DEV Community

Cover image for My Journey to Becoming a Cloud Engineer — Week One
Shubham Murti
Shubham Murti

Posted on • Edited on

My Journey to Becoming a Cloud Engineer — Week One

Hello Medium Community! 🌟

I’m excited to share that I have embarked on a journey to become a Cloud Engineer. Each week, I’ll be posting updates about what I’ve learned and any insights or interesting challenges I’ve encountered. Here’s a recap of my first week:

Introduction To Network Devices

In this week’s lesson, I delved into the fundamental network devices that form the backbone of modern communication infrastructures. These devices are essential for enabling and managing data transfer within and between networks. Here’s a breakdown of what I learned:

Layer 1 Devices:

Analog Modem:

Analog modems are used to facilitate communication over analog telephone lines. They work by converting digital data from a computer into analog signals that can be transmitted over these lines. At the receiving end, another modem demodulates the analog signals back into digital data. This process allows computers to communicate over traditional phone lines, which is particularly useful in areas without modern digital infrastructure.

Hub:

Hubs operate at the physical layer (Layer 1) of the OSI model. They are basic networking devices that connect multiple Ethernet devices, making them act as a single network segment. When a data packet arrives at one port of the hub, it is copied to all other ports, making all connected devices see the packet. However, this can lead to network inefficiencies because it can cause data collisions and unnecessary traffic on the network.

Layer 2 Devices:

Switch:

Switches operate at the data link layer (Layer 2) of the OSI model. Unlike hubs, switches forward data packets only to the specific device that is the intended recipient, based on the MAC address of each device. This targeted forwarding significantly reduces data collisions and improves overall network efficiency. Switches are fundamental in creating local area networks (LANs) where multiple devices need to communicate with each other.

Wireless Access Point (WAP):

WAPs enable wireless communication over networks by connecting wireless devices to a wired network. They serve as a bridge between the wired network and wireless devices, allowing devices such as smartphones, tablets, and laptops to connect to the network wirelessly. WAPs are essential for creating wireless local area networks (WLANs), providing the convenience of wireless connectivity while maintaining access to the resources of the wired network.

Layer 3 Devices:

Router:

Routers operate at the network layer (Layer 3) of the OSI model. They are responsible for forwarding data packets between different networks. Routers use IP addresses to determine the best path for data to travel from its source to its destination. This path determination is known as routing, and it is crucial for the efficient and reliable delivery of data across interconnected networks, such as the internet.

Multilayer Switch:

Multilayer switches combine the functionalities of Layer 2 switches and Layer 3 routers. They can perform both high-speed switching within a network and routing between different networks. This dual capability makes multilayer switches versatile and efficient, as they can handle a wide range of networking tasks, reducing the need for separate devices for switching and routing.

Security Devices:

Firewall:

Firewalls are essential for network security. They filter incoming and outgoing network traffic based on predefined security rules. By blocking unauthorized access and potential threats, firewalls protect the network from various cyber threats, such as hackers and malware. Firewalls can be hardware-based, software-based, or a combination of both.

1. Stateful Firewall: Tracks the state of active connections and makes decisions based on the context of traffic (e.g., whether a connection is part of an established session).

  • Pros: More secure and efficient with complex traffic.
  • Cons: Can be resource-intensive and less flexible.

2. Stateless Firewall: Makes decisions based on predefined rules without considering the state of connections.

  • Pros: Simpler and faster.
  • Cons: Less secure as it does not track connection states.

Intrusion Detection System (IDS):
IDS devices monitor network traffic for suspicious activities or known threats. They analyze data packets passing through the network to detect any malicious activities or policy violations. When a potential threat is identified, the IDS generates an alert to notify network administrators, allowing them to take appropriate action to mitigate the threat.

Network IDS (NIDS): Monitors network traffic across various segments to detect malicious activity and policy violations. NIDS sensors are placed at strategic points within the network (e.g., at the perimeter or internal network segments). They capture and analyze network packets for signs of suspicious behavior or known attack patterns.

  • Strengths:
    Provides a comprehensive view of network-wide activities.
    Can detect attacks that span multiple devices or segments

  • Limitations:
    May struggle with encrypted traffic unless decryption is enabled.
    Can generate false positives if network traffic patterns are not well understood.

