WEBVTT 0:00:03.880000 --> 0:00:07.020000 So, in this video, I'm going to answer the question that you might have, 0:00:07.020000 --> 0:00:10.980000 which is, why do I need to know really anything about applications if 0:00:10.980000 --> 0:00:15.700000 I'm studying for my Cisco CCNA routing and switching application? 0:00:15.700000 --> 0:00:19.020000 I mean, after all, my certification, I mean, after all, I'm studying to 0:00:19.020000 --> 0:00:23.860000 learn how to configure, troubleshoot, and monitor Cisco routers and switches. 0:00:23.860000 --> 0:00:29.500000 What do applications at layer 7 of the OSI model have anything to do with 0:00:29.500000 --> 0:00:35.660000 that? First of all, you have to ask yourself, why do you want to be a 0:00:35.660000 --> 0:00:39.920000 CCNA? You know, most people that are pursuing their CCNA certification 0:00:39.920000 --> 0:00:45.540000 is because in some fashion, they want to gain employment in the world 0:00:45.540000 --> 0:00:48.880000 of networking. They want to be a network administrator, maybe someday 0:00:48.880000 --> 0:00:50.640000 a network engineer. 0:00:50.640000 --> 0:00:54.220000 So, they want to be able to actually touch and start working on those 0:00:54.220000 --> 0:00:58.480000 routers and switches that they see blinking away in the cages of their 0:00:58.480000 --> 0:01:01.360000 company that they currently can't get access to. 0:01:01.360000 --> 0:01:03.560000 So, that's the ultimate goal. 0:01:03.560000 --> 0:01:07.980000 But a network administrator, if you actually do get that job or a network 0:01:07.980000 --> 0:01:14.340000 engineer, can't effectively do their job if all they know about are routers 0:01:14.340000 --> 0:01:17.480000 and switches. If that's all you know about, you don't know anything about 0:01:17.480000 --> 0:01:21.760000 applications, it's going to be really hard to do your job. 0:01:21.760000 --> 0:01:27.020000 Why is that? Well, because, you know, your job responsibilities as a network 0:01:27.020000 --> 0:01:31.620000 admin or network engineer might include monitoring existing links for 0:01:31.620000 --> 0:01:33.020000 bandwidth consumption. 0:01:33.020000 --> 0:01:37.140000 Well, if you don't know what applications are in your network and you 0:01:37.140000 --> 0:01:42.620000 don't know how those applications work, what their objective is, how often 0:01:42.620000 --> 0:01:46.800000 they're expected to be active and doing something, how can you predict 0:01:46.800000 --> 0:01:52.240000 how much network bandwidth is going to be used by those applications? 0:01:52.240000 --> 0:01:55.720000 And if you can't predict that, how can you predict how much network bandwidth 0:01:55.720000 --> 0:01:58.200000 you're going to need in your company? 0:01:58.200000 --> 0:02:02.900000 You can't. Another job that you might have is implementing and monitoring 0:02:02.900000 --> 0:02:05.800000 basic security policies with access lists. 0:02:05.800000 --> 0:02:10.140000 Once again, if you don't know what applications are authorized and allowed 0:02:10.140000 --> 0:02:15.880000 in your network, then how can you create and structure and implement access 0:02:15.880000 --> 0:02:20.460000 lists to allow those authorized ones, but to deny or block the unauthorized 0:02:20.460000 --> 0:02:23.280000 applications? You can't. 0:02:23.280000 --> 0:02:27.160000 Similarly, troubleshooting problems in the network that could impact network 0:02:27.160000 --> 0:02:30.060000 -based applications. 0:02:30.060000 --> 0:02:32.600000 You know, computer networks, you know, routers and switches can have a 0:02:32.600000 --> 0:02:36.760000 variety of things that can go wrong, from completely crashing and dying, 0:02:36.760000 --> 0:02:41.380000 to having congestion, to having jitter and delay, and a whole variety 0:02:41.380000 --> 0:02:45.340000 of things, to routes, changing and shifting to different paths. 0:02:45.340000 --> 0:02:49.960000 And all of those things impact applications to one degree or another. 0:02:49.960000 --> 0:02:53.660000 It might cause the application not to be able to even start at all. 0:02:53.660000 --> 0:02:57.080000 It might show up as an application starting but just sort of appearing 0:02:57.080000 --> 0:03:01.140000 to be hung and not doing anything, or a variety of things. 