A Network is basically connecting two or more devices though a wired or wireless channel to share & exchange the information electronically. These devices can be computers, scanners, printers, routers, storage systems and applications etc. Based on the type of devices used in the network, they are referred as Compute Network, mobile network and a Storage Network etc. The devices in any kind of network are expected to share the information from the other resources in the network in a secure and reliable way. The devices in a network are connected through cables, telephone lines, radio waves and infra light beams etc.
Previously we learned the fundamentals of Storage Infrastructure and and its key concepts. In this post, we will explore the types of networks and its features which are used in traditional and cloud datacenters.
Network Considerations
The following points need to be considered when planning and creating any type of network in datacenters.
- Implementation – A network implementation requires lots of physical devices such as cables, network cards, routers, switches, firewalls and network softwares etc. The installation and implementation of these network devices requires the services of a experienced network engineers. This is not applicable in Cloud as these are predefined and managed by Cloud service providers
- Administration – Based on the complexity of the network designed, networks needs to be managed properly and it requires considerable time and expertise. Network administrators with right skillset are needed to manage & monitor the networks in a datacenter.
- Cost – Since network involves lots of physical devices which can reduce its efficiency over the time, they need to be replaced and the softwares has to be upgraded to keep the network up and running.
- Security – Network security is a very important capability in which every organization invests. Right policies and controls has to be implemented to prevent network security breach which may result in the fall of an entire business. A well certified security specialist should be available in every datacenter to implement right set of policies and controls.
See: What are Storage devices and storage networking
Advantages of Networks in a Datacenter
Following are the advantages of Network technology in IT Datacenter
- User and Access Management – Users and their access to the infrastructure can be managed centrally if the servers are connected in a network.
- File Sharing – Files can be shared between servers and users remotely by storing them in a centralized storage systems.
- Storage Management – Storage disks and the data in the disks can be shared across the devices in the network and users can access them as if they are attached locally.
- Resource Sharing – Regular office resources and peripheral devices like printers, scanners, and security devices can be shared and accesses through network.
- Application Sharing – Applications which are build within the same network can be access seamlessly as if they are installed on a local computer.
- Expandability – New servers or IT devices can be added in the network and they can be accessed immediately from anywhere as long as they are connected to a network.
Different Types of Networks
A network can be created to be accessed within a single room, a building, a city, a country or spanned across the entire globe. Based on how the above network types are accessed geographically, networks can be further classified as
Personal Area Network (PAN)
- It is the smallest and most basic type of network, a PAN is made up of a wireless modem, computers, phones, printers, tablets, etc., within one building.
- Personal Area Networks are most commonly used in our houses and small offices where there are less devices (less than 10 devices) connected to the network and managed from a single device.
Local Area Network (LAN)
- LANs connect groups of computers, printers and scanners etc together across short distances generally within one or two buildings to share information and resources.
- Enterprises typically manage and maintain LANs by themselves as they are dedicated to one or two organizations.
- These are the most common and widely created networks which we regularly use in offices.
Wireless Local Area Network (WLAN)
- Similar to LAN, WLANs make use of wireless network technology, such as WiFi.
- This type of networks are seen in the offices to access the LAN network wirelessly.
- This type of networks don’t require the devices to rely on physical cables to connect to the network.
Campus Area Network (CAN)
- Larger than LANs, but smaller than metropolitan area networks (MANs), these types of networks are typically seen in universities, colleges & small businesses.
- This type of network is generally spread across number of buildings which are close to each other so that users can share the information across the network.
Metropolitan Area Network (MAN)
- These types of networks are larger than LANs but smaller than WANs and they incorporate concepts from both types of networks.
- MAN network covers the entire geographic area, generally a town or city.
- Ownership and maintenance is handled by either a single person or an local organization.
Wide Area Network (WAN)
- This is more complex and larger than Local Area Network (LAN), Wide Area Network (WAN) is created to connect computers & mobile devices together which are spread across longer distances.
- This allows the devices in the WAN network to be remotely connected to each other over one large network even when they’re miles apart.
- The Internet is the best example of a WAN, connecting all computers & mobile devices together around the globe.
- WAN networks are generally owned and managed by multiple owners across the globe with similar standards because the network spans across countries.
Storage Area Network (SAN)
- This is a dedicated high-speed network that connects storage devices to multiple servers in a network. Data is shared across the SAN network via high-performance network.
- Storage through SAN network can be accessed from the server just as a drive attached to a server locally.
- Different types of Storage Area Networks can be created based on the use case such as converged, virtual and unified SANs.
