Network Plus N10-007 Objective 2.3 – Dumps4shared

Network Plus N10-007 Objective 2.3

2.3 Explain the purposes and use cases for advanced networking devices.

Welcome to Exam Notes by Dumps4shared! In this edition, we will cover advanced networking devices and their deployment. We will examine the benefits of each device with respect to how it protects the network or manages traffic. Have fun!

Click here to go back to the table of content for Network+ Main Domain 2.0

Multilayer switch

We can take what we know about hubs, bridges, and switches from objective 2.2 and apply that information to a multilayer switch. A multilayer switch performs the Layer 2 MAC address direction and additionally performs the Layer 3 IP based routing functions. Switching is still performed at Layer 2. Routing takes place at Layer 3.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Wireless controller

In large organizations, your wireless network will have multiple APs and some may even be in different buildings. The nature of wireless networking is that it is constantly changing APs are added and policies are modified. In order to be compliant with these changes, A Wireless controller is used. The wireless controller is capable of centralized management of all WAPs through a single interface. The wireless controller allows you to add access points, manage and configure all access points and monitor activity on each AP.

Load balancer

If you are providing large scale services like Web servers or Databases the availability of your service is a primary concern. You will have multiple servers and use a Load balancer to provide fault tolerance should a server fail, the other servers connected to the load balancer will continue service.

The load balancer can also be configured as an SSL endpoint taking the encryption overhead away from the servers and increasing their efficiency. Load balancers can also cache information requests and provide the cached information to any client making the same request.


An Intrusion Detection System (IDS) is a device that monitors network traffic for exploits and other malicious traffic. When suspicious activity is detected the IDS will issue an alarm. It does not have the capability to block the suspected traffic. This is where an Intrusion Prevention System (IPS) will become more useful. An IPS can block suspicious traffic before it reaches the network.

Proxy server

A proxy server is a device placed between your private network/LAN and the internet. It is designed to handle all internet requests by caching them then sending the request, receiving the response and analyzing it for potential problems. If the response is clean it will be allowed on to the local network host.

VPN concentrator

For large organizations that maintain multiple simultaneous VPN connections, a device called a VPN concentrator is used as the VPN server. The VPN concentrator can assume the tasks of VPN client authentication, establishing VPN tunnels and managing the encryption used for VPN transmissions. VPN encryption will be IPsec and SSL


Authentication, authorization, and accounting (AAA) is the method of controlling user access to resources and tracking their activity on an IP network. Remote Authentication Dial-In User Service (RADIUS) uses a centralized server to enforce the AAA controls. RADIUS is often deployed on a dedicated server, but it can also run as software on a remote access server.

UTM appliance

A Unified Threat Management (UTM) appliance represents the culmination of network security devices It could be but is not necessarily a single device. A UTM appliance can be a router, switch, firewall, an IDS/IPS or gateway. The NFGW (below) has been added to this configuration. The concept is to provide the overall protection of these methods in a layered implementation. Importantly here, this implementation is only as strong as the weakest link

NGFW/Layer 7 firewall

In earlier editions, we discussed Standard packet filtering firewalls. While these are effective at the Network Layer they cannot examine the contents of a packet and discriminate between authorized authentic traffic and potentially malicious traffic. The Next Generation Firewall (NGFW) can examine packets up to OSI Layer 7 making it capable of providing protection up to the Application Layer. NGFW is considered a component of a sound UTM environment.  Since the Layer 7 firewall can examine application data it is sometimes referred to as a content filter.

VoIP gateway

In companies the use VoIP telephone systems aka telephony, a VoIP gateway is installed to convert the analog VoIP signal to digital IP packets for delivery to the recipient.


You will often see a dedicated telephony switch called a VOIP PBX that handles all internal VoIP communications while handling the external VoIP traffic through the VoIP gateway.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

That’s everything for objective 2.3! See you in 2.4!

Click here to go back to the table of content for Network+ Main Domain 2.0

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps