IT Essentials — Assessing Infrastructure and Networks

            Network Hosts, Nodes, Routers, and Switches

            A host or network host is a computer or other device connected to the network able to communicate
            with other hosts. It can be a client or server and may exist as a peer or hybrid architecture, but it will
            always have an internet protocol (IP) address.

            A node is defined as any system or device connected to the network, including routers and switches,
            but a node does not necessarily need an IP address. In general, devices that do not require IP
            addresses operate below that datalink layer. The host’s network software implements various
            protocols that perform the functions of each layer of the OSI Seven-layer Model. The complete stack
            of network services is available in a host.

            A router is a Layer 3 (Network Layer) device that transmits data among networks. The data is sent in
            the form of packets (data packaged to be transferred within a network). Services such as virtual local
            area network (LAN), packet-filtering firewalls, and other network services can be built into routers.

            A switch is a Layer 2 (Data Link) network device that connects nodes within a network with physical
            media such as copper wires. A switch receives, processes, and transmits data to specific destination
            devices through frames, which are groups of data similar to packets used in transmission control
            protocol/internet protocol (TCP/IP) at higher layers. Switches only send messages to the intended
            nodes. Switch functionality can be included in routers, so the device can be called a switch or router
            depending on what function is being discussed. This might seem confusing to people who are less
            familiar with switches and routers, but because the two can have overlapping functions, having a
            single device that can operate with both functions reduces that overlap.

            Layer 3 switches, or “multi-layer switches," create virtual circuits for transmitting data between
            nodes. Using a Layer 3 switch reduces network latency because the packet flows through the switch,
            versus having the additional step of going through a router. IT will normally deploy a Layer 3 switch
            for the corporate internet or to establish a virtual local area network (LAN), whereas they would use
            a router if they need traffic to traverse the WAN. Layer 7 switches integrate routing and switching
            capabilities, typically used for load balancing among a group of servers. These switches are also
            referred to as content, web, or application switches.

            Firewalls

            What is the purpose of a firewall?

            A firewall is a network security system that monitors and controls incoming and outgoing traffic
            based on predetermined security rules and configurations. Firewalls are designed to prevent
            unauthorized access to and from a private network. Organizations should ensure that firewall access
            is restricted, and that rule sets and the configuration of firewalls is reviewed periodically. Each rule
            set should have proper documentation for its purpose and identification of its owner/requester.

            There are many types of firewalls, each having a specific purpose, and organizations may have
            several types based on their unique needs. Basic firewalls inspect header information from the

            Copyright © 2020 by The Institute of Internal Auditors, Inc. All rights reserved.