Cisco RVS4000 User Guide - Page 9

Networking and Security Basics, An Introduction to LANs, The Use of IP Addresses - manual

Get Cisco RVS4000 - Gigabit Security Router PDF manuals and user guides
UPC - 745883572977
View all Cisco RVS4000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 9 highlights

Chapter 2 Networking and Security Basics Chapter 2: Networking and Security Basics An Introduction to LANs A Router is a network device that connects two networks together. The Router connects your local area network (LAN), or the group of PCs in your home or office, to the Internet. The Router processes and regulates the data that travels between these two networks. The Router's Network Address Translation (NAT) technology protects your network of PCs so users on the Internet cannot "see" your PCs. This is how your LAN remains private. The Router protects your network by inspecting the first packet coming in through the Internet port before delivery to the final destination on one of the Ethernet ports. The Router inspects Internet port services like the web server, ftp server, or other Internet applications, and, if allowed, it will forward the packet to the appropriate PC on the LAN side. The Use of IP Addresses IP stands for Internet Protocol. Every device in an IPbased network, including PCs, print servers, and routers, requires an IP address to identify its location, or address, on the network. This applies to both the Internet and LAN connections. There are two ways of assigning IP addresses to your network devices. A static IP address is a fixed IP address that you assign manually to a PC or other device on the network. Since a static IP address remains valid until you disable it, static IP addressing ensures that the device assigned it will always have that same IP address until you change it. Static IP addresses are commonly used with network devices such as server PCs or print servers. If you use the Router to share your cable or DSL Internet connection, contact your ISP to find out if they have assigned a static IP address to your account. If so, you will need that static IP address when configuring the Router. You can get the information from your ISP. A dynamic IP address is automatically assigned to a device on the network. These IP addresses are called dynamic because they are only temporarily assigned to the PC or other device. After a certain time period, they expire and may change. If a PC logs onto the network (or the Internet) 4-Port Gigabit Security Router with VPN and its dynamic IP address has expired, the DHCP server will assign it a new dynamic IP address. A DHCP server can either be a designated PC on the network or another network device, such as the Router. By default, the Router's Internet Connection Type is Obtain an IP automatically (DHCP). The PC or network device obtaining an IP address is called the DHCP client. DHCP frees you from having to assign IP addresses manually every time a new user is added to your network. For DSL users, many ISPs may require you to log on with a user name and password to gain access to the Internet. This is a dedicated, high-speed connection type called Point to Point Protocol over Ethernet (PPPoE). PPPoE is similar to a dial-up connection, but PPPoE does not dial a phone number when establishing a connection. It also will provide the Router with a dynamic IP address to establish a connection to the Internet. By default, a DHCP server (on the LAN side) is enabled on the Router. If you already have a DHCP server running on your network, you MUST disable one of the two DHCP servers. If you run more than one DHCP server on your network, you will experience network errors, such as conflicting IP addresses. To disable DHCP on the Router, see the Basic Setup section in "Chapter 6: Setting Up and Configuring the Router." NOTE: Since the Router is a device that connects two networks, it needs two IP addresses-one for the LAN, and one for the Internet. In this User Guide, you'll see references to the "Internet IP address" and the "LAN IP address." Since the Router uses NAT technology, the only IP address that can be seen from the Internet for your network is the Router's Internet IP address. However, even this Internet IP address can be blocked, so that the Router and network seem invisible to the Internet. The Intrusion Prevention System (IPS) IPS is an advanced technology to protect your network from malicious attacks. IPS works together with your SPI Firewall, IP Based Access Control List (ACL), Network Address Port Translation (NAPT), and Virtual Private Network (VPN) to achieve the highest level of security. IPS works by providing real-time detection and prevention as an in-line module in a router. The RVS4000 has hardware-based acceleration for realtime pattern matching for detecting malicious attacks. It actively filters and drops malicious TCP/UDP/ICMP/IGMP packets and can reset TCP connections. This protects your 2

