Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:05,380 --> 00:00:08,090 What devices do we have here. 2 00:00:08,110 --> 00:00:11,160 This is a writer. 3 00:00:11,350 --> 00:00:13,660 This is a Cisco 43 21 rotor. 4 00:00:13,720 --> 00:00:19,570 I've chosen this road specifically why purchase this right specifically because it's available in Packet 5 00:00:19,570 --> 00:00:20,800 Tracer. 6 00:00:20,800 --> 00:00:29,550 This is a Cisco 35 66 switch again 35 60 switches are available in Packet Tracer. 7 00:00:29,560 --> 00:00:32,950 You don't need to spend money buying all these devices. 8 00:00:32,950 --> 00:00:34,160 I've done that for you. 9 00:00:34,210 --> 00:00:37,270 Now obviously if you want to you could buy physical equipment. 10 00:00:37,330 --> 00:00:43,150 It's nice in some ways to work with physical equipment but for the CCMA you don't have to use physical 11 00:00:43,150 --> 00:00:44,550 equipment if you can afford it. 12 00:00:44,650 --> 00:00:50,650 Just use packet tracer and I'll show you in a moment when I boot up this rider and the switch and compare 13 00:00:50,650 --> 00:00:53,620 it to Packet Tracer you'll see it's very very similar. 14 00:00:53,650 --> 00:00:57,370 This is an example of a 29 60 switch. 15 00:00:57,490 --> 00:01:00,220 What I like about these switches is they families. 16 00:01:00,220 --> 00:01:06,700 So I have them on my desk here and it doesn't make a lot of noise and mess up the recordings but here 17 00:01:06,700 --> 00:01:08,350 we've got two interesting devices. 18 00:01:08,350 --> 00:01:12,200 They look very similar very similar to each other. 19 00:01:12,790 --> 00:01:22,600 But what you'll notice and these are older devices is this is a Cisco AC 55 of 5 This is called a firewall 20 00:01:22,900 --> 00:01:29,950 firewalls allow us to stop bad people getting into our network so we can restrict who can access our 21 00:01:29,950 --> 00:01:31,150 network. 22 00:01:31,150 --> 00:01:36,050 They use what are called firewall rules to permit or deny traffic. 23 00:01:36,130 --> 00:01:41,080 This is a small little firewall typically used again in a small business. 24 00:01:41,080 --> 00:01:46,890 The idea here is we can connect a bunch of devices directly to the firewall so it's acting like a switch. 25 00:01:46,900 --> 00:01:53,000 In some ways but I could specify what's called the outside interface and the inside interface. 26 00:01:53,050 --> 00:01:57,730 And I do not allow or this firewall does not allow traffic from the outside interface to the inside 27 00:01:57,730 --> 00:02:04,180 interface unless you explicitly allow it your home rider probably does something similar has a built 28 00:02:04,210 --> 00:02:09,800 in Firewall your P.C. may be also running a firewall a software firewall directly on the P.C.. 29 00:02:09,850 --> 00:02:12,890 This is an example of a hardware dedicated firewall. 30 00:02:12,890 --> 00:02:18,110 Now riders as mentioned often have firewall functionality but this is a dedicated firewall. 31 00:02:18,130 --> 00:02:23,020 Now you could connect your internet directly to the firewall if you haven't Ethernet connection and 32 00:02:23,020 --> 00:02:29,910 then to the rotor and then to the switch where you're inside devices or or your land is all you could 33 00:02:29,910 --> 00:02:34,840 connect to the rudder and then have the firewall behind the rudder so you either have the firewall in 34 00:02:34,840 --> 00:02:41,830 front of the router or behind the router in many cases you're going to have this behind the router because 35 00:02:41,830 --> 00:02:47,960 your ISP may manage the rudder all you need a physical connection that's not Ethernet. 36 00:02:48,010 --> 00:02:53,200 These devices typically only support Ethernet Ryder will support other types of technologies such as 37 00:02:53,200 --> 00:02:55,610 a DSL or cable as an example. 38 00:02:55,630 --> 00:03:00,280 So the internet connects to the road it connects to the firewall which then connects to your switch 39 00:03:00,490 --> 00:03:03,040 in your internal network. 40 00:03:03,040 --> 00:03:07,910 Now he has another device looks very much the same but this is a wireless LAN controller. 41 00:03:07,920 --> 00:03:10,390 Another small wireless LAN controller. 42 00:03:10,390 --> 00:03:14,440 You'll notice the form factor looks exactly the same but it has different functionality. 43 00:03:14,440 --> 00:03:17,650 This is used to manage access points. 44 00:03:17,770 --> 00:03:23,860 If you've only got one access point it makes sense to manage the access point directly using what's 45 00:03:23,860 --> 00:03:29,560 called an autonomous access point economists meaning that you don't need a wireless LAN controller to 46 00:03:29,560 --> 00:03:30,400 manage it. 47 00:03:30,550 --> 00:03:36,790 But if you've got 100 of these or 500 of these it's going to be a lot of work to manually configure 48 00:03:36,880 --> 00:03:38,440 every one of those access points. 