Network Kings

Multi-Access Year Deal

Get 55+ courses now at the best price ever! Use Code:    MULTIYEAR

d :
h :
m
Claim Offer
Consult Us

New CCNA Full Course

Everything You Need To Know About Extended ACLs

by
Extended ACLs
Extended ACLs

An extended access control list (ACL) is a type of ACL that can be used to filter traffic based on source and destination IP addresses, as well as port numbers and protocols. Extended ACLs can be used to allow or deny traffic from specific devices or groups of devices, as well as to specific ports and services.

Extended ACLs provide more granular control over traffic than standard ACLs, which can only be used to filter traffic based on source IP address. In addition, extended ACLs can be applied inbound or outbound, while standard ACLs can only be applied inbound.

In this blog, we will take a closer look at extended ACLs and how they can be used to protect your network. We will also compare extended ACLs to standard ACLs and discuss the benefits and drawbacks of each type of ACL.

In the previous blog of our CCNA 200-301 series , we talked about the Standard ACLs. I recommend you go through it before you jump to this blog. 

What is an extended ACL?

An extended ACL is a type of access control list that provides detailed control over traffic flows on a network. An extended ACL can be used to filter traffic by source IP address, destination IP address, port number, and protocol. 

Moreover, extended ACLs can be applied inbound or outbound, to or from specific devices or groups of devices, as well as to specific ports and services. 

Extended ACLs are more flexible than standard ACLs because they can be used to filter traffic in more detail. For example, an extended ACL can be used to block requests to a web server from a particular IP address or range of IP addresses, while a standard ACL can only be used to filter traffic based on the source IP address.

Why do you need an extended ACL?

Extended ACLs are essential for ensuring that only the desired traffic is allowed on a network. If a network does not have an extended ACL configured, malicious attackers can exploit the network by sending malicious traffic that bypasses security measures

Furthermore, without an extended ACL, certain applications may not function correctly because the traffic associated with the application is being blocked or rate limited. 

Extended ACLs also allow network administrators to troubleshoot network issues quickly and efficiently. For example, if a user is unable to reach a web server, the network administrator can use an extended ACL to check which ports and protocols the server is accepting connections on. This can help the administrator determine the cause of the issue more quickly.

How do you configure an extended ACL?

Configuring an extended ACL can be a complex process and depends on the network architecture and the desired security objectives. 

Generally, the process involves defining the traffic flow that needs to be controlled (i.e., which traffic is being allowed or denied), specifying the source and destination IP addresses, port numbers and protocols, and then applying the extended ACL to the network device (e.g., a router or firewall). 

You can follow the following mentioned steps to configure an extended ACL:

  • To configure an extended ACL, first, use the “access-list” command to create a named extended ACL. 
  • Next, use the “permit” or “deny” commands to define the traffic that the ACL should allow or block. For example, to block incoming ICMP traffic from a particular IP address, use the following commands: 

access-list permit icmp any access-list deny icmp any 

  • Finally, apply the extended ACL to the desired interface using the “ip access-group” command. For example, to apply the extended ACL to the serial 0/0 interface, use the following command: 

ip access-group in serial 0/0

What is the Difference Between Extended ACLs and Standard ACLs?

Extended ACLs 

Standard ACLs

Filtering is based on the source IP address, destination IP address, protocol type, source port number, and destination port number.

Filtering is based on source and IP address.

They are used to block particular services.

They are used to block a specific host or subnetwork.

They are implemented closer to the source.

They are implemented closer to the destination.

The extended ACLs numbers lie in the range between 100 to 199.

These can either be named or numbered with numbers in the range between 1-99 and 1300-1399.

One-way communication will be blocked in extended ACLs.

Two-way communication is blocked in standard ACLs.

A specific service is blocked.

All services are blocked.

What are the benefits of extended ACLs?

Here are some of the most significant benefits of extended ACLs:

  • An extended ACL provides greater granularity and control over traffic flows than a standard ACL, allowing administrators to specify which traffic should be allowed or blocked. 
  • This allows administrators to secure the network from malicious attackers, as well as prevent certain applications from being misused. 
  • In addition, extended ACLs can be applied inbound or outbound, allowing administrators to filter traffic on the ingress or egress of the network. 
  • This provides more flexibility in how traffic is filtered, allowing administrators to secure the network in more detail.

Are there any drawbacks to extended ACLs?

The primary drawback to extended ACLs is that they can be difficult to configure and maintain. Configuring an extended ACL requires detailed knowledge of network architecture, as well as various networking protocols, such as TCP and UDP

In addition, extended ACLs must be regularly reviewed and updated to ensure they remain in compliance with security best practices and current standards.

To sum it up

In conclusion, extended ACLs are a powerful tool for controlling traffic on a network. They provide more granular control than standard ACLs, allowing administrators to filter traffic based on source and destination IP addresses, as well as port numbers and protocols. 

However, designing and configuring extended ACLs can be complex and time-consuming, so it is important to have a good understanding of network architecture and protocols before undertaking this task.

I hope this was helpful.

Stay tuned for more blogs for the CCNA 200-301 series!

Happy studying!

What More Do You Need To Know About Standard ACLs?

by
standard ACLs
standard ACLs

An access control list (ACL) is an important component of network security. It is a list of permissions that decide what types of traffic are allowed to enter or exit a network. 

Standard ACLs are the most common type of ACLs and are used to filter traffic based on source and destination IP addresses. A standard ACL can be either a numbered or named ACL. A numbered ACL has a range of 1-99 or 1300-1999. A named ACL can have any name you choose.

When configuring a standard ACL, you will need to specify a range of IP addresses. The range can be either a host IP address or a network IP address. You will also need to specify the type of traffic that should be allowed or denied. For example, you can allow all traffic from a specific IP address or you can deny all traffic from a specific IP address.

The ACLs are divided into two types: standard ACLs and extended ACLs. In this Article, we will be focusing on standard ACLs. We will go over what they are, their range, examples, and configuration. By the end of this guide, you will have a good understanding of standard ACLs and their purpose.

In the previous blog of our CCNA 200-301 series , we talked about the RSTP Protocol in networking. I recommend you go through it before you jump to this blog. 

What are standard ACLs?

Standard ACLs are access control lists that define which traffic is allowed to travel and cross a network. They are used to filter traffic based on source and destination IP addresses. A standard ACL can be either a numbered or named ACL. A numbered ACL has a range of 1-99 or 1300-1999. 

A named ACL can have any name you choose. 

