Engineering Terms Flashcards
(30 cards)
BE6K
Cisco Phone Server Business Edition 6000
Physical Server with Cisco logo on it that runs VMWARE with Linux servers typically CUCM CUC and CUPS
CUCM
Cisco Unity Call Manger Server - Primary Phone Server where phones and teleconference equipment can register too for call routing
This is a virtual server appliance that can be accessed via the web, SSH or through VMware ESXi web interface.
CIMC / iDRAC / iLO
Management interfaces for different vendors server hardware
CIMC - Cisco Integrated Management Controller (Web Interface)
iDRAC - Integrated Dell Remote Access Controller (Web Interface)
iLO - HP Integrated Lights Out (Web Interface)
This allows remote access to Servers when access to the Operating system is not possible or even when the server is in an off state.
Basic hardware health status can be obtained from the web interface as well as more advanced tools for RAID configurations in newer versions.
NAS
Network Attached Storage
NuWave uses a product called Synology
Synology only allow access through an locally host web interface that runs off Linux.
Synology offers tools to locate NAS units on the local network.
Synology units come with a 2 year warranty and NuWave recommends you replace them every 2-5 years depending on the nature of its contents
All NAS units utilize RAID and most utilize RAID 6 which offers the ability for up to two drives to fail concurrently without cause any data loss.
Almost all Synology NAS units at NuWave use ISCSI to connect to windows servers to be used for a disk drive where local backups are being stored from Veeam.
Often in larger units (12 bays or more) Solid state drives are utilized in bay 1 and 2.
SAN
Storage Area Network
NuWave user a product called HPE Nimble (HPE is HP Enterprise)
SAN are direct attached Storage for VMWare installations. The Storage is directly attached to VMWare and appears as local storage.
Additionally Nimble has SLA of 4 hours on hard drive failure including a tech to replace the bad unit.
Traditionally Nimble SAN’s are High Availability and run on all or some Solid State Drives
SSH
Secure SHell Protocol
Used when connecting to various Servers and Networking equipment.
SSHv1 is deprecated
SSH uses ciphers to encrypt traffic over a network or over the internet.
SSH is typically used for connecting to a Cisco Catalyst Switch or a Cisco ASA as they can only be configured via SSH
ASA
Cisco Adaptive Security Appliance
Traditional Cisco Firewall
Firewalls are also known as an Edge device as in the edge of the internal network.
The ASA performs NAT (Network address translation: External IP –> Internal IP and vice versa)
ASA
Cisco Adaptive Security Appliance
Traditional Cisco Firewall
Firewalls are also known as an Edge device as in the edge of the internal network.
The ASA performs NAT (Network address translation: External IP –> Internal IP and vice versa)
POE
Power Over Ethernet
Used to power devices over the existing ethernet network connection. Typically POE is a feature that is included with a network switch and is used to power phones, access points, or IP Cameras.
A POE Injector can be used in an environment where the switch does not put out POE power. The Injector is used inline with existing Ethernet and only requires a regular power cord.
There are many version of POE but most utilize POE Class 3 (15.4w) or Class 4 (30w)
It is important to note that some low end models and older cisco catalyst Switches can not power every port with POE as the Switch power supply cannot supply enough wattage for all ports concurrently.
ISP
Internet Service Provider
STP
Spanning Tree Protocol
Used for avoid redundant paths or loops on a network. Switch A is connected to Switch B via two separate connection. One of the two ports is Forwarding while the other is Blocking. If the Forwarding port becomes disabled the Blocking port should listen and learn to become the new forwarding path.
Became a standard the year Rob was born in 1985 but was not adopted fully until much much later.
CAUTION - be very careful when working on older equipment. This networking flaw was often contributed to early internet outages.
Meraki MX
Meraki Firewall / Security Appliance / Edge Device (The original Cisco icon for a router was a circle with a X on it)
Capabilities include:
NAT
SDWAN or Site to Site VPN
Content Filtering
VLANs and Routing
DHCP and DNS
Client VPN or Meraki Anyconnect
Traffic Shaping
Threat Detection (IDS and AMP)
Inbound and outbound Traditional Firewall blocking as well as Layer 7 Firewall Filtering.
Important note. Meraki does not make a unit called a Router as the features of a traditional router are instead shared by the MX and a Lawyer 3 MS
Meraki MS
Meraki Switch
Some variations
- Layer 2
- Layer 3
- Stacked Switch that can also be layer 2 or 3
Meraki MR
Meraki Radio
Wireless Access point and Wireless bridges
Meraki MV
Meraki Video
IP camera with built in storage (NO external video Server or storage required)
Meraki SM
Meraki Systems Manager
Also known as Meraki MDM
Works really well with Apple products as it was originally designed. Works ok with windows devices like laptops.
This product was replaced in out product catalog by Microsoft Intune in 2020 although it still can be sold.
MDM
Mobile Device Management
We use or manage these products for various clients and customers
Intune/ Meraki SM / Addigy / JAMF
SEIM / SOC
SIEM: Security Incident Event Management and is different from SOC, as it is a system that collects and analyzes aggregated log data.
SOC: Security Operations Center and consists of people, processes and technology designed to deal with security events picked up from the SIEM log analysis
NuWave uses Artic Wolf this and is part of the NuWave 360 Advanced Security Plan.
IDS
Intrusion Detection System
Often referred to as Intrusion Detection and or Prevention
IDS is part of Meraki Threat Detection
Meraki Threat Detection also utilizes AMP (Advanced Malware Protection)
AMP
Advance Malware Protection
This tool inspects files download over the internet from the outside to the inside of the network based on threat intelligence from the AMP Cloud. The AMP Cloud is managed by Meraki.
VLAN
Virtual Local Area Network
Segmented Network that operates on the same hardware and functions the same as a LAN. VLANs also often have different subnets and allow for additional security. VLAN access restrictions are done through Access Control lists on a firewall or router. NuWave has a recommended numbering schema for VLANs. See best practices in IT GLUE.
Breakout VLANs are used to take a single ISP handoff and split it out into multiple edge devices with different edge IP addresses
Anti-Virus / Basic Endpoint Security
NuWave uses Bit Defender deployed through RMM. Bit defender is better than windows defender but not as good as EDR Endpoint Detection and Response
EDR
Endpoint Detection and Response
NuWave uses Sentinel One and it requires an agent be installed on every protected PC.
Endpoint Security & DNS Filtering
Cisco Umbrella (Formerly known as OPEN DNS)
Localized content filtering for web browsers and internet. This application allows for content filtering while users are not in the office on company owned devices.
OPEN DNS is now a free tool that Cisco offers to consumers. Simply point your device or firewall at 208.67.222.222 and 208.67.220.220.
