1.8 Summarize evolving use cases for modern network environments. Flashcards
What is SDN?
(Software-defined Network)
- Networking devices have different functional planes of operation (data, contorl, and management planes)
- Splitting the functions into separate logical units to be utilized in a virtual environment.
What is SD-WAN?
- (Software-defined Wide Area Network)
- A WAN built for the cloud.
- The data center used to be in one place. Now those services and applications are moved to the could.
- No need to hop through a central point.
What does it mean to be application-aware?
The WAN knows which app is in use which makes routing decisions based on the application data.
What is zero-touch provisioning?
- Remote equipment is automatically configured.
- Application traffic uses the most optimal path.
- Can change based on traffic patterns and network health.
What does it mean to be transport agnostic?
- The underlying network can be any type (Cable modem, DSL, Fiber-based, 5G, etc. It will automatically pick the best choice for the location.
What is Central Policy Management?
- Management and configuration on a single console, leaving only one device that needs to be configured
- Changes can be pushed to the SD-WAN routers.
What is VXLAN?
- (Virtual Extensible Local Area Network)
- This is a way to connect data centers without worry about the underlying infrastructure (wires, connections, IP Schemes, etc.)
- Designed to support hundreds of thousands of tenants.
What is DCI?
- (Data Center Interconnect)
- Connecting multiple data centers together, seamlessly spanning across different geographic distances.
- Connect and segment different customer networks.
- Distribute applications everywhere.
VXLAN encapsulation?
This allows two different virtual machines in different locations to feel as though they are directly connected to one another.
What is a ZTA?
- (Zero Trust Architecture)
- A holistic approach to security that covers every device, every process, and every person.
- Everything must be verified
- Nothing is inherently trusted
- It uses Multi-factor authentication, encryption, system permissions, additional firewalls, monitoring and analytics, etc.
How does authentication fit into ZTA?
Policy-based authentication employs adaptive identity and policy-driven access control.
How does authorization fit into ZTA?
- It determines which applications and data are accessible.
- Different rights depending on the user (help desk techs can view the hardware database, help desk managers can modify the database, other users have no access.
How does least privilege access fit into ZTA?
- Rights and permissions should be set to the bare minimum.
- All user accounts must be limited.
- Don’t allow users to run with admin privileges.
What is SASE / SSE?
(Secure Access Secure Edge / Security Service Edge)
- This is a Next Gen VPN that allows you to securely connect from different locations utilizing cloud services.
- SASE clients are installed on all user devices.
What is IaC?
(Infrastructure as Code)
- Describe a networking infrastructure can be configured as a code.
- It allows you to modify the infrastructure and create versions (the same way you version application code).
- Use the description (code) to build other applications instances.
Explain automation with regards to IaC.
How do you use playbooks/templates/reusable tasks in Automation?
- A Playbook is a set of conditional steps to follow (a broad process) that allows you to investigate a data breach and also recover from ransomware attacks.
- A reusable template
- Can be used to create automated activities.
How do you use configuration drift/compliance in Automation?
- Ensure the same configurations for all systems.
- The configuration used in testing should be the same in production.
- IaC provides an identical deployment.
How would you use upgrades in Automation?
- Change a configuration with a single line of code.
- Modify configuration and software.
How would you use dynamic inventories in Automation?
- Query devices in real-time.
- Manage and make changes based on the results.
What is source control with regards to IaC?
- It allows you to manage change
- Developers can create the infrastructure requirements
- You can build and publish the definition.
What is Version Control in IaC?
- It allows you to manage ongoing changes to the code (example would by “Git”).
How would you leverage a central repository as source control?
- This allows you to track changes across multiple updates.
- Everyone can participate without causing issues with the code.
How would you leverage conflict identification as source control?
- Some conflicts may be able to handled automatically by code others may need to have manual intervention.