Virtual Private Network (VPN)
- This type of network is created by extending a private Local Area network (LAN) across the Internet. This type of networks are also referred as Virtual Private Cloud Network (VPC) in Cloud computing.
- This is the virtual network which can be an extension to the existing LAN network or an isolated network, generally seen in Cloud deployments.
- VPN or VPC allows users to send and receive data remotely as if their devices were connected to the private LAN.
See: What is Software Defined Networking
Public vs Private vs External Networks
Based on how the network is created to access the public internet, networks can also be classified as follows
Internet
- The Internet is the public network where the devices (computers & mobile devices) can access the Internet network across many countries to exchange the information.
- This kind of networks uses Wide Area Network and are managed by multiple organizations and they follow similar standards.
- Since it is a public network, configuring security is the important consideration to prevent unauthorized access to the data that is transmitted through this network.
Intranet
- This is a private or internal network which is generally used inside an organization which is allowed to access by the employees or trusted vendors.
- Applications can be deployed and delivered internally which can be accessed via browsers internally within the company.
- Using these applications and having the employees access the information over a common browser saves time, money and prevent security threats if accessed over public internet.
- Cloud networks such as VPC and VPNs can be used to connect to the internal network allowing the access to the applications that are deployed in cloud.
- Coud services such as Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) can also utilize internal networks to deploy the applications internally.
Extranet
- The extranet is also an intranet but the difference is that this network can be extended to business partners and a external partners.
- A company can develop internal applications to share with an external business partners and provide access to the applications via internal network instead of going through public internet.
Network Protocol Overview
What is a Network Protocol ?
A network protocol is a set of rules that governs the communications between the devices on a single or multiple networks. In order for two devices to talk to each other, they must be speaking the same language. Many different types of network protocols and standards are defined over the years to ensure the devices can communicate with each other whether they are located in the same room or in another country.
What is Open Systems Interconnection (OSI) Model ?
The OSI (Open Systems Interconnection) reference Model is the popular and widely followed model by many private and public organizations. The OSI model is one of the key fundamentals of networking. It defines seven layers of networking protocols which specifies the aspects of a network’s operation that can be addressed by various network standards. The 7 layers of Open Systems Interconnection model are
- 7 Application Layer (HTTP, FTP, SMTP, DNS, Telnet)
- 6 Presentation Layer
- 5 Session Layer
- 4 Transport Layer (TCP, SPX)
- 3 Network Layer (IP, IPX)
- 2 Data Link or Ethernet Layer
- 1 Physical Layer
*Note that the numbering is from bottom to top
The first three layers defines protocols on how information is sent from one device to another over a network. Layers 4 to 7 defines protocols on how applications relate to the network through application programming interfaces. Lets look at each layer at the high level.
Layer 1: The Physical Layer
- Physical Layer is the first layer and it is at the bottom of the OSI model. This layer defines the physical characteristics of the network such as cables and network devices which form the physical network.
- It defines the types of cables & connectors and the length of the cables that can be used to form a network.
- It also specifies the electrical characteristics of the signals that are used to transmit data over network cables from one device to another device in a network.
- Ethernet cables, switches and NICs are the good examples of physical layer.
- The job of these physical components is to just transfer the signals through them but they don’t examine the contents of the signals that they regenerate. This is done at the Data Link Layer, not at the Physical Layer.
Layer 2: The Data Link Layer
- The Data Link Layer is the 2nd layer of the OSI model and it addresses the way that data packets are sent from one network device to another.
- Data-link layer protocols address things, such as the size of each packet of data to be sent, a means of addressing each packet so that it’s delivered to the correct recipient. It also ensure that two or more devices in the network don’t try to transmit data on the network at the same time.
- This Layer also provides basic error detection and correction techniques to ensure that the data sent is the same as the data received. If an error occurs, the data-link standard specifies how the node is to be informed of the error so it can re-transmit the data.
- At this layer, every device on the network has an address known as the MAC address (Media Access Control). This is the actual unique hardware address, assigned to the device from the device manufacturer
Layer 3: The Network Layer
- The Network Layer handles the task of routing network messages from one device to another in the network.
- The two most popular Layer-3 protocols are IP which is usually paired with TCP and generally referred as TCP/IP protocol. Anther popular protocols such as IPX or SPX are used for Novell and Windows networks.
- One important function of the Network Layer is logical addressing such as IP addressing. Every network device has a unique physical address called a MAC address and it cannot be changed. Where as a logical address is assigned to the network device so that it can be accessed on the network using the logical address that is assigned.
