Networking Fundamentals
Any time you allow two or more devices to share information, you create a network. These most often connect you to other networks, like the Internet, or you can do stuff to let one campus talk to another. You can think of a network sort of like electricity. You have outlets that you plug into that go to your breaker box, which goes to the power company. In a network, you have "data outlets" that connect to your computer and to switches and other network gear that connect to your Internet service provider.
AP
Overview
Wireless Access Point (WAP or AP) - computers, phones and other devices connect to this to get to the Internet or use campus resources like printers. It uses signals like "Wireless AC" or "Wi-Fi 6" and 5ghz or 2.4ghz to talk between your device and itself, and then passes your information along to switches, Routers and Firewalls to get you where you are going. Enable primarily uses Ruckus or Aruba Instant On equipment, but some clients have other vendors. Most often there are many APs at a client and a Wireless Controller is used to manage them.
ARP
Overview
A networking protocol that helps connect a MAC Address to an IP, among other use cases, like DHCP.
tags: #networking #services
Auvik
Overview
A Network monitoring tool that lets us see what is happening on the network remotely, alert us about failures, downtime, or errors, and make configuration changes without needing a physical visit to the location. Another helpful function is that this tool will backup configurations for the network gear the tool discovers.
tags: #networking #Enable_Tools
Bluetooth
Overview
Bluetooth creates what is known as a "Personal Area Network" by linking devices together to do things like provide sound and microphone capabilities to a headset. It is possible to connect to printers this way, as well, but in an environment with lots of users connecting to Wi-Fi this can start having issues due to the fact that it still uses radio waves. Therefore, we do not recommend this for ChMS check-in applications.
tags: #BasicTerms #networking
CLI
Overview
Command Line Interface - when you run CMD (Command), PowerShell, Terminal, etc. or configure a Switch in the CLI you are using a text based program to gather information or make changes to a system.
tags: #networking #servers #services
Client Isolation
Overview
The ability to make Wireless Networks (or wired) treat every device on the same network as if they were the only ones connected. When this is enabled my device can only access the Internet but nothing on the local Network unless specific exceptions are made. This secures open networks, such as the Guest Wi-Fi network (see WLAN). See Zero Trust.
tags: #networking #wireless
Co-Location
Overview
Co-Lo - Co-Location - Some vendors sell space in a managed facility where you could set up a Server with Network equipment that connects to your other location(s) to provide physical redundancy or overcome physical or power constraints at your main physical location. This isn't really the Cloud because you still operate the equipment.
Dante
Overview
Dante is a program and protocol made by Audinate for AVL purposes. It allows you to plug in audio and/or video devices into switches to provide transmission of sound and video between all of these devices. The benefits are similar to VOIP in that you reduce the need for even more wires. The potential setback is that it most often runs on Multicast and if plugged in to the wrong Network can bog down traffic when not properly configured and maintained, even to the point of making the entire network unusable.
tags: #AVL #networking
DHCP
Overview
Network stuff. - It's the DMV of the Network - it gives your computer a temporary "license plate" for identification purposes. We call this the IP Address. DHCP can do many other things, but this is the basic need it solves.
tags: #networking #services
DNS
Overview
Network Stuff - It's the phone book of the Network. It matches names with numbers (IP) so that you can go to dns.google.com instead of 8.8.8.8 in your Web Browser. In this example "dns.google.com" is the FQDN - fully qualified domain name.
tags: #networking #services
eFax
Overview
The ability to use a service to deliver and send faxes without relying on old fax machines or POTS lines. These are most often SaaS solutions. eFax is the name of a vendor, but others exist, like HumbleFax or MyFax.
tags: #BasicTerms #phones #networking
Ethernet cables
Overview
Cat 5/Cat 5E/Cat 6/ CAT 6a – types of copper ethernet data network cable. You may hear "Copper Patch Cable" or copper wiring, referring to these. They use copper wires and have a hard limit on how long the cable can be to effectively deliver data (100 meters, 328 feet).
