Objective 3.2: Specialized Network Devices
Objective 3.2: Identify the functions of specialized network devices
A switch capable of operating on multiple layers of the OSI model simultaneously. You can configure any port on a multilayer switch to act as a switchport (operates on Layer 2) or a router port (operates on Layer 3) depending on your needs. Switchport and Router port are terms coined by Cisco.
Content switches work at Layer 7 (Application) of the OSI model. They are designed to work with Web servers, and are able to read incoming HTTP and HTTPS requests. The can also handle advanced actions, like dealing with SSL certificates and cookies, as well as removing some of the workload from Web servers. Additionally, they can load balance and also pass cookies to HTTP requesters (browsers), so when client returns requests are sent to the same server.
An Intrusion Detection System (IDS) is software and/or hardware designed to detect unwanted attempts at accessing, manipulating, and/or disabling of computer systems, mainly through a network, such as the Internet. An intrusion detection system is used to detect several types of malicious behaviors that can compromise the security and trust of a computer system. This includes network attacks against vulnerable services, data driven attacks on applications, host based attacks such as privilege escalation, unauthorized logins and access to sensitive files, and malware (viruses, trojan horses, and worms). An Intrusion Prevention System is a network security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. Network-based IPS, for example, will operate in-line to monitor all network traffic for malicious code or attacks . When an attack is detected, it can drop the offending packets while still allowing all other traffic to pass. Intrusion prevention technology is considered by some to be an extension of intrusion detection (IDS) technology.
Load balancing is how a Website that uses multiple servers can utilize a single IP address collectively. It makes a group of servers look like a single server, creating what is called a server cluster. A load balancer makes sure requests to servers are distributed evenly, using a special multilayer switch to send traffic to the server that is the “most free”, or in other words, processing the least data at that time.
A proxy server is a server that makes Internet connections on behalf of the client PCs. All the requests for Internet access that are made by a client on a network are executed by the proxy server. In other words, a proxy server acts as a point of contact between a private network and a public network such as the Internet.
Using a proxy improves the control administrators have over the network because proxies can be configured, among other things, to prohibit access to non-business-related sites or to restrict Internet access to groups that do not need it. Also the overall performance of the network is increased due to the proxy's ability to cache the pages that users view the most. Another advantage is the record keeping capabilities of the proxy server. This is used by organizations to monitor the use employees make of the Internet, as it records the requests made along with the time and duration of those requests.