A standard ACL is configured on an interface and can be applied to both inbound and outbound traffic. When a packet enters an interface, the ACL filters the packet against a set of rules. If the packet matches the rules, it is either allowed or denied. If the packet does not match any rules, the access list is ignored and the packet is allowed. 

By using standard ACLs, you can control which traffic is allowed to travel through a network. This includes limiting access to specific services, blocking malicious traffic, or allowing only certain types of traffic. Standard ACLs can also be used to apply ACLs to different types of traffic, such as TCP or UDP.

Why use standard ACLs?

Standard ACLs are the most commonly used type of ACL and are used for controlling and monitoring the traffic flowing through a network. They provide a way to block unwanted traffic, restrict access to certain services, and ensure the security of a network. 

Standard ACLs are also a good way to ensure that only certain types of traffic can access specific services or applications. For example, email traffic can be restricted to certain networks and FTP traffic can be restricted to certain IP addresses. This ensures that only authorized users can access the services and applications. 

Standard ACLs can also be used to monitor traffic on a network. They allow an administrator to review what types of traffic are entering and leaving a network and to identify and block any malicious traffic. This helps keep a network safe and secure.

How to configure standard ACLs?

Once you have decided to use a standard ACL, the next step is to configure it. Configuring a standard ACL involves the following:

  • Specifying a range of IP addresses
  • The type of traffic to be allowed or denied
  • The direction of the traffic which could either be inbound or outbound

The first step is to identify which IP addresses you want to allow or block. The range of IP addresses can be either a single host IP address or a network IP address. You will also need to specify the type of traffic you want to allow or deny. This can be any type of traffic, such as UDP, TCP, ICMP, or ARP. Once you have identified the IP address range and type of traffic, you can create an access list entry. 

An access list entry consists of a number, a permit or denies action and the source and destination IP addresses. For example, an entry may look like this: 5 deny 10.1.1.0/24. This will deny all traffic from the 10.1.1.0/24 network.

Once you have created your access list entries, the next step is to apply the access list to an interface. This is done with the “ip access-group” command. For example, “ip access-group 5 in” will apply access list 5 to the inbound traffic on the interface. 

Finally, you can verify that the access list is working properly by using the “show ip access-lists” command. This will show you a list of the access list entries and the number of packets that were matched.

How to Test standard ACLs?

Once you have configured your standard ACL, you will need to test it to make sure it is working properly. To test a standard ACL, you can simply use some traffic sources to generate network traffic and then use a packet sniffer to monitor the traffic. 

A packet sniffer such as Wireshark can be used to monitor the traffic on a network. This will show you which packets are being dropped and which packets are being allowed. You can also use a port scanner such as Nmap to scan the network and see which ports are open and closed.

Troubleshooting standard ACLs

If you encounter any problems with your standard ACL, there are several steps you can take to troubleshoot them. 

  • The first step is to make sure that the ACL is configured properly. Make sure that the entries are in the correct order and that the source and destination addresses are correct. 
  • The next step is to verify that the rules are being applied correctly. You can do this by using the “show ip access-list” command. This will show you the access list entries and the number of packets that were matched. 
  • If the access list is configured correctly but the traffic is still not being blocked or allowed, you may need to check the router or switch’s log to see if there are any error messages related to the ACL. 
  • You can also check the router’s ARP table to make sure the traffic is being routed correctly.

Conclusion

Standard ACLs are a powerful way to control and monitor network traffic. With standard ACLs, you can control which traffic is allowed to traverse a network, restrict access to certain services, and monitor the traffic. By following the steps outlined above, you can configure and test your standard ACLs to make sure they are working properly.

In the upcoming blog, we will learn about extended ACLs and compare them to standard ACLs.

Stay tuned for more blogs for the CCNA 200-301 series!

What Is The Rapid Spanning Tree Protocol (RSTP) And How Does It Work?

by
RSTP Protocol
RSTP Protocol

The Rapid Spanning Tree Protocol (RSTP) is a network protocol that allows for the rapid recovery of failed links in a network. It is an open standard, originally developed by IEEE in the early 2000s. RSTP is based on the Spanning Tree Protocol (STP), but it significantly reduces the time it takes to recover from link failures.

The Spanning Tree Protocol (STP) is referred to  a network protocol that builds a loop-free logical topology for Ethernet networks. The STP was invented by Dr. Radia Perlman while working for Digital Equipment Corporation in 1985. STP is commonly used in bridged Ethernet local area networks (LANs)

The RSTP was designed to be an improvement over the STP. The RSTP was defined in the IEEE 802.1w standard in 2001. RSTP is similar to STP in that it prevents loops in the network and allows for redundant paths. However, RSTP converges much faster than STP. 

In a traditional STP network, if a link fails, it can take up to 50 seconds for the STP algorithm to converge and re-route traffic. With RSTP, this time is reduced to less than 10 seconds. RSTP accomplishes this by using a more efficient algorithm, and by defining new port states that allow for faster recovery.

In this blog, we will take a closer look at the RSTP. We will explain what the RSTP is, how it works, and how it compares to the STP.

In the previous blog of our CCNA 200-301 series , we talked about the Security Program Elements in CCNA. I recommend you go through it before you jump to this blog. 

What is the RSTP Protocol?

The Rapid Spanning Tree Protocol (RSTP) is an open, IEEE-standard network protocol that is based on the Spanning Tree Protocol (STP). It is designed to provide rapid recovery from failures in network links by allowing the network to quickly converge and route traffic around the failure.

RSTP Tree

RSTP works by detecting the loss of a link and then rapidly electing which new link should be used to re-route traffic. 

In a traditional STP network, the election of this new link could take up to 50 seconds, but with RSTP, the time is reduced to less than 10 seconds. To achieve this rapid recovery, RSTP uses new port states and functions that allow for faster link failure detection and recovery. In addition, the RSTP algorithm is more efficient than the STP algorithm, and it also simplifies the topology of a network by using fewer protocol packets.

How is the RSTP Similar to the STP?

Here are some of the main similarities between the RSTP and STP:

  • RSTP serves the same purpose as STP, blocking specific ports to restrict Layer 2 loops.
  • RSTP elects a root bridge with the same rules as STP.
  • RSTP elects root ports with the same rules as STP.
  • RSTP elects designated ports with the same rules as STP(Spanning Tree Protocol).

How Does the RSTP Protocol Work?

The RSTP protocol is based on a link-state algorithm. This means that is it constantly listening and monitoring the network to detect any changes in the topology or link status. 