2. Host IDS (HIDS): Monitors individual devices or hosts (such as servers, workstations) to detect malicious activities and policy violations at the endpoint level. HIDS agents are installed on each monitored host, collecting data such as file changes, system logs, and process activity. This data is analyzed to detect abnormal behavior or signs of compromise.

  • Strengths:
    Provides detailed visibility into specific host activities.
    Can detect local attacks that might not be visible to NIDS.

  • Limitations:
    Requires deployment and maintenance on each host.
    Can be bypassed by attackers who have sufficient access to the host.
    IDS Detection Techniques
    IDS systems use various techniques to identify potential threats. Here’s a detailed look at the most common techniques:

Signature-Based Detection: Detects known threats by comparing network or host activity against a database of predefined patterns or signatures of known attacks. Signature-based IDS systems have a library of attack signatures. When network packets or host activities match a signature, an alert is generated.

  • Pros:
    Highly effective at detecting known threats with high accuracy.
    Low rate of false positives when signatures are correctly defined.

  • Cons:
    Ineffective against new, unknown threats (zero-day attacks) not covered by existing signatures.
    Requires regular updates to the signature database to remain effective.

Behavior-Based Detection: Detects abnormal behavior by establishing a baseline of normal activities and identifying deviations from this baseline. Behavior-based IDS systems create a model of normal behavior patterns for network traffic or host activities. If an activity deviates significantly from the established baseline, an alert is triggered.

  • Pros:
    Can detect previously unknown threats by identifying unusual behavior patterns.
    Reduces reliance on known attack signatures.

  • Cons:
    May generate false positives if baseline behavior is not accurately established or if legitimate changes in behavior occur.
    Can be complex to configure and maintain.

Anomaly-Based Detection: Identifies anomalies by monitoring and flagging activities that deviate from a predefined baseline of normal behavior. Anomaly-based IDS systems continuously monitor network or host activities and compare them against a historical baseline. Significant deviations from this baseline trigger alerts.

  • Pros:
    Effective at detecting novel or unknown threats that do not have signatures.
    Can identify unusual patterns or behaviors that might indicate an attack.

  • Cons:
    Higher potential for false positives compared to signature-based detection.
    Requires ongoing tuning and adjustment to account for changes in normal behavior.

Policy-Based Detection: Monitors activities against predefined security policies and rules to ensure compliance and detect violations. Policy-based IDS systems enforce and monitor compliance with security policies or configurations. Alerts are generated when activities violate these policies or rules.

  • Pros:
    Provides targeted detection based on specific organizational policies and compliance requirements.
    Can be customized to fit the security needs of the organization.

  • Cons:
    May miss threats not covered by the policies or rules.
    Requires regular updates to policies and rules to address evolving security threats.

Intrusion Prevention System (IPS):
IPS devices not only detect potential threats but also take proactive measures to prevent them. When an IPS identifies malicious traffic, it can automatically block or reject the traffic to prevent it from causing harm to the network. This proactive approach helps in maintaining a secure network environment by addressing threats in real-time.

Optimization and Performance Devices:

Load Balancer:
Load balancers distribute incoming network traffic across multiple servers to ensure no single server becomes overwhelmed. By balancing the load, they optimize resource utilization, improve response times, and ensure high availability of applications and services. Load balancers are critical for maintaining the performance and reliability of large-scale web applications and services.

Proxy Server:
Proxy servers act as intermediaries between clients and servers. They perform various functions, such as caching content to improve load times, anonymizing client requests to enhance privacy, and filtering content based on organizational policies. Proxies can improve both performance and security in a network by handling requests on behalf of the server and providing an additional layer of control.

Closure

Understanding these network devices is fundamental to building a robust and efficient network infrastructure. Each device plays a specific role in managing and securing data as it travels across the network. This knowledge lays the groundwork for more advanced topics in networking and cloud engineering.

Thanks for following along on my journey! Feel free to share any tips or resources that you think might be helpful. 😊

Stay tuned for more updates next week!

Shubham Murti — Aspiring Cloud Security Engineer | Weekly Cloud Learning !!

Let’s connect: Linkdin, Twitter, Github

Top comments (0)