- Logical addresses such as IP addresses are created and used by Network Layer protocols, such as IP or IPX. The Network Layer protocol translates logical addresses to MAC addresses because the IP protocol must use a Data Link Layer protocol to actually send packets to devices.
- Physical and Data layer works closely together in order translate the IP address of a device into the correct MAC address for the device so that it can send the data to correct destination.
- Another important function of the Network layer is routing, which is to find an appropriate path through the network where hundreds or thousands of devices are connected in a multiple networks. Routing is needed for a computer on one network needs to send a packet to a computer on another network.
- Router is one of the common network device which forwards the packet to the destination network. Routers can be used to connect networks that use different protocols. For example, router can connect a LAN network to a WAN network that runs on a different level of protocols.
Layer 4: The Transport Layer
- The Transport Layer is the 4th layer of OSI model at which one network device communicates with another network device or a computer. TCP protocol is the example of the Transport layer.
- The main purpose of this layer is to ensure that packets that are transmitted over the network are sent reliably and without errors.
- The Transport Layer establish connections between network devices, acknowledging the receipt of packets, and resending packets that are not received.
- Transport Layer protocol also divides large messages into smaller packets that can be sent over the network efficiently. It also reassembles the message on the receiving end to ensure that all packets contained in a single transmission are received and there is no loss of data.
Layer 5: The Session Layer
- The Session Layer establishes sessions between the network devices for data exchange.
- A session must be established between the devices in a network before data can be transmitted.
- It makes sure that these sessions are properly established and maintained.
Layer 6: The Presentation Layer
- The Presentation Layer converts the data sent over the network from one type of representation to another.
- This layer can apply techniques like compression & encryption before the data is sent over the network. At the other end of the transmission, it then uncompresses and decrypts the data.
Layer 7: The Application Layer
- The 7th layer and the top most layer of the OSI model is the Application Layer which deals with the techniques that application programs use to communicate with the network.
- It represents the level at which application programs interact with the network, using programming interfaces (APIs) to request network services.
- One of the most commonly used application layer protocols are HTTP and HTTPS, which is the basis of the World Wide Web or internet.
See: What are Storage Area Network (SAN) Protocols
Types of Network Devices and Network Ports
To create a network, we need different types of devices such as computers, routers, switches, interface cards and other equipment that are needed to perform data-processing and communications within the network. Below are some of the commonly used network devices in both cloud and on-prem datacenters.
Network Devices
Hub – It is a physical device that works at the physical layer of the OSI model. It is used to connect multiple network devices together to send and receive the data in the form of an electrical signal.
Repeater: A repeater is a physical device also works at the pysical layer of the OSI model and it is used to amplify the signal. When the signal gets weaker due to the interference’s as it travels along the network the repeater job is to regenerate that signal so it can travel more distance.
Bridge: This is also a physical device but works at the Data link layer of OSI model which creates multiple network segments. The bridge maintains the information of what systems reside on what segments by their MAC addresses and it filters the traffic by only sending the data to the network segment that the destination system resides on.
Switch: The switch is another important network device works at the Data link layer of OSI model and it is an advanced version of a bridge. Each port on the switch acts as a network segment and the traffic is filtered by sending the data only to the port on the switch where the destination MAC address resides. It stores each MAC address and the port information in the MAC address table.
Router: A router is another physical network works at the network layer of OSI model that handles routing of data from one network to another network. The router stores the list of destination networks in the routing table in the routers memory which is used for routing of data traffic to correct destination.
Also Read: Virtual components in a Cloud Datacenter
Network Ports
Every network device has ports assigned to it by the manufacturer through which the device can communicate with other devices. For example, a server needs to be connected to keyboard, mouse, internet and printer via physical port through cables.
- Network ports also serve similar purpose but to communicate with the other computers in a network. These network ports are provided by the TCP or UDP protocols at the Transport layer of the OSI model and used by protocols in the upper layers of the OSI model.
- Port numbers are used to determine the protocol of an incoming traffic to direct to the correct port destination.
- Ports allows the application to use single IP address to run its services. Many applications are assigned their own unique port number and when an application needs to access a service on the remote server, a field within the TCP or UDP header will contain the port number information to access the application services.
- Each port number identifies a distinct service, and each host can have 0-65535 ports per IP address. Ports are assigned to the network devices when a session is established, and then released when the session ends.
- Trunk port is the technique which is used to interconnect more than one network on a port. This feature prevents having multiple ethernet ports on servers, switches, routers, firewalls, and load balancers since Ethernet ports is not required for each network or VLAN.
