IT Infrastructure

Key devices in IT infrastructure include:

1. Routers: Direct data traffic between networks, including the internet and internal systems.
2. Switches: Connect multiple devices within a local area network (LAN), allowing them to communicate efficiently.
3. Firewalls: Protect the network by controlling incoming and outgoing traffic based on security rules.
4. Servers: Provide various services such as hosting applications, databases, and file storage.
5. Access Points: Extend wireless network coverage and enable devices to connect wirelessly.
6. Network Attached Storage (NAS): Provide centralized storage that can be accessed over the network.
7. Uninterruptible Power Supplies (UPS): Offer backup power and protection against power surges or outages.
8. Switches and Hubs: Facilitate connectivity between multiple devices within a network.

These devices work together to ensure efficient, reliable, and secure IT operations.

Routers

A router directs network data by managing packets, which include files, communications, and web interactions. Each packet contains layers of information, including the sender, data type, size, and crucially, the destination IP address. The router reads this information, prioritizes the data, and selects the most efficient route for each packet to reach its destination.

Routers are essential for modern business operations, connecting employees to both local networks and the Internet, enabling collaboration, communication, and information access. They also enhance security with built-in firewalls and content filters to protect against unwanted content and malicious sites. Additionally, routers can connect hard drives and printers, allowing file sharing and networked printing capabilities.

Core Router: Used by service and cloud providers, core routers offer high bandwidth and connect multiple routers or switches. They’re typically used in large enterprises or data centers, not small businesses.

Edge Router: Also known as a gateway, this router connects a network to external networks like the Internet. It focuses on bandwidth and connecting other routers but usually lacks Wi-Fi and extensive local network management capabilities.

Distribution Router: Receives data from edge routers and distributes it to end users, typically offering both Wi-Fi and Ethernet connections. It serves as a bridge within a network.

Wireless Router: Combines edge and distribution router functions, providing both Internet access and local network connectivity. Common in homes and small businesses, they offer Wi-Fi and are often supplied by Internet service providers.

Virtual Router: Software-based routers that provide routing functions in the cloud. Ideal for large businesses, they offer flexibility, scalability, and reduced local hardware management.

Connectivity: Check for various ports (phone, Ethernet, cable, USB) to ensure compatibility with your devices. Unused ports are beneficial for future network expansion.

Bandwidth: Adequate bandwidth is crucial for performance, especially with multiple users. Insufficient bandwidth can cause network bottlenecks, so be prepared to add routers or hubs as needed.

Wireless Capability: Wi-Fi is essential, and the latest Wi-Fi 6 (802.11ax) offers faster speeds and better performance with multiple devices. It is backward-compatible with older Wi-Fi standards.

Simplified Setup and Management: Many routers feature a browser-based interface or mobile app for easy setup and management.

Security: Look for WPA or WPA2 encryption, firewall protection, and MAC address filtering to secure your network from unauthorized access and threats.

Flexibility: Routers with Power over Ethernet (PoE) ports provide both data and power to devices like access points and IP cameras, simplifying cabling.

Automatic Updates: Choose routers with automatic software updates for ongoing performance and security improvements.

User Changeable Configurations: Manage network settings, guest access, and security easily through an app or web interface.

Guest Networks: Create separate guest networks to provide Wi-Fi access while keeping your business network secure from visitors.

Quality of Service (QoS) Controls: Allows you to prioritize bandwidth for different uses and users, enhancing network performance and security.

Mesh Networks: Unlike Wi-Fi extenders, mesh networks provide seamless coverage across multiple access points on a single network, avoiding the issues of incompatible or overlapping signals.

Switches

Modular Switches: These switches allow for expansion and customization by adding modules for different functions like firewalls, wireless connectivity, or extra interfaces. They offer high flexibility and scalability but come at a higher cost.

Fixed-Configuration Switches: These have a set number of ports and are generally not expandable, making them more affordable. They include:

  • Unmanaged Switches: Simple, plug-and-play devices that provide basic connectivity without the need for configuration. Suitable for small setups like home networks or desks.

  • Smart Switches: Offer basic management features, quality of service, and security. They are a cost-effective alternative to modular switches but are less scalable. Ideal for smaller or edge networks.

