Standard Concepts

2025-02-01 10:42

Status: #adult

Tags: Networking

Fundamental Conceptual Building Blocks

of Networks
The fundamental conceptual building blocks of networks are namely:
TCP/IP model, OSI model, frames and packets, and lastly addressing.

TCP/IP vs OSI Model

TCP/IP

TCP/IP is a protocol suite. It is an open standard protocol suite

maintained by the internet engineering task force (IETF). It is a
foundational framework for network communication. TCP/IP compared to
the OSI model is a practical framework used in real-world
implementations while OSI model is purely theoretical.

There are 4 layers to the TCP/IP protocol suite, which are:

application, transport, internet and network access.
Application Layer

Application layer provides network services directly to apps. This

layer will choose what protocols should be used for data exchange
including encryption, compression and error handling.

There are numerous protocols for the application layer. each

handling different data.

DNS (Name System)

DHCPv4, DHCPv6, SLAAC (Host Config)
SMTP, POP3, IMAP (Email)
FTP, SFTP, TFTP (File Transfer)
HTTP, HTTPS, REST (Web and Web Service)

Transport Layer

The Transport layer is the communication process between devices.

This will manage segmentation which means breaking data into
segments and reassembly. This will also provide error recovery, flow
control, and congestion avoidance.

The key protocols for transport layer is:

TCP (Transmission Control Protocol)

 Connection-oriented. It uses a 3-way handshake: SYN, SYN-ACK,
ACK.
Synchronize -> Synchronize-Acknowledgement ->
Acknowledgement
The client initiates the connection by sending a TCP
segment that has a SYN flag of 1 that indicates a
connection request, and a random initial sequence number.
The client enters the SYN-SENT state.
The server responds to the sent TCP segment by setting
both SYN and ACK flags to 1 and its own random initial
sequence number. It also includes the acknowledgement
number which is calculated by the client's ISN + 1. When
it has done this, it will go into SYN-RECEIVED state.
Lastly, the client will send a final segment with the ACK
flag set to 1, and an acknowledgement number which is
calculated by the server's ISN + 1. Then the client's own
sequence number increments to 1001. Then both devices will
enter the ESTABLISHED state, and data transfer can now
occur between the client and the server.
Guarantees delivery via acknowledgements and re-transmissions.
Uses port numbers to identify applications.
Port 21: File Transfer Protocol (FTP)
Port 22: Secure Shell (SSH)
Port 23: Telnet
Port 25: Simple Mail Transfer Protocol (SMTP)
Port 80: Hypertext Transfer Protocol (HTTP)
Port 443: Hypertext Transfer Protocol Secure (HTTPS)
Port 110: Post Office Protocol (POP3)
Port 123: Network Time Protocol (NTP)
Port 3389: Remote Desktop Protocol (RDP)
The commands to monitor TCP connections are:
show tcp brief - This command will view active TCP
sessions
debug ip tcp - This will troubleshoot handshake issues
(use cautiously.)
UDP (User Datagram Protocol)
Connectionless, basically there is no handshake.
 By using no handshake, this will be much more faster than the
TCP, but it is unreliable as there is no acknowledgements.
But it is used for real-time traffic such as VoIP, and video
streaming.
QoS policies prioritize TCP/UDP traffic.

Internet Layer

Internet Layer handles the ip addresses and routing of data across

networks. This layer will also fragments the packets to fit MTU
(Maximum Transmission Unit) sizes.

The key protocols for this layer are IP, ICMP, ARP, Routing
protocols.

