Security Sage's Guide to Hardening the Network Infrastructure
This text provides detailed, hands-on coverage on how use network devices, protocols and design techniques to optimize the security of your Enterprise Network.
TABLE OF CONTENTS Security Sage's Guide to Hardening the Network Infrastructure
Moving Switching beyond Layer 2
Conventional switching uses MAC addresses to move traffic to the correct switch ports at Layer 2 of the OSI model. Networks have grown far more complex since the first switch entered the market, and as such, network engineers now require switches that can move data based on more than just MAC addresses. These advanced switches can now use information from higher layers of the OSI model. As such, we say that these switches can perform multilayer switching.
Understanding the Need for Layer 3 Switching
Switches do an excellent job of eliminating collisions from the network, allowing LANs to grow much larger than with hubs. This does not mean, however, that a switched network can grow indefinitely. Switches deal with the garbage and congestion from Layer 1 and Layer 2 of the OSI model, but there are five more layers above those, and each of these layers can add its own special problems to the network. Layer 3, the network layer, creates protocol-based connections between network devices. Most administrators will recognize IP, IPX, AppleTalk, and NetBEUI as common protocols at this layer. Instead of the MAC addresses that Layer 2 uses, Layer 3 uses protocol addresses configured through software.
Protocols at this layer fall roughly into three categories: routable, unroutable, and routing. A routable protocol by definition can transmit packets between multiple networks or subnets; an unroutable network cannot. Routable protocols use routing protocols to find the routes that they need to get from network to...
Copyright Syngress Publishing, Inc. 2004 under license agreement with Books24x7