- Port Binding or Port Aggregation is another important technique used in cloud which allows aggregating two or more Ethernet ports together into a single logical channel.
- This technique allows for higher-speed interconnections by connecting multiple Ethernet ports together between a switch and a hypervisor running many virtual machines. This will allow for higher bandwidth in and out of the hypervisor.
- If one port fails, all the traffic on that port can fail over to the remaining channel for redundancy.
Also Read: What is Hypervisor ?
Usage of ports is regulated by the Internet Corporation for Assigning Names and Numbers (ICANN). There are three categories for ports defined
- From 0 to 1023 – These are well known ports assigned to common protocols and services.
- From 1024 to 49151 – These are registered ports assigned by ICANN to a specific service such as 80 (HTTP), 443 (HTTPS) and 22 (SSH) etc.
- From 49152 to 65535 – These are dynamic ports range from 49,152 to 65,535. Can be used by any service on an adhoc basis.
Commonly used Network ports in Cloud Computing
Lets see the common and widely used network ports that are using by the applications deployed in cloud computing.
- Port 80: Port 80 is reserved for the HTTP protocol which is used for World Wide Web traffic.
- Port 20, 21: Port 21 is reserved for use by the File Transfer Protocol (FTP) application. The FTP server works on port 21 for receiving incoming client FTP connection requests.
- Port 22: The Secure Shell SSH, Secure Copy Protocol (SCP) and Secure File Transfer Protocol (SFTP) all use port 22 for communications. This is how we access linux servers in Cloud.
- Port 23: Port 23 is used by Telnet for enabling command-line interface connection to a device in a network.
- Port 25: Port 25 routes mails between email servers and it is generally referred as Simple Mail Transfer Protocol (SMTP).
- Port 53: Port 53 is used by Domain Name System (DNS) service using UDP port 53 for DNS lookups, which is the standardized port for DNS requests.
- Port 443: Port 443 is used for secure HTTP connections. Hypertext Transfer Protocol Secure uses port 443 to set up an encrypted connection from browser to a secure web server in the cloud using the SSL/TLS secure protocols.
- Port 68: Port 68 is used by Dynamic Host Configuration Protocol (DHCP). Many devices on a TCP/IP network do not have statically defined IP configurations and they rely on the DHCP to automatically download its network configurations when the device connects to the network.
- Port 3389: Port 3389 is used by Remote Desktop Protocol (RDP) to enable connection to a windows server. This is how we connect Windows servers in Cloud.
Types of network Service Protocols
Network services allows the devices in a network to perform certain tasks such as sending files or email, accessing a web server, and doing background tasks such as performing a DNS name query. These tasks are generally referred as Network services and the devices needs to follow some protocols in order to use these services. Below are some of the commonly used network service protocols in cloud computing.
Hypertext Transfer Protocol (HTTP): This protocol uses port 80 and is a common application to enable services on web and primarily used on web browsers to access WWW services in the cloud.
Hypertext Transfer Protocol Secure (HTTPS): This protocol uses port 443 to provide the secure and encrypted connection to the application through web browser.
The File Transfer Protocol (FTP): This protocol is used to send and receive files between servers on a network and it uses both ports 20 and 21.
File Transfer Protocol Secure (FTPS): This is the encrypted version of the File Transfer Protocol and uses ports 989 and 990. FTPS uses the TLS/SSL encryption processes to encrypt the data that is transmitted over the network.
File Transfer Protocol (SFTP): This protocol is closely related to FTPS and uses port number 22 for secure file transfers over SSH connections.
Secure shell (SSH): This is the encrypted version of the Telnet protocol and is used to access remote devices using a command-line interface and it uses port 22. This is widely used protocol in order to access linux based servers in cloud.
Domain Name System (DNS): This is a well-known service uses port 53 for translating the network address (such as IP addresses) into human readable names such as Domain Names (mycloudwiki.com) and vice-versa.
The Dynamic Host Configuration Protocol (DHCP): This protocol uses port number 68 and it allows automatic assignment of IP address information to the devices on a network. This eliminates manually configuring IP address information.
The Simple Mail Transfer Protocol (SMTP): This protocol uses port 25 and is used to send email messages between mail servers.
Also Read: What are the Storage Area Network (SAN) Protocols ?
Types of Network Configurations and Operational Techniques
Based on the size and complexity of the network, various techniques can be used to configure optimal network in the cloud data centers.
