- Join BJ's Wholesale Club for $20, and get a $20 gift card: Deal
- Delivering better business outcomes for CIOs
- Docker Desktop 4.35: Organization Access Tokens, Docker Home, Volumes Export, and Terminal in Docker Desktop | Docker
- Cybercriminals Exploit DocuSign APIs to Send Fake Invoices
- Your iPhone's next iOS 18.2 update may come earlier than usual - with these AI features
Networking terms and definitions
Network access control (NAC)
Network Access Control is an approach to computer security that attempts to unify endpoint-security technology, user or system authentication, and network security enforcement.
SASE
Secure access service edge (SASE) is a network architecture that rolls software-defined wide area networking (SD-WAN) and security into a cloud service that promises simplified WAN deployment, improved efficiency and security, and to provide appropriate bandwidth per application. SASE, a term coined by Gartner in 2019, offers a comprehensive solution for securing and optimizing network access in today’s hybrid work environment. Its core elements include the following:
Secure web gateway (SWG): Filters and inspects web traffic, blocking malicious content and preventing unauthorized access to websites.
Cloud access security broker (CASB): Enforces security policies and controls for cloud applications, protecting data and preventing unauthorized access.
Zero trust network access (ZTNA): Grants access to applications based on user identity and device posture, rather than relying on network location.
Firewall-as-a-service (FWaaS): Provides a cloud-based firewall that protects networks from threats and unauthorized access.
Unified management: A centralized platform for managing and monitoring both network and security components.
Automation: Automated workflows and policies to simplify operations and improve efficiency.
Analytics: Advanced analytics to provide insights into network and security performance.
Network switch
A network switch is a device that operates at the Data Link layer of the OSI model — Layer 2. It takes in packets being sent by devices that are connected to its physical ports and sends them out again, but only through the ports that lead to the devices the packets are intended to reach. They can also operate at the network layer — Layer 3 where routing occurs.
Open systems interconnection (OSI) reference model
Open Systems Interconnection (OSI) reference model is a framework for structuring messages transmitted between any two entities in a network.
Power over Ethernet (PoE)
PoE is the delivery of electrical power to networked devices over the same data cabling that connects them to the LAN. This simplifies the devices themselves by eliminating the need for an electric plug and power converter, and makes it unnecessary to have separate AC electric wiring and sockets installed near each device.
Routers
A router is a networking device that forwards data packets between computer networks. Routers operate at Layer 3 of the OSI model and perform traffic-directing functions between subnets within organizations and on the internet.
Border-gateway protocol (BGP)
Border Gateway Protocol is a standardized protocol designed to exchange routing and reachability information among the large, autonomous systems on the internet.
UDP port
UDP (User Datagram Protocol) is a communications protocol primarily used for establishing low-latency and loss-tolerant connections between applications on the internet. It speeds up transmissions by enabling the transfer of data before the receiving device agrees to the connection.
Storage networking
Storage networking is the process of interconnecting external storage resources over a network to all connected computers/nodes.
Network attached storage (NAS)
Network-attached storage (NAS) is a category of file-level storage that’s connected to a network and enables data access and file sharing across a heterogeneous client and server environment.
Non-volatile memory express (NVMe)
A communications protocol developed specifically for all-flash storage, NVMe enables faster performance and greater density compared to legacy protocols. It’s geared for enterprise workloads that require top performance, such as real-time data analytics, online trading platforms, and other latency-sensitive workloads.
Storage-area network (SAN)
A storage-area network (SAN) is a dedicated, high-speed network that provides access to block-level storage. SANs were adopted to improve application availability and performance by segregating storage traffic from the rest of the LAN.
Virtualization
Virtualization is the creation of a virtual version of something, including virtual computer hardware platforms, storage devices, and computer network resources. This includes virtual servers that can co-exist on the same hardware, but behave separately.
Hypervisor
A hypervisor is software that separates a computer’s operating system and applications from the underlying physical hardware, allowing the hardware to be shared among multipe virtual machines.
Network virtualizaton
Network virtualization is the combination of network hardware and software resources with network functionality into a single, software-based administrative entity known as a virtual network. Network virtualization involves platform virtualization, often combined with resource virtualization.
Network function virtualization (NFV)
Network functions virtualization (NFV) uses commodity server hardware to replace specialized network appliances for more flexible, efficient, and scalable services.
Application-delivery controller (ADC)
An application delivery controller (ADC) is a network component that manages and optimizes how client machines connect to web and enterprise application servers. In general, a ADC is a hardware device or a software program that can manage and direct the flow of data to applications.
Virtual machine (VM)
A virtual machine (VM) is software that runs programs or applications without being tied to a physical machine. In a VM instance, one or more guest machines can run on a physical host computer.
VPN (virtual private network)
A virtual private network can create secure remote-access and site-to-site connections inexpensively, are a stepping stone to software-defined WANs, and are proving useful in IoT.
Split tunneling
Split tunneling is a device configuration that ensures that only traffic destined for corporate resources go through the organization’s internet VPN, with the rest of the traffic going outside the VPN, directly to other sites on the internet.