IP (Internet protocol)
IPv4 (32-bit addresses) and IPv6 (128-bit addresses)
ICMP (Internet Control Message Protocol)
This is for debugging where the packet stops, this uses ping
and traceroute.
ARP (Address Resolution Protocol)
Maps IP addresses to MAC addresses on the local network.
Routing Protocols
Routing protocols are a set of rules that allow routers to
communicate with each other to find the best path for data
packets to travel through a network.
Examples of routing protocols are: OSPF, EIGRP, BGP
Open Shortest Path First (OSPF)
It is a link-state routing protocol, it determines the
best path between network nodes. OSPF uses Dijkstra's
Algorithm which computes the shortest path tree using
link-state database (LSDB).
Used within an Autonomous System for intra-domain routing.
Intra-domain routing only works within the domain, the
opposite of this is inter-routing.
Hierarchical design using areas to scale large networks.
Link-state advertisement is a message sent by routers in
an OSPF domain to announce changes in the network.
TYPE 1 (Router LSA)
TYPE 2 (Network LSA)
 TYPE 3/4 (SUMMARY LSAs)
TYPE 5/7 (EXTERNAL LSAs)
The operations that OSPF does is:
Neighbor Discovery, LSDB Synchronization, SPF
Calculation
Neighbor discovery is when routers send Hello
packets which are multicast to 224.0.0.5 to form
adjacencies.
LSDB synch. exchanges LSAs via Database Description
(DBD)
SPF Calc. is when each router independently
computes the shortest path to all destinations.
The advantages of OSPF are namely:
Fast convergence due to triggered updates.
Hierarchical design reduces LSA flooding.
Supports VLSM (Variable-Length Subnet Masking) and
authentication (MD5/SHA).
Disadvantages are:
Complex config in large scale.
High CPU/mem usage in large LSDBs
Use cases are Enterprise Networks, ISP core networks.
Packet Tracer Config Commands
router ospf 1
network 10.0.0.0 0.255.255.255 area 0
show ip ospf neighbor
show ip ospf database
Enhanced Interior Gateway Routing Protocol (EIGRP)
EIGRP is an advanced distance-vector/hybrid protocol. This
will compute loop-free paths by tracking
successors/feasible successors.
This is for efficient intra-domain routing with fast
convergence.
EIGRP uses Diffusing update algorithm (DUAL) for loop free
paths.
Same with OSPF it uses hello packets multicast to
224.0.0.10, but it differs from the route updates as it is
for partial/bounded updates, which is only sent when
topology changes.
 EIGRP stores all routes and feasible successors in a
topology table.
EIGRP is only viable when you are using cisco-centric
enterprise networks, as it is a cisco proprietary
protocol.
Packet Tracer Config Commands
router eigrp 100
network 10.0.0.0
show ip eigrp neighbors
show ip eigrp topology
Border Gateway Protocol (BGP)
is a path-vector protocol, its purpose is for inter-domain
routing between autonomous systems on the internet. This
differs from the two routing protocols by using policy-
based routing using attributes.
The neighbor establishment of BGP is that it uses TCP port
179 for reliable sessions. Route Advertisements exchanges
UPDATE messages with NLRI, and the way it selects the best
path is by evaluating attributes in sequence.
Path attributes are:
AS_PATH - a list of Autonomous Systems traversed.
This will prevent loops
NEXT_HOP - IP of the next router
LOCAL_PREF - the preference for a route within an
autonomous system.
MULTI-EXIT DISCRIMINATOR (MED) - suggests preferred
entry point to an autonomous system.
Packet Tracer Config Commands:
router bgp 65001
neighbor 192.168.1.1 remote-as 65002
show ip bgp summary
show ip bgp neighbors

OSPF EIGRP BGP

Protocol Link-state Hybrid Path-Vector
type (Distance-
Vector)
Standard Open (RFC Cisco Open (RFC 4271)
2328) Proprietary
 OSPF EIGRP BGP
Metric Cost Composite Path Attributes
(Bandwidth- (Bandwidth + (AS_PATH)
based) delay)
Convergence Fast VERY FAST Slow
Scalability Moderate High Extreme
(hierarchical) (Enterprise) (Internet)
Use Case Enterprise Cisco Internet/Inter-
Networks Environments AS Routing

Network Access Layer (Link Layer)

Network Access Layer manages physical transmission of data over

the network medium.
Encapsulates IP packets into frames with MAC addresses.
Handles error detection (CRC) and MAC addressing.
Ethernet (IEEE 802.3) is wired LANs.
Wi-Fi (IEEE 802.11) is wireless LANs.
Point-to-Point Protocol (PPP) is WAN links.