  • Managed Switches: Provide advanced features such as detailed control, security, and scalability. They are used in larger networks for aggregation or core functions and are the most expensive fixed-configuration option.

Switch Speeds: Switches vary in data transmission rates, from Fast Ethernet (10/100 Mbps) to Gigabit Ethernet (10/100/1000 Mbps), and higher speeds like Ten Gigabit (10/100/1000/10000 Mbps) or even 40/100 Gbps. Choose a switch speed based on your data throughput needs; Gigabit Ethernet is suitable for handling large files.

Number of Ports: Switches come with various port counts, such as 5, 8, 10, 16, 24, 28, 48, or 52 ports. Select a switch with enough ports to accommodate your current and future network needs.

Power over Ethernet (PoE): PoE enables you to power devices like IP phones and cameras through the same cable used for data. This simplifies installation in hard-to-reach locations but comes at a higher cost. Consider PoE if you need to power multiple devices.

Stackable vs. Standalone Switches: Standalone switches operate independently and are suited for smaller setups, but can be limited in capacity and troubleshooting. Stackable switches can be interconnected to expand capacity and manage them as a single unit, improving network scalability and fault tolerance.

Firewalls

  • A firewall is a network security device that oversees and regulates incoming and outgoing traffic based on a set of security rules, determining whether to allow or block specific data.
  • For over 25 years, firewalls have served as a crucial defense mechanism, creating a barrier between trusted internal networks and untrusted external networks like the Internet.
  • Firewalls can be implemented as hardware, software, software-as-a-service (SaaS), or in public and private cloud environments.

Proxy Firewall: Acts as an intermediary between networks for specific applications, providing added security and content caching but potentially impacting performance.

Stateful Inspection Firewall: Monitors and filters traffic based on state, port, and protocol, tracking connections throughout their lifecycle to make decisions based on rules and context.

Unified Threat Management (UTM) Firewall: Combines stateful inspection with features like intrusion prevention and antivirus for simplified management and added protection.

Next-Generation Firewall (NGFW): Offers advanced features beyond basic filtering, including intelligence-based access control, integrated intrusion prevention, application awareness, and URL filtering to tackle modern threats.

Threat-Focused NGFW: Builds on NGFW capabilities with advanced threat detection, intelligent security automation, network and endpoint correlation, and retrospective security for enhanced protection and management.

Virtual Firewall: Deployed as a virtual appliance in private or public clouds, securing both physical and virtual networks, often used in software-defined networks (SDN).

Cloud Native Firewall: Provides scalable, agile security for cloud environments with features like automated scaling, multi-tenant capability, and smart load balancing.

Servers

A server is a hardware device or software that processes and responds to requests from clients over a network. In the client-server model, the server provides various services, such as sharing data or performing computations, to multiple clients. A single server can handle requests from multiple clients, and a single client can interact with multiple servers.

  • To function as a server, a device must be set up to listen for and respond to client requests over a network. This can be achieved through built-in operating system features or additional applications. For instance, Microsoft Windows Server can handle various client requests based on its installed roles or services, while Apache can manage web requests on top of an operating system.
  • When a client requests data or functionality, the server processes this request, often performing additional tasks such as verifying the client’s identity, checking permissions, and formatting the response. This process follows the client-server model, also known as the request-response model.

1. Application Server: Hosts web applications, allowing users to access and run them via a web browser without needing local installations.

2. Catalog Server: Maintains indexes or directories of information across a network, such as directory servers or name servers, helping clients locate data or resources.

3. Communication Server: Facilitates communication between endpoints, possibly including directory and presence services, for various communication tools.

4. Computing Server: Provides substantial computing resources like CPU and RAM over a network to programs needing more power than a personal computer.

5. Database Server: Manages and shares databases over a network, supporting applications that require organized, large-scale data.

6. Fax Server: Shares fax machines over a network, allowing remote sending and receiving of faxes.

7. File Server: Shares files, folders, and storage space over a network, serving networked computers.

8. Game Server: Enables multiplayer gaming by connecting multiple computers or gaming devices.

9. Mail Server: Handles email communication, similar to a post office, for sending and receiving emails.

10. Print Server: Shares printers over a network, allowing multiple computers to access them for printing tasks.

11. Proxy Server: Acts as an intermediary between clients and servers, handling requests for content control, performance improvement, and security.

