Presentation is loading. Please wait.

Presentation is loading. Please wait.

This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Published byClaribel Ferguson Modified over 8 years ago

Similar presentations

Presentation on theme: "This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to."— Presentation transcript:

1 This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to accompany the courseware may be copied, photocopied, reproduced, or re-used in any form or by any means without permission in writing from a director of gtslearning International Limited. Violation of these laws will lead to prosecution. All trademarks, service marks, products, or services are trademarks or registered trademarks of their respective holders and are acknowledged by the publisher. All gtslearning products are supplied on the basis of a single copy of a course per student. Additional resources that may be made available from gtslearning may only be used in conjunction with courses sold by gtslearning. No material changes to these resources are permitted without express written permission by a director of gtslearning. These resources may not be used in conjunction with content from any other supplier. If you suspect that this course has been copied or distributed illegally, please telephone or email gtslearning. 2.3 Routers and Firewalls CompTIA Server+ Certification (Exam SK0-004)

2 Objectives Understand the basics of IP routing and use of tracert to troubleshoot Explain the functions of TCP and UDP ports and use netstat to identify open ports Implement secure network topologies using zones, NAT, firewalls, and VLANs 2.3 Routers and Firewalls 120

3 Identify the network addresses of the source and destination hosts Compare the source and destination network addresses o Local network - IP uses ARP messaging to locate the destination interface of the local host o Remote networks - IP uses ARP messaging to locate the default gateway (router) to use to forward the packet A data link protocol (such as Ethernet) encapsulates the packet into one or more frames and transmits them over the network Time to Live (TTL) Routing protocols Routing tables IP Routing Basics 2.3 Routers and Firewalls 120

4 Routers 2.3 Routers and Firewalls 121

5 Network Address Translation Static / dynamic NAT o Maps IP address from private LAN to public IP address (or address pool) Port Address Translation / NAT overloading o Allows multiple private addresses to map to a single public address 2.3 Routers and Firewalls 122

6 Troubleshooting Routing Issues Establish IP connection to rule out name resolution or service issue Consider physical or security (firewall) issue Improper subnetting Investigate local routing table – route command Use tracert to test path between hosts 2.3 Routers and Firewalls 123

7 Using tracert and traceroute 2.3 Routers and Firewalls 124

8 TCP and UDP Ports Transport layer o End-to-end layer Multiplexing and de- multiplexing o Identifies application data via port numbers o Packages data in a stream of segments o Merges segments from different applications over the network link o Port numbers allow receiving host to de-multiplex and reassemble data for the appropriate application handler 2.3 Routers and Firewalls 125

9 TCP versus UDP Transmission Control Protocol (TCP) o Connection-oriented, reliable delivery o Connection establishment o Acknowledgements and negative acknowledgments o Segmentation and sequencing User Datagram Protocol (UDP) o Connectionless, non- guaranteed delivery o Lightweight header 2.3 Routers and Firewalls 126

10 Well Known Ports 2.3 Routers and Firewalls 127

11 netstat 2.3 Routers and Firewalls 128

12 Zones and ACLs 2.3 Routers and Firewalls 129

13 Private network (intranet) o A network of trusted hosts owned and controlled by the organization Extranet o A network of semi-trusted hosts, typically representing business partners, suppliers, or customers o Hosts must authenticate to join the extranet Internet o A public zone permitting anonymous access (or perhaps a mix of anonymous and authenticated access) by untrusted hosts over the Internet Intranets and Extranets 2.3 Routers and Firewalls 130

14 Demilitarized Zones (DMZ) Screened subnet Three-legged firewall Screened host 2.3 Routers and Firewalls 130

15 Internal Network Firewalls 2.3 Routers and Firewalls 131

16 Basic Firewalls Packet filtering o IP filtering o Protocol ID / type o Port filtering / security Ingress versus egress Allow or block 2.3 Routers and Firewalls 132

17 Troubleshooting Misconfigured Firewalls / ACLs 2.3 Routers and Firewalls 133

18 Host-based Firewalls NOS Firewall Application Firewall Personal Firewall 2.3 Routers and Firewalls 135

19 VLAN Configuration Virtual LAN (VLAN) Divide computers attached to same cabling between logically separate networks Isolate traffic Ensure services accessible to VLAN 2.3 Routers and Firewalls 136

20 Review Understand the basics of IP routing and use of tracert to troubleshoot Explain the functions of TCP and UDP ports and use netstat to identify open ports Implement secure network topologies using zones, NAT, firewalls, and VLANs 2.3 Routers and Firewalls 138

Download ppt "This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to."

Similar presentations

Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.

Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.
CCNA – Network Fundamentals

CCNA – Network Fundamentals
IST 201 Chapter 9. TCP/IP Model Application Transport Internet Network Access.

IST 201 Chapter 9. TCP/IP Model Application Transport Internet Network Access.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Introduction To Networking

Introduction To Networking
Chapter 2 Internet Protocol DoD Model Four layers: – Process/Application layer – Host-to-Host layer – Internet layer – Network Access layer.

Chapter 2 Internet Protocol DoD Model Four layers: – Process/Application layer – Host-to-Host layer – Internet layer – Network Access layer.
1 Version 3.0 Module 10 Routing Fundamentals and Subnetting.

1 Version 3.0 Module 10 Routing Fundamentals and Subnetting.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
CS 356 Systems Security Spring 2015 Dr. Indrajit Ray

CS 356 Systems Security Spring Dr. Indrajit Ray
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.
IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)

IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)
Network Fundamentals Chapter 9.

Network Fundamentals Chapter 9.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
CCNA Guide to Cisco Networking Fundamentals Fourth Edition

CCNA Guide to Cisco Networking Fundamentals Fourth Edition
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Intranet, Extranet, Firewall. Intranet and Extranet.

Intranet, Extranet, Firewall. Intranet and Extranet.

Similar presentations

Ads by Google