Switch (Network Switch)

A network switch is a small hardware device that joins multiple computers together within one local area network (LAN). Ethernet switch devices were commonly used on home networks before home routers became popular; broadband routers integrate Ethernet switches directly into the unit as one of their many functions. High-performance network switches are still widely used in corporate networks and data centers.

Network Switch Technology

While switching capabilities exist for several types of networks, Ethernet switches are the most common type. Mainstream Ethernet switches like those inside broadband routers support Gigabit ethernet(1 Gbps) speeds, but high-performance switches like those in data centers generally support 10 Gbps.

Different models of network switches support differing numbers of connected devices. Consumer-grade network switches provide either four or eight connections for Ethernet devices, while corporate switches typically support between 32 and 128 connections. Switches can additionally be connected to each other, a so-called daisy chaining method to add progressively larger number of devices to a LAN.

Network switches operate at layer two (Data Link Layer) of the OSI model.

Network Switches vs. Hubs and Routers

Physically, network switches look nearly identical to network hubs . Switches, unlike hubs, are capable of inspecting data as messages are received via a method called packet switching . A switch determines the source and destination device of each packet and forwards data only to the specific device intended to conserve network bandwidth and generally improve performance compared to hubs.

Ethernet hub

In computer networking, a hub is a small, simple, inexpensive device that joins multiple computers together. Many network hubs available today support the Ethernet standard. Other types including USB hubs also exist, but Ethernet is the type traditionally used in home networking.

Working With Ethernet Hubs

To network a group of computers using an Ethernet hub, first connect an Ethernet cable into the unit, then connect the other end of the cable to each computer's network interface card(NIC).  All Ethernet hubs accept the RJ-45 connectors of standard Ethernet cables.

To expand a network to accommodate more devices, Ethernet hubs can also be connected to each other, to switches, or to routers.

Characteristics of Ethernet Hubs

Ethernet hubs vary in the speed (network data rate or bandwidth ) they support. Some years ago, Ethernet hubs offered only 10 Mbps rated speeds. Newer types of hubs offer 100 Mbps Ethernet. Some support both 10 Mbps and 100 Mbps (so-called dual-speed or 10/100 hubs).

The number of ports an Ethernet hub supports also varies. Four- and five-port Ethernet hubs are most common in home networks, but eight- and 16-port hubs can be found in some home and small office environments.

Older Ethernet hubs were relatively large in size and sometimes noisy as they contained built in fans for cooling the unit. Newer devices are much smaller, designed for mobility, and noiseless.

When To Use an Ethernet Hub

Ethernet hubs operate as Layer 2 devices in the OSI model, the same as network switches. Although offering comparable functionality, nearly all mainstream home network equipment today utilizes network switch technology instead of hubs due to the performance benefits of switches. A hub can be useful for temporarily replacing a broken network switch or when performance is not a critical factor on the network.

Routers

Routers are small physical devices that join multiple networks together. Technically, a router is a Layer 3 gateway device, meaning that it connects two or more networks and that the router operates at the network layer of the OSI model.

Home networks typically use a wireless or wired Internet Protocol (IP) router, IP being the most common OSI network layer protocol. An IP router such as a DSL or cable modem broadband router joins the home's local area network (LAN) to the wide-area network (WAN) of the Internet.

By maintaining configuration information in a piece of storage called the routing table, wired or wireless routers also have the ability to filter traffic, either incoming or outgoing, based on the IP addresses of senders and receivers. Some routers allow a network administrator to update the routing table from a Web browser interface. Broadband routers combine the functions of a router with those of a network switch and a firewall in a single unit.

What Makes a Virtual Private Network Private?

What is a Virtual Private network (VPN)?

Using a public network — usually the Internet — to connect securely to a private network, such as a company's network is the basis of a VPN or virtual private network.

Companies and organizations will use a VPN to communicate confidentially over a public network and to send voice, video or data. It is also an excellent option for remote workers and organizations with global offices and partners to share data in a private manner.

