having an external hard drive that feels like it's inside your computer - but this drive can be accessed by multiple computers at extremely high speeds. SANs are typically used in larger organizations where performance is crucial.

Here's how a SAN works:

1. Your database server needs to store data
   - The SAN appears as a local drive (like your C: drive)
   - But it's actually stored on the SAN
   - Multiple servers can access it simultaneously
   - Much faster than a NAS

Here's a comparison of real-world usage:

| Task | Using NAS | Using SAN |
|------|-----------|-----------|
| Opening large file | Like walking to filing cabinet | Like reaching into your desk drawer |
| Database operation | Could be slow and unreliable | Fast and dependable |
| Sharing wedding photos | Perfect! | Overkill |
| Running company email | Might struggle | Ideal solution |

When would you use each one?

1. Choose NAS when
   - Sharing files among users
   - Setting up a home media server
   - Creating backup storage
   Example: "Our design team needs to share large Photoshop files"

2. Choose SAN when
   - Running databases
   - Hosting email servers
   - Supporting virtual machines
   Example: "Our customer database needs fast, reliable storage"

Here's a practical example of how they're different:

| Feature | NAS Example | SAN Example |
|---------|-------------|-------------|
| Access | "Open the Q4 Report file" | "Write this customer record" |
| Speed | Good for files | Lightning fast for data |
| Cost | $200-$2000 | $10,000+ |
| Setup | Like setting up a WiFi router | Like building a mini data center |
| Typical User | Small business or home | Large corporation |

Common scenarios show the difference:

1. Small Business
   - Uses NAS for:
     * Sharing documents
     * Backing up computers
     * Storing company files
   - "Everyone can access the price lists and they're always up to date"

2. Large Corporation
   - Uses SAN for:
     * Running email servers
     * Managing databases
     * Supporting hundreds of virtual machines
   - "Our inventory system updates instantly across all stores"

Understanding NAS and SAN helps you choose the right storage for your needs. Whether you're sharing family photos (NAS) or running a busy corporate database (SAN), each technology has its perfect use case.

### Graphic: Network Appliance Topology

In [None]:
# @title
## @title

import base64
from IPython.display import Image, display
import matplotlib.pyplot as plt

def mm(graph, width=800, height=600):  ## Add default dimensions
    graphbytes = graph.encode("utf8")
    base64_bytes = base64.urlsafe_b64encode(graphbytes)
    base64_string = base64_bytes.decode("ascii")
    ## Add width and height parameters to the URL
    url = f"https://mermaid.ink/img/{base64_string}?width={width}&height={height}"
    display(Image(url=url))
mm("""
graph TD
    A[🌍 Internet - Global network] --> B[🌐 Router - Routes IP traffic]
    B --> C[🛡️ Firewall - Filters unauthorized access]
    C --> D[🔍 IDS/IPS - Detects and thwarts intrusions]

    D --> E[🔀 Core Switch - Central traffic distributor]
    E --> F[⚖️ Load Balancer - Distributes server requests]
    F --> G[🖥️ Proxy Server - Caches & anonymizes traffic]
    G --> H[🔗 Internal Switches - Links internal devices]
    H --> I[💾 NAS/SAN - Centralized data storage]

    E --> J[📡 Wireless Controller - Manages access points]
    J --> K[📶 Access Points - Provide Wi-Fi coverage]

    K --> L[💻 Laptop]
    K --> M[📱 Smartphone]
    H --> N[🖥️ Desktop PC]
    H --> O[📡 IoT Device]

    F --> P[🌐 Web Server]
    H --> Q[📊 Database Server]
    H --> R[📂 File Server]

""", width=800, height=800)

## Wireless Networks: Access Points and Controllers

Think about how your car radio picks up different stations as you drive. Wireless networks work similarly, but instead of music, they transmit data through the air. Let's explore how organizations set up and manage these invisible networks that keep us connected.

### Wireless Access Points (APs)

A **Wireless Access Point** is like a cell phone tower for your local network. Just as a cell tower connects your phone to the telephone network, an AP connects your laptop or phone to the computer network. When you see a WiFi network name (like "Coffee Shop WiFi") on your phone, you're seeing an AP announcing its presence.

Here's what happens when you connect to WiFi:

1. Your phone sees available networks
   - AP broadcasts: "Coffee Shop WiFi available!"
   - Phone shows: Coffee Shop WiFi (Strong Signal) ****
   - You select the network
   - Your phone and the AP establish a connection

Common AP settings look like this:

| Setting | Example | What It Does | Real-World Impact |
|---------|---------|--------------|-------------------|
| Network Name | "Library-Public" | Network identifier | What users see on their devices |
| Channel | 6 | Radio frequency used | Like picking a clear radio station |
| Band | 5 GHz | Frequency range | Like FM vs AM radio |
| Power | 50% | Signal strength | Controls how far the signal reaches |

APs handle different tasks.

