By RJ Gazarek
The intent of this post is an introduction for people who are either exploring getting into some sort of network administration, either for your personal education (such as a college degree) or maybe you’re looking to make a career change. When it comes to understanding more complex aspects, such as cyber security, sometimes it’s best to start at the beginning before building up to that.
This is going to be the first in a series of educational posts to help build up a foundation of knowledge that leads up to what we here at Thycotic are concerned about: preventing cyber attacks. However, in order to understand the best ways to prevent those attacks, and how hackers make their way through your network, you have to understand the basics first.
Please note: if you are a seasoned veteran in the system and network administration, and you think we’ve missed anything here, please don’t hesitate to reach out and let us know! We are working to strike a fine balance between simplicity for understanding, but detailed enough to drive interest!
Networks are all about the storage and transfer of data and information by connecting different systems with specific purposes. Networks consist of two main parts:
- Paths – physical and virtual – that are used to transmit data and information
- Devices – Used to access and work on data and information
So you have to have different devices to store, access, and perform actions on data as well as a way to transmit that data between systems. So let’s take a look at these two aspects, and break them down further.
In order for a network to actually function, you have to have a way for different systems to communicate with each other; a physical way to transmit data over some sort of distance. This is typically accomplished in 1 of 2 ways.
- Hardwire: Ethernet, Fiber optics, etc
- Wireless: Wifi, Radiowaves, etc
There are also virtual paths, that are meant to transfer data within a single physical system between virtual devices – virtualization of a network is a bit outside the scope of a 101 post, so we will save that for a later time.
Devices make up the network that we interact with on a daily basis. These physical systems are categorized into a few main buckets:
- Endpoint / User Devices
- Server / Storage devices
- Network traffic devices
Oh, how deep the rabbit hole goes! So let’s take a look at each of these device types in a bit more detail, as they really serve the foundation for more understanding later on, and are typically what companies segment their departments around.
Endpoints / User Devices
Endpoints typically are any device that can serve as a user’s entry into a network. For the point of this article we are going to refer to endpoints as the devices that humans use to interact with a network, so in this case: Desktops, Laptops, Tablets, and Smartphones. These devices, are connected to a business network via WiFi or a hardwired ethernet cable (typically) and serve as different End… Points… of a network. See? Endpoints? Right!
Server / Storage Devices
Servers and storage devices are, just as the name implies, devices used to serve up and store data. Typically you won’t always have direct access to these devices with a monitor and keyboard plugged into them, but instead access them through some other endpoint (Servers can be the exception here, you often will actually come across servers with direct input/output access). Storage devices, whether they’re NAS devices, backups, DR systems, etc, are meant to keep large amounts of data, intact, over a long period of time.
Servers are worth mentioning separately because they often are the core and foundation of a business’s network, and servers can come in all different flavors. It’s typically up to an organization how they want to manage their servers, and if they prefer all of their business applications on a single server, or segregated across a number of servers. For example, a company may have a mail server, a domain controller, a database/SQL server, a DNS server, and a web server all across multiple physical machines. Or, if the business is small enough, they may incorporate all of these different services and functions on a single machine. Either way, in most cases, servers are what endpoints need to communicate with in order to facilitate their connection and access across the network: whether it’s to receive corporate email, or access sensitive files.
Network Traffic Devices
These devices serve a very specific use cases and are ones most people are familiar with, maybe without even realizing it. Network traffic devices consist of things such as:
- Access Points / Repeaters
If you have the internet in your home, you are most likely already familiar with a Modem and/or a Router; the device your internet provider tells you to restart whenever you call their support with a problem. All of these different devices are a great place to start for our next post, Business Networks 201!
Why is this important?
It’s important to understand just how simple or complex a network can be. Why? Because we often forget about everything involved. Just like a chain, your network is only as strong as your weakest link! As such, it’s important that every single device connected to your network is protected from attacks. It is also important that there are safeguards in place, for when a device is compromised. Also, every single has an administrative account on it; an account that can be used to login to the system and make critical changes to how the system operates. Every. Single. Device. And these administrative accounts, in the IT and Security world, are called Privileged Accounts.
As you can imagine, Privileged Accounts are what attackers try to go after, because they provide a level of power that gives someone unlimited access to that device, to extract data and cover up their tracks; and protecting these devices are critical. That’s where a company like Thycotic can help, the leading provider of Privileged Account Management; the ability to automatically discover, control, manage, and protect these highly sensitive and powerful accounts. Learn more about our PAM solution, Secret Server.