- This tiny USB-C accessory has a game-changing magnetic feature (and it's 30% off)
- Schneider Electric ousts CEO over strategic differences
- Pakistani Hackers Targeted High-Profile Indian Entities
- Election day is here! You can get a 50% off Lyft to the polls - here's how
- The 2-in-1 laptop I recommend most is not a Dell or Lenovo (and it's $200 off)
Glossary of networking terms
5G
5G is fast cellular wireless technology for enterprise IoT, IIoT, and phones that can boost wireless throughput by a factor of 10.
Network slicing can make efficient use of carriers’ wireless capacity to enable 5G virtual networks that exactly fit customer needs.
O-RAN is a wireless-industry initiative for designing and building 5G radio access networks using software-defined technology and general-purpose, vendor-neutral hardware.
Data Center
Data centers are physical facilities that enterprises use to house business-critical applications and information and which are evolving from centralized, on-premises facilities to edge deployments and public-cloud services.
-
Hyperconverged infrastructure (HCI)
Hyperconverged infrastructure combines compute, storage, and networking in a single system and is used frequently in data centers. Enterprises can choose an appliance from a single vendor or install hardware-agnostic hyperconvergence software on white-box servers.
Firewall
Network firewalls were created as the primary perimeter defense for most organizations, but since its creation the technology has spawned many iterations: proxy, stateful, Web app, next-generation.
-
Next-generation firewall (NGFW)
Next-generation firewalls defend network perimeters and include features to inspect traffic at a fine level including intrusion prevention systems, deep-packet inspection, and SSL inspection all integrated into a single system.
Internet
The internet is a global network of computers using internet protocol (IP) to communicate globally via switches and routers deployed in a cooperative network designed to direct traffic efficiently and to provide resiliency should some part of the internet fail.
Tier 1 internet service providers (ISP) mesh their high-speed fiber-optic networks together to create the internet backbone, which moves traffic efficiently among geographic regions.
An IP address is a unique set of numbers or combination of letters and numbers that are assigned to each device on an IP network to make it possible for switches and routers to deliver packets to the correct destinations.
IPv6 is the latest version of internet protocol that expands the number of possible IP addresses from the 4.3 billion possible with IPv4 to 340 trillion trillion in order to accommodate unique addresses for every device likely to be attached to the public internet.
Internet of things (IoT)
The internet of things (IoT) is a network of connected smart devices providing rich operational data to enterprises. It is a catch-all term for the growing number of electronics that aren’t traditional computing devices, but are connected to the internet to to gather data, receive instructions or both.
-
Industrial internet of things (IIoT)
The industrial internet of things (IIoT) connects machines and devices in industries. It is the application of instrumentation and connected sensors and other devices to machinery and vehicles in the transport, energy and manufacturing sectors.
Industry 4.0 blends technologies to create custom industrial solutions that make better use of resources. It connects the supply chain and the ERP system directly to the production line to form integrated, automated, and potentially autonomous manufacturing processes that make better use of capital, raw materials, and human resources.
-
IoT standards and protocols
There’s an often-impenetrable alphabet soup of protocols, standards and technologies around the Internet of Things, and this is a guide to essential IoT terms.
NB-IoT is a communication standard designed for IoT devices to operate via carrier networks, either within an existing GSM bandwidth used by some cellular services, in an unused “guard band” between LTE channels, or independently.
IP
Internet protocol (IP) is the set of rules governing the format of data sent over IP networks.
DHCP stands for dynamic host-configuration protocol, an IP-network protocol used for a server to automatically assign networked devices with IP addresses on the fly and and share other information to those devices so they can communicate efficiently with other endpoints.
The Domain Name System (DNS) resolves the common names of Web sites with their underlying IP addresses, adding efficiency and even security in the process.
IPv6 is the latest version of internet protocol that identifies devices across the internet so they can be located but also can handle packets more efficiently, improve performance and increase security.
An IP address is a number or combination of letters and numbers used to label devices connected to a network on which the Internet Protocol is used as the medium for communication. IP addresses give devices on IP networks their own identities so they can find each other.
Network management
Network management is the process of administering and managing computer networks.
Intent-based networking (IBNS) is network management that gives network administrators the ability to define what they want the network to do in plain language, and having a network-management platform automatically configure devices on the network to create the desired state and enforce policies.
Microsegmentation is a way to create secure zones in networks, in data centers, and cloud deployments by segregating sections so only designated users and applications can gain access to each segment.
-
Software-defined networking (SDN)
Software-defined networking (SDN) is an approach to network management that enables dynamic, programmatically efficient network configuration in order to improve network performance and monitoring. It operates by separating the network control plane from the data plane, enabling network-wide changes without manually reconfiguring each device.
Network security
Network security consists of the policies, processes, and practices adopted to prevent, detect, and monitor unauthorized access, misuse, modification, or denial of service on a computer network and network-accessible resources.
-
Identity-based networking
Identity-based networking ties a user’s identity to the networked services that user can receive.
Microsegmentation is a way to create secure zones in networks, in data centers, and cloud deployments by segregating sections so only designated users and applications can gain access to each segment.