1. Basic Connectivity
   - Connect phones and laptops
   - Pass traffic to wired network
   - Maintain reliable connections
   - Example: "Students can roam the library while staying connected"

2. Traffic Management
   - Handle multiple devices
   - Manage connection quality
   - Balance device loads
   - Example AP statistics:
   ```
   Connected Devices: 25
   Data Transferred: 50 GB/day
   Popular Times: 2-4 PM
   ```

3. Security Features
   - Require passwords
   - Encrypt traffic
   - Block unauthorized users
   Example setup: "Password protected, WPA3 encryption, guest network isolated"

### Wireless Controllers

For larger networks, like a university campus, managing dozens or hundreds of APs individually would be like trying to conduct hundreds of radio stations separately. This is where a **Wireless Controller** comes in - it's like a master control room for all your APs.

Here's how controllers help:

1. Centralized Management
   Instead of configuring each AP separately:
   - Set one policy, applies to all APs
   - Update all APs at once
   - Monitor everything from one screen
   Example: "Change all passwords system-wide with one click"

2. Roaming Support
   As you walk around a building:
   - Controller sees your signal getting weak on one AP
   - Finds another AP with better signal
   - Hands off your connection smoothly
   - Like your car radio automatically finding the stronger station

Here's what the controller manages:

| Feature | Without Controller | With Controller |
|---------|-------------------|-----------------|
| AP Setup | Configure each AP manually | Configure once, deploy to all |
| Updates | Update each AP separately | Update all APs at once |
| Roaming | May disconnect between APs | Smooth transitions |
| Security | Individual policies | Unified security policy |

Real-world scenarios show the difference:

1. Small Coffee Shop
   - Single AP approach
     * One AP covers the space
     * Simple password setup
     * Basic guest access
   - "Customers connect to WiFi-Guest with password posted on the wall"

2. Large University
   - Controller-based approach
     * Hundreds of APs
     * Seamless campus coverage
     * Different networks for staff/students
   - "Students walk across campus while watching online lectures"

Common challenges and solutions:

1. Coverage Problems
   - Issue: Dead spots in building
   - Diagnosis: Signal mapping shows weak areas
   - Solution: Add AP or adjust power
   Example: "Added AP in conference room after complaints"

2. Performance Issues
   - Problem: Slow connections
   - Check: Number of users per AP
   - Fix: Add capacity or adjust channels
   Example: "Split traffic between 2.4GHz and 5GHz bands"

3. Interference
   - Symptom: Unstable connections
   - Tools: Wireless survey
   - Resolution: Change channels or AP placement
   Example: "Moved AP away from microwave oven"

Understanding wireless networks helps explain why your phone stays connected as you walk through a building, or why the coffee shop WiFi gets slow during lunch hour. Whether you're setting up a home network or managing a corporate system, these concepts determine how well your wireless network performs.

## Network Services and Functions: CDN, VPN, QoS, and TTL

Modern networks use various services to make connections faster, more secure, and more reliable. Let's explore these services through everyday examples.

### Content Delivery Networks (CDN)

Imagine you run a chain of ice cream shops. Instead of making everyone come to your main factory, you put smaller shops in each neighborhood. A **Content Delivery Network** works the same way - it puts copies of website content on servers around the world, closer to users.

Here's how a CDN works:

1. Without CDN
   - You: Click link to watch video (from California)
   - Your request: Travels to main server in Japan
   - Video data: Travels all the way back
   - Result: Slow loading, possible buffering

2. With CDN
   - You: Click same video link
   - CDN: "There's a copy in nearby server!"
   - Video streams from local server
   - Result: Fast loading, smooth playback

Here's what happens in different locations:

| User Location | Without CDN | With CDN |
|--------------|-------------|-----------|
| Tokyo | 20ms (local) | 20ms (local) |
| New York | 200ms (slow) | 30ms (local copy) |
| London | 180ms (slow) | 25ms (local copy) |
| Sydney | 160ms (slow) | 35ms (local copy) |

Real-world CDN examples:

1. Video Streaming
   - Netflix stores popular shows on local servers
   - YouTube keeps trending videos nearby
   - Result: "The new episode starts playing instantly"

2. Gaming
   - Game updates stored locally
   - Match data sent through closest server
   - Result: "The new map downloaded in seconds"

### Virtual Private Networks (VPN)

Think of a VPN like a secret tunnel. Just as a diplomatic courier might use a private route to deliver sensitive messages, a VPN creates a private path through the public internet.