One of the most common types of VPNs is a virtual private dial-up network (VPDN). A VPDN is a user-to-LAN connection, where remote users need to connect to the company LAN. Here the company will have a service provider set-up a NAS (network access server) and provide the remote users with the software needed to reach the NAS from their desktop computer or laptop. For a VPDN, the secure and encrypted connection between the company's network and remote users is provided by the third-party service provider.

Another type of VPN is commonly called a site-to-site VPN. Here the company would invest in dedicated hardware to connect multiple sites to their LAN though a public network, usually the Internet. Site-to-site VPNs are either intranet or extranet-based.
intranet

A network based on TCP/IP protocols (an intranet) belonging to an organization, usually a corporation, accessible only by the organization's members, employees or others with authorization. Secure intranets are now the fastest-growing segment of the Internet because they are much less expensive to build and manage than private networks based on proprietary protocols.

Extranet

An extranet refers to an intranet that is partially accessible to authorized outsiders. Whereas an intranet resides behind a firewall and is accessible only to people who are members of the same company or organization, an extranet provides various levels of accessibility to outsiders. You can access an extranet only if you have a valid username and password, and your identity determines which parts of the extranet you can view. Extranets are becoming a popular means for business partners to exchange information.

Other options for using a VPN include such things as using dedicated private leased lines. Due to the high cost of dedicated lines, however, VPNs have become an attractive cost-effective solution.

Securing a VPN

If you're using a public line to connect to a private network, then you might wonder what makes a virtual private network private? The answer is the manner in which the VPN is designed. A VPN is designed to provides a secure, encrypted tunnel in which to transmit the data between the remote user and the company network. The information transmitted between the two locations via the encrypted tunnel cannot be read by anyone else.

VPN security contains several elements to secure both the company's private network and the outside network, usually the Internet, through which the remote user connects through. The first step to security is usually a firewall. You will have a firewall site between the client (which is the remote users workstation) and the host server, which is the connection point to the private network. The remote user will establish an authenticated connection with the firewall.
 

VPN Encryption

Encryption is also an important component of a secure VPN. Encryption works by having all data sent from one computer encrypted in such a way that only the computer it is sending to can decrypt the data. Types of encryption commonly used include public-key encryption which is a system that uses two keys — a public key known to everyone and a private or secret key known only to the recipient of the message. The other commonly used encryption system is a Symmetric-key encryption system in which the sender and receiver of a message share a single, common key that is used to encrypt and decrypt the message.

VPN Tunneling

With a VPN you'll need to establish a network connection that is based on the idea of tunneling. There are two main types of tunneling used in virtual private networks. Voluntary tunneling is where the client makes a connection to the service provider then the VPN client creates the tunnel to the VPN server once the connection has been made. In compulsory tunneling the service provider manages the VPN connection and brokers the connection between that client and a VPN server.

There are three main network protocols for use with VPN tunnels, which are generally incompatible with each other. They include the following
 

IPSec

A set of protocols developed by the IETF to support secure exchange of packets at the IP layer. IPsec has been deployed widely to implement VPNs. IPsec supports two encryption modes: Transport and Tunnel. Transport mode encrypts only the data portion (payload) of each packet, but leaves the header untouched. The more secure Tunnel mode encrypts both the header and the payload. On the receiving side, an IPSec-compliant device decrypts each packet. For IPsec to work, the sending and receiving devices must share a public key. This is accomplished through a protocol known as Internet Security Association and Key Management Protocol/Oakley (ISAKMP/Oakley), which allows the receiver to obtain a public key and authenticate the sender using digital certificates.
 

PPTP

Short for Point-to-Point Tunneling Protocol, a new technology for creating VPNs, developed jointly by Microsoft, U.S. Robotics and several remote access vendor companies, known collectively as the PPTP Forum. A VPN is a private network of computers that uses the public Internet to connect some nodes. Because the Internet is essentially an open network, PPTP is used to ensure that messages transmitted from one VPN node to another are secure. With PPTP, users can dial in to their corporate network via the Internet.
 