How Data Flows Through the TCP/IP model.

1. Encapsulation:
Data starts at the application layer. HTTP request.
Transport Layer adds a TCP/UDP header
Internet Layer adds an IP Header
Network Access Layer adds a frame header and trailer.
2. Decapsulation
The receiving device reverses the process, stripping headers
layer by layer

OSI Model

Open Systems Interconnection (OSI) model is a conceptual framework

that describes how data is transmitted between devices over a
network. There is seven layers to the OSI model which are
Application -> Presentation -> Session -> Transport -> Network ->
Data Link -> Physical Layer

Application Layer
 Interfaces with user applications
Presentation Layer
Translates data into a readable format (Encryption,
Compression)
Session Layer
Managing connections between devices (Session Establishment,
Termination)
Transport Layer
Ensures end-to-end communication (TCP,UDP)
Network Layer
Handles logical addressing and routing (IP, routers)
Data Link Layer
Manages node-to-node communication (Mac Addresses, Switch)
Physical Layer
Transmits raw bits over a physical medium (Cables, Wireless
Signals)

TCP/IP Layer OSI Layer Key Difference

Application Application, TCP/IP combines these into
Presentation, Session one layer.
Transport Transport uses the same transport
layer, which uses TCP/UDP.
Internet Network TCP/IP handles routing and
logical addressing here.
Network Data Link + Physical Combines framing (Data
Access link) and physical media.

Frames and Packets

Frames are data units at the Data Link Layer (Layer 2). Frames
include source and destination MAC Addresses, error-checking data
(CRC), and the payload.

A frame is a protocol data unit (PDU) of layer 2. It encapsulates

network-layer packets for transmission over a local network segment

Header -> Payload -> Trailer

The header contains the Source and Destination MAC addresses, VLAN
tags, EtherType.

Payload contains a layer 3 packet

Trailer is for error detection (CRC) so it contains the Frame Check

Sequence (FCS)

Example:
Laptop sending data to a printer on the same LAN:
1. The IP Packet (Layer 3) is wrapped in an ethernet frame.
2. The frame uses the printer's MAC address (Learned via ARP) as the
destination.
3. The switch examines the frame's MAC address and forwards it only
to the printer's port

Packets are data units at the Network Layer (Layer 3). Packets
include source and destination IP addresses, routing information,
and the payload.

A packet is the PDU of layer 3. It contains logical addressing (IP

addresses) for end-to-end routing across networks.

Header -> Payload

Header contains the source/destination IP addresses, TTL, protocol

identifier, checksum.

Payload contains the transport-layer segment (TCP/UDP).

This is for global routing, since routers use IP addresses to

forward packets between networks.

Example:
When you load a website hosted on a remote server:
1. Your PC creates an IP packet with the destination IP.
2. Routers examine the packet's IP header, decrement TTL, and use
routing tables to forward it toward the destination network.
3. The destination server's local network uses ARP to resolve the IP
to a MAC address for frame delivery.

Work together?!?
 Frame and packets work together in Encapsulation and De-
encapsulation process.

Encapsulation Process (Outbound Traffic)

1. Application Layer: Data (e.g., HTTP request) is passed to Layer 4

(TCP/UDP).
2. Transport Layer: Adds a TCP/UDP header (creates a segment).
3. Network Layer: Adds an IP header (creates a packet).
4. Data Link Layer: Adds frame header/trailer (creates a frame).
5. Physical Layer: Converts the frame to bits for transmission.

De-encapsulation Process (Inbound Traffic)

1. The receiving device’s NIC reads the frame, verifies the FCS, and
strips the frame header/trailer.
2. The IP packet is passed to Layer 3, where the router examines the
destination IP.
3. The transport layer (TCP/UDP) processes the segment and delivers
data to the application.