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
2
Networking and Security Basics
4-Port Gigabit Security Router with VPN
Chapter 2
Chapter 2:
Networking and Security
Basics
An Introduction to LANs
A Router is a network device that connects two networks
together.
The Router connects your local area network (LAN), or
the group of PCs in your home or office, to the Internet.
The Router processes and regulates the data that travels
between these two networks.
The
Router’s
Network
Address
Translation
(NAT)
technology protects your network of PCs so users on
the Internet cannot “see” your PCs. This is how your LAN
remains private. The Router protects your network by
inspecting the first packet coming in through the Internet
port before delivery to the final destination on one of
the Ethernet ports. The Router inspects Internet port
services like the web server, ftp server, or other Internet
applications, and, if allowed, it will forward the packet to
the appropriate PC on the LAN side.
The Use of IP Addresses
IP stands for Internet Protocol. Every device in an IP-
based network, including PCs, print servers, and routers,
requires an IP address to identify its location, or address,
on the network. This applies to both the Internet and LAN
connections.
There are two ways of assigning IP addresses to your
network devices.
A static IP address is a fixed IP address that you assign
manually to a PC or other device on the network. Since a
static IP address remains valid until you disable it, static IP
addressing ensures that the device assigned it will always
have that same IP address until you change it. Static IP
addresses are commonly used with network devices such
as server PCs or print servers.
If you use the Router to share your cable or DSL Internet
connection, contact your ISP to find out if they have
assigned a static IP address to your account. If so, you will
need that static IP address when configuring the Router.
You can get the information from your ISP.
A dynamic IP address is automatically assigned to a device
on the network. These IP addresses are called dynamic
because they are only temporarily assigned to the PC or
other device. After a certain time period, they expire and
may change. If a PC logs onto the network (or the Internet)
and its dynamic IP address has expired, the DHCP server
will assign it a new dynamic IP address.
A DHCP server can either be a designated PC on the
network or another network device, such as the Router. By
default, the Router’s Internet Connection Type is
Obtain
an IP automatically
(DHCP).
The PC or network device obtaining an IP address is called
the DHCP client. DHCP frees you from having to assign
IP addresses manually every time a new user is added to
your network.
For DSL users, many ISPs may require you to log on with
a user name and password to gain access to the Internet.
This is a dedicated, high-speed connection type called
Point to Point Protocol over Ethernet (PPPoE). PPPoE is
similar to a dial-up connection, but PPPoE does not dial a
phone number when establishing a connection. It also will
provide the Router with a dynamic IP address to establish
a connection to the Internet.
By default, a DHCP server (on the LAN side) is enabled on
the Router. If you already have a DHCP server running on
your network, you MUST disable one of the two DHCP
servers. If you run more than one DHCP server on your
network, you will experience network errors, such as
conflicting IP addresses. To disable DHCP on the Router,
see the Basic Setup section in “Chapter 6: Setting Up and
Configuring the Router.”
NOTE:
Since the Router is a device that connects
two networks, it needs two IP addresses—one
for the LAN, and one for the Internet. In this User
Guide, you’ll see references to the “Internet IP
address” and the “LAN IP address.”
Since the Router uses NAT technology, the only
IP address that can be seen from the Internet for
your network is the Router’s Internet IP address.
However, even this Internet IP address can be
blocked, so that the Router and network seem
invisible to the Internet.
The Intrusion Prevention System (IPS)
IPS is an advanced technology to protect your network
from malicious attacks. IPS works together with your
SPI Firewall, IP Based Access Control List (ACL), Network
Address Port Translation (NAPT), and Virtual Private
Network (VPN) to achieve the highest level of security. IPS
works by providing real-time detection and prevention as
an in-line module in a router.
The RVS4000 has hardware-based acceleration for real-
time pattern matching for detecting malicious attacks. It
actively filters and drops malicious TCP/UDP/ICMP/IGMP
packets and can reset TCP connections. This protects your