Single Mode, Multimode, fiber "runs" or fiber patch cables - items that connect network switches to each other (among other use cases). These are fiber optic cables that contain glass in the middle instead of coper wires and can travel for many miles with the right attachments (Transceiver).
tags: #network_hardware #networking
Firewall
Overview
A security device that inspects network traffic. It's like the truck weigh stations on the highway. If you are headed from point a to point b, they stop you to make sure you are following regulations. We typically use SonicWall. Protects your data from the Internet baddies. Protects your data from guest Wi-Fi users on your Network. See UTM.
tags: #networking #network_hardware
FTP
Overview
FTP (SFTP) - a way to connect to a remote Server or device to upload and download files. Common with website design so that creators can upload media files that the site uses. SFTP is the secure way. We must use extreme caution when allowing this type of connection over the Internet. A related service exists named SCP (or WinSCP) that is a bit safer due to its encryption mechanisms, but is not "built-in" to as many servers as FTP/SFTP.
Internet
Overview
The Internet, as a term, is used colloquially to just mean what I see "when I go online" by using a web browser. A slightly more precise definition is the world wide network of Internet service providers (ISP) who all talk to one another to make it possible to have things like web pages. See Types of Internet Delivery.
tags: #networking #BasicTerms
IoT
Overview
Internet of Things - devices like smart thermostats, garage gate controllers, smart lights, etc. These devices have a bad track record for safety and need to be isolated from sensitive information. We do this with a VLAN dedicated to this purpose so that the rest of the trusted Network is protected.
tags: #networking #network_hardware
IP Address
Overview
This is a static or temporary (by DHCP) way to identify a computer or device that is on your Network. It is in the format: 10.0.3.1. IPv6 is another version of this that is very rarely used internally, but will show up on ISP gear or on the Internet.
tags: #networking
ISP
Overview
Internet service provider. Provides the Internet connection to a location from a company like Comcast, Spectrum, or AT&T.
tags: #networking
Live Stream
Overview
The Live Stream is the way AVL teams can put a real time output of the sound and video happening during an event onto the Internet. Typically there is a device used to "encode" the camera and sound feeds and "push" them to a service like YouTube, Facebook, the church website, etc. Resi is Enable's top recommendation for Live Streaming services.
tags: #AVL #BasicTerms #networking
MAC Address
Overview
Every device that connects to a network has a MAC address (Media Access Control address) configured on its Network Adapter. This is the unique sequence of numbers and letters that is the foundational identity of that device on the network. Networked devices talk to each other with this address, but it is really difficult to read and remember and that is why we have things like DNS, IP, and DHCP all of which combine to make easy to remember ways to refer to computers and other network devices.
tags: #networking #network_hardware
MDF and IDF
Multicast
Overview
Networks use several different methods to send information to devices. Unicast is a two way communication between just two devices. Broadcast is one device talking to every other device on the same network. Typically this is a "short term" interaction looking for something like DHCP. Multicast is is often a ''long term" conversation in which lots of devices are constantly sharing information with each other. We often refer to this as "chatty," and it can be very disruptive to normal operations if not configured properly. Dante and QSys are protocols used by AVL to provide sound and/or video over the network that use multicast. NDI is a video protocol that uses multicast.
tags: #AVL #BasicTerms #networking
NAT
Overview
A policy on the Firewall that lets you connect to something in your local network from the Internet. It stands for Network Address Translation. NAT can be used for more than this, but that is the most common reason you'd hear about this term.
Port Forwarding is (incorrectly) used as a synonym for this service, but it achieves similar goals.
tags: #networking
NDI
Overview
Network Device Interface - this is a program used by AVL to send video streams over the network. One common scenario is the use of TVs in lobbies, overflow rooms, or nursery areas so that people who are not in the auditorium/worship center/sanctuary can watch the service in real time. SDI is a similar product that connects directly via analog cables.
tags: #AVL #networking
Network
Overview
Any time you allow two or more devices to share information, you create a network. These most often connect you to other networks, like the Internet, or you can do stuff to let one campus talk to another. You can think of a network sort of like electricity. You have outlets that you plug into that go to your breaker box, which goes to the power company. In a network, you have "data outlets" that connect to your computer and to switches and other network gear that connect to your Internet service provider.