49 00:03:38,860 --> 00:03:43,180 So rather than doing that you use what's called lightweight access points. 50 00:03:43,180 --> 00:03:48,190 Some of these access points support both so they can either be lightweight or they can be autonomous. 51 00:03:48,280 --> 00:03:52,980 Some of them have to be lightweight access points varies depending on which one you buy. 52 00:03:53,080 --> 00:04:00,250 But the idea is is if I had 100 of these or 500 of these they would register with the wireless LAN controller. 53 00:04:00,250 --> 00:04:04,720 Now obviously this is a small wireless LAN controller so it's not going to support as many access points. 54 00:04:04,840 --> 00:04:11,710 But the idea is if I have 100 access points they would connect to the wireless LAN controller. 55 00:04:11,710 --> 00:04:15,460 And notice this doesn't have as many ports as as would be required. 56 00:04:15,460 --> 00:04:20,240 The wireless LAN controller and the bigger ones even more so don't have so many interfaces. 57 00:04:20,320 --> 00:04:24,970 They simply connect to switches so the access points connector switches the wireless LAN controller 58 00:04:24,970 --> 00:04:29,920 connects to switches switches are there to provide lots of ports to connect to in the network. 59 00:04:30,430 --> 00:04:36,640 So the whole idea here is the wireless LAN controller will manage the access points rather than manually 60 00:04:36,730 --> 00:04:41,010 managing every one of the access points you manage them through the wireless LAN controller. 61 00:04:41,140 --> 00:04:45,630 So the wireless LAN controller will manage let's say 100 500 access points depends on the controller. 62 00:04:45,820 --> 00:04:47,590 Depends what it can support. 63 00:04:47,590 --> 00:04:50,110 So once again here we've got a firewall. 64 00:04:50,170 --> 00:04:51,790 This is an older firewall. 65 00:04:51,850 --> 00:04:55,590 USA Today we have what are called next generation firewalls. 66 00:04:55,630 --> 00:04:59,050 They support features such as IP s or IBS. 67 00:04:59,080 --> 00:05:00,550 Now intrusion detection. 68 00:05:00,580 --> 00:05:06,250 Let me give you an analogy so that you won't forget what intrusion detection is an I.D. S is like a 69 00:05:06,250 --> 00:05:13,810 dog what a dog can do is help protect you by warning you when there's an attack taking place. 70 00:05:14,080 --> 00:05:20,800 Let's say you sleeping at night sleeping comfortably in bed the dog however sniffs that there's an attacker 71 00:05:20,980 --> 00:05:27,180 so an intruder it sniffs that there's an intruder trying to break into your house. 72 00:05:27,190 --> 00:05:28,330 What does it do. 73 00:05:28,330 --> 00:05:32,530 It box it warns you that there's an intruder. 74 00:05:32,530 --> 00:05:35,230 It doesn't stop the attacker. 75 00:05:35,230 --> 00:05:40,900 It warns you that there's an attacker and then you can do something to stop the attacker trying to break 76 00:05:40,900 --> 00:05:41,920 into your house. 77 00:05:42,190 --> 00:05:48,310 An intrusion detection system simply detects that there's a problem and then alerts you that there's 78 00:05:48,310 --> 00:05:50,380 a problem and then you have to do something about it. 79 00:05:50,890 --> 00:05:57,280 An intrusion prevention system can alert you that there's a problem but also block the attack so it 80 00:05:57,280 --> 00:05:59,040 can prevent the attack. 81 00:05:59,050 --> 00:06:04,870 So if someone breaks into your network remotely let's say a hacker it can see that there's malicious 82 00:06:04,870 --> 00:06:07,510 activity on the network and then it can block that attacker. 83 00:06:07,540 --> 00:06:14,320 So prevent that attacker from gaining access to your network intrusion detection systems typically set 84 00:06:14,410 --> 00:06:19,900 out of band of network traffic so the traffic is going past them but they're not in the flow of traffic 85 00:06:20,150 --> 00:06:25,150 they're just getting copies of the traffic to see if there's a problem and intrusion prevention system 86 00:06:25,360 --> 00:06:27,670 sits in line with the traffic. 87 00:06:27,670 --> 00:06:31,960 The traffic is going through the eyepiece or intrusion prevention system. 88 00:06:32,110 --> 00:06:36,970 When there's an attack it blocks it so the attacker can't get into your network. 89 00:06:36,970 --> 00:06:41,080 So think of an I.D. S or an IP s as a dog. 90 00:06:41,230 --> 00:06:43,070 Is it a small dog ideas. 91 00:06:43,150 --> 00:06:47,200 If it isn't a very large dog eyepiece can go and attack the attacker. 92 00:06:48,070 --> 00:06:51,370 Hopefully that analogy will help you never forget what an idea or IP SS. 10040