-
Network access control (NAC)
Network Access Control is an approach to computer security that attempts to unify endpoint-security technology, user or system authentication, and network security enforcement.
Secure access service edge (SASE) is a network architecture that rolls software-defined wide area networking (SD-WAN) and security into a cloud service that promises simplified WAN deployment, improved efficiency and security, and to provide appropriate bandwidth per application.
Network switch
A network switch is a device that operates at the Data Link layer of the OSI model — Layer 2. It takes in packets being sent by devices that are connected to its physical ports and sends them out again, but only through the ports that lead to the devices the packets are intended to reach. They can also operate at the network layer — Layer 3 where routing occurs.
Open systems interconnection (OSI) reference model
Open Systems Interconnection (OSI) reference model is a framework for structuring messages transmitted between any two entities in a network.
Routers
A router is a networking device that forwards data packets between computer networks. Routers operate at Layer 3 of the OSI model and perform traffic-directing functions between subnets within organizations and on the internet.
-
Border-gateway protocol (BGP)
Border Gateway Protocol is a standardized protocol designed to exchange routing and reachability information among the large, autonomous systems on the internet.
UDP (User Datagram Protocol) is a communications protocol primarily used for establishing low-latency and loss-tolerant connections between applications on the internet. It speeds up transmissions by enabling the transfer of data before the receiving device agrees to the connection.
Storage networking
Storage networking is the process of interconnecting external storage resources over a network to all connected computers/nodes.
-
Network attached storage (NAS)
Network-attached storage (NAS) is a category of file-level storage that’s connected to a network and enables data access and file sharing across a heterogeneous client and server environment.
-
Non-volatile memory express (NVMe)
A communications protocol developed specifically for all-flash storage, NVMe enables faster performance and greater density compared to legacy protocols. It’s geared for enterprise workloads that require top performance, such as real-time data analytics, online trading platforms, and other latency-sensitive workloads.
-
Storage-area network (SAN)
A storage-area network (SAN) is a dedicated, high-speed network that provides access to block-level storage. SANs were adopted to improve application availability and performance by segregating storage traffic from the rest of the LAN.
Virtualization
Virtualization is the creation of a virtual version of something, including virtual computer hardware platforms, storage devices, and computer network resources. This includes virtual servers that can co-exist on the same hardware, but behave separately.
A hypervisor is software that separates a computer’s operating system and applications from the underlying physical hardware, allowing the hardware to be shared among multipe virtual machines.
Network virtualization is the combination of network hardware and software resources with network functionality into a single, software-based administrative entity known as a virtual network. Network virtualization involves platform virtualization, often combined with resource virtualization.
-
Network function virtualization (NFV)
Network functions virtualization (NFV) uses commodity server hardware to replace specialized network appliances for more flexible, efficient, and scalable services.
-
Application-delivery controller (ADC)
An application delivery controller (ADC) is a network component that manages and optimizes how client machines connect to web and enterprise application servers. In general, a ADC is a hardware device or a software program that can manage and direct the flow of data to applications.
A virtual machine (VM) is software that runs programs or applications without being tied to a physical machine. In a VM instance, one or more guest machines can run on a physical host computer.
VPN (virtual private network)
A virtual private network can create secure remote-access and site-to-site connections inexpensively, are a stepping stone to software-defined WANs, and are proving useful in IoT.
Split tunneling is a device configuration that ensures that only traffic destined for corporate resources go through the organization’s internet VPN, with the rest of the traffic going outside the VPN, directly to other sites on the internet.
WAN
A WAN or wide-area network, is a network that uses various links—private lines, Multiprotocol Label Switching (MPLS), virtual private networks (VPNs), wireless (cellular), the Internet — to connect organizations’ geographically distributed sites. In an enterprise, a WAN could connect branch offices and individual remote workers with headquarters or the data center.
Data deduplication, or dedupe, is the identification and elimination of duplicate blocks within a dataset, reducing the amount of traffic that must go on WAN connections. Deduplication can find redundant blocks of data within files from different directories, different data types, even different servers in different locations.
Multi-protocol label switching (MPLS) is a packet protocol that ensures reliable connections for real-time applications, but it’s expensive, leading many enterprises to consider SD-WAN as a means to limit its use.
Secure access service edge (SASE) is a network architecture that rolls software-defined wide area networking (SD-WAN) and security into a cloud service that promises simplified WAN deployment, improved efficiency and security, and to provide appropriate bandwidth per application.
Software-defined wide-area networks (SD-WAN) is sofware that can manage and enforce the routing of WAN traffic to the appropriate wide-area connection based on policies that can take into consideration factors including cost, link performance, time of day, and application needs based on policies. Like its bigger technology brother, software-defined networking, SD-WAN decouples the control plane from the data plane.
Virtual private networks (VPNs) can create secure remote-access and site-to-site connections inexpensively, can be an option in SD-WANs, and are proving useful in IoT.
Wi-Fi
Wi-Fi refers to the wireless LAN technologies that utilize the IEEE 802.11 standards for communications. Wi-Fi products use radio waves to transmit data to and from devices with Wi-Fi software clients to access points that route the data to the connected wired network..