First of all we'll start with the introduction of basic devices.
1- Router
2- Switch
3- HUB
4- Modem
Router
Router basically a device which facilitate us to Communicate from one network to another network.
As you can see in this given image, there are two Networks A&B which are connected with each other with Router, Router is an intelligence device which make forward decision on bases of IP Addresses. Router also known as the layer 3 Device.
For Example: if PC1 from network A wants to send message to PC2 which is in network B, then this message contains IP address of the desired PC which is PC2. This message will walk through the Router and then Router will decide the path of message (where this have to be delivered) on the basis of IP which attached with the message.
Switch
Switch basically a device which facilitate us to communicate between components of the same network. Switch basically works on the bases of MAC( Media Access Control ) or Physical Address of the components of the network . Switch is also known as the layer 2 device.
Multi-Layer Switch
This device can work as Router and Switch as well. Sometime it's also known as the Magic Box.
HUB
Hub is device which can repeat the data to all the connected ports . Hub is also known as the level 1 device.
if there are some PC's attached to HUB, and one of them wants to send message to another computer, then that message will walk through to all the connected PC's which produced the undesirable traffic. That's why only one device can communicate over the network while they are connected with HUB.
MODEM ( Modulation , Demodulation )
We can say that MODEM is the source of communication between the Analog and Digital Devices.
For Example: we often PTCL which is a ISP in Pakistan , basically this is an analog network, but when we want to send data from computer to the source over this medium then we use modem, Modem convert the digital signals produced by the computer and convert it into analog data (which is known as Modulation ) and send it to destination. On the other hand demodulation occurs, another modem receive this analog data and change it into the digital data and send to the computer.
Security in Computer Networks
As we all know that Computer Networks is too much important for all of us , Moreover Security also much important in every type of networks. We'll discuss some Security Strategies below.
Firewall
Firewall basically is a system which is designed to prevent unauthorized access to or from the private networks.You can establish a firewall as Hardware or software or combination of both.
UTM( Unified Threat Management )
It have ability to identify the type of traffic and stop it before it gets inside the system.
Network Intrusion
Basically network intrusion occurs when Third Parties send abnormal data request to the system.
There are three strategies to detect and prevent the Network Intrusion.
1- IDS ( Intrusion Detection System )
These are special software or hardware devices to detect the abnormal traffic or events which happening in the system. To identify the abnormal traffic or Malicious activities it use two major techniques.
Signature:
It contained predefined rules or patters to determine the nature of the activities e.g Antivirus once installed it produce the predefined rules and patterns to examine the nature of the data which is coming in the systems.
Anomalies:
These are the new technologies to detect and adapt unknown attacks.In this they use Machine Learning Techniques to examine the new behavior and compare with the existing approaches to detect the intrusion.
2- IPS ( Intrusion Prevention System )
As we have been discussed about the IDS, it's just detect the intrusion but not able to react according to the situation.That's why a new method introduced which is the IPS. In this a Physical or a Virtual device attached between the firewall and the switch or router. it examines the abnormal traffic and evaluate this according to the suitable situation.3-HIDS ( Host Based Intrusion Detection System )
This technique is less expensive then the IPS because there's no need for security device for prevent the intrusion , but this technique mostly is not suitable in the multiple servers . If you have a server then the Virtual IPS installed inside that server to avoid the intrusion.