tags: #networking #BasicTerms
Network Adapter
Overview
The network adapter is the part of a computer or other device that connects it to the Network. Sometimes this is called a NIC. This can be use in wired (plug it into a wall socket with Ethernet cables) or wireless scenarios. These can be built directly into the system, or you could add one onto a system via USB or some other connection point.
tags: #networking #network_hardware
On-Premises
Overview
On-Prem (On-Premises)- The opposite of the Cloud. You host your own Servers or services on equipment located at your physical location. A Co-Location is similar in that you own all of the gear.
tags: #servers #networking #BasicTerms
ONT
Overview
The ONT or Demarcation Point (Dmarc for short) is the physical location where connection to the Internet Service Provider or telephones comes into the building. This Dmarc is not the same thing as the Email Security tool.
tags: #networking
POE
Overview
Power over Ethernet - the ability for a Switch to send both data and electricity to a device (like an AP or security camera) over copper Ethernet cables. Some switches deliver this natively, but sometimes you need to purchase a power injector. Different devices require more or less power, and passive versus active power delivery, so it it critical to plan for this.
tags: #networking
POTS
Overview
POTS - Plain Old Telephone Service - the old style of home or business phones that connect directly to the PSTN (public switched telephone network - the way all TelCo (telephone company) providers talk to one another). These have recently been "deregulated" and most phone companies are trying to either get rid of them, or charge exorbitant rates for them. There are still quite a few of these in use for monitoring elevators or fire/burglar alarms or faxing. We should be working toward migrating to modern Phone Systems and eFax solutions and moving elevator and alarm systems to cellular dialers where allowed by law.
tags: #networking #phones
QoS
Overview
Quality of Service - a special configuration on Network gear, like switches, that prioritizes some traffic over others, like giving meetings, voice calls, and streaming a higher preference in which traffic is sent first, making others "wait in line."
tags: #networking #network_hardware
QSys
Overview
This is a similar protocol and program to Dante with the same risks and rewards.
tags: #AVL #networking
Remote Access Tool
Overview
A type of software that allows you to connect to a device on your campus Network from any other location. Virtual Private Networks will typically allow you fuller access to the entire network, whereas one of these remote access tools are more typically direct access to a single resource. Enable uses ConnectWise Screen Connect (CWSC) for this. Team Viewer, Jump Cloud, Parsec, and many other tools exist for this purpose. CWSC is typically safer due to the granular permissions and controls we can set and the limited access this provides to the connecting device. Remote Desktop is a Windows Server version of this that can be made secure, but by default is not the safest option to offer over the Internet.
Router
Overview
This is often on the same device as the Firewall and may be (incorrectly) used interchangeably. - It is the GPS for the network that tells information how to get from point A to point B. typically run on the SonicWall and/or on a "Core" Switch. You may hear the term "Gateway" when discussing this subject. That is the configured "root" IP for the network that lives on the router. Another common mistake is to call all Wireless Access Points routers. This is the case for many consumer (home use) and some business use devices, but not in large scale networks.
tags: #networking #network_hardware
Spanning Tree
Overview
STP - Spanning Tree Protocol - a protective mechanism of your switches that helps prevent erroneous data transitions. Think of this like a traffic circle. Without paying attention to good signs instructing you where to go, you just circle forever, disrupting everyone else.
tags: #networking
Switch
Overview
Following the electricity analogy, a switch would line up with the breaker panel(s) that connect outlets to the main power source. Devices are connected to the switch by Ethernet cables. You may hear "Core," "Layer 2," or "Layer 3," as ways to identify different types of switches. Ruckus and Aruba Procurve switches are most prominent for our clients. It is possible to link multiple switches together to "act as one," and this is referred to as a "stack."
