Devices and Components Commonly Found in the LAN Domain
The LAN Domain’s primary responsibility is to provide your users with the ability to connect to and share resources. To meet this goal, the LAN Domain contains four main types of components. These components work together to allow users to share resources on the network and reduce the need for multiple dedicated resources, such as printers, file storage systems, and backup devices. The four main types of components in the LAN Domain are as follows:
Connection media—This includes the adapters and wires (sometimes) that connect components together in the LAN Domain. Not all connection methods use wires. Wireless devices use radio waves to transmit data instead of wires. So connection media includes wireless adapters.
Networking devices—The hardware devices, such as hubs, switches, and routers, that connect other devices and computers using connection media are called networking devices.
Server computers and services devices—This includes the hardware that provides one or more services to users, such as server computers, printers, and network storage devices.
Networking services software—This includes the software that provides connection and communication services for users and devices.
Many physical devices in the LAN Domain are combinations of several types of components. These components should work together to provide easy access to desired resources and still maintain the security of your organization’s information. Figure 10-2 shows common components you will find in the LAN Domain.
FIGURE 10-2 Common components in the LAN Domain
Connection Media
The purpose of any network is to allow multiple computers or devices to communicate with each other. Networked computers and devices are connected and have the appropriate software to communicate. In the past, networked computers and devices were connected using some type of cable. Many of today’s networks contain a mix of cables and wireless connections. The cables or devices you use to connect computers and devices to form a network are collectively called connection media. Although the technical details of network connections are beyond the scope of this discussion, it is important to have a general understanding of a network’s components.
Wired LAN Connections
There are four basic cabling options for physical network connections. Each option has its own advantages and disadvantages. From an information security perspective, a wired LAN connection is more secure than a wireless LAN connection. To access a network device through a wired connection, you must physically enter the facility and plug into the network. For practical purposes, a large organization’s network has both wired and wireless LAN connections.
Choosing to use physical cables for part of your network, you will have to run cables to each device. Running cables between devices takes careful planning to do it right. Make sure when you explore cabling options that you evaluate the cost of installing all the cables and connection hardware to support both your current and future needs. Table 10-1 lists the four basic cable options, along with the advantages and disadvantages of each one.
TABLE 10-1 Basic network cabling options.
| CABLE TYPE | DESCRIPTION | ADVANTAGES AND DISADVANTAGES |
|---|---|---|
| Unshielded twisted pair (UTP) | This is the most common type of network cable. UTP generally consists of two or four pairs of wires. Pairs of wires are twisted around each other to reduce interference with other pairs. The most common type of UTP is Category 5 UTP, which supports 100 megabits per second (Mbps) for two pairs of wires and 1,000 Mbps for four pairs. |
|
| Shielded twisted pair (STP) | This is the same as UTP, but with foil shielding around each pair and optionally around the entire wire group to protect the cable from external radio and electrical interference. |
|
| Coaxial | This is a single copper conductor surrounded by a plastic sheath, then a braided copper shield, and then the external insulation. |
|
| Fiber optic | This is a glass core surrounded by several layers of protective materials. |
|
Wireless LAN Connections
Organizations have discovered that granting mobile access to business applications can increase productivity and revenue. A LAN is all about connectivity across the enterprise. The easier you can be connected to a LAN, the faster you can start accessing and exchanging information. Wireless and mobile computing have changed the way we see LANs. This view affects our perception of LAN and Remote Access Domain issues.
Wireless connectivity allows you to view the LAN more broadly than the computer on your desktop. Handled devices allow you to extend your LAN network out of the office and into the business. In other words, you can connect to the network and access or exchange information where the product or service is being made or delivered. Here are a few examples of how using wireless technology can extend the LAN into the business:
Health care—Health care providers can access real-time patient information or medical research from a patient’s bedside. These devices enhance collaboration for more accurate diagnoses. These devices can also track medical equipment to ensure availability at critical times.
Manufacturing—Wireless connectivity allows employees to share real-time data on the factory floor.
Retail—Wireless access to a LAN helps retailers place intelligent cash registers where there is no network wiring. This network access allows retailers to manage inventory, check customers out faster, and print the latest promotion coupons from the register.