Aspect Frame (Layer 2) Packet (Layer 3)

Scope Local network (LAN) End-to-end (WAN/internet)
Addressing MAC addresses IP addresses (logical)
(physical)
Devices Switches, bridges Routers, Layer 3 switches
Error FCS detects Relies on higher layers (e.g.,
Handling physical-layer TCP retransmits lost packets)
errors
Lifetime Only exists on a Persists across the entire path
single network hop

Addressing
Every device on a network needs a unique identifier so data can be
sent to the right place and responses can come back. Without
addresses, networks cannot communicate with each other.
In network architecture, addressing serves as the abstraction layer
that enables scalable, hierarchical, and deterministic
communication. It operates at two critical layers:

1. Layer 2 (Data Link): MAC addressing for local segment

communication (Ethernet frames).
2. Layer 3 (Network): IP addressing for end-to-end routing (IP
packets).

1. Hierarchical Addressing & Scalability

Problem: Flat addressing (e.g., MAC-only networks) fails at scale
due to broadcast storms and non-deterministic routing.
Solution: IP addressing introduces hierarchy via subnetting and CIDR
notation, enabling:

Aggregation: ISPs summarize routes (e.g., 2001:db8::/32 ) to reduce

BGP table size.
Efficient Routing: OSPF or EIGRP use prefix lengths to calculate
shortest paths.

Example:

10.10.0.0/16for the main campus (subnetted into /24 for

departments).
10.20.0.0/16 for a satellite campus.
This hierarchy simplifies ACLs, QoS policies, and traffic
engineering.

2. Dual-Stack Addressing (IPv4/v6) and Transition

Mechanisms
IPv4 Limitations:

Exhaustion of the 32-bit address space (4.3B addresses).

Reliance on NAT/PAT (RFC 1918) for address conservation.

IPv6 Advantages:

128-bit address space with simplified auto-configuration (SLAAC).

Built-in security (IPsec) and elimination of NAT (end-to-end
connectivity).
Real-World Hybrid Design:

Dual-Stack: Critical servers advertise both IPv4 ( 192.168.1.10 )

and IPv6 ( 2001:db8:1::10 ).
NAT64/DNS64: For backward compatibility (IPv6-only clients
accessing IPv4 resources).

3. Addressing and Network Services

DHCP (Dynamic Host Configuration Protocol)

Role: Assigns IP addresses, default gateways, and DNS servers

(RFC 2131).
Lease Process:
1. DISCOVER: Client broadcasts to locate DHCP servers.
2. OFFER: Server proposes an address from its pool.
3. REQUEST: Client accepts the offer.
4. ACK: Server confirms the lease.

Enterprise Use Case:

DHCP snooping on switches to prevent rogue servers (security).

Option 82 for relay agents in multi-subnet environments.

ARP (Address Resolution Protocol)

Resolves Layer 3 IP addresses to Layer 2 MAC addresses.

Gratuitous ARP: Used for duplicate IP detection or HA failover
(e.g., HSRP).

4. Addressing in Routing and Forwarding

Default-Free Zone (DFZ):

Internet backbone routers use BGP and ASNs (Autonomous System

Numbers) to route traffic based on IP prefixes.
Example: ASN 15169 (Google) advertises 8.8.8.0/24 to peers for
Google Public DNS.

Policy-Based Routing (PBR):

Override traditional routing tables using source/dest IP

addresses.
 Use Case: Direct VoIP traffic ( 10.10.50.0/24 ) through a low-
latency MPLS link.

5. Addressing and Security

Network Segmentation:

VLANs + Subnets: Isolate IoT devices ( 192.168.50.0/24 ) from

corporate LAN ( 172.16.0.0/22 ).
Zero Trust: Micro-segmentation using /31 subnets for critical
assets.

ACLs and Firewalls:

Permit/deny rules based on source/dest IPs (e.g., block 10.0.0.0/8

from reaching finance servers).

