NetBeez is launching another new series that will be featured bimonthly on our blog! ‘Network Topologies: A Techie’s Guide to Network Engineering’ will cover a variety of subject matter all pertaining to network monitoring and network engineering – from a techie’s perspective.
My name is Steven Prugar; if you are a NetBeez customer, then we have most likely already met. For those that I have not met, I am the Customer Success Engineer for NetBeez. My background is a hybrid between sales and technology.
The goal of this series is to uncover networking from a high level perspective. I will explain some key fundamentals for those who do not work directly in the field or may not be Network+ Certified.
Today, we will be diving into a few basic concepts:
- LAN
- VLAN
- WAN
- VPN
All of these are very much relevant in 2021, especially given the current climate.
The Basics
Before we dive into some introductory material, there are a few basic concepts that you need to be familiar with. We will be discussing routers, switches, IP Addresses, network devices, DHCP servers, etc. Below is a basic definition of each:
Router – A networking device that is responsible for forwarding packets between networks: routers use IP addresses to make routing decisions.
Switch – A device that is responsible for connecting computers together within the same network (behind a router).
Packets – A packet is the smallest unit that can be transmitted across a computer’s network. For example, a large message/file is sent as packets over the internet.
Network Devices – Any device such as a printer, scanner, NAS (Network attached storage), laptops or desktops that are connected to the network.
DHCP Server – A network server that is responsible for assigning IP addresses to network devices.
IP Addresses – A numeric string of characters assigned to a network device, server or client. IP addresses are used to uniquely identify a computer and enable communication over an IP network. These can be internal/private such as 10.0.0.1 (default Comcast router IP) or public such as 70.100.45.10.
What’s a LAN?
A LAN (Local Area Network) is a collection of network devices typically centralized in one physical area such as an office building. Think of your home network or your local office network. These often include a one router, one or more switches, and other network devices such as printers, storage devices, desktops and laptops. In a LAN, each device can see and communicate with other devices on the network.
Generally, every device is assigned an IP Address from the DHCP server with an exclusion of the local router. In a home network, your main router will create a LAN so you can have many devices see each other and connect to the Internet. Each device will have a unique IP and that is how you can communicate between devices.
Sometimes setting up a printer may require you to search it by the IP address which is often on the touch screen of the printer. In the case of Comcast routers, if you search 10.0.0.1 in your browser, it will bring you to the login screen of your router. This section will have many elements regarding your LAN setup, DHCP server information, and much much more.
What’s a VLAN?
A VLAN (Virtual LAN) is a way of segmenting devices in a virtual way rather than in a physical way. This technology facilitates the separation of devices by departments such as IT, Finance, Marketing, etc.This can be done on the same network switch by assigning ports to specific VLANs, thus reducing the need for additional switches.
VLANs make network segmentation much easier. For example, it’s possible to have a printer in the marketing department and all of their workstations on a separate VLAN from finance and support. It also allows for better access control, such as separating sensitive data (e.g. networks that process credit card or patient information) from the rest of the users.
What’s a VPN?
A VPN (Virtual Private Network) is a secured tunnel or connection established between any two devices. VPNs are also used to protect user traffic from unauthorized interception across a public network (like the Internet). In the consumer space, popular VPN services may include: NordVPN, Expressvpn and Surfshark. They all fundamentally do the same thing: securely encapsulate and transport user traffic from point A to point B.
In the business world, VPNs are often used to connect remote branches to the headquarters using the Internet. This configuration replaces leasing expensive fiber connections or long haul circuits. Another use case, very common in recent months, is to enable employees to work from home while keeping the same access to corporate services and applications as they did when they were at the company’s offices.
There are two types of VPNs, split tunnel and full tunnel.
Split tunnel VPN
Split tunnel VPNs allow you to use your local Internet connection to access public websites and use the VPN to access a private network and its services. For remote employees, this is the most flexible option as it allows them to access the company’s applications but also not saturate the company’s Internet bandwidth when remote users are streaming video or downloading files, for example.
Full tunnel VPN
Full Tunnel is when all user traffic is routed through the VPN tunnel, including Internet traffic. This may limit your ability from accessing certain websites or your local network at home while you’re connected to the VPN. Full tunnel is more secure as all your traffic is encrypted and can be centrally enforced from a security policy perspective. On the other end this type of VPN configuration can reduce network speed, increase network latency and application loading times, etc. But often this is a necessary need for companies in the healthcare and financial sectors (e.g. HIPAA or PCI).
What’s a WAN?
A WAN (Wide Area Network) is a group of LANs connected together via physical leased fiber lines or via a VPN to allow for communication across large areas. The primary goal of a WAN is to connect remote branch offices together so everyone can access shared common resources such as storage, email servers (on-prem), internal web applications and more.
As mentioned above, a WAN will either need a dedicated fiber line from each office together (such as leasing from an ISP) or use a VPN (see above) that gives you secure access across the Internet to access the datacenter or even other remote offices. While consumers do not utilize WAN networks, this would be like connecting everyone in your family from different houses together.
Conclusion
The basics of networking is actually not as complicated as one would think. There are some key elements that, once understood, make you realize how they really work. Take a look at your home setup, for example. Your printer has an IP Address that your computer recognizes, allowing you to communicate with it. Your router is assigning IP addresses to network devices such as your phone or tablet.
Stay tuned, next blog in this series we will be covering the OSI Model – a topic that is extremely important for understanding networking!