When a link failure is detected, the RSTP algorithm quickly reconfigures the network to route around the failed link. The RSTP protocol uses a set of defined port states and functions to enable it to rapidly detect link failures and reconfigure the network. 

The five defined port states are mentioned below: 

  • Blocking
  • Listening
  • Learning
  • Forwarding
  • Discarding

Each port state serves a specific purpose in the RSTP recovery process. For example, when a link fails the RSTP protocol assigns the failed port to the blocking state, which prevents it from participating in the forwarding of traffic for that period of time. 

Then, the RSTP protocol quickly elects which port should become the new root port and assigns it to the forwarding state, allowing it to take over the forwarding of traffic.

The Rapid Spanning Tree Port States

The various RSTP port states are given below in the table:

STP Port State

Send/Receive BPDUs

Frame Forwarding (Regular traffic)

MAC Address Learning

Stable/Transitional

Discarding

NO/YES

NO

NO

Stable

Learning

YES/YES

NO

YES

Transitional

Forwarding

YES/YES

YES

YES

Stable

  • If a port is administratively disabled (shutdown command), that is equal to discarding state.
  • If a port is enabled but blocking traffic to prevent Layer 2 loops, it means it is in the discarding state.

RSTP Link Types

RSTP distinguishes between three different ‘link types’.

  • Edge:

It is a port that is connected to an end host. It moves directly to forwarding without negotiating.

  • Point-to-Point:

It establishes a direct connection between two switches.

  • Shared:

It is an established connection to a hub. It should be operated in half-duplex mode.

The Benefits of Using the RSTP Protocol

The biggest benefit of using the RSTP protocol is its ability to quickly recover from link failures. With a traditional STP network, the time it takes to re-route traffic around a failure can be up to 50 seconds. With RSTP, this time is reduced to less than 10 seconds. This drastically reduces network disruptions and improves the overall performance of the network. 

In addition, since RSTP is an open, IEEE standard, it is supported by most network switches and routers. This makes it easy to implement and maintain in any network.

Some Final Thoughts

The Rapid Spanning Tree Protocol (RSTP) is a powerful, open standard that provides improved link-failure recovery time compared to the traditional Spanning Tree Protocol. 

It is a fully supported protocol and is easy to implement and maintain in a network. RSTP is especially beneficial in network environments that require near-instantaneous recovery from link failures.

I recommend you read about STP first in order to understand RSTP in a better way.

Stay tuned for more blogs for the CCNA 200-301 series!

Happy Learning!

Security Program Elements in CCNA: What You Need to Know

by
Security Program Elements in CCNA
Security Program Elements in CCNA

Until now, we have learned about various types of network security attacks that are commonly manifested in computer network systems. We eventually studied Network security and how it works. 

In the previous blog of our CCNA 200-301 series , we talked about the solid AAA framework for network security. I recommend you go through it before you jump to this blog. 

In this blog, we will learn the important security program elements that make a user aware of the protection against network cyber attacks. 

A security program is an enterprise’s set of security policies and procedures. For the CCNA 200-301 exam, there are a few elements you have to be aware of.

We will learn about the various security program elements in this blog. Most importantly, we will discuss the CIA model and its elements. Without further ado, let’s get started!

Various Security Program Elements in CCNA

A security program is an enterprise’s set of security policies and procedures. The following are the main security elements:

1. User awareness programs:

  • User awareness programs are designed to make employees aware of potential security threats and risks.
  • Not all employees are cybersecurity experts. Someone who works in the Marketing department is probably not aware of all the cyber threats the company is facing. So, user awareness programs will help make those employees aware.
  • For example, a company might send out false phishing emails to make employees click a link and sign in with their login credentials.
  • Although these emails are harmless, employees who fall for false emails will be informed that it is a part of the user awareness program and they must be more careful about phishing emails.

2. User training programs:

  • User training programs are more formal than user awareness programs.
  • For example, dedicated training sessions educate users on corporate security policies, how to create strong passwords, and how to avoid potential threats.
  • These should happen when employees enter the company and also at regular intervals during the year.

3. Physical access control:

  • Another essential element of a security program is physical access control which protects equipment and data from potential attackers by only allowing authorized users into protected areas such as network closets or data center floors.
  • This is not just to prevent people from outside of the organization from gaining access to these areas. In fact, access should be limited to those who need access even in the company.
  • Multifactor locks can protect access to these restricted areas.
  • For example, a door that requires users to swipe a badge and scan their fingerprint to enter.
  • Permissions of the badge can easily be changed, for example, permissions can be removed when an employee leaves the company.
  • This allows for strict, centralized control of who is authorized to enter where.

CIA Model: The Three Pillars of Security

The most important principle covered in the CCNA Security program (and the entire security certification track) is the three pillars of security. It refers to the CIA model. The three pillars of security are:

  •  Confidentiality
  • Integrity
  • Availability

These three principles form the foundation of any security system and must be taken into account when implementing and maintaining secure networks. Let us understand each one of them one by one.

1. Confidentiality:

  • Confidentiality is the protection of information from an unauthorized access. 
  • The goal is to ensure that only those individuals who intended to have access to the information are the only ones who have access. 
  • Access control policies and data encryption techniques are used to achieve this. 

2. Integrity:

  • Integrity is the assurance that the data stored and transmitted over a network is accurate and untampered. 
  • Integrity is maintained by techniques such as cryptographic hashing, digital signatures, and data leakage prevention. 

3. Availability:

  • Availability is the assurance that the data is available when needed.
  • Availability is achieved through various techniques, such as load balancing and redundant servers. 
  • The network must be working and available all the time and it must be strong enough to handle cyber attacks.

Cisco Security Products and Technologies

Cisco Security Products and Technologies include a wide range of products and services that assist organizations in meeting their security objectives. These products and services include:

  •  network security appliances
  • endpoint security solutions
  • cloud-based security solutions

1. Cisco Security Appliances:

  • Cisco Security Appliances, such as the ASA, ISR, and FTD, provide organizations with perimeter defense and internal segmentation. 
  • These devices can be configured to provide stateful packet filtering, application access control, and encrypted tunnels. 
  • They can also provide identity-based access control, web filtering, and advanced access control lists. 

2. Cisco Endpoint Security:

  • Cisco Endpoint Security Solutions help ensure that endpoint devices, such as computers and mobile devices, are securely managed and not vulnerable to external and internal threats. 
  • These solutions include discovery and protection tools, remediation tools, and patch and vulnerability assessments. 
  • Cisco Identity Services Engine (ISE) is a network access control solution that provides the ability to control access to the network based on group membership and user identity. 

