Moderately complicated stuff

Blogging, its a ton of fun. I mean, if I’m being honest, I rather enjoy it and I feel like I learn a lot. It can be taxing on me to simply go through and memorize answers plus I actually learn the material like this and anyone that looks at this blog realizes exactly how much effort it takes to really learn the material for obtaining certs. I’m critical of test content at times but all in all I really enjoy acquiring them. I mean, like its one of my favorite things. Why? I honestly enjoy working my brain to solve puzzles.

photo ngfw_zps7tlqkcnx.jpg

Im aware of what NGFW is, sort of, im not exactly sure what makes it ‘Next Generation’ but I have my theory and im sticking with it. No I wont stand for any of your technical jargon:

photo download 2_zpsqnykunwj.jpeg

So this may take some research. I have no idea if they mean internally or externally but wouldnt some sort of logging need to be turned on regardless? Like SIEM logging? Which is separate from the NGFW?

In addition to be clear lets talk about the VPN concentrator and the IDS/IPS, assume everyone knows what a proxy server is

  • VPN Concentrator – type of networking device that provides secure creation of VPN connections and delivery of messages between VPN nodes. It is a type of router device, built specifically for creating and managing VPN communication infrastructures.
  • NGFW
  • IDS/IPS – Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are both parts of the network infrastructure. … IDS systems compare the current network activity to a known threat database to detect several kinds of behaviors like security policy violations, malware, and port scanners

Without further specificity on ‘internet applications’ im getting that a WAF is more appropriate in this scenario but I could be wrong. Or the question is old.

photo bgp_zpsajep54no.jpg

I have no idea what this is getting at so lets look for a definition of BGP. Hybrid is mentioned no where, I guess I’ll just go with it.

photo port aggrigation_zpsb7srvweh.jpg

I’m not 100% on this stuff, so lets cover it again!

  • Spanning tree – The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them.
  • Clustering – A computer cluster consists of a set of loosely or tightly connected computers that work together so that, in many aspects, they can be viewed as a single system. Unlike grid computers, computer clusters have each node set to perform the same tasks, which are controlled and scheduled by software. Weird. Like a lan party?
  • Port aggregation – Port aggregation lets you combine two Gigabit Ethernet ports on the Nighthawk router to improve the aggregated file transfer speed. If a device supports Ethernet aggregation like a NAS or managed network switch, you can use the Ethernet aggregate ports 1 and 2 to cable the device to your router.
photo protocol_zpsfmhdhyeq.jpg

You know, I’m sure there is some truth to this but I’m betting its hard to prove. Or maybe not

I would say we should investigate the others but ports feel a bit overwhelming at the moment to be honest, so lets not.

photo static to dynamic_zpssilvtqwq.jpg

Highly confused, lets start with VLSM Variable-Length Subnet Masking (VLSM) amounts to “subnetting subnets,” which means that VLSM allows network engineers to divide an IP address space into a hierarchy of subnets of different sizes, making it possible to create subnets with very different host counts without wasting large numbers of addresses.

  • OSPF – Variable-Length Subnet Masking (VLSM) amounts to “subnetting subnets,” which means that VLSM allows network engineers to divide an IP address space into a hierarchy of subnets of different sizes, making it possible to create subnets with very different host counts without wasting large numbers of addresses.
  • IS-IS – OSPF supports virtual link, whereas IS-IS does not support. OSPF elects a DR and BDR, whereas IS-IS elects only a single DR called DIS. OSPF defines a backbone area called area 0 for inter-area advertisements, whereas IS-IS categorizes the domain into two layers
  • RIPv1 – RIPv1 is a classful protocol. RIP supports up to six equal-cost paths to a single destination. Equal-cost path are the paths where the metric is same (Hop count).
  • BGP – (previously explained
  • VRRP – a computer networking protocol that provides for automatic assignment of available Internet Protocol (IP) routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork.

This is complicated by the fact that it seems like you could use one or the other and the idea of using them together isn’t exactly clear.

Had some kind of tough ones tonight. Any way, I’m getting a little sleepy and I think its bed time!

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

Website Powered by WordPress.com.

Up ↑

%d bloggers like this: