4. Network Security

Types of Networks

Local Area Network: Commonly limited geographical area

OSI Model

Divides networking tasks into 7 layers, each responsible for specific tasks

Data converted into binary from electrical signals: Sent across wire

Encapsulation: Adds header/trailer used at L2-4:

  • Data moves DOWN OSI from app to phy

  • As data is encapsulated the previous header/payload/footer are treated as the next layer’s payload

  • Data unit size increases as we move down


Defines protocols for transport

32-bit address space

  • Expressed as 4 octets separated by dot [ . ]

  • Each octet may have value between 0 - 255

  • 0 is network and 255 is for broadcast

Each address subdivided into 2 parts:

  1. Network number: Number assigned by external org like ICANN

  2. Host: Represents the network interface within the network

Subnet: Networks typically divided into subnets Subnet mask: Defines part of address for subnet in dec

IPv4 sub-divided into public/private address ranges Public addresses:

  • -

  • -

  • -

Loopback: First octet of 127 reserved for a loopback:

  1. Mechanism for self-diagnosis, troubleshooting

  2. Allows admins to treat local machine as remote

Difference between IDS/IPS

  • IPS is placed in line with traffic: All traffic must pass through it

  • IPS can choose what traffic to forward and what traffic to block

  • NIPS: Network-Based IPS

  • HIPS: Host-Based IPS Cloud: Usually associated with internet-based set of resources and typically sold as a service

  • Provided by a CSP: Cloud Service Provider

Cloud Service Models

Software as a Service A model where software apps are hosted by a vendor/CSP

Four Cloud Models

Easily accessible. No mechanism other than applying, paying for service

  1. Shared resource: Many people use resource pool

  2. Deployment: Assets avail to consumers to rent, host by external CSP

  3. Service level agreements

Area designed for access by visitors: Isolated from private network

Last updated