6. Addressing in Cloud and Virtualization

Overlay Networks:

VXLAN uses a 24-bit VNI (Virtual Network Identifier) to extend

Layer 2 segments across Layer 3 clouds.
Example: AWS VPC with 10.0.0.0/16 spans multiple availability
zones.

Elastic IPs (EIPs):

Public IPv4 addresses decoupled from instances (NAT mapping in

cloud gateways).

Why Addressing is Non-Negotiable in Network

Design
1. Determinism: Without unique addressing, routing protocols (OSPF,
BGP) cannot compute loop-free paths.
2. Abstraction: IP addresses decouple logical topology from physical
infrastructure (critical for SDN/NFV).
3. Interoperability: Standards like IEEE (MAC) and IETF (IP) ensure
cross-vendor compatibility.

Advanced Troubleshooting
 Always check for overlapping subnets
Verify VLSM Consistency
Trace ARP tables and routing protocol advertisements.

Bandwidth and Throughput

It can be said that the Bandwidth is the number of lanes in the
highway and the throughput is the number of cars going through the
highway.

Aspect Bandwidth Throughput

Definition Theoretical maximum Actual data transferred
capacity
Layer Physical (Layer 1) / End-to-end (Layers 3-4)
Data Link (Layer 2)
Determining Cable type, modulation, Latency, congestion,
Factors signal quality protocol overhead
Stability Fixed (unless hardware Variable (depends on
changes) network conditions)

Bandwidth
This is the maximum data transfer capacity of a network link,
measured in bits per second (bps).
A Gigabit Ethernet Link has a bandwidth of 1Gbps
This is fixed by the physical layer, it will be determined by the
medium and encoding schemes.

Throughput
The actual rate of successful data delivery over a network,
measured in bps
A 1Gbps link has the capacity of 1Gbps but might only reach
850 Mbps throughput due to overhead and congestion.
It is affected by protocol overhead, latency, packet loss, and
network congestion
T hroughput = W indowSize(Bytes)/RT T (Seconds)
Latency
This is the time it takes for data to travel from source to
destination (one-way delay), measured in milliseconds.

Propagation Delay: Time for a signal to travel the physical

medium
Transmission delay: Time to push a packet onto the link
Processing Delay: Time for routers/switches to process headers.
Queuing Delay: Time packets spend in router buffers during
congestion.

Delay
It is the amount of time it takes for a data packet to travel from
one point to another across a network, essentially measuring how
long it takes for information to be transmitted and received.
Commonly known as "Network Latency" where a longer delay indicates
high latency and a shorter delay indicates low latency.

Total Delay: Sum of all latency components + Round Trip Time

(RTT) (Time for data to go to destination and back).
Critical for protocols like TCP, which uses RTT to adjust
window sizes.

Latency's Impact on Throughput

High Latency Reduces Effective Throughput:
TCP requires ACKs. If RTT is high, the sender waits longer
before sending more data.
Small Files vs. Large Files:
Transferring a 1 MB file over a high-latency link (200 ms RTT)
will take longer due to TCP handshake and ACK delays.

Speedtest (e.g., Ookla)

Measures: End-to-end throughput through the public internet.
Pros: User-friendly, tests real-world ISP performance.
Cons: Influenced by external factors (server load, internet
congestion).
 Use Case: Verifying if you’re getting the bandwidth you pay for
from your ISP.

iPerf
Measures: Throughput between two endpoints on a controlled
network.
Pros:
Tests LAN/WAN performance without internet variables.
Supports TCP/UDP, parallel streams, and adjustable window
sizes.
Command Example:
Server: iperf3 -s
Client: iperf3 -c 10.0.0.1 -t 30 -P 4 # 30-second test, 4 parallel streams
Use Case: Validating network infrastructure (e.g., link capacity
between offices).

Key Difference:
Speedtest = “What’s my throughput to the internet?”
iPerf = “What’s the max throughput my network can handle
internally?”

