IT Infrastructure PDF
Document Details
Uploaded by IngenuousSerpentine8902
Texas A&M University – San Antonio
Tags
Summary
This document provides an overview of IT infrastructure, covering computer hardware, end-user devices, internal and external hardware, network infrastructure hardware, and other related concepts. It discusses various aspects of networking, including protocols and topologies.
Full Transcript
**S2 M1 - IT Infrastructure** **Computer Hardware** -the physical components that comprise computers\ -external peripheral devices\ -back end devices: switches, servers, routers\ -can include end-user devices **End-User Devices** -directly interact with person\ -laptops and desktops\ -tablets\ -...
**S2 M1 - IT Infrastructure** **Computer Hardware** -the physical components that comprise computers\ -external peripheral devices\ -back end devices: switches, servers, routers\ -can include end-user devices **End-User Devices** -directly interact with person\ -laptops and desktops\ -tablets\ -wearables **Internal Computer Hardware** -microprocessor - the brain\ -graphics and sound cards\ -hard drives - permanent storage\ -random access memory (RAM) - temporary storage\ -the power supply\ -the motherboard - connects critical pieces **External Peripheral Devices** -not integrated into the machine itself\ -mouse, keyboard, speaker, microphone, disk drives, memory devices, network cards, monitors **Infrastructure Housing** -data center or offices\ -advanced security systems\ -ventilation and climate control **Network Infrastructure Hardware** -hardware, software, layout, and topology of network resource that enables connectivity and communication\ \ -modems\ -routers\ -switches\ -gateways\ -edge-enabled devices\ -servers\ -firewalls **Modem** -connects computer to internet\ -receives analog signals from internet service and translates those into digital signals\ -brings internet to a home or office\ -modem has a public IP address **Routers** -manage a network traffic by connecting devices to form a network\ -reads source packets and routes them\ -assign IP adresses\ -link between a modem and switches **Hubs** -primitive device\ -connection point that link multiple systems and devices\ -receive data packets and forward them to other devices Switches -can divide one network connection into multiple connections (printers, servers, end user machine)\ -not as advanced as a router, can\'t assign IP address\ -like a hub but can only route traffic to target destination **Gateways** -acts as an intermediary between networks\ -reads and converts protocol **Proxies** -form of gateway that does not translate protocols but acts as a mediator\ -blocks hackers **Protocol** -rule or set of rules that govern the way in which information is transmitted\ -TCP/IP - common internet protocol **Edge-Enabled Devices** -allows computing, storage, and networking functions to be close to the devices where the data or system request originates\ -decentralizes computing power\ -faster network response times **Servers** -master coordination and communication of core functions in a network\ -coordinate the computers, programs, and data\ -client requests data from server - server sends data back **Signal Modifiers** -receive signals, modify them by increasing signal strength\ -types of signals are electrical, radio frequency, audio, optical **Firewalls** -user identification and authentication that prevents unauthorized access to network\ -physical, software, or both\ -improves traffic\ -prevent traffic from crossing networks **Basic Packet-Filtering Firewalls** -work to analyze network traffic that is transmitted in packets\ -determine if firewall storage can accept the data\ -can be set to only allow trusted sources (IP) **Circuit-Level Gateway Firewalls** -verify the source of the packet and meet rules and policies set by security team **Application-Level Gateway Firewall** -inspect the packet itself\ -resource-intensive and may have slow performance **Network Address Translation Firewalls** -assign an IP address to specific approved sources\ -those source are approved to be in firewall\ \ -can allow machines on a private network to share a single public address to mask their true identity **Stateful Multilayer Inspection Firewalls** -combine packet-filtering and network address translation **Next-Gen Firewalls** -assign different firewall rules to different applications as well as users **Topology** -physical layout or nodes in a network **Bus Topology** -layout is either in a linear or tree form, with each node connected to a single line or cable\ -disadvantage: if the central line is compromised the entire network goes offline **Mesh Topology** -numerous connections between nodes\ -commonly used in wireless networks\ -disadvantage: high traffic, costly **Ring Topology** -nodes are connected in a circular path in a ring\ -advantage: collision is minimized or eliminated\ -disadvantage: slow network performance **Star Topology** -data passes through a central hub\ -advantage: easy to identify damaged cables **Open Systems Interconnection Model (OSI)** -OSI model was developed by the International Organization for Standardization (IOS)\ -segregates network functions into seven different layers, each responsible for a specific data exchange **OSI Model - 7 Layers** APSTNDP\ \ 7. Application\ 6. Presentation\ 5. Session\ 4. Transport\ 3. Network\ 2. Data Link\ 1. Physical **Application Layer - Layer 7** \*serves as the interface between applications.