Here's how a VPN protects you:

1. Without VPN
   - Your traffic: Visible to others
   - Your location: Visible to websites
   - Your data: Might be intercepted
   - Example: "Coffee shop WiFi users can see your traffic"

2. With VPN
   - Your traffic: In encrypted tunnel
   - Your location: Hidden by VPN location
   - Your data: Protected
   - Example: "All they see is that you're using a VPN"

Common VPN scenarios:

| Situation | Without VPN | With VPN |
|-----------|-------------|----------|
| Coffee Shop WiFi | Exposed | Protected |
| Remote Work | Can't access office | Secure access |
| Travel | Local restrictions | Normal access |
| Streaming | Local content only | Choose location |

### Quality of Service (QoS)

QoS is like a traffic system with special lanes. Just as emergency vehicles get priority on roads, QoS lets important network traffic go first.

Here's how QoS prioritizes traffic:

1. Without QoS
   - Video call: Might freeze
   - File download: Takes bandwidth
   - Voice chat: Might break up
   - Result: "The presentation froze during the client call"

2. With QoS
   - Video call: Priority lane
   - File download: Uses spare bandwidth
   - Voice chat: Priority lane
   - Result: "Perfect video quality throughout the call"

Typical QoS settings:

| Traffic Type | Priority | Why? | Example |
|--------------|----------|------|----------|
| Voice/Video | Highest | Needs real-time | Zoom calls |
| Gaming | High | Interactive | Online games |
| Web Browsing | Medium | Interactive but flexible | Shopping |
| Downloads | Low | Can wait | System updates |

### Time To Live (TTL)

TTL is like an expiration date for network data. Just as milk goes bad after its date, network data "expires" after its TTL.

Here's why TTL matters:

1. Without TTL
   - Lost packet circles forever
   - Old cached data never updates
   - Network gets congested
   - Example: "The GPS keeps showing old location"

2. With TTL
   - Lost packets die after TTL
   - Cache refreshes after expiry
   - Network stays efficient
   - Example: "GPS updated to current location"

Common TTL values:

| Type | TTL Value | Means | Example |
|------|-----------|-------|----------|
| DNS Cache | 300 seconds | Check name again | Website addresses |
| Network Packet | 64 hops | Stop after 64 routers | Internet traffic |
| Website Cache | 3600 seconds | Update content | News pages |

Real-world applications:

1. Web Browsing
   - Browser caches your favorite site
   - TTL expires after an hour
   - Browser gets fresh copy
   Result: "You see the latest news"

2. Gaming
   - Game looks up server address
   - Uses cached result for an hour
   - Looks up fresh address later
   Result: "Quick connection to game server"

Understanding these services helps explain why:
- YouTube videos load faster than your friend's personal website
- You can securely access work files from home
- Your video call stays clear while downloads slow down
- Your GPS eventually shows the right location

Each service solves specific problems to make networks more useful and reliable.

##  Case Study: Uncle Fester's Network Nightmare - A Troubleshooting Adventure

Uncle Fester manages the network for Addams Family Industries, a growing business with 50 employees across two floors. One Monday morning, he faces multiple network issues that require him to apply his knowledge of network infrastructure, security, and services.

The Initial Problems

Users report several issues that morning.
- "The internet is slow on the second floor"
- "We can't access the shared drive"
- "The video conference keeps freezing"
- "Some websites won't load at all"

Step 1: Gathering Information

Fester begins by checking various network components.

1. Network Status
   - All switches show power and link lights
   - Router indicates active internet connection
   - Wireless controllers report all APs online
   - Firewall logs show unusual traffic patterns

2. User Impact
   - Second floor more affected than first
   - File server access intermittent
   - Video services particularly slow
   - External websites load inconsistently

Step 2: Initial Analysis

Fester reviews the network monitoring tools.

| Component        | Status             | Issue Detected                  |
|-----------------|--------------------|---------------------------------|
| Core Switch     | Online             | High utilization on one port    |
| Internet Link   | Active             | 95% bandwidth usage             |
| Firewall        | Online             | Multiple blocked connections    |
| File Server     | Online             | High disk activity              |

Step 3: Problem Identification

After investigation, Fester discovers multiple issues.

1. Primary Causes
   - A **misconfigured switch** is causing broadcast storms
   - The **storage system** is under attack from ransomware
   - A **rogue wireless access point** is creating interference
   - **QoS settings** were accidentally disabled

2. Contributing Factors
   - Recent network changes weren't documented
   - Backup systems were offline
   - Security updates were pending
   - Network monitoring was incomplete

Step 4: The Solution

Fester addresses each issue systematically.