LAN,WAN,MAN,CAN,PAN and WLAN

Network Scope Physical Topologies Use Case

Type Media
PAN Personal Bluetooth, Ad-hoc, Point- Device
(1-10m) USB to-Point pairing
(phone ↔
speaker)
LAN Single Ethernet, Star, Bus Office, home
location Wi-Fi (legacy) network
CAN Campus Fiber, Hierarchical University,
(multiple copper star, Ring corporate
bldgs) campus
MAN City-wide Fiber, Ring, Mesh Municipal
microwave services, ISP
backbone
Network Scope Physical Topologies Use Case
Type Media
WAN Global Leased Mesh, Hub-and- Enterprise
lines, Spoke branch
satellite connectivity
WLAN Wireless Radio waves Star, Mesh Home Wi-Fi,
LAN (2.4/5 GHz) public
hotspots

Local Area Network (LAN)

Scope: Small geographic area (e.g., home, office, building).
Physical Topology:
Star: Devices connect to a central switch/router (most
common).
Bus: Legacy coaxial Ethernet (rare today).
Ring: Token Ring (obsolete, replaced by Ethernet).
Logical Topology:
Logical Bus: Ethernet uses CSMA/CD for media access.
VLANs: Segments traffic logically (e.g., separating HR and
IT).
Technologies: Ethernet (IEEE 802.3), Wi-Fi (via WLAN).
Example: Office network with wired PCs and a core switch.

Wide Area Network (WAN)

Scope: Spans large geographic regions (e.g., countries,
continents).
Physical Topology:
Mesh: Multiple paths between routers for redundancy.
Point-to-Point: Leased lines (e.g., T1, fiber).
Logical Topology:
Mesh: BGP/OSPF for dynamic routing.
Hub-and-Spoke: Central HQ with branch offices (common in
VPNs).
Technologies: MPLS, SD-WAN, VPNs, leased lines.
Example: A multinational corporation connecting offices via
encrypted VPN tunnels over the internet.
Metropolitan Area Network (MAN)
Scope: Covers a city or metropolitan area (e.g., university
campuses, city services).
Physical Topology:
Ring: Fiber-optic rings (e.g., FDDI).
Mesh: Fiber or microwave links between key nodes.
Logical Topology:
Distributed Core: Connects multiple LANs across the city.
Technologies: Dark fiber, DWDM, microwave radio.
Example: A city-wide network linking hospitals, schools, and
government buildings.

Campus Area Network (CAN)

Scope: Connects multiple buildings within a campus (e.g.,
university, corporate park).
Physical Topology:
Hierarchical Star: Fiber backbone linking building switches.
Ring: Redundant fiber paths between buildings.
Logical Topology:
VLANs: Segments by department (e.g., engineering vs. admin).
Layer 3 Routing: OSPF/EIGRP between buildings.
Technologies: Fiber-optic cabling, Layer 3 switches.
Example: A university campus with dorms, labs, and libraries
interconnected.

Personal Area Network (PAN)

Scope: Extremely short range (1-10 meters) around an individual.
Physical Topology:
Point-to-Point: USB, Bluetooth.
Star: Smartphone as a hotspot.
Logical Topology:
Ad-hoc: Devices communicate directly (e.g., Bluetooth
piconet).
Technologies: Bluetooth (IEEE 802.15.1), Zigbee, NFC.
Example: Wireless headphones paired with a smartphone.
Wireless Local Area Network (WLAN)
Scope: Wireless LAN within a limited area (e.g., home, café).
Physical Topology:
Star: Devices connect to a central access point (AP).
Mesh: Multiple APs for coverage (e.g., enterprise Wi-Fi).
Logical Topology:
CSMA/CA: Wi-Fi’s collision avoidance mechanism.
SSIDs/VLANs: Multiple networks on the same AP (e.g., guest vs.
staff).
Technologies: Wi-Fi (IEEE 802.11 a/b/g/n/ac/ax), WPA3 encryption.
Example: Coffee shop offering guest Wi-Fi with a captive portal.