\ \ -Hypertext Transfer Protocol (HTTP)\ -File Transfer Protocol (FTP)\ -Simple Mail Transfer Protocol (SMTP)\ -Electronic Data Interchange (EDI) **Presentation Layer - Layer 6** \*transforms data received from the application layer into a format that other devices using the OSI model can interpret, such as standard formats for videos, images, and web pages\ \*encryption occurs at this layer\ \ -American Standard Code for Information Interchange (ASCII)\ -Joint Photographic Experts Group (JPEG)\ -Moving Pictures Expert Group (MPEG) **Session Layer - Layer 5** \*session between communicating devices to be established and maintained\ \ -Structured Query Language (SQL)\ -Remote Procedure Call (RPC)\ -Network File System (NFS) **Transport Layer - Layer 4** \*supports and controls communication connections between devices\ \*sets rules for how devices are referenced\ \ -Transmission Control Protocol (TCP)\ -User Datagram Protocol (UDP)\ -Secure Sockets Layer (SSL)\ -Transport Layer Security (TLS) **Network Layer - Layer 3** \*adds routing address headers or footers\ \ -Internet Protocol (IP)\ -Internet Protocol Security (IPSec)\ -Network Address Translation (NAT)\ -Internet Group Management Protocol (IGMP) **Data Link - Layer 2** \*data packets are formatted for transmission\ \*adds Media Access Control (MAC) addresses\ \ -Integrated Services Digital Network (ISDN)\ -Point-to-Point Tunneling Protocol (PPTP)\ -Layer 2 Tunneling Protocol (L2TP)\ -Address Resolution Protocol (ARP) **Physical Layer - Layer 1** \*converts the message into bits (0 and 1) so it can be transmitted\ \ -Hight Speed Serial Interface (HSSI)\ -Synchronous Optical Networking (SONET) **Common Types of Network Architecture** -Local Area Networks (LAN): limited geographical area (house)\ -Wide-Area Networks (WAN): larger area (multiple offices, the internet)\ -Software-Defined WAN: manages traffic to optimize connectivity\ -Virtual Private Network (VPN): remote and secure access to an existing network **Operating Systems (OS)** -the software that supports a computer\'s basic functions, such as scheduling tasks, executing applications, and controlling peripherals.\ -example: Windows, MacOS, iOS **Firmware** -software that is local\ -directs functions of motherboard or microprocessor\ -not updated frequently or at all **Mobile Technology** -wireless enabled devices that connect to internet\ -combines hardware such a laptops, tablets, hotspots, mobile phones, mobile applications, operating systems\ -connectivity done with Wi-Fi, Bluetooth, 4G or 5G LTE cellular technology\ -can be user end devices (EUDs) or non EUDs **Internet of Things Devices** -Siri, Alexa, TV, iHome\ -an extension of mobile technology\ -typically require Bluetooth or internet connection **Cloud Computing** -computing model that uses shared resources over the internet\ -rent storage space, processing power, proprietary software, or a combination of the three\ -low up front costs **Cloud Computing Models - Infrastructure as a Services (IaaS)** CORE IT HARDWARE\ \ -outsource servers, storage, hardware, networking services, and networking components to third-party\ -CPS is responsible for physical management of that infrastructure\ -degree of control will vary **Cloud Computing Models - Platform as a Service (PaaS)** CORE IT HARDWARE, SOME MANAGEMENT & ABILITY TO DEVELOP APPLICATIONS\ \ -tools or solutions remotely provided\ -building an e-commerce platform, advertising products, building a website **Cloud Computing Models - Software as a Service (SaaS)** ALL IT, MANAGEMENT, AND APPLICATION DESIGN\ \ -company is selling applications\ -commonly offered with Business Processes as a Services (BPaaS): outsources payroll, billing, logistics Cloud computing Deployment Models -Public: available to all people\ -Private: created for a single organization\ -Hybrid: one piece for specific organization, one for public use\ -Community: shared by multiple organizations to support a common interest **Cloud Service Provider (CSP)** -the third party who provides cloud computing services\ -often have advanced skills and experience\ -Cloud Controls Matrix - framework designed for best practices regarding cloud security **Committee of Sponsoring Organizations (COSO)** -developed guidance and best practices for internal control, enterprise risk management, governance and fraud deterrence **COSO Enterprise Risk Management** \*specific guidance on how to apply enterprise risk management\ \ SPRIG\ -Strategy & Objective Setting\ -Performance\ -Review & Revision\ -Information, Communication & Reporting\ -Governance and Culture **COSO Enterprise Risk Management - Strategy & Objective Setting** \*define risk appetite COSO Enterprise Risk Management - Performance \*prioritize their risks based on risk appetite COSO Enterprise Risk Management - Review and Revision \*reviewing a company\'s performance over time COSO Enterprise Risk Management - Information, Communication, and Reporting \*continual process in place that supports sharing internal and external information COSO Enterprise Risk Management - Governance and Culture \*sets the company\'s tone\ \*board oversight COSO Enterprise Risk Management Framework Components \*helps organizations establish ideal configurations for cloud options\ \ **CRRIME OIE**\ \ C - Control Activities\ R - Risk Assessment\ R - Risk Response: avoid, reduce, accept, share risk\ I - Information: timeliness and availability of info\ M - Monitoring\ E\ \ O - Objective Setting: will it help or hinder goals\ I - Internal Environment\ E - Event ID: are risks easier or harder to detect **What to do when implementing CSP?** 1\) create steering committee\ 2) assess risk of adding CSP\ 3) define systems and structure provided by CSP\ 4) integrate governance of CSP with existing risk management policies **Cloud Computing Risks** -competitor adoption\ -risk ecosystem - diversifying risk or concentrating risk\ -transparency\ -reliability and performance\ -lack of application\ -security and compliance\ -application portability (vendor lock-in) **Cloud Risks - High or Low** risk increases when:\ -moving from a private to public model\ -moving from a SaaS to IaaS model **\ **