1. Switch Configuration
   - Identifies the flooding port
   - Enables storm control
   - Corrects VLAN settings
   - Documents proper configuration

| Port | Storm Control | VLAN | Status |
|------|--------------|------|---------|
| 1-10 | Enabled      | 10   | Fixed   |
| 11-20| Enabled      | 20   | Fixed   |
| 21   | Enabled      | 1    | Problem |
| 22-48| Enabled      | 30   | Fixed   |

2. Security Measures
   - Isolates infected systems
   - Restores from clean backups
   - Updates antivirus definitions
   - Strengthens firewall rules

3. Wireless Improvements
   - Locates and removes rogue AP
   - Optimizes channel assignments
   - Updates AP firmware
   - Conducts new site survey

4. Performance Optimization
   - Restores QoS settings
   - Implements traffic shaping
   - Upgrades critical links
   - Monitors bandwidth usage

Lessons Learned

Fester implements several improvements.

1. Documentation
   - Network diagram updates
   - Configuration backups
   - Change management process
   - Incident response procedures

2. Monitoring
   - Enhanced logging
   - Automated alerts
   - Performance baselines
   - Security scanning

3. Prevention
   - Regular security audits
   - Staff training programs
   - Scheduled maintenance
   - Redundancy testing

Key Takeaways

This case demonstrates several important principles.

1. Systematic Troubleshooting
   - Gather information before acting
   - Test theories methodically
   - Document all changes
   - Verify solutions work

2. Layered Approach
   - Check each network layer
   - Consider multiple causes
   - Apply appropriate tools
   - Follow best practices

3. Future Prevention
   - Implement proper monitoring
   - Maintain documentation
   - Train staff regularly
   - Plan for growth

Uncle Fester's experience shows how different network components interact and how problems often require understanding multiple technologies to resolve. His systematic approach to troubleshooting demonstrates the importance of understanding both individual components and their relationships in the network.

### Lab: Basic Networking in Linux and Windows
Now, it's your turn. The following activities will teach you about some basic networking tools available in two common operating systems--Linux and Windows.


https://brendanpshea.github.io/cli_practice/?set=BasicLinuxNet.json


https://brendanpshea.github.io/cli_practice/?set=BasicWindowsNet.json


## Review With Quizlet

In [None]:
%%html
<iframe src="https://quizlet.com/988653896/learn/embed?i=psvlh&x=1jj1" height="600" width="100%" style="border:0"></iframe>

## Glossary

| Term | Definition |
|------|------------|
| Network appliance | A specialized hardware device designed to perform specific network functions such as routing, security, or data storage. |
| Virtual appliance | A software-based implementation of a network device that runs on virtualized infrastructure rather than dedicated hardware. |
| Router | A device that forwards data packets between computer networks, determining the best path for data to travel. |
| Switch | A device that connects multiple devices on a local area network and uses MAC addresses to forward data to the specific destination. |
| Load Balancer | A device that distributes network traffic across multiple servers to ensure no single server becomes overwhelmed, improving reliability and performance. |
| Firewall | A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. |
| Intrusion Detection System (IDS) | A passive security solution that monitors network traffic for suspicious activity and policy violations, alerting administrators when detected. |
| Intrusion Protection System (IPS) | An active security solution that not only detects suspicious activity but also takes automated actions to prevent or block potential threats. |
| Network Attached Storage (NAS) | A dedicated file storage server connected to a network that allows multiple users and devices to retrieve data from a centralized location. |
| Storage Area Network (SAN) | A high-speed network of storage devices that provides block-level data storage accessible to multiple servers, appearing as locally attached devices. |
| Proxy server | An intermediary server that sits between client devices and the internet, forwarding requests and responses between them. |
| Forward proxy | Acts on behalf of clients to retrieve data from various servers, often used for content filtering, access control, or anonymizing client requests. |
| Reverse proxy | Acts on behalf of servers, accepting client requests and distributing them to appropriate backend servers, often used for load balancing or SSL termination. |
| Transparent proxy | Intercepts client requests without requiring any special browser configuration, often implemented at network gateways for content filtering. |
| Wireless Access Point (WAP) | A networking device that allows wireless-capable devices to connect to a wired network using Wi-Fi protocols. |
| Wireless Controller | A device that manages multiple wireless access points centrally, handling configuration, security policies, and optimization of wireless networks. |
| Content Delivery Network (CDN) | A distributed network of servers deployed across multiple locations to deliver content to users with high availability and performance. |
| Virtual Private Network (VPN) | A secure encrypted connection over a less secure network that enables users to send and receive data as if their devices were directly connected to a private network. |
| Quality of Service (QoS) | A set of technologies and mechanisms that allow network administrators to prioritize certain types of traffic to ensure consistent network performance. |
| Time to Live (TTL) | A value in data packets that limits how long data should remain in a network before being discarded if it cannot reach its destination, preventing endless routing loops. |