Page 819 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 819

operating at layer 2 are part of the same broadcast domain but are in
               different collision domains. Brouters are used to connect network

               segments that use the same protocol.

               Gateways A gateway connects networks that are using different
               network protocols. A gateway is responsible for transferring traffic
               from one network to another by transforming the format of that traffic
               into a form compatible with the protocol or transport method used by
               each network. Gateways, also known as protocol translators, can be

               stand-alone hardware devices or a software service (for example, an
               IP-to-IPX gateway). Systems on either side of a gateway are part of
               different broadcast domains and different collision domains. Gateways
               are used to connect network segments that use different protocols.
               There are many types of gateways, including data, mail, application,
               secure, and internet. Gateways typically operate at OSI layer 7.

               Proxies A proxy is a form of gateway that does not translate across

               protocols. Instead, proxies serve as mediators, filters, caching servers,
               and even NAT/PAT servers for a network. A proxy performs a function
               or requests a service on behalf of another system and connects
               network segments that use the same protocol. Proxies are most often
               used in the context of providing clients on a private network with
               internet access while protecting the identity of the clients. A proxy
               accepts requests from clients, alters the source address of the

               requester, maintains a mapping of requests to clients, and sends the
               altered request packets out. This mechanism is commonly known as
               Network Address Translation (NAT). Once a reply is received, the
               proxy server determines which client it is destined for by reviewing its
               mappings and then sends the packets on to the client. Systems on
               either side of a proxy are part of different broadcast domains and

               different collision domains.



                  Network Infrastructure Inventory


                  If you can gain approval from your organization, perform a general
                  survey or inventory of the significant components that make up
                  your network. See how many different network devices you can

                  locate within your network. Also, do you notice any patterns of
   814   815   816   817   818   819   820   821   822   823   824