Cloud and on-premises applications and

services

Aspect On-Premises Public Private Hybrid Cloud

Cloud Cloud
Cost Model High OpEx (pay- High CapEx Mix of CapEx +
CapEx, per-use) or hosted OpEx
fixed OpEx OpEx
Scalability Limited by Instant, Limited by Burst to
hardware elastic private public cloud
capacity
Control Full Shared Full (if Varies by
(customer on-prem) workload
+ vendor)
Maintenance In-house Managed by In-house Mixed
IT team provider or vendor responsibility
Use Case Legacy Scalable Regulated Disaster
apps, web apps industries recovery,
compliance agility

On-Premises Infrastructure
When the hardware and software is hosted locally, managed entirely
by the organization.
- Has high Capital Expenditure (CapEx) upfront costs for servers,
storage, and networking gear, but the company will have complete
ownership of the security, compliance and architecture.
- The IT staff of the company will be handling updates, patches, and
hardware replacements. Scalability is only when you are being
limited by physical capacity; requires procurement lead time.

Cloud Computing Models

Definition: Cloud computing models are ways to deliver applications
and services over the internet. They allow users to access software
without having to install, maintain, or update it.

Public Cloud
Definition: Shared, multi-tenant infrastructure hosted by third-
party providers (AWS, Azure, Google Cloud).

Compared to on-premises infrastructure, public cloud is pay-as-

you-go pricing (sometimes depend on per-hour VM usage).
Auto-scaling to handle traffic spikes.
Provider secures the infrastructure; customer secures data/apps.

Private Cloud
Definition: Dedicated cloud infrastructure (on-premises or hosted)
for a single organization.

Ideal for regulated industries with strict data residency.

Often integrated with public cloud for burst capacity.

Hybrid Cloud
Definition: Combines public cloud, private cloud, and on-premises
systems.

Run sensitive workloads on-premises and bursty loads in the

cloud.
Tools like Azure Arc or Google Anthos for cross-environment
orchestration.

Cloud Service Models

Definition: Different ways of delivering cloud computing services
over the internet.

Software as a Service (SaaS)

Definition: Fully managed applications delivered over the internet.

The user will give data and user access.

The provider will take care of the app, runtime, OS, and
infrastructure.
For example Microsoft 365 for remote collaboration.

Platform as a Service (PaaS)

Definition: Cloud-based environments for developing, testing, and

deploying apps.

The user will give the code, data, and app configuration.
While the provider will take care of the runtime, OS, servers,
and storage.
An example is Google app engine deploying python/node.js apps
without managing servers.

Infrastructure as a Service (IaaS)

Definition: Virtualized compute,storage and networking resources.

The user will provide the OS, middleware, apps, and data.
While the provider will take care of the hypervisors and physical
hardware.
An example is: AWS EC2 for hosting custom Linux VMs with full
root access.

Remote/Hybrid Work Implications

Cloud Advantages
Accessibility: Access SaaS apps (e.g., Salesforce) or PaaS tools
from any location.
Collaboration: Real-time tools like Google Workspace or Microsoft
Teams.
 Zero Trust Security: Cloud-native solutions (Okta, Azure AD) for
secure remote access.

On-Premises Challenges
VPN Dependency: Remote workers rely on VPNs to access on-prem
apps (latency issues).
Scalability Limits: Struggles with sudden demand spikes (e.g.,
remote desktop gateway overload).

Common Network Applications and

Protocols
Describe common network applications and protocols (TCP vs. UDP,
FTP, SFTP, TFTP, HTTP, HTTPS, DHCP, DNS, ICMP, NTP).

Protocol Layer Reliability Encryption Use Case

TCP Transport Reliable Optional Web, email, file
(TLS) transfer
UDP Transport Unreliable No Streaming,
gaming, VoIP
FTP Application Reliable No Legacy file
sharing
SFTP Application Reliable Yes Secure file
transfer
TFTP Application Unreliable No Firmware updates
HTTP Application Reliable No Non-secure web
browsing
HTTPS Application Reliable Yes Secure web
browsing
DHCP Application Unreliable No Automatic IP
assignment
DNS Application Unreliable Optional Domain name
(DoH) resolution
ICMP Network Unreliable No Network
diagnostics
NTP Application Reliable Optional Time
(NTS) synchronization
Transport Layer Protocols
Transport layer protocols provide a way to transmit data packets
from one network node to another. They provide streaming video,
navigating the internet, and executing transactions. TCP and UDP are
both transport layer protocols that send data over the internet.

