Telecommunications equipment is all the hardware used to move data between networked devices. This equipment can be used in a LAN or WAN. This is important to know not only from a networking standpoint, but also to better implement security solutions and pass the CISSP exam.
Hubs are one of the most basic networking devices. A hub allows all the connected devices to communicate with one another. A hub is logically a common wire to which all computers have shared access.
Hubs have fallen out of favor because of their low maximum throughput. Whenever two or more systems attempt to send packets at the same time on the same hub, there is a collision. As utilization increases the number of collisions skyrockets and the overall average throughput decreases.
Another somewhat outdated piece of equipment is a bridge. Bridges are semi-intelligent pieces of equipment that have the capability to separate collision domains. Bridges examine frames and look up the MAC address. If the device tied to that MAC address is determined to be local, the bridge blocks the traffic. One of the big problems with bridges is that, by default, they pass broadcast traffic. Too much broadcast traffic can effectively flood the network and cause a broadcast storm.
Don't spend too much time worrying about hubs and bridgesjust know their basic purpose and that they have been replaced by switches.
A switch performs in much the same way as a hub; however, switches are considered intelligent devices. Switches segment traffic by observing the source and destination MAC address of each data frame.
The switch stores the MAC addresses by placing them in a lookup table, which is located in random access memory (RAM). This lookup table also contains the information needed to match each MAC address to the corresponding port it is connected to. When the data frame enters the switch, it finds the target MAC address in the lookup table and matches it to the switch port the computer is attached to. The frame is forwarded to only that switch port; therefore, computers on all other ports never see the traffic. Some advantages of a switch are as follows:
Not all switches are made the same. Switches can process an incoming frame in three ways:
Routers reside at Layer 3 of the OSI model. Routers are usually associated with the IP protocol, which, as previously discussed, sends blocks of data that have been formatted into packets. IP is considered a "best effort" protocol, and IP packets are examined and processed by routers. Routers are used to join similar or dissimilar networks. A router's primary purpose is to forward IP packets toward their destination through a process known as routing. Whereas bridges and switches examined the physical frame, routers focus on what information is found in the IP header. One important item in the IP header that routers examine is the IP address. IP addresses are considered a logical address. Routers can also be used to improve performance by limiting physical broadcast domains, act as a limited type of firewall by filtering with access control lists (ACLs), and ease network management by segmenting devices into smaller subnets instead of one large network. The security of the router is paramount. A compromised router can have devastating consequences, especially if it is being used for other services, such as IPSec, a virtual private network (VPN) termination point, or a firewall.
Each time a router is presented with packets, the router must examine the packets and determine the proper interface to forward the packets to. Not all routing protocols that routers work with function in the same manner. Routing protocols can be divided into two broad categories:
Distance-vector protocols are based on Bellman-Ford algorithms. The basic methodology of a distance-vector protocol is to find the best route by determining the shortest path. The shortest path is commonly calculated by hops. Distance-vector routing is also called routing by rumor. The Routing Information Protocol (RIP) is probably the most common distance-vector protocol in use. One major shortcoming of distance-vector protocols is that the path with the lowest number of hops might not be the optimal route; the path with the lowest hop count could have considerable less bandwidth than a route with a higher hop count.
Distance-vector protocols such as RIP can be spoofed and are subject to redirection. It also easy for attackers to sniff RIP updates. RIP sends out complete routing tables every 30 seconds.
Link-state protocols are based on Dijkstra algorithms. Unlike distance-vector protocols, link-state protocols determine the best path with metrics such as delay or bandwidth. When this path is determined, the router informs other routers of its findings. This is how reliable routing tables are developed and routing tables reach convergence.
Link-state routing is considered more robust than distance-vector routing protocols. Open Shortest Path First (OSPF) is probably the most common link-state routing protocol; many times, it is used as a replacement for RIP.
Common routing protocols include these:
The CISSP Cram Sheet
A Note from Series Editor Ed Tittel
About the Author
We Want to Hear from You!
The CISSP Certification Exam
Access-Control Systems and Methodology
System Architecture and Models
Telecommunications and Network Security
Applications and Systems-Development Security
Business Continuity Planning
Law, Investigations, and Ethics
Practice Exam 1
Answers to Practice Exam 1
Practice Exam 2
Answers to Practice Exam 2