Network Management
Service Level agreement (SLA)
It is a documented agreement between a service provider and a customer that identifies both
the services required and the expected level of service.
There are 3 types.
o Customer SLA
It is an agreement by a vendor to deliver a certain level of service to a
particular customer.
o Internal SLA
It is concerns parties from within the company.
o Multilevel SLA
It is supporting a business's customers or the business's various internal
departments.
These are some types of metrics to monitor by them.
o Service availability
o Technical quality
o Defect rates
o Business results
o Security
Network security
Figure 1 Network security
It is the type of method to protect the underlying networking infrastructure from unauthorized
access, misuse, or theft.
It is typically consisting of three different controls.
o Physical
P. MANOJAN 1
� Network Management
o Technical
o Administrative
These are some types of security issues in network security.
o Internal Security Threats
o Distributed Denial-Of-Service (DDoS) Attacks
o Rogue Security Software
It is a form of malware that’s designed to trick victims into thinking their computer
or device has been infected with a virus.
o Malware
Worms
It exploits weaknesses in computer systems to spread to other devices.
Rootkits
It grants unauthorized access to systems in the form of fraudulent access
privilege without the victim's knowledge.
Trojan horse
It slips under a network's radar by hitchhiking on other software and provides
hackers with unprecedented access to systems.
Spyware
It gathers information on how devices are used by their owners.
o Ransomware
o Phishing Attacks
o Viruses
Network technology
Figure 2 Network Technology
P. MANOJAN 2
� Network Management
It is a technology that enables data exchange between large and small information systems
within an infrastructure via the use of communication/network protocols.
These are some types of network technology.
o Scale
LAN (Local Area Network) or IEEE 802 network
MAN (Metropolitan Area Network)
MAN (Wide Area Network)
PAN (Personal Area Network)
o Transmission
Point to point
Multipoint
These are some examples of network technology.
o 5G
o Internet of things (IoT)
o Wi-Fi 6
o Software Defined Network (SDN)
Network topology
Figure 3 Network Topology
It is the manner in which the links and nodes of a network are arranged to relate to each
other.
These are some types of topologies.
o Star topology
o Bus topology
P. MANOJAN 3
� Network Management
o Tree topology
o Ring topology
o Mesh topology
o Hybrid topology
Firewall
Figure 4 Firewall
It is a network security device that monitors and filters incoming and outgoing network traffic
based on an organization’s previously established security policies.
These are some types of firewalls.
o Packet filtering firewall
o Proxy service firewall
o Stateful inspection firewall
o Next Generation Firewall (NGFW)
These are the some benefits of firewall.
o Safer network
o Protects from Trojan horses
o Stop hackers
o Access control
P. MANOJAN 4
� Network Management
IDS Firewall (Intrusion Detection Systems)
Figure 5 IDS
It is the process of monitoring for and identifying attempted unauthorized system access or
manipulation.
These are the IDS Deployment Detection Methods.
o Signature Detection
o Anomaly Detection
o Hybrid Detection
These are some types of IDS.
o Network IDS
o Host-based IDS
o Perimeter IDS
o VM-based IDS
IPS Firewall (Intrusion Prevention System)
P. MANOJAN 5
� Network Management
Figure 6 IPS
It is a detective technology and it only detects the anomaly in the network and sends a
notification to the concerned person.
These are of 4 types of IPS.
o Network-based IPS
o Wireless IPS
o Network behavior analysis (NBA)
o Host-based IPS
Differences between the firewall vs IDS/IPS
Firewall IDS/ IPS
Network placement Usually placed at the front of Behind the firewall either as in-line
the network to control traffic. or out-of-band.
Main use case Allows or blocks traffic Dedicated to inspect network
between different network packets to match them against
zones. signatures of known malicious
attacks. Then, traffic is either
blocked or an alarm is issued.
Detection mechanisms Usually works up to Layer 4 Signature-based, rule-based,
to allow or block IP statistical anomaly detection, etc.
addresses and ports.
Blocking options Block or allow packets at the Detect attacks and either block
network level. traffic directly or send an alarm.
P. MANOJAN 6
� Network Management
Hardware features
Usually have many physical Must be a high performance to
network interfaces in order to perform Deep Packet Inspection
segment the network into and not slow down the traffic.
different security zones.
P. MANOJAN 7