3. Cisco’s Cloud Security Solutions:

  • Cisco’s Cloud security solutions enable organizations to identify, detect, and defend against threats and attacks in the cloud. 
  • These solutions include Cisco Cloudlock, which provides cloud-based security and the ability to detect malicious activity in the cloud. 
  • Additionally, Cisco has a suite of cloud-based threat defense solutions, such as Cisco Firepower, Umbrella, and ThreatGrid, that can provide organizations with the latest in threat intelligence and response capabilities.

The Cisco Self-Defending Network

The Cisco Self-Defending Network (SDN) is a comprehensive framework for secure network architecture and policy design. The Cisco SDN is comprised of various components, such as:

  •  Cisco Security Agents
  • Firepower
  • Identity Services Engine

These are designed to provide end-to-end visibility and control over a network. 

The Cisco SDN also includes the Network Access Control (NAC) framework, which is a policy enforcement mechanism that prevents devices from accessing the network if they do not meet certain criteria. 

The Cisco Security Agent is an endpoint security solution that is designed to protect endpoints from malware, malicious insiders, and other types of threats. It also provides proactive protection against data leakage and unauthorized access.

The Cisco Firepower solution provides organizations with advanced threat intelligence and response capabilities. Cisco Identity Services Engine (ISE) enables organizations to manage and enforce access control policies through identity-based access control. 

The Cisco Security Lifecycle

The Cisco Security Lifecycle is a step-by-step process that organizations can use to implement and maintain secure networks. 

The lifecycle consists of five phases: 

  • Assess
  • Plan
  • Design
  • Implement
  • Operate

Each phase has its own set of activities and objectives. 

1. Assess Phase:

During the assess phase, organizations evaluate their current security posture and define their security objectives. This phase is also used for risk assessment and vulnerability management. 

2. Plan Phase:

The plan phase consists of creating detailed security policies and procedures. In this phase, organizations also develop and document security architecture and design, as well as their budget and timeline for implementation. 

3. Design Phase:

The design phase is when organizations begin to implement the solution they have developed in the plan phase. This phase includes tasks such as selecting hardware and software, configuring devices, and setting up policies and procedures. 

4. Implement Phase:

The implement phase is when organizations deploy their security solution and complete the actual installation. This phase also includes testing and validation of the security solution. 

5. Operate Phase:

The operate phase is when organizations maintain and monitor the security solution they have implemented. This phase includes tasks such as auditing and logging, as well as training and awareness programs. 

Conclusion

So far, we have covered what is meant by security program elements and the various security program elements. We also discussed the most important security model, the CIA model which covers the fundamentals of network security.

We also discussed various products and technologies that can be used to secure a network. In addition, the Cisco Self-Defending Network and the Cisco Security Lifecycle provide individuals with an understanding of what is required to effectively design, implement, and maintain secure networks. 

By understanding the fundamentals of network security and mastering the tools and techniques used to protect networks, you can achieve the CCNA certification, and become a certified network security engineer.

Stay tuned for upcoming informative blogs for our free CCNA series.

 

The Ultimate Guide to AAA Framework in Network Security

by
AAA framework
AAA framework

Information security has become one of the most important aspects of business in the modern world. With the rise of the internet and the increase in connected devices, businesses must be very careful in protecting their data. One of the most important tools in protecting data is the AAA framework.

AAA stands for Authentication, Authorization, and Accounting. It is a very important security framework for controlling and monitoring users of a computer system such as a network. Its major purpose is to manage networks and cybersecurity by keeping a track of the activities of users while they are connected to a network.

In this blog, we will provide a comprehensive guide to AAA in network security. We will cover the importance of the AAA framework, the types of AAA protocols, the benefits of AAA, and how to implement AAA in your own network security system.

Note: If you haven’t read the previous blog of our CCNA 200-301 series, I highly recommend you do so.

Why is AAA Important?

AAA is an important part of network security because it ensures that only authorized users can access the data that is being protected and that data is only used for authorized purposes. 

The AAA framework also provides a record of all the activities that have taken place on the network, which can then be used for security audits and investigations. The framework helps to ensure that any unauthorized access is detected and prevented. 

The AAA framework is also important because it provides data security. The use of authentication, authorization and accounting protocols helps to ensure that data is kept secure and only accessed by those who have been given permission to do so. 

The framework also provides a way to audit data usage and processes, which can help businesses to ensure data compliance.

What is AAA?

AAA stands for Authentication, Authorization, and Accounting

It is a framework for network security that provides a structure for businesses to follow in order to ensure the security of their network. It performs three major functions:

  • It is a framework that helps to ensure that only authorized users can access the protected data.
  • It makes sure that the data is only used for authorized purposes. 
  • It also keeps a record of all the activities that have taken place on a computer network.

The Three Components of AAA

Let us learn about the three main components of AAA.

  • Authentication:

Authentication is the process of cross-checking and authenticating the identity of a user. It involves using various methods such as passwords, biometrics, or tokens to verify that the user is who they say they are. 

It is the process of granting access to the network. It involves granting permissions to a user to view and manipulate certain data and resources. This can be done manually or automatically via a rules-based system.

  • Authorization:

Authorization is the process of granting access to the network. It involves granting permissions to a user to view and manipulate certain data and resources. This can be done manually or automatically via a rules-based system. 

It occurs after authentication. The AAA matches the user’s entered credentials to its database being an Identity and Access Management (IAM) tool. Therefore, it checks the username and password.

  • Accounting:

Accounting is the process of keeping a record of all activities that have taken place on the network. It occurs after the authorization process is done.

This includes all user activity and access to data and resources. It keeps a record of the following  metrics:

  • For how long the user logged in
  • The data he sent and received in that online session
  • It saves his Internet Protocol (IP) addresses
  • It also records the Uniform Resource Identifier (URI) he used
  • It also tracks the various services it accessed

These records can then be used to investigate suspicious activity and audit the network for compliance. 

Implementing AAA Framework

Implementing a AAA framework in your network security system can be a challenge. There are many different aspects that work into the process, such as:

  •  The various authentication methods
  • Setting up authorization rules
  • Setting up accounting protocols

Choosing the authentication method:

First, you will need to decide which authentication methods you will use. This will depend on the level of security you need and the type of data you are protecting. Possible authentication methods include passwords, tokens, biometrics, or a combination of all three. 

