Network Components

Understanding the role and function of each network component is fundamental to the CCNA exam. Every enterprise network is built from a combination of these devices, each operating at specific layers of the OSI model and performing distinct functions.

Routers

A router is a Layer 3 (Network layer) device that forwards packets between different networks based on IP addresses. Routers are the backbone of inter-network communication.

Key Functions:

• Packet forwarding between networks using routing tables
• Path selection using routing protocols (OSPF, EIGRP, BGP) or static routes
• Network segmentation by creating separate broadcast domains
• WAN connectivity connecting LANs to the internet or remote sites
• NAT/PAT translating private IP addresses to public addresses
• Access Control Lists (ACLs) filtering traffic based on source/destination IP, port, protocol
• Quality of Service (QoS) prioritizing critical traffic

Common Cisco Router Models:

On the Exam: Know that routers create broadcast domain boundaries. Every interface on a router is a separate broadcast domain. This is a key distinction from switches.

Layer 2 Switches

A Layer 2 switch operates at the Data Link layer, forwarding Ethernet frames based on MAC addresses. Switches are the foundation of LAN infrastructure.

Key Functions:

• Frame forwarding using the MAC address table (CAM table)
• MAC address learning by inspecting source MAC addresses of incoming frames
• Loop prevention using Spanning Tree Protocol (STP)
• VLAN support creating logical network segments
• Full-duplex communication on each port

How a Layer 2 Switch Processes Frames:

1. Frame arrives on a port
2. Switch reads the source MAC address and adds it to the MAC address table (associated with the ingress port)
3. Switch reads the destination MAC address
4. If the destination MAC is in the table → forward the frame out the correct port
5. If the destination MAC is NOT in the table → flood the frame out all ports (except the ingress port)
6. If the destination MAC is a broadcast (FF:FF:FF:FF:FF:FF) → flood the frame out all ports

Layer 3 Switches (Multilayer Switches)

A Layer 3 switch combines the functionality of a Layer 2 switch with routing capabilities. It can forward frames based on MAC addresses AND route packets based on IP addresses.

Key Advantages over Routers for Inter-VLAN Routing:

• Hardware-based routing using ASICs (Application-Specific Integrated Circuits) — faster than software-based routing on traditional routers
• Higher port density — dozens or hundreds of Ethernet ports
• Lower cost per port compared to router interfaces
• Wire-speed forwarding for both switching and routing

When to Use a Layer 3 Switch vs. a Router:

Next-Generation Firewalls (NGFW)

A firewall inspects and filters traffic between network segments based on security rules. Modern Next-Generation Firewalls (NGFWs) add deep packet inspection, application awareness, and intrusion prevention.

Key Functions:

• Stateful packet inspection — tracks connection states (TCP handshake, etc.)
• Application-layer filtering — identifies and controls applications (e.g., block Facebook but allow LinkedIn)
• Intrusion Prevention System (IPS) — detects and blocks known attack signatures
• URL filtering — blocks access to malicious or inappropriate websites
• Malware protection — scans files and traffic for malware
• VPN termination — endpoint for site-to-site and remote-access VPNs

Common Cisco Firewall Products:

• Cisco Secure Firewall (formerly Firepower) — enterprise NGFW
• Cisco ASA — legacy but still widely deployed

On the Exam: Understand that a firewall creates a security boundary (typically between trusted/untrusted networks). Know the difference between stateful inspection (tracks connections) and stateless packet filtering (evaluates each packet independently).

Intrusion Prevention Systems (IPS)

An IPS monitors network traffic for suspicious activity and can automatically take action to block or mitigate threats.

IPS vs. IDS:

Wireless Access Points (APs)

A wireless access point bridges wireless clients to the wired network. APs transmit and receive radio signals in the 2.4 GHz and 5 GHz (and now 6 GHz) frequency bands.

AP Modes:

• Autonomous AP — standalone, configured individually
• Lightweight AP (LAP) — managed centrally by a Wireless LAN Controller (WLC)
• Cloud-managed AP — managed via cloud dashboard (e.g., Cisco Meraki)

Controllers

Network controllers provide centralized management of network devices. In a software-defined networking (SDN) architecture, the controller is the "brain" of the network.

Cisco DNA Center (now Catalyst Center):

• Centralized management, monitoring, and automation platform
• Provides intent-based networking
• Automates device provisioning, policy deployment, and compliance
• Offers network analytics and assurance

Wireless LAN Controller (WLC):

• Centrally manages lightweight access points
• Handles roaming, RF management, security policies
• Simplifies wireless network deployment at scale

Endpoints and Servers

Endpoints are the devices that generate or consume network traffic:

• Workstations, laptops, tablets, smartphones
• IP phones, printers, IoT devices
• Security cameras, environmental sensors

Servers host applications and services:

• Web servers, email servers, file servers
• DNS servers, DHCP servers, NTP servers
• Authentication servers (RADIUS, TACACS+)
• Virtualization hosts (running VMs and containers)