3.0 Network Operations
[3.1] Given a scenario, use the appropriate statistics and sensors to ensure network availability
Performance Metrics & Sensors
Device/chassis
Network Metrics
Bandwidth: The measure of how many bits the network can transmit in 1-second (bps)
SNMP
Simple Network Management Protocol (SNMP) [Port 161 & 162] is a networking protocol used for the management and monitoring of network connected devices in IP networks
A trap is an asynchronous notification from the agent to the manager - sent by the agent to notify the management of an event that is occurring, such as an alarming condition
Granular Trap: Contains a unique object identifier (OID) number and a value for that OID
Verbose Trap: Contain all the information about a given alert or event as its payload
Object Identifier (OIDs): Identifies a variable that can be read or set in the SNMP protocol
Management Information Bases (MIBs): Translation file that is used to describe the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OIDs)
Network Device Logs
Interface Statistics & Status
[3.2] Explain the purpose of organizational documents and policies
Plans and Procedures
Hardening and Security Policies
Common Documentation
Common Agreements
Service Level Agreement (SLA): Commitment between a service provider and a client, where the quality, availability, and responsibilities are agreed upon
Non-Disclosure Agreement (NDA): Agreement between two parties that define what data is considered confidential and cannot be shared outside of that relationship
Acceptable Use Policy (AUP): Set of rules applied by the owner of a network or service that provides restrictions and guidelines for use cases
Memorandum of Understanding (MOU): Non-binding agreement between two or more organizations to detail what common actions they intend to take
[3.3] Explain high availability and disaster recovery concepts and summarize which is the best solution
Load Balancing
Multi-pathing
Network Interface Card (NIC) Teaming
Redundant Hardware & Clusters
Firewall: Network security appliance at the boundary of the network
Can be software or hardware
Stateful: Allows traffic that originates from inside the network to go out to the Internet and blocks traffic originating from the Internet from getting into the network
Next-Generation Firewall (NGFW): Enhanced version of a firewall
Conducts deep packet inspection at Layer 7
Detects and prevents attacks
Much more powerful than basic stateless or stateful firewalls
Continually connects to cloud resources for latest threat information
Facilities and Infrastructure Support
Redundancy and High Availability (HA) Concepts
First-Hop Redundancy Protocol (FHRP): Uses virtual IP and MAC addresses to provide an "active router" and a "standby router" for redundancy - if the active is offline, the standby answers
Hot Standby Router Protocol (HSRP) is a Cisco Proprietary FHRP that uses a large set of routers known as a standby group to present the illusion of a single virtual router to a host
Gateway Load Balancing Protocol (GLBP) --> Cisco-proprietary protocol
Virtual Router Redundancy Protocol (VRRP) --> Open-source protocol
Common Address Redundancy Protocol (CARP) --> Open-source protocol
Business Concepts:
Mean time to repair (MTTR): Average time it takes to repair a broken device
Mean time between failure (MTBF): Average time between failures on a device
Recovery time objective (RTO): Duration of time and a service level within which a business process must be restored after a disaster to avoid consequence --> Acceptable downtime
Recovery point objective (RPO): The maximum amount of data, as measured in time, that an organization is willing to lose during an outage --> Acceptable data loss
Network Device Backup & Restore
Last updated