Setting up authorization rules:

Next, you will need to set up the authorization rules for granting access to the network. This involves deciding who has access to which data and resources, and how they are allowed to use them. 

Setting up accounting protocols:

Finally, you will need to set up an accounting system to keep a record of all activities that have taken place on the network. This includes all user activity and access to data and resources. This record can then be used to investigate suspicious activity and audit the network for compliance.

Types of AAA protocols

Enterprises generally use a AAA server to provide AAA services. For example, ISE (Identity Services Engine) is Cisco’s AAA server. 

These AAA servers typically support the following two AAA protocols:

RADIUS:

  • It is an open-standard protocol. 
  • It uses UDP ports 1812 and 1813.
  • It stands for Remote Authentication Dial-In User Service (RADIUS).
  • It carries out AAA functions for users that are accessing a remote network.
  • It also encrypts the AAA packets for maximum network security.

TACACS+:

  • It is a Cisco-proprietary protocol.
  • It uses TCP port 49.
  • It stands for Terminal Access Controller Access-Control System Plus (TACACS+).
  • It controls how the commands get authorized.
  • It provides a secret key that is only known by the TACACS+ server and the client.
  • The connection is allowed to be established only when a valid key is entered.

Diameter:

  • It does not work on the client/server model like RADIUS and TACACS+.
  • It is a newer and better version of RADIUS.
  • It supports the framework of the following devices:
    • Long-Term Evolution (LTE)
    • Multi-media networks such as Voice Over Internet Protocol (VoIP)
    • Mobile devices

Benefits of AAA Framework

The following are the benefits of the AAA framework:

  • The main benefit of the AAA is that it provides a comprehensive framework for network security. 
  • It helps to ensure that only authorized users can access the data that is being protected and that data is only used for authorized purposes. 
  • The AAA framework also provides a record of all the activities that have taken place on the network, which can then be used for security audits and investigations. 
  • Additionally, the framework makes it easier to keep data secure and to enforce data compliance. 
  • The use of the AAA framework also helps to improve the overall security of the network.
  • The various authentication, authorization, and accounting protocols help to ensure that unauthorized access to the network is detected and prevented. As a result, businesses can have peace of mind that their data is safe and secure.

Conclusion

AAA is an important part of network security. The AAA framework is an invaluable tool for businesses to ensure the security and compliance of their data.

It provides a framework for businesses to follow in order to ensure the security of their network. The framework helps to ensure that only authorized users can access the data that is being protected and that data is only used for authorized purposes. 

It also provides a record of all the activities that have taken place on the network, which can then be used for security audits and investigations. 

In the upcoming blog, we will learn about the security program elements. If you want to learn more about basic network security, you can check our previous blog.

Stay tuned for upcoming informative blogs for our free CCNA series.

 
 

A Guide to the Different Types of Attacks in Network Security

by
types of attacks in network security
types of attacks in network security

Network security is an important part of any business, organization, or individual’s online safety and protection. Cybercriminals are continuously developing new and advanced methods of attack, making it crucial to stay up-to-date on the different types of attacks in network security.

This comprehensive guide provides a detailed overview of the most common threats and the best practices for protecting your network. From Denial of Service (DoS) attacks to phishing scams, you’ll learn about the different types of attacks, the risks associated with each, and the steps you can take to mitigate them. 

Note: If you haven’t read the previous blog of our CCNA 200-301 series, I highly recommend you do so.

Knowing about the different types of network security attacks is very important from CCNA 200-301 exam point of view. In this blog, we will discuss all the attacks that are asked in the CCNA certification exam. 

Make sure to understand each one of them. Let’s begin!

What is Network Security?

Network security is the process of protecting your networks from unauthorized access, breaches, or damage. It can also be applied to protecting your systems and data from potential threats on networks such as intranet or extranet connections. 

Network security is an important part of data security, but it is only one part. Data security is the practice of protecting valuable information by keeping it secure. It is important to remember that network security is a process, not an end result. It is an ongoing process that requires ongoing vigilance and attention.

Types of Attacks in Network Security

Before we learn about different types of attacks in network security, it’s important to understand the basic components of a network. Networks can be made up of a variety of devices, ranging from computers to routers to network storage devices to printers. The devices on a network are connected together either wirelessly or over a wired connection. 

These devices communicate with each other using a variety of protocols and standards, including IPv4, IPv6, and Transmission Control Protocol/Internet Protocol (TCP/IP). IP addresses are the protocols and addresses used to identify and identify devices on a network. 

In order to send and receive data, devices on a network must be able to communicate. This communication is typically done through ports, which are used to assign devices a specific amount of bandwidth in order to allow them to send and receive data. Systems on a network may also use services, such as SMTP to send e-mail or HTTP to access a website.

Let us now begin learning about different types of attacks in network security.

1.Denial-of-Service (DoS) attacks:

  • DoS attacks threaten the availability of a system, the A of the CIA triad.
  • There are many kinds of DoS attacks and we will discuss a few of them. One of the most common DoS attacks is TCP SYN flood. It exploits the TCP three-way handshake which consists of the SYN, SYN-ACK and ACK.
  • In a TCP SYN flood, the attacker sends countless TCP SYN messages to the target.
  • The target sends a SYN ACK message in response to each SYN it receives.
  • The attacker never replies with the final ACK of the TCP three-way handshake. This final ACK is never sent.
  • The target waits for the final ACK of each handshake, and the incomplete connections fill up the target’s TCP connection table.
  • The incomplete connections will be timed out and they will be removed from the table after a certain amout of time.
  • The attacker continues sending SYN messages to fill up the table.
  • In the end, the target is no longer able to make legit TCP connections because it has reached the maximum limit of the number of TCP connections it can maintain.
DoS Attack
  • A hacker can rent a website and then rent a server to launch a flood.

2. Distributed Denial-of-Service (DDoS) attack:

  • In distributed denial-of-service (DDoS) attack, the attacker infects many target users with malware and uses them to begin a Denial-of-Service (DoS) attack, for example, a TCP SYN flood attack.
  • The infected computers together are called a botnet.