WAN
A WAN or wide-area network, is a network that uses various links—private lines, Multiprotocol Label Switching (MPLS), virtual private networks (VPNs), wireless (cellular), the Internet — to connect organizations’ geographically distributed sites. In an enterprise, a WAN could connect branch offices and individual remote workers with headquarters or the data center.
Data deduplication
Data deduplication, or dedupe, is the identification and elimination of duplicate blocks within a dataset, reducing the amount of traffic that must go on WAN connections. Deduplication can find redundant blocks of data within files from different directories, different data types, even different servers in different locations.
MPLS
Multi-protocol label switching (MPLS) is a packet protocol that ensures reliable connections for real-time applications, but it’s expensive, leading many enterprises to consider SD-WAN as a means to limit its use.
SASE
Secure access service edge (SASE) is a network architecture that rolls software-defined wide area networking (SD-WAN) and security into a cloud service that promises simplified WAN deployment, improved efficiency and security, and to provide appropriate bandwidth per application. SASE, a term coined by Gartner in 2019, offers a comprehensive solution for securing and optimizing network access in today’s hybrid work environment. Its core elements include the following:
Secure web gateway (SWG): Filters and inspects web traffic, blocking malicious content and preventing unauthorized access to websites.
Cloud access security broker (CASB): Enforces security policies and controls for cloud applications, protecting data and preventing unauthorized access.
Zero trust network access (ZTNA): Grants access to applications based on user identity and device posture, rather than relying on network location.
Firewall-as-a-service (FWaaS): Provides a cloud-based firewall that protects networks from threats and unauthorized access.
Unified management: A centralized platform for managing and monitoring both network and security components.
Automation: Automated workflows and policies to simplify operations and improve efficiency.
Analytics: Advanced analytics to provide insights into network and security performance.
SD-WAN
Software-defined wide-area networks (SD-WAN) is sofware that can manage and enforce the routing of WAN traffic to the appropriate wide-area connection based on policies that can take into consideration factors including cost, link performance, time of day, and application needs based on policies. Like its bigger technology brother, software-defined networking, SD-WAN decouples the control plane from the data plane.
VPN
Virtual private networks (VPNs) can create secure remote-access and site-to-site connections inexpensively, can be an option in SD-WANs, and are proving useful in IoT.
Wi-Fi
Wi-Fi refers to the wireless LAN technologies that utilize the IEEE 802.11 standards for communications. Wi-Fi products use radio waves to transmit data to and from devices with Wi-Fi software clients to access points that route the data to the connected wired network..
802.11ad
802.11ad is an amendment to the IEEE 802.11 wireless networking standard, developed to provide a multiple gigabit wireless system standard at 60 GHz frequency, and is a networking standard for WiGig networks.
802.11ay
802.11ay is a proposed enhancement to the current (2021) technical standards for Wi-Fi. It is the follow-up to IEEE 802.11ad, quadrupling the bandwidth and adding MIMO up to 8 streams. It will be the second WiGig standard.
802.11ax (Wi-Fi 6)
802.11ax, officially marketed by the Wi-Fi Alliance as Wi-Fi 6 and Wi-Fi 6E, is an IEEE standard for wireless local-area networks and the successor of 802.11ac. It is also known as High Efficiency Wi-Fi, for the overall improvements to Wi-Fi 6 clients under dense environments.
Wi-Fi 6E
Wi-Fi 6E is an extension of Wi-Fi 6 unlicensed wireless technology operating in the 6GHz band, and it provides lower latency and faster data rates than Wi-Fi 6. The spectrum also has a shorter range and supports more channels than bands that were already dedicated to Wi-Fi, making it suitable for deployment in high-density areas like stadiums.
Beamforming
Beamforming is a technique that focuses a wireless signal towards a specific receiving device, rather than having the signal spread in all directions from a broadcast antenna, as it normally would. The resulting more direct connection is faster and more reliable than it would be without beamforming.
Controllerless Wi-Fi
It’s no longer necessary for enterprises to install dedicated Wi-Fi controllers in their data centers because that function can be distributed among access points or moved to the cloud, but it’s not for everybody.
MU-MIMO
MU-MIMO stands for multi-user, multiple input, multiple output, and is wireless technology supported by routers and endpoint devices. MU-MIMO is the next evolution from single-user MIMO (SU-MIMO), which is generally referred to as MIMO. MIMO technology was created to help increase the number of simultaneous users a singel access point can support, which was initially achieved by increasing the number of antennas on a wireless router.
OFDMA
Orthogonal frequency-division multiple-access (OFDMA) provides Wi-Fi 6 with high throughput and more network efficiency by letting multiple clients connect to a single access point simultaneously.
Wi-Fi 6 (802.11ax)
802.11ax, officially marketed by the Wi-Fi Alliance as Wi-Fi 6 and Wi-Fi 6E, is an IEEE standard for wireless local-area networks and the successor of 802.11ac. It is also known as High Efficiency Wi-Fi, for the overall improvements to Wi-Fi 6 clients under dense environments.
Wi-Fi standards and speeds
Ever-improving Wi-Fi standards make for denser, faster Wi-Fi networks.
WPA3
The WPA3 Wi-Fi security standard tackles WPA2 shortcomings to better secure personal, enterprise, and IoT wireless networks.