12. Web Server: Hosts and serves web pages, making the World Wide Web accessible to users with web browsers.

Access Point

A wireless access point (WAP) is a device that connects wireless devices to a wired network, simplifying network setup and reducing the need for cables.

Root Access Point: Connects directly to a wired LAN, allowing wireless users to roam seamlessly between areas covered by multiple access points.

Repeater Access Point: Extends the range of the network by forwarding traffic between wireless users and the wired network, improving coverage and overcoming obstacles.

Bridges: Configured as root or non-root bridges to connect multiple networks wirelessly, passing traffic between wireless and wired networks.

Workgroup Bridge: Connects Ethernet devices to a wireless network by associating with another access point, useful for integrating wired devices into a wireless network.

Central Unit in an All-Wireless Network: Acts as a standalone hub in a fully wireless network, linking all devices without being attached to a wired LAN.

Network Attached Storage

Network-attached storage (NAS) is a dedicated file storage device that provides continuous access to data over a network. It specializes in handling data storage and file-sharing requests, offering fast, secure, and reliable storage for networked computers.

Network-attached storage (NAS) is used for various purposes, including:

  • File storage and sharing
  • Data backup and disaster recovery
  • Hosting virtual desktop infrastructure
  • Testing and developing web applications
  • Streaming media files
  • Storing frequently accessed images and videos
  • Creating an internal printing repository

For example, a media company uses NAS to store and manage large volumes of images, allowing employees to access and edit them efficiently over the company network without relying on cloud storage.

  • Physical Storage Drives: Typically housing two to five hard drives, which are organized in RAID for redundancy and performance.
  • Central Processing Unit (CPU): Manages the file system, handles data processing, and supports multiple users.
  • Operating System: Software that interfaces between the hardware and users; more complex NAS devices have dedicated operating systems.
  • Networking Interface: Connects the NAS to the network via Ethernet or Wi-Fi, and often includes USB ports for additional connectivity.
NAS (Network-Attached Storage) supports three main storage methodologies:

  1. File Storage: Stores data in files organized into folders and directories. It is a common and straightforward method for managing files.

  2. Block Storage: Divides files into smaller blocks, each stored separately with a unique address. This method offers faster access by reassembling blocks rather than navigating through directories.

  3. Object Storage: Stores data as discrete objects with metadata and a unique identifier. This method is ideal for unstructured data like emails, videos, and IoT sensor data.

File storage is often used for local file sharing, block storage suits high-performance applications, and object storage is best for managing large amounts of unstructured data.

NAS (Network-Attached Storage) integrates hardware, software, and protocols to enable file sharing over a network. It allows any computer on the network to access files on the NAS as if they were stored locally.

Communication Protocols:

  • Internet Protocol (IP): Determines the address to send file data.
  • Transmission Control Protocol (TCP): Breaks data into packets, delivers them across the network, and ensures they are reassembled correctly.

File Formatting Protocols:

  • Network File System (NFS): Used by Linux and UNIX systems to ensure compatibility across different hardware and network setups.
  • Server Message Blocks (SMB): Commonly used by Microsoft Windows for file access.
  • Apple Filing Protocol (AFP): Designed for Apple devices running macOS, allowing seamless integration with NAS.
  1. Server-Based NAS
    Server-based NAS devices are used for on-premises file storage and come in various forms, such as desktop units or rack-mounted units. They are managed and configured over a network.

  2. Scale-Up NAS
    Scale-up NAS systems have storage drives managed by controllers. To increase storage capacity, additional drives are added. However, these systems have performance and capacity limits, and reaching these limits necessitates purchasing a new unit, leading to multiple independent storage silos and increased management complexity.

  3. Scale-Out NAS
    Scale-out NAS devices consist of server groups with controllers and drives that work together as a single logical unit. They allow for linear scaling, meaning performance and capacity increase smoothly as additional units are added, reducing management complexity compared to scale-up NAS.

