Scribd
Upload
3 views

Network Security Class-5

Data in a network is transmitted in packets, which consist of a header, payload, and trailer, facilitating the flow through various devices like routers and switches. Network segmentation enhances security and performance by dividing networks into smaller segments, using methods such as physical segmentation, VLANs, and subnetting. The Address Resolution Protocol (ARP) is utilized to map IP addresses to MAC addresses within the network.

Uploaded by

limad83510
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
3 views

Network Security Class-5

Data in a network is transmitted in packets, which consist of a header, payload, and trailer, facilitating the flow through various devices like routers and switches. Network segmentation enhances security and performance by dividing networks into smaller segments, using methods such as physical segmentation, VLANs, and subnetting. The Address Resolution Protocol (ARP) is utilized to map IP addresses to MAC addresses within the network.

Uploaded by

limad83510
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

How the data carried in the Network?

The data is flowing in the form of packets through the routers, LAN, switch, Broadband cables,
IDS/IPS, Firewall.

Packet :

PackeT refers to the formatted unit of a data carried by a network.

Packet design consists of three main things they are

Header: Header in which contains all the information related to the control info (Source,
Destination, Protocol)

Payload: payload is nothing but the raw format of the data this is the actual data which is related to
file, Message or a request.

Raw log:

<Device: Palo alto Time: 08:53:03 14-04-25, Port no: 80, 443 Action= Allow, Deny, Drop SOURCE IP
address:192.168.1.1, NAT SOURCE IP: 83.229.86.231 Destination IP address: 127.0.0.0 NAT
Destination address: 127.0.0.0 Geo location: India/US Domain: http://www.Amazon.com,
https://www.Amazon.com SOURCE BYTES: 5DESTINATION BYTES: 120 User name: Kiran LAPTOP-
89TRBGBK Protocol: TCP/UDP>

Trailer: Which will be used


to checking the errors in SOURCE ADDRESS DESTINATION ADDRESS
VERSION TYPE OF SERVICE HEADER CHECK SUM
sharing the data
FLAGS FRAGMENT OFFSET IDENTIFICATION
IP HEADER PROTOCOL

SOURCE PORT DESTINATION PORT


SEQUENCE NUMBER ACKNOWLEDGEMENT NUMBER
TCP HEADER Data offset WINDOW (Which window
Urgent pointers opened the connect)

DATA REQUEST
TCP OPTIONS
Payload

NETWORK SEGMENTATION:

Network segmentation refers to the splitting of a computer network into smalls small segments to
improve the services, performance, security and easily managing.

Why we segment network?

To increase the security: so if we dividing the network routers to multiple switches, we can easily
track the users who are connected to different switch and we can easily isolate them from network.
User Use User Use User Use User
10 r 11 21 r 20 22 r 28 2
INTERNET User Use User Use User Use User
ROUTER
5 r4 3 r4 7 r6 3
Switch with ports

Physical segmentation: We are separating the network through the physical hardware cables to
secure the network

VLAN: Virtual local area network logical segmentation which will be using the switches to improve
the services.

In a VLAN the computes, servers and other network devices are logically connected regardless of the
physical location by this we can achieve the improved security, traffic management, make the
network simpler to get the information easier U

S Developer Tester Engineer

E
Tester Developer
R Developer

Users User User User User User User User User Tester Tester
port 20 22 28 2 4 7 6 3 Engineer
22
User User User User User User User User User
28 4 7 6 3 20 22 28 2

Switch

Subnetting: dividing and assigning the IP address from the public ip

Firewall based segementation: which will be used to segment the event process

ARP: Address resolution protocol

The main job of it is to get the mac address of the IP which we are connected in the network.

For example: I want the MAC address which is being connected to one IP so if I request the
information through my Resolver, it will retrieve the information of the mac address which it is
connected to

IP MAC address of the machine


191.168.2.3 AA:BB:CC:DD:EE

ARP

You might also like