3. Man in the Middle (MITM) attacks

  • Man in the Middle attacks (MITM) is some of the most common types of network security attacks. 
  • If you’ve ever wondered how hackers hijack computers and steal personal information or disrupt businesses, it’s all thanks to man in the middle attacks.
  • An example of a man in the middle attack would be if your email exchange is going to a third party, such as Gmail or Microsoft Outlook.
Man in the Middle
  • Another example of a man in the middle attack is when data is being sent over a network, such as when a browser is communicating with a website.
  • These attacks occur when an attacker captures traffic between two parties and modifies the traffic so that it looks as if it is coming from the victim and going to the attacker. 
  • This is done by using eavesdropping and interface manipulation. 
  • This can cause all kinds of problems, such as sending a hacker’s password or downloading malicious software.
  • The attacker can also alter the content of a packet by adding new information to the packet as opposed to modifying the packet. 
  • If a hacker is in the middle of a conversation, he can alter the conversation to make it look like he’s the one talking to the other person. This is similar to a MITM attack, except the hacker is in the middle and not the victim. 
  • The attacker can change the information being sent so that it appears as if it is coming from the victim.

4. SQL injection attacks

  • SQL injection attacks are some of the most dangerous types of network security attacks.
  • The basic premise of this type of attack is that malformed SQL code is injected into the web application. 
SQL injection attacks
  • The code is then executed, and the attacker is able to cause damage to the network, such as stealing data, deleting data, changing data, or even deleting the entire database.
  • This type of attack is increasing in prevalence because web applications are getting more and more complex. 
  • They need to be fast, reliable and secure all at the same time. 
  • Unfortunately, most applications are not developed with security in mind, making them vulnerable to SQL injection attacks. 
  • A hacker can easily use a tool, such as SQLMAP, to find and inject malicious SQL code into a website. 
  • If a hacker is able to inject malicious code and then access a database, he or she can cause all kinds of damage, from deleting data to stealing money.

5. Phishing Attacks

  • The term phishing means “fishing” and refers to attempting to fish out a user’s sensitive information such as a password, banking account details, or other confidential data.
  • Phishing attacks are often disguised as a trustworthy source, such as a bank website or email. 
  • Hackers often use malicious links or messages to trap unsuspecting users into providing their login credentials or other sensitive information. 
  • Phishing attacks are frequently used for financial gain
Phishing Attacks
  • These attacks often come in the form of an email that appears to come from a legitimate source, such as a bank or credit card company. 
  • Phishing messages often include links to websites that look like they’re from a legitimate source, such as a brand-new bank website. 
  • Users are advised to be cautious of any links that are sent to them and to avoid clicking anything they’re not 100% sure is safe.

Best practices for mitigating Network Security threats

Here are some of the best precautions that you can use to reduce your chances of getting exposed to various types of network security attacks:

  • Use strong passwords:

Most people reuse simple passwords, make them too short, or choose terrible passwords. Make sure your password meets one of the following criteria: 

  • Is at least eight characters in length 
  • Contains numbers, letters, and symbols 
  • Is different from your email account password 
  • Is not easily guessable 
  • Use a password manager 

Using a password manager is one of the best ways to make sure your passwords are safe. It will save you time, keep you organized, and help prevent you from making any mistakes that could lead to your information being stolen. 

  • Install antivirus software:

There are many free antivirus programs available. As an added bonus, many programs block links, offer cloud protection, and provide real-time updates. – 

  • Use 2-factor authentication:

Many websites now require two-factor authentication to prevent hackers from stealing your information. This is often accomplished through an app or text that is sent to your phone to verify your identity. 

Two-factor authentication will help protect against man-in-middle attacks and phishing attacks

  • Keep your software updated: 

Keep your devices such as computer, PCs, laptops, etc. updated. Double check that there are no vulnerabilities in your device thay cam be hacked. Update your software and devices as soon as possible. 

  • Lock your device and/or turn off remote/web access:

Many hackers use remote access tools (RATs) to gain access to a target’s device. A common way to do this is through remote access utility (RAU). 

Conclusion

In this blog we have covered what is network security and how it gets suffered because of the most prevailing attacks. We learned how they attacks occur and we understood the approach of these attacks.

Additionally, we also learned how to mitigate these attacks and the important measures that you can take to reduce these attacks.

This was all about the various types of attacks in network security. 

Stay tuned for more such free content for our CCNA series!

What is QoS and How important it is in a Computer Network?

by
What is QoS?
What is QoS?

Quality-of-Service (QoS) is a method used to manage network resources and prioritize different types of traffic. QoS solutions can be either hardware- or software-based, and they use different mechanisms to achieve their goals. The most common QoS solutions are Traffic Shaping, Traffic Policing, and Quality of Service Marking.

QoS is important because it allows you to prioritize different types of traffic, which can be important in a number of situations. For example, if you are running a VoIP call and your computer is also downloading a file, you can use QoS to give priority to the VoIP call and ensure that the call quality is not affected.

There are a number of benefits to using QoS, but there are also some disadvantages that you should be aware of. In this blog, we will discuss what QoS is, the different types of QoS solutions, how QoS works, the benefits of using QoS, and the disadvantages of QoS.

Note: If you haven’t read the previous blog of our CCNA 200-301 series, I highly recommend you do so.

Let’s get started!

What is QoS?

Quality-of-Service (QoS) is a networking technique used to prioritize certain types of traffic over others. It ensures that important traffic, such as VoIP calls, receives first priority on the network. 

QoS solutions can be either hardware- or software-based, and they use different mechanisms to achieve their goals. 

Common QoS solutions include the following:

  • Traffic Shaping, 
  • Traffic Policing, and 
  • Quality of Service Marking. 
What is QoS?

The main purpose of QoS is to ensure that important network traffic is prioritized over less important traffic, such as file transfers. This is done by applying different levels of priority to different types of traffic, as well as by controlling the amount of bandwidth available for each type of traffic. By doing this, important traffic can be given priority and not affected by any congestion caused by traffic on the network.

Why is QoS Important in a Computer Network?

QoS is important because it allows you to prioritize different types of traffic over others. The following are the important functions of the QoS. These are:

  • Prioritize traffic:

This can be essential in a number of situations, such as when you are running a VoIP call and your computer is also downloading a file. In this case, you can use QoS to give priority to the VoIP call and ensure that the call quality is not affected. 

  • Balancing resource access:

QoS is also important for ensuring that all users have equal access to the resources on the network. 

  • Managing bandwidth usage:

By using QoS, you can guarantee that certain traffic (such as VoIP or video streaming) gets the bandwidth that it needs, while less important traffic (such as file transfers or web browsing) receives the remaining bandwidth. 

With QoS, you can also ensure that no one user or application is using too much bandwidth, thus preventing any one user from dominating the network resources.

