Summary
Highlights
Routers operate at OSI Layer 3, routing data between IP subnets, sometimes integrated into Layer 3 switches. Switches operate at OSI Layer 2 using MAC addresses and ASICs for hardware forwarding. Enterprise switches often include Power over Ethernet (PoE).
Traditional firewalls filter traffic by port, while Next-Generation Firewalls (NGFWs) identify and manage applications. Firewalls commonly offer VPN functionality for encrypted connections and can act as routers, providing NAT and supporting dynamic routing protocols.
IDS (Intrusion Detection System) identifies and alerts on network attacks while IPS (Intrusion Prevention System) blocks them. They protect against exploits and vulnerabilities like buffer overflows and cross-site scripting.
Load balancers distribute traffic across multiple servers to maintain uptime and availability. They detect server outages, perform TCP and SSL offloading, cache data, prioritize traffic using QoS, and offer application-centric load balancing.
Proxies sit between users and servers, handling requests, verifying responses for malicious content, and caching data. They provide access control, URL filtering, and content scanning. Proxies can be explicit (requiring configuration) or transparent.
NAS (Network Attached Storage) provides file-level access, requiring entire files to be transferred. SAN (Storage Area Network) offers block-level access, allowing modification of individual blocks. Both benefit from high-bandwidth, isolated networks.
Access points bridge wireless (802.11) and wired (802.3) networks at OSI Layer 2. Wireless LAN controllers provide centralized management for multiple access points, simplifying configuration, monitoring, and deployment.