NAT Network Address Translation (NAT)
- The basic function of NAT is to translate the private IP address space to a public IP address before sending data over public internet from source to destination and vice versa.
- The TCP/IP is the widely used networking protocol and is the only protocol routed over the Internet. TCP/IP has a numbering scheme that allows for a unique identification of each endpoint in a network such as IP address.
- When the server is routing over the Internet, it must acquire and use a publicly assigned IP addresses. Assigning public IP address to all the servers that needs public internet access is not possible due to the IP V4 address space limitation.
- Due to this the private addresses are often used such as 10.0.0.0, 172.16-31.0.0, or 192.168.0.0 which are defined in RFC1918. But with these private addresses, servers can’t connect to the Internet.
- To resolve this issue Network address translation (NAT) technique is used where the private IP address is swapped with the public IP address before sending the packet out over the Internet. This public address sometimes can be one or two IP address for the entire organization based on their public network requirements.
- When the packet returns, the public IP address is removed, and the original private IP address is put back in the packet and sent internally to the computer requesting the data.
- The sending computer with the private address has no idea at all that its IP address was swapped with public IP address.
- Also, the receiving computer only sees the publicly assigned IP address and not the original private address. This whole process is called NAT.
Port address translation (PAT)
- The purpose of Port address translation is to reduce the number of public reachable IP addresses an organization or cloud provider must own. This technique helps in reducing the depletion of public IP address blocks.
- PAT allows tens, hundreds, or even thousands of hosts in a private network to have private addresses assigned to them in the 10.0.0.0, 172.16.0.0, or 192.168.0.0 address space, and these devices can use single public IP address to access the Internet.
Subnetting/Supernetting
- Subnetting allows logical grouping of IP address space to determine the computer IP address for each of the computers, servers, or devices on that network. This process is called subnetting.
- Internet addresses are allocated the organization which administers the Internet. These IP addresses are divided into classes A, B, C, D and E. and the commonly used classes are A, B, and C only. Following are the default ranges of Class A, B, and C Internet addresses.
-
- Class A – These networks use a default subnet mask of 255.0.0.0 and have 0-127 as their first octet. For example 10.51.35.21 is a class A address.
-
- Class B – These networks use a default subnet mask of 255.255.0.0 and have 128-191 as their first octet. For example 172.16.51.62 is a class B address.
-
- Class C – These networks use a default subnet mask of 255.255.255.0 and have 192-223 as their first octet. For example 192.168.124.122 is a class C address.
- Supernetting is similar to subnetting but in reverse. A smaller networks can be combined with other networks to make one larger network. Supernetting is used when there is a need for large block of addresses.
VLAN and VLAN Tagging
- VLANs or Virtual LANs are logical grouping of devices or a group of devices on one or more LANs that are configured to communicate as if they were attached to the same network.
- VLANs reduce security risks by reducing the number of hosts that receive copies of frames that and the hosts can hold sensitive data on a separate VLAN to improve security.
- Flexible network designs can be created to group users by department instead of by physical location.
- Network changes in a VLAN can be implemented easily by just configuring a port into the appropriate VLAN.
- VLAN tagging is a technique where more than one VLAN is handled on a port and it tells which packet belongs to which VLAN on the other side.
Routing Tables
- In any type of network, routing of information from source to the correct destination is the fundamental functionality. In Cloud Computing, this is achieved by using intelligent routing protocols and routing table, on how to reach the different IP networks both locally and across the Internet.
- For internal routing Interior Gateway Protocols (IGPs) is used. Some of the members of this routing protocol family are OSPF, IS-IS, EIGRP, and RIP.
- To interconnect with networks outside of the internal network, the Border Gateway Protocol (BGP) is used. BGP is the external routing protocol which is used for both public and private data networks.
- All these routing protocols gather information about remote networks and calculate the best way to forward the packets to those remote networks.
- Based on the identified routes, each protocol will create its own routing table. The best route to the destination is determined by evaluating the routing tables and a forwarding table is created.
- The forwarding table is then used by each router to determine where to forward each packet to its destination by looking at the local routing table.
Network Optimization Techniques
Network must be monitored continuously and necessary steps should be taken to improve network health and remedy issues as they arise. A network management system can also be configured to generate reports and alarms on the network that are out of a normal operational threshold. Following techniques can be used to optimize the network performance.
- Qualify of Service (QoS): Quality of service (QoS) can be configured on each layer of the network that will define the priority of the traffic being sent across the network. For example, backup traffic can be prioritized over regular traffic. Each packet has information in its headers which can be used to make QoS decisions to favor one type of traffic over another.