What are the different types of QoS Mechanisms?

There are several different types of QoS mechanisms that can be used to prioritize network traffic. These include:

  •  Traffic Shaping
  • Traffic Policing
  • Quality of Service Marking.

1. Traffic Shaping:

Traffic Shaping
  • Traffic Shaping is a QoS mechanism that is used to manage the amount of data that is sent on the network. 
  • It helps to ensure that important traffic is not adversely affected by congestion.

2. Traffic Policing:

Traffic Policing
  • Traffic Policing is another QoS mechanism that is used to control the amount of data sent over the network. 
  • It can be used to limit the amount of bandwidth that a certain type of traffic is allowed to use. 

3. Quality of Service Marking:

  • Quality of Service Marking is a QoS mechanism that is used to set different levels of priority for different types of traffic.
  •  This allows important traffic to be given priority over other types of traffic. 
  • The Quality of Service Marking can also be used to identify and provide priority to latency-sensitive traffic, such as VoIP.

Implementing QoS in a Computer Network

This is how Quality-of-Service (QoS) is implemented in a computer network:

  • The first step in implementing QoS is to identify all of the applications, users, and devices that will be using the network. This will allow you to identify which traffic should be given priority. 
  • After this, you will need to configure the appropriate QoS solutions. This will include Traffic Shaping, Traffic Policing, and Quality of Service Marking. 
  • Finally, you will need to monitor the network to make sure that the QoS policies are working as intended. 
  • You will also need to adjust the QoS settings as needed. This can be done manually, or you can use a network management system to automate the process.

What are the benefits of QoS?

There are several benefits to using QoS on your network.

  • The most important benefit is that it allows you to prioritize different types of traffic over others. This is important for ensuring that VoIP calls, video streaming, and other latency-sensitive traffic are not poorly affected by any congestion on the network.
  • Another benefit of QoS is that it can be used to ensure that no one user or application is hogging the network resources. 
  • By setting limits on how much bandwidth each user or application is allowed to use, you can manage the resources on the network and ensure that everyone is getting a fair share.

What are the drawbacks of QoS?

While QoS can be beneficial in many cases, there are some drawbacks as well. 

  • One potential drawback is that it can be difficult to configure a QoS solution correctly. If the QoS settings are not configured correctly, the network may not operate properly.
  • Another potential drawback is that the QoS solutions available on the market are often expensive. This means that using QoS may add an additional cost to the network. 
  • QoS solutions can also be complex and hard to manage, which can increase the amount of time that is needed to configure and maintain the network.

Bottom Line

Quality-of-Service (QoS) is a networking technique used to prioritize certain types of traffic over others. It allows you to prioritize important network traffic and ensure that everyone has access to the resources on the network. 

There are a number of benefits to using QoS, but there are also some drawbacks that you should be aware of. With the right configuration and management, QoS can be a great tool for managing your network resources. It just depends on the user how he can make the most out of it!

Stay tuned for upcoming informative blogs for our free CCNA series.

What is File Transfer Protocol (FTP) In Networking?

by
what is ftp?
what is ftp?

We have already learned about various protocols in the networking ecosystem that perform various functions. The File Transfer Protocol (FTP) is an important networking protocol that enables the communication and transfer of files between two computers.

This transfer occurs on the Internet which belongs to the Transmission Control Protocol/ Internet Protocol (TCP/IP) suite. The FTP protocol is active in the Application Layer of the TCP/IP protocols.

There are two important counterparts in a typical FTP transaction, the local host and the remote host. The local host is usually the computer of an end-user who either wants to transfer, upload or download a file from the server. The server is referred to as the remote host that allows the transfer, upload and download of the files. This transaction of files occurs only if the user has been granted access to do so!

As we have already learned about the Hyper Text Transfer Protocol (HTML) whose function is similar to the FTP protocol which is to transfer files in a hypertext form. These files could be audio, video, or image.

In this blog, we will learn about the key features of the FTP protocol followed by the working of the FTP protocol. We will also cover how to use this protocol. 

Note: If you haven’t read the previous blog of our CCNA 200-301 series, I highly recommend you do so.

Without any further delay, let us begin!

What is FTP?

The File Transfer Protocol (FTP) is a standard network protocol that is used to upload, download or transfer files from one computer to another. It allows expansive file transfer across various IP networks.

The following are the key features of the FTP protocol:

  • FTP is a standard Internet protocol that provides the sharing of files.
  • It transfers data with better control, quality, and reliability than HTML web services or email.
  • FTP uses a client-server model.
  • The FTP is most commonly used by Network Engineers in the process of upgrading an operating system of a network device.
  • The FTP protocol can also be used to download the newer version of iOS from a server and then reboot the device with the new iOS image.
  • FTP was standardized in 1971. This is even before the TCP/IP, therefore, FTP is a very old protocol.
  • The TCP ports used by FTP are 20 and 21.
  • There is no encryption in FTP similar to HTTP. Everything is sent in plain text including the username and password that is used for authentication.
  • FTPS (FTP over SSL/TLS) can be used for better security. Please note that the FTPS is an upgrade to FTP.
  • SSH File Transfer Protocol (SFTP) can also be used for greater security.
  • FTP does not only allow file transfers, but it also allows clients to look for file directories, add and remove directories, list files, etc.
  • The client sends FTP commands to the server to perform the above-mentioned functions.

How Does the FTP Work?

For the FTP protocol to work, the FTP client plays a very important role. It is a computer application that connects the user to remote servers using FTP protocol. The FTP client has the following three parts:

  • The user interface
  • Control process
  • Data transfer process
FTP client

The server, on the other hand, has two major parts:

  • Control process
  • Data transfer process

For an FTP connection to be established, there are two unique communication channels:

  • Command channel:

This channel is responsible for initiating the instructions and response.

  • Data channel:

The data channel facilitates the distribution of the data.

The FTP uses two types of connections:

  • FTP Control Connection (TCP21):
  • It is established and used to send FTP commands and replies. 
  • The client sends commands when it wants to perform an action, such as retrieving a file from the server, and then the server sends replies to acknowledge.
  • The actual data transfer does not occur using this FTP connection.
  • FTP Data Connection (TCP20):
  • When files and data are to be transferred, separate FTP data connections to TCP port 20 are established and terminated as required.

Now, all we need is an actual data connection to transfer the data. There are 2 different modes that can be used to establish an FTP data connection. These are:

  • Active Mode:
  • It is the default method of establishing FTP data connections.
  • In such a mode, the server initiates the TCP connection.
  • After the TCP connection is set up, the FTP data connection is established and the data can be exchanged.

