- Endpoints: End devices, which are most common to people, fall into the category of endpoints. In the context of a network, end devices are called end-user devices, and include PCs, laptops, tablets, mobile phones, game consoles, and television sets. Endpoints are also file servers, printers, sensors, cameras, manufacturing robots, smart home components, and so on. At the beginning of computer networking, all end devices were physical hardware units. Today, many end devices are virtualized, meaning that they do not exist as separate hardware units any more. In virtualization, one physical device is used to emulate multiple end devices, for example all the hardware components that one end device would require. The emulated computer system operates as if it were a separate physical unit and has its own operating system and other required software. In a way, it behaves like a tenant living inside a host physical device, using its resources (processor power, memory, and network interface capabilities) to perform its functions. Virtualization is commonly applied for servers to optimize resource utilization, as server resources are often underutilized when they are implemented as separate physical units.
- Intermediary devices: These devices interconnect end devices or interconnect networks. In doing so, they perform different functions, which include regenerating and retransmitting signals, choosing the best paths between networks, classifying and forwarding data according to priorities, filtering traffic to allow or deny it based on security settings, and so on. As endpoints can be virtualized, so can intermediary devices or even entire networks. The concept is the same as in the endpoint virtualization the virtualized element uses a subset of resources available at the physical host system. Intermediary devices that are commonly found in enterprise networks are:
- Switches: These devices enable multiple endpoints such as PCs, file servers, printers, sensors, cameras, and manufacturing robots to connect to the network. Switches are used to allow devices to communicate on the same network. In general, a switch or group of interconnected switches attempt to forward messages from the sender so it is only received by the destination device. Usually, all the devices that connect to a single switch or a group of interconnected switches belong to a common network and can therefore communicate directly with each other. If an end device wants to communicate with a device that is on a different network, then it requires “services” of a device that is known as a router, which connects different networks together.
- Routers: These devices connect networks and intelligently choose the best paths between networks. Their main function is to route traffic from one network to another. For example, you need a router to connect your office network to the internet. An analogy that may help you understand the basic function of switches and routers is to imagine a network as a neighborhood. A switch is the street which connects the houses, and routers are the crossroads of those streets. The crossroads contain helpful information such as road signs, to help you in finding a destination address. Sometimes, you might need the destination after just one crossroad, but other times you might need to cross several. The same is true in networking. Data sometimes “stops” at several routers, before it is delivered to the final recipient. Certain switches combine functionalities of routers and switches and they are called Layer 3 switches.
- APs: These devices allow wireless devices to connect to a wired network. An AP usually connects to a router as a standalone device, but it also can be an integral component of the router itself.
- WLCs: These devices are used by network administrators or network operations centers to facilitate management of many APs. The WLC automatically manages the configuration of wireless APs.
- Next-generation firewalls (NGFW): Firewalls are network security systems that monitor and control the incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted, secure internal network, and another outside network, such as the internet, that is assumed not to be secure or trusted. The term next-generation firewall indicates a firewall that provides additional features to accommodate the newest security requirements. An example of such a feature is the ability to recognize user applications, for instance a game running inside an application, such as a browser, that is connected to Facebook.
- Intrusion Protection System (IPS): An IPS is a system that performs deep analysis of network traffic, searching for signs that behavior is suspicious or malicious. If the IPS detects such behavior, it can take protective action immediately. An IPS and a firewall can work in conjunction to defend a network.
- Management Services: A modern management service offers centralized management that facilitates designing, provisioning, and applying policies across a network. It includes features for discovery and management of network inventory, management of software images, device configuration automation, network diagnostics, and policy configuration. It provides end-to-end network visibility and uses network insights to optimize the network. An example of such centralized management service is Cisco DNA Center.
Components of a Network
A network can be as simple as two PCs that are connected by a wire or as complex as several thousand devices that are connected through different types of media. The elements that form a network can be roughly divided into 3 categories: devices, media, and services. Devices are interconnected by media. Media provides the channel over which the data travels from source to destination. Services are software and processes that support common networking applications in use today.
Devices can be further divided into endpoints and intermediary devices:
In user homes, you can often find one device that provides connectivity for wired devices, provides connectivity for wireless devices, and provides access to the Internet. You may be wondering which kind of device it is. It has characteristics of a switch in that it provides physical ports to plug local devices, a router, as it enables users to access other networks and the internet, and a WLAN AP, as it allows wireless devices to connect to it. It is actually all three of these devices in a single package. This device is often called a wireless router.
Another example of a network device is a file server, which is an end device. A file server runs software that implements protocols that are standardized to support file transfer from one device to another over a network. This service can be implemented by either File Transfer Protocol (FTP) or Trivial File Transfer Protocol (TFTP). Having an FTP or TFTP server in a network allows uploads and downloads of files over the network. An FTP or TFTP server is often used to store back-up copies of files that are important to network operation, such as operating system images and configuration files. Having those files in one place makes file management and maintenance easier.
Media are the physical elements that connect network devices. Media carry electromagnetic signals that represent data. Depending on the medium, electromagnetic signals can be guided, like in wires and fiber optic cables, or can be propagated, like in wireless transmissions, such as are WiFi, mobile, and satellite. Different media have different characteristics and the selection of the most appropriate medium would depend on the circumstances, such as the environment in which the media is used, distances that need to be covered, availability of financial resources, and so on. For instance, for a filming crew working in a desert, a satellite connection (air medium) might be the only available option.
Connecting of wired media to network devices is greatly eased by the use of connectors. A connector is a plug, which is attached to each end of the cable. The most common type of connector on a LAN is the plug that looks like an analog phone connector. It is called a registered jack-45 (RJ-45) connector.
To be able to connect the media, which connects a device to a network, devices use network interface cards (NICs). The media “plugs” directly into the NIC. NICs translate the data that is created by the device into a format that can be transmitted over the media. NICs used on LANs are also called LAN adapters. End devices used in LANs usually come with several types of NICs installed, such as wireless NICs and Ethernet NICs. NICs on a LAN are uniquely identified by a Media Access Control (MAC) address. The MAC address is hard-coded or “burned in” by the NIC manufacturer. NICs that are used to interface with WANs are called WAN interface cards (WICs) and they use serial links to connect to a WAN network.
Services in a network comprise software and processes that implement common network applications, such as email and web, also including the less obvious processes, implemented across the network, all of which generate data and determine how data is moved through the network
Companies typically centralize business-critical data and applications into central locations called Data Centers. These data centers can include routers, switches, firewalls, storage systems, servers, and application delivery controllers. Similar to Data Center centralization, computing resources can also be centralized off premises in the form of a cloud. Clouds can be private, public, or hybrid, and aggregate the computing, storage, network, and application resources in central locations. Cloud computing resources are configurable and shared among many end users. The resources are transparently available, regardless of the user point of entry (a personal computer at home, an office computer at work, a smartphone or tablet, or a computer on a school campus). Data stored by the user is available whenever the user is connected to the cloud.