- Network Bandwidth: Bandwidth is the important factor to be considered when deploying applications in the cloud. Proper planning and measures to be taken when deciding to send the traffic from on-prem to cloud datacenters. Many design considerations must be understood and followed to allow for a properly functioning network.
- Network latency: Latency the delay or time it takes for data to traverse a network. This is the critical factor to determine the network performance and appropriate measure have to be taken to improve the latency when deploying applications in cloud. Many network management tools are available to track latency and even generate alerts if latency exceeds a predefined threshold.
- Compression: This technique reduces the size of the data either being stored or traversing a network. Compression requires less bandwidth and more data can be sent over an existing network. However, the compression and decompression process can be CPU intensive and can add to the latency of the network because the data is delayed as it gets compressed.
- Caching: If caching is enabled, the commonly accessed files or data are stored closer to the host where it is being accessed. Caching technique reduces the response times for accessing the information and reduces the bandwidth required on the network since the data is stored locally. Several types of technologies are used in caching, for example web proxy servers are often used to cache common web pages locally for clients, thus reducing the need for web browsers to download the same files over the WAN. Caching techniques has to be implemented in the cloud for fast retrieval of content from cache instead of having to retrieve the content from a host server or back-end database.
- Load Balancing: Load balancing distribute the load to one or more servers to meet the performance requirements of web, DNS, or FTP servers; firewalls; and other network services and to achieve redundancy and scalability. Load balancer offloads some of the applications tasks from the application server such as SSL termination, compression, and TCP handshakes. Therefore, can be achieved.
- Subnets: Application servers having similar network and security requirements can be created in a single subnet. This will also ensure that the devices can send data directly to each other on the network and not have to traverse a routed interface. This decreases the network workload and increases performances since all communications are local and also efficient firewall rules can be created to restrict and permit traffic that is allowed to and from this subnet.
See: Storage Optimization Techniques
Troubleshooting Basic Network Connectivity Issues
Cloud network infrastructure often changes as new requirement arise and also it changes as new services, servers, and storage are added. Network should be monitored using tools and operating system command-line utilities to ensure that the network configurations are in desired state. These network utilities can be utilized to test network connectivity, resolve domain names, look at routing tables and log into remote devices etc. The tools commonly used to configure and troubleshoot the cloud network infrastructure are
Ping: The ping command is used to verify if a device is available on the network and it also tries to get response at the same time. It will send a packet to a remote IP address and receives an acknowledgement. This ping test confirms that the IP address which is attached to the device is configured correctly and the connection can be established.
Tracert/Traceroute: The traceroute utility is useful for network troubleshooting. This utility shows the path from source to destination. This helps to determine if the routing is working as expected or if there is a route failure in the path. If a DNS name is associated with the IP address, the traceroute utility can resolve the IP address to help identify the device that the trace utility is taking. On windows OS, the command-line utility is tracert, and on Linux the command is traceroute.
Telnet: It is a terminal application that allows logins over a command prompt to a remote device. The Telnet application allows logging into remote servers in the cloud as if they were locally connected. This is not secure as all the commands are sent over the network in the clear unencrypted format. Due to this limitation, the SSH is widely used which allows encryption.
Netstat: This utility is used to find the network statistics on both Windows and Linux servers. It shows the detailed information about the network connections that are currently open to remote applications.
Nslookup and dig: These command utilities are used to resolve hostnames to IP addresses using a domain name server (DNS).
ipconfig/ifconfig: ipconfig is on Windows and ifconfig is on Linux are command line utilities used to verify and configure the local network interfaces. It shows both IP versions 4 and 6 protocols on the command prompt.
route: This command line utility is used in troubleshooting network reachability issues by looking at the local workstation’s or servers’ routing tables.
Review System Logs: Most computing, storage, and networking services generate system log files with detailed information about the events occurring at the OS level. There are different types of information recorded in the syslog from highly critical to informational. These logs should be stored in a safe location such as syslog where they can be retrieved and reviewed in case of a device failure. A syslog server can be used as a central storage of logging information. Different types of tools are available i the market that can search these syslog files to correlate events and look for malicious activity, among other tasks.
Review Documentation and Device Configuration Settings: In some cases, device documentation can include a detailed explanation of the configuration of all devices in the network for which the cloud consumer is responsible. Referring to the device manual and documentation can also guide the troubleshooting path.
In the next post, we will look at the Fundamentals and Basic concepts of security, different types of security threats and possible security controls to consider for protecting the data and information in Compute, Network and Storage components.