Note: The FTP control connection is maintained throughout the whole process. 

  • Passive Mode:
  • The client initiates the data connection in the FTP passive mode. 
  • This is often the case when the client is behind a firewall which could block the incoming connection from the server.
  • The firewall permits the server’s replies but it would block the message if the server itself tries to TCP connection.
different modes

How to Use FTP?

There are mainly three approaches to how we can establish and use the FTP connection. These are:

  • Command-Line FTP:
  • This is the simplest method of establishing a TCP connection.
  • A command prompt is used.
  • This method is commonly used by Developers to transfer files.
  • Web browser:
  • We can also use a web browser to talk to the FTP server.
  • Sometimes, a user wants to access large directories on the server. This is where the web browser works the best.
  • However, this method is less reliable and slow.
  • FTP client:
  • This is the most popular method to use FTP.
  • It is easier to manage than the other methods.
  • It is also more powerful.
  • It gives more freedom than the FTP commands and web browser method.
  • It allows users to send large files.

Conclusion:

This marks the end of our FTP blog of CCNA course series. In this blog, we have learned what is FTP and how it works. Then, we also learned how to use the FTP connection. The bottom line is that the FTP is used to transfer files from one computer to another.

Stay tuned for learning more Protocols such as TFTP protocol in the CCNA series

Happy learning!

What is SSH (Secure Shell) In Networking? How Does It Work?

by
what is SSH?
what is SSH?

We have learned about many different network protocols that help us communicate with other network devices. We are able to share data among different network devices. Secure Shell or SSH is a protocol used to connect devices and configure them via the CLI.

One of the options is to connect a device and configure it through a console port. However, SSH allows you to connect to a device remotely without being directly connected to its console port.

Therefore, SSH is a network protocol that lets you configure network devices using remote access. Before we study SSH, you must know that the industry was using Telnet which is quite similar to SSH, however, it is less secure.

In this blog, you will learn what is SSH and what it is used for. You will also learn about the architecture of SSH as well as how it works. Let’s get started without any further ado!

Note: If you haven’t read the previous blog of our CCNA 200-301 series, I highly recommend you do so.

What is Meant By SSH?

SSH which is also known as Secure Shell or Secure Socket Shell is a network communication protocol. Here are the key feature of the Secure Shell:

  • The Secure Shell or SSH protocol was created in 1995 to replace a less secure protocol called Telnet.
  • The term “shell” in SSH refers to a computer program that provides an operating system’s services to a user. So, if you are accessing a CLI of a device, it is basically a shell. Earlier, this term referred to a program that processes Unix commands.
  • SSH allows encrypted communication between two network devices, therefore, it is very secure.
  • Therefore, with SSH, you can remotely access a computer over an insecure network such as the Internet.
  • SSH is mainly used by Network Administrators to manage systems and applications remotely. This allows them to log in to another computer and implement commands as well as move files over a network.
  • SSHv2 which is a major revision of SSHv1 was released in 2006.
  • Version 2 of SSH is much more secure than the first version, therefore, it can be used whenever possible.
  • If a device supports both version 1 and version 2, it is said to run version ‘1.99’. Please note that it is not a version of SSH, it simply means version 1 and version 2.
  • SSHv1 is not in use anymore because of its rudimentary/old designs.
  • In a nutshell, SSH provides security features such as encryption and authentication.
  • Telnet uses TCP Port 23. SSH uses TCP Port 22.

What is SSH Used For?

We have already covered the key features of SSH to know what it is used for. Let me highlight what an SSH is really used for in this section.

SSH is used by Network Administrators to manage apps and systems completely on a remote basis. More than 50% of the world’s servers, be they on-premise or cloud are managed by SSH!

It is used to secure, manage, configure, maintain and operate network servers, firewalls, routers, switches, and applications.

Therefore, there are three parameters included in SSH security:

  • Encryption
  • Authentication
  • Data integrity

You must remember that SSH is critically used to connect to a remote host in a terminal session.

How Does SSH Work?

The SSH protocol follows a client-server model. We have learned about it before as well. Just to refresh, the client-server model is a request-response model case where a server responds to the request of a host.

It connects a secure shell client application with the SSH server where the actual end session is executed. 

SSH Client

SSH performs the following functions:

  • The client initiates the network connection by contacting the server.
  • It then sends the server a public key.
  • This public key is exchanged with the SSH server.
  • The SSH client and the SSH server then negotiate the parameters and open a secure channel.
  • A user login occurs to the server host operating system.

The SSH connects to the remote system by using the following demand:

ssh UserName@SSHserver.test.com

What is the Architecture of SSH Protocol?

SSH protocol consists of three layers that are well-separated from each other. The different layers of SSH are as follows:

  • Transport layer
  • User-authentication layer
  • Connection layer

Let’s go over all these layers one by one:

1. Transport Layer:

  • The transport layer is the highest layer of the TCP/IP protocol.
  • This layer handles initial key exchange, server authentication, encryption, compression, and data integrity.
  • It sends and receives plain text packets of up to 768 bytes.

2. User-Authentication Layer:

  • This layer is responsible for handling client authentication.
  • It also provides different authentication methods.
  • The different methods of authentication include:
    • Password authentication
    • Public key-based authentication
    • Keyboard-interactive authentication/ OTP-based authentication
    • Authentication by external methods (GSSAPI).

3. Connection Layer:

  • SSH service can be provided through various channels which are decided by the connection layer.
  • One SSH connection can host various channels at the same time. 
  • Data could be sent in two directions by the connection layer at the same time.
  • There are different types of standard channels in the connection layer:
    • Shell: It is used for terminal shells.
    • Direct-tcpip: All the client-to-server connections use direct-tcpip.
    • Forwarded-tcpip: all the server-to-client connections use forwarded-tcpip.

Through all these different layers, SSH can transfer different types of data such as:

  • Text
  • Data
  • Commands 
  • Files

Bottom Line:

This marks the end of the SSH blog. In this blog, we have learned about the very important concepts of the Secure Shell protocol. This protocol is the better version of old protocols such as Telnet, etc.

We have learned the key features of SSH. Moving on, we understood the uses of SSH. Then we covered the working of the SSH protocol followed by the architecture of the protocol.

You can check out our previous blogs of CCNA course series to learn about different protocols used in networking.

Stay tuned for more blogs in our CCNA series

Keep Learning!