User Datagram Protocol (UDP)

Faster, and connection-less communication. This does not need a
three way handshake or any communication from the client and server,
hence being more faster as sending acknowledgement tends to slow
down the process.

Features of UDP:

Low Overhead - No error recovery or re-transmission

No Ordering - Packets may arrive out of sequence.

UDP is typically used for video streaming, VoIP, DNS queries, and
online gaming. By using UDP you are prioritizing speed over quality.

Transmission Control Protocol (TCP)

Connection-oriented communication as it needs a three way handshake.
But it is more reliable than UDP, since you know that the server
reaches your hello.

Features of TCP:

Error Checking - Retransmits lost packets.

Flow Control - Adjusts data rate based on reciever's capacity.
Ordering - Ensures packets arrive in sequence.

TCP is typically used for web browsing, email, and file transfers.
By using TCP it ensures all data arrive intact.

File Transfer Protocols

File Transfer Protocols is a set of rules that computers use to
communicate and exchange files between each other across a network,
allowing users to upload or download files from a server,
essentially enabling the transfer of data between different devices
on a network.

File Transfer Protocol (FTP)

FTP is for transferring files between client and server.

Port: 21 (Control), 20 (Data)

Features:
Needs to provide username and password for authentication
Data is sent in plain-text (insecure), does not provide
encryption.

SSH File Transfer Protocol (SFTP)

SFTP is a much more secure version of FTP as it uses SSH.

Port: 22
Features:
Data is encrypted before sending it in transit.
Compared to FTP which uses only username and password, SFTP
uses SSH keys or passwords.

Trivial File Transfer Protocol (TFTP)

TFTP is a lightweight version of FTP as it uses UDP instead of TCP.

Port: 69
Features:
There is no authentication since this version of FTP will only
prioritize the speed of transfer.
It uses UDP instead of TCP, so it is fast but unreliable.

Web Protocols
Web protocols are network protocols that enable the transmission of
data over the internet.

Hypertext Transfer Protocol

HTTP fetches web resources in the internet.

Port: 80
 Features:
Each request is independent.
There is no encryption when using HTTP, prone to M-i-M attacks
and eavesdropping.

Hypertext Transfer Protocol Secure

A secure version of HTTP that provides encrypted web communication.

Port: 443
Features:
Encrypts data using TLS/SSL, so it protects data integrity and
confidentiality.
The server identifies the user via certificates which provides
authentication.

Network Management Protocols

Network Management Protocols are a set of rules that govern and
maintain a computer network. These protocols help ensure that a
network is running smoothly and securely.

Dynamic Host Configuration Protocol (DHCP)

DHCP automatically assigns IP address to devices, you can have
DHCPv6 and DHCPv4.

Port: 67 (server), 68 (client)

Process: Discover -> Offer -> Request -> Acknowledge
Client broadcasts for a DHCP server
Server proposes an IP address
Client accepts the offer.
Server confirms the lease.

Domain Name System (DNS)

DNS resolves human-readable domain names to IP addresses.

Port: 53
Process: Recursive Query -> Iterative Query
Client asks DNS server to resolve a name.
 DNS server queries root/TLD servers if needed.

Internet Control Message Protocol (ICMP)

ICMP is for diagnosing networks and error reporting, typically used
when tracking dropped packets.

Features:
By using PING you will be able to test connectivity
You can map out the path to a end device by using TRACEROUTE

Network Time Protocol (NTP)

NTP is for synchronizing device clocks over a network.

Port: 123
Features:
Hierarchy of time sources (Stratum 1 = atomic clock)
Critical for auditing. Used for logging, authentication and
financial transactions.