L2TP

Short for Layer Two (2) Tunneling Protocol, an extension to the PPP protocol that enables ISPs to operate Virtual Private Networks (VPNs). L2TP merges the best features of two other tunneling protocols: PPTP from Microsoft and L2F from Cisco Systems. Like PPTP, L2TP requires that the ISP's routers support the protocol.
 

VPN Equipment

Depending on the type of VPN you decide to implement, either remote-access or site-to-site, you will need specific components to build your VPN. These standard components include a software client for each remote workstation, dedicated hardware, such as a firewall  or a product like the Cisco VPN Concentrator, a VPN server, and a  Network Access Server (NAS).
Key Terms To Understanding  virtual private networks:

VPN

 
A network that is constructed by using public wires to connect nodes. For example, there are a number of systems that enable you to create networks using the Internet as the medium for transporting data.

VPDN

 
A network that extends remote access to a private network using a shared infrastructure.

tunneling

 
A technology that enables one network to send its data via another network's connections. Tunneling works by encapsulating a network protocol within packets carried by the second network.

split tunneling

The process of allowing a remote VPN user to access a public network, most commonly the Internet, at the same time that the user is allowed to access resources on the VPN.

encryption

The translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. There are two main types of encryption: asymmetric encryption (also called public-key encryption) and symmetric encryption.

802.11b

802.11b is a Wi-Fi wireless network communication technology. It is one of the 802.11 series of IEEE standard technologies and was widely used in first-generation Wi-Fi home networking products after its introduction in 1999. 802.11b has since been rendered obsolete by the newer Wi-Fi standards 802.11g and 802.11n.

802.11b Performance
 

802.11b LANs support a theoretical maximum data rate of 11mbps. Although comparable to traditional Ethernet (10 Mbps), its performs significantly slower than newer Wi-Fi and Ethernet technologies including 802.11g and Fast Ethernet.

802.11b and Wireless Interference

Transmitting in the unregulated 2.4 GHz frequency range (like 802.11g), 802.11b transmitters can encounter radio interference from other wireless household products like cordless telephones, microwave ovens, garage door openers, and baby monitors.

802.11a

802.11a is a Wi-Fi wireless network communication standard. It is one of the IEEE standards in the 802.11 series.
 

802.11a Performance

An 802.11a wireless network supports a maximum theoretical bandwidth of 54 Mbps, a noticeable advantage over 802.11b Wi-Fi that supports 11 Mbps and on par with 802.11g performance. However, 802.11a installations historically were limited to corporate environments due to comparatively higher hardware equipment costs.
 

802.11a and Wireless Interference

802.11a transmits radio signals in the frequency range above 5 GHz, a part of wireless spectrum regulated in many countries. This regulation means 802.11a gear generally avoids signal interference from other consumer wireless products like cordless phones. In contrast, 802.11b/g utilizes frequencies in the unregulated 2.4 GHz range and is much more susceptible to radio interference from other devices.

Range of 802.11a Networks
 

Though it helps improve network performance and reduce interference, the range of an 802.11a signal is limited by use of the high 5 GHz frequency. An 802.11a access point transmitter may cover less than one-fourth the area of a comparable 802.11b/g unit. Brick walls and other obstructions affect 802.11a wireless networks to a greater degree than they do comparable 802.11b/g networks.

Wi-Fi

Wi-Fi is the industry name for wireless local area network (WLAN) communication technology related to the IEEE 802.11 family of wireless networking standards. Wi-Fi technology first became popular with 802.11b, introduced in 1999 and the first standard in that family to enjoy mainstream adoption. Today, Wi-Fi refers to any of the established standards:

•  802.11a
•  802.11b
•  802.11g
•  802.11n
•  802.11ac

The Wi-Fi Alliance certifies vendor equipment to ensure 802.11 products on the market follow the various 802.11 specifications. Consumer versions of Wi-Fi products have additionally maintained backward compatibility. For example, 802.11b, 802.11g, and 802.11n equipment all can communicate with each other, and mixed Wi-Fi networks with devices running multiple of these standards are commonly referred to as "802.11b/g/n" networks. 802.11ac equipment also communicates with each of these others. The old 802.11a technology is not compatible with these others and has fallen out of mainstream usage as a result.