Extending the LAN has many advantages over just connecting a standard desktop. LANs today can carry voice, video, and traditional computer traffic. Voice over Internet Protocol (VoIP) allows you to place and receive phone calls over a LAN or WAN. This has become popular for both home and business because of the cost savings over traditional telephone systems. Rather than incurring high flat-rate fees and per-minute call charges, most VoIP services charge a low flat-rate fee. We continue to see new companies enter the market offering less expensive voice and video solutions over the Internet.
Wireless connections are common in today’s LAN environments, where flexibility is an important design factor. Wireless connections allow devices to connect to your LAN without having to physically connect to a cable. This flexibility makes it easy to connect computers or other devices when running cables is either difficult or not practical for temporary connections.
Common Network Server and Service Devices
LANs provide easy access to shared resources and shared services. Shared centralized services make it possible for multiple users to share information and physical resources at a lower cost than duplicating information or purchasing devices for every workstation. Shared resources can include both server computers and services devices. Both offer value to a group rather than as a dedicated resource.
Depending on your network audit, one or more of the network services may be in scope. For example, DLP then auditing the mail service may be in scope. On the other hand, if your focus is on data, than a database server may be in scope. Understanding the types of services and aligning risk is an important step in the audit planning process. The following is a list of servers and a brief description of their services for devices commonly found on the network, as follows:
Web Server
A web server, as the name implies, is used for accessing the Internet. The web server can also be used to create internal web services, which are typically referred to as an “intranet.”
Proxy Server
A proxy server acts as a bridge between a host server and a client-server. This server adds a layer of security since the information that is requested can be filtered by the proxy server.
FTP Server
FTP servers are used to transfer files from one computer to another. Uploaded files move from your computer to the server, while downloaded files are extracted from the server onto your device.
Application Server
An application server connects a client to software applications. This allows clients to run software without the need to install it on their local devices.
File Server
A file server stores data files for multiple users. They allow for faster data sharing and the archiving of common files. These data are typically unstructured, meaning, the files can be any content the user has created, such as spreadsheets, presentations, or text documents.
Database Server
Database servers function as large storage for data that are structured. These data are typically used in many applications, such as customer information, health records, employee information, and financial data.
Mail Server
A mail server stores and delivers mail for clients through email service platforms. Because mail servers are set up to continually connect to a network, individual users can access their email without running any systems through their own devices.
Print Server
A print server connects user devices and allows users to print on a shared printer. These servers give businesses the ability to use a single printer to serve an entire department.
Domain Name System (DNS) Server
DNS servers transform readable computer domain names into computer language Internet Protocol (IP) addresses. The DNS server takes search data from a user and finds the target device through an IP address lookup.
Dynamic Host Configuration Protocol (DHCP) Server
DHCP servers issue, track, and manage IP addresses for all internal network devices.
Collaboration Server
A collaboration server allows teams to share files and information in real time. Microsoft Teams services is an example of a collaboration server.
Monitoring and Management Server
Monitoring and management servers record any activity on network devices. They are also used by network administrators to manage configurations on network devices.
Remote Access Server and Services
These servers provide secure encrypted communications with users outside the network. This is typically referred to as creating a virtual private network (VPN) connection with the network.
Networking Services Software
The last category of components in the LAN Domain is networking services software. This category consists of components that really aren’t connection or hardware components. All the network computers and components don’t do anything without the network software to provide the ability to communicate. The networking services software changes a group of connected devices into a network of devices that communicate to accomplish tasks.
A network operating system (NOS) provides the interface between the hardware and the Application Layer software. The NOS provides many of the same functions an operating system provides on a standalone computer. In fact, the roles of the operating system and NOS are so similar that nearly all of today’s operating systems contain NOS functionality. Today’s networking components generally run either a version of Windows or UNIX/Linux operating systems.
NOS products provide extensive support for resource access and management as well as credential management at various levels. NOSs support low-level authorization as well as higher-level authentication standards such as Kerberos and Active Directory. Choose the NOS that fits in best with your existing IT infrastructure.