Transceiver
Overview
Transceiver - the equipment that connects fiber cables to switches. It contains a laser that provides the light signal for data transmission. Erroneously called GBIC often times (this was an older and proprietary Cisco version), or SFP or SFP+ (plus) adapter. Some switches can use SFP28, SPF56, or QSFP. They are all types of transceiver but vary in speed or distance the laser can reach.
tags: #network_hardware #networking
Types of Internet Delivery
Overview
Coax - Uses the same wires as cable TV with a special device called a modem to provide Internet. Usually these have pretty fast Download speeds (I'm consuming the information) but slow Upload speeds (I am pushing my Live Stream to the Internet). These Internet Service Providers are typically considered "business class" and not "enterprise class," which often means the provider expects it to have problems more often and downtime will last longer. Because of this these will come with a higher wait time SLA (service level agreement) or they may not HAVE an SLA and call support "Best Effort." These circuits are shared by multiple locations, so if lots of people are on that circuit you may not get the "promised" speed. These are great for backup ISPs, but we must set realistic expectations for what will or will not work the same if we need to use this secondary circuit.
Fiber - this is divided into "Consumer Grade" or "Business Class" and "Enterprise class" or DIA.
Anything other than DIA (Dedicated Circuit for only you) may have some of the same drawbacks as Coax, especially the "shared Circuit" limitation. Most often these provide the same upload and download speeds and are therefore better for Live Strreaming and hosting On Prem servers.
tags: #networking #network_hardware
UTM
Overview
Unified threat management. Software for your Firewall that keeps the bad guys out. This includes "Gateway Antivirus" that scans incoming data for viruses, IPS - Intrusion Prevention, that tracks behaviors of someone trying to break in, GeoIP - a filter that can block Internet traffic based on physical location (like blocking Russia), and Content Filtering - the ability to block certain types of websites based on content, like inappropriate adult sites.
tags: #networking #network_hardware
VLAN
Overview
In old IT, to create a network, you plugged in several computers to a Switch or hub. This is called a Local Area Network. If I didn't want computer A to talk to Computer B, but I wanted it to be able to talk to the Internet, I'd have to have 2 sets of switches with different things attached. A Virtual Local Area Network (VLAN) uses software to divide a single switch into multiple "networks" instead of having to buy "side by side" networks of switches.
tags: #networking #networking #wireless
VPN
Overview
Virtual Private Network - these are primarily used in one of two ways. 1. Privacy - your device connects to a server that "hides your location and identity" from what you are connecting to on the Internet. 2. Connecting individual devices that are off campus to campus resources, or even "joining" two different campus Networks together over the Internet using special software that keeps the information exchange private. Unfortunately, some of these services have become a major target of the bad guys and we are beginning to steer clear of them for individual use. The biggest difference between VPN and a Remote Access Tool is that VPN can be used to help your computer connect to your campus network as if you were on site, giving you the same access abroad as you have locally to all systems and resources.
tags: #networking #remote_access
WAN
Overview
"Wide-Area Network" as opposed to local Networks, this is the connection to the outside world. Sometimes used synonymously with the Internet.
tags: #networking
WAVES
Web Browser
Overview
A program like Microsoft Edge, Safari, or Firefox that allows you to browse the Internet.
tags: #networking #BasicTerms
Wi-Fi
Overview
Wi-Fi is the method used to connect to a Network using wireless connectivity (radio waves). It requires APs that connect to switches.
tags: #networking #BasicTerms
Wireless Bridge
Overview
Sometime there is not a feasible way to run a Ethernet cables from one area to another. A wireless bridge can be used to send this traffic over the air instead. Each location has a radio unit installed and they talk to each other to share information the way a wire would. These can be great, but are also subject to interference from trees, weather, or even airport communications if not done properly.
Wireless Controller
Wireless Network
Overview
WLAN - a wireless network, also called SSID. Like "Church Guest" or "Church Staff." These are made available by APs and managed by the Wireless Controller.
There are thee major ways to join a WLAN:
- WPA (WPA2, WPA3)- everyone uses the same shared password. The password itself is referred to as a PSK - pre-shared key.
- 802.1x - each user uses their own computer/email login name and password to log in to the WLAN.
- Open- no password necessary- typically on guest networks. We should make these open networks safer by using Client Isolation.
Zero Trust
Overview
Zero Trust is a security principal that starts with the assumption that ANY device could be dangerous, so block it from communicating with your computer. You have to make specific rules to allow any machine to talk to any other machine in this model. This is difficult to implement in church scenarios when it comes to AVL systems, etc. Many vendors, like Cloudflare, offer these services. This is similar, but not the same as Client Isolation.
tags: #networking #security