Uninterruptible Power Supply

  • An uninterruptible power supply (UPS) is a device that allows a computer to keep running for at least a short time when incoming power is interrupted. Provided utility power is flowing, it also replenishes and maintains energy storage.
  • A UPS protects equipment from damage in the event of a power failure. It is used in any situation where electrical equipment is sensitive to power loss or issues with power quality, for example, if a system experiences unsafe changes in voltage output. UPSes are typically used in settings pertaining to computer systems, data servers or industrial devices, or in settings with mission-critical equipment, such as medical and laboratory systems.
  • Energy can be stored in different ways. Rechargeable batteries are the most common. For simplicity, the examples and illustrations here are based on that technology. However, kinetic energy can also be stored in heavy, rotating flywheels or energy can be stored as fuel.
  • The more energy stored, the longer backup power can be maintained, with practical limitations that will be discussed later. The differences among UPS systems lie in the technology that enables them to do their jobs.

A UPS (uninterruptible power supply) consists of several key components:

  • Rectifier/Charger: Converts alternating current (AC) to direct current (DC) and either charges the battery or supplies the inverter.
  • Inverter: Converts DC back into AC for use by connected devices.
  • Batteries: Common types include lithium-ion, lead-acid (VRLA or flooded), or nickel-cadmium.
  • Static and Maintenance Bypass: Provides an alternative power path in case of UPS failure or overload.
  • Control Unit: Manages UPS functions, including monitoring status, switching power sources, and regulating output.

The UPS is plugged into an AC outlet and automatically activates during power issues, such as outages, voltage drops, surges, or frequency variations. It quickly switches to battery power to prevent damage to connected equipment. The battery provides emergency power until the UPS is either replaced by a generator or devices are safely shut down. Depending on its size, a UPS can support anything from a single computer to a whole data center, with backup power lasting from a few minutes to several hours.

  1. Double-Conversion (Full-Time) UPS:
    • Converts AC to DC to charge batteries, then back to AC to supply power, ensuring constant clean power. It isolates output from input voltage and frequency variations.

  3. Line-Interactive UPS:

    • Maintains the same output frequency as input and uses a smaller rectifier to handle voltage sags and surges. It switches to battery power only when needed, improving efficiency compared to double-conversion models.

  4. Standby UPS:

    • Delivers power directly to devices and switches to battery and inverter only during power failures. It provides basic protection with a short switching delay when power goes out.

  5. Eco Mode (Economy Mode) UPS:

    • Operates in bypass mode to improve efficiency and save energy. It switches back to full UPS operation when power issues are detected.

Each UPS type offers different levels of protection and efficiency, suited to various needs from basic backup to high-performance systems.

Switches and Hubs

A hub is a network device that broadcasts signals to all ports except the one from which the signal was received. It operates at the Physical layer and does not filter packets. There are two types of hubs:

  • Active Hub: Boosts and retransmits signals to extend the network.
  • Passive Hub: Simply connects cables without amplifying signals.

Also referred to as a repeater, a hub sends data to all ports except the source port. It does not handle higher-layer processing or communication.

  • A switch is a network hardware device that connects and manages communication between network devices like computers and servers. It ensures that multiple devices can share the network without their traffic interfering with one another.
  • When a data packet arrives at a switch port, the switch acts like a traffic cop, determining the packet’s destination and forwarding it through the appropriate port.
  • Packets may come from devices directly connected to the switch, such as computers or VoIP phones, or from devices connected through other network elements like hubs or routers.
  • The switch maintains a record of connected devices, allowing it to send packets directly between them. For packets destined for other networks, the switch forwards them to a router, which then directs them to their final destination.
  • Before switches, network hubs were commonly used to connect multiple devices through a single port. When a hub received a data packet, it broadcasted copies of the packet to every device connected to it. This approach often led to traffic congestion and security issues, as all devices received the same data, regardless of whether it was intended for them.
  • Switches, on the other hand, address these problems by maintaining tables of MAC addresses for connected devices. When a switch receives a packet, it checks this table to determine the packet’s destination and forwards it only to the specific device it is intended for. This targeted approach reduces network traffic and enhances security.