3.0 Network Operations

[3.1] Given a scenario, use the appropriate statistics and sensors to ensure network availability

Performance Metrics & Sensors

Device/chassis

Network Metrics

Bandwidth: The measure of how many bits the network can transmit in 1-second (bps)

SNMP

Simple Network Management Protocol (SNMP) [Port 161 & 162] is a networking protocol used for the management and monitoring of network connected devices in IP networks

A trap is an asynchronous notification from the agent to the manager - sent by the agent to notify the management of an event that is occurring, such as an alarming condition

• Granular Trap: Contains a unique object identifier (OID) number and a value for that OID

• Verbose Trap: Contain all the information about a given alert or event as its payload

Object Identifier (OIDs): Identifies a variable that can be read or set in the SNMP protocol

Management Information Bases (MIBs): Translation file that is used to describe the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OIDs)

Network Device Logs

EA CEWN ID

Interface Statistics & Status

[3.2] Explain the purpose of organizational documents and policies

Plans and Procedures

Hardening and Security Policies

Common Documentation

Common Agreements

Service Level Agreement (SLA): Commitment between a service provider and a client, where the quality, availability, and responsibilities are agreed upon

Non-Disclosure Agreement (NDA): Agreement between two parties that define what data is considered confidential and cannot be shared outside of that relationship

Acceptable Use Policy (AUP): Set of rules applied by the owner of a network or service that provides restrictions and guidelines for use cases

Memorandum of Understanding (MOU): Non-binding agreement between two or more organizations to detail what common actions they intend to take

[3.3] Explain high availability and disaster recovery concepts and summarize which is the best solution

Load Balancing

Multi-pathing

Network Interface Card (NIC) Teaming

Redundant Hardware & Clusters

Firewall: Network security appliance at the boundary of the network

• Can be software or hardware

• Stateful: Allows traffic that originates from inside the network to go out to the Internet and blocks traffic originating from the Internet from getting into the network

Next-Generation Firewall (NGFW): Enhanced version of a firewall

• Conducts deep packet inspection at Layer 7

• Detects and prevents attacks

• Much more powerful than basic stateless or stateful firewalls

• Continually connects to cloud resources for latest threat information

Facilities and Infrastructure Support

Redundancy and High Availability (HA) Concepts

First-Hop Redundancy Protocol (FHRP): Uses virtual IP and MAC addresses to provide an "active router" and a "standby router" for redundancy - if the active is offline, the standby answers

• Hot Standby Router Protocol (HSRP) is a Cisco Proprietary FHRP that uses a large set of routers known as a standby group to present the illusion of a single virtual router to a host

• Gateway Load Balancing Protocol (GLBP) --> Cisco-proprietary protocol

• Virtual Router Redundancy Protocol (VRRP) --> Open-source protocol

• Common Address Redundancy Protocol (CARP) --> Open-source protocol

Business Concepts:

• Mean time to repair (MTTR): Average time it takes to repair a broken device

• Mean time between failure (MTBF): Average time between failures on a device

• Recovery time objective (RTO): Duration of time and a service level within which a business process must be restored after a disaster to avoid consequence --> Acceptable downtime

• Recovery point objective (RPO): The maximum amount of data, as measured in time, that an organization is willing to lose during an outage --> Acceptable data loss

Network Device Backup & Restore