0:03:01.140000 --> 0:03:04.020000 So if you don't know what applications you have running in your network 0:03:04.020000 --> 0:03:12.800000 and you don't know at a time when a problem occurs in the network, how 0:03:12.800000 --> 0:03:17.240000 that's impacting the applications in your network. 0:03:17.240000 --> 0:03:22.700000 So some of the questions that you're going to need to be able to answer 0:03:22.700000 --> 0:03:27.940000 as a network administrator or network engineer are what are our applications? 0:03:27.940000 --> 0:03:30.900000 You know, what is running in my company? 0:03:30.900000 --> 0:03:35.680000 Are they client server or are they peer-to-peer applications? 0:03:35.680000 --> 0:03:38.800000 And if you're not familiar with those terms, I'll go over that. 0:03:38.800000 --> 0:03:40.800000 I'll explain what the differences are. 0:03:40.800000 --> 0:03:44.760000 Are those applications TCP or UDP-based? 0:03:44.760000 --> 0:03:49.740000 What port numbers are in use by those applications? 0:03:49.740000 --> 0:03:52.360000 That's going to be especially critical if you're trying to track down 0:03:52.360000 --> 0:03:56.480000 that traffic in a packet sniffer output, a wire shark output, or if you're 0:03:56.480000 --> 0:04:00.740000 trying to implement security access lists and firewalls allowing and denying 0:04:00.740000 --> 0:04:02.140000 certain applications. 0:04:02.140000 --> 0:04:05.640000 Knowledge of the port numbers that they use is going to be critical for 0:04:05.640000 --> 0:04:07.040000 that kind of thing. 0:04:07.040000 --> 0:04:10.080000 Name resolution. 0:04:10.080000 --> 0:04:14.860000 You know, a lot of applications out there have as an integral component 0:04:14.860000 --> 0:04:19.520000 name resolution, where the application itself, you provided some human 0:04:19.520000 --> 0:04:24.820000 readable name, and it needs to be able to resolve that name to a number, 0:04:24.820000 --> 0:04:27.180000 usually an IP address. 0:04:27.180000 --> 0:04:30.760000 So if the app, first of all, you'd have to ask yourself, is the application 0:04:30.760000 --> 0:04:34.060000 I'm concerned with doing that kind of thing? 0:04:34.060000 --> 0:04:39.140000 And in what circumstances would this application need to perform name 0:04:39.140000 --> 0:04:43.900000 resolution? And when it's performing name resolution, how is it doing 0:04:43.900000 --> 0:04:48.580000 that? Is there a file within a server somewhere that it looks up internally, 0:04:48.580000 --> 0:04:51.640000 locally to itself, that resolves names to addresses? 0:04:51.640000 --> 0:04:53.620000 Does it utilize DNS to do that? 0:04:53.620000 --> 0:04:56.840000 We need to be able to answer those questions. 0:04:56.840000 --> 0:04:58.520000 Where are the servers? 0:04:58.520000 --> 0:05:02.020000 Okay, so once we know what applications are allowed and authorized on 0:05:02.020000 --> 0:05:05.720000 our site, the next thing we have to ask ourselves is, okay, where are 0:05:05.720000 --> 0:05:10.100000 the servers actually located that are required to make these applications 0:05:10.100000 --> 0:05:12.960000 work? Are the servers on our site? 0:05:12.960000 --> 0:05:15.220000 Are they actually in our campus and are building somewhere? 0:05:15.220000 --> 0:05:17.120000 And if so, where are they? 0:05:17.120000 --> 0:05:18.620000 Or are they hosted off-site? 0:05:18.620000 --> 0:05:22.060000 Are we maybe using Amazon servers or some other cloud-based solution? 0:05:22.060000 --> 0:05:27.720000 You have to know that in order to be able to troubleshoot problems. 0:05:27.720000 --> 0:05:31.460000 And what security-related concerns do I need to know about? 0:05:31.460000 --> 0:05:35.860000 In other words, where are applications allowed? 0:05:35.860000 --> 0:05:40.120000 There might be certain applications that payroll uses that's really super 0:05:40.120000 --> 0:05:44.020000 secret and only payroll is authorized to use those, so we need to know 0:05:44.020000 --> 0:05:48.740000 that. So we can implement firewall and access list policies in other parts 0:05:48.740000 --> 0:05:52.740000 of the network so that that application won't be sending data to parts 0:05:52.740000 --> 0:05:55.140000 of the network it shouldn't have access to. 0:05:55.140000 --> 0:06:00.360000 Are these applications supposed to be available 24 by 7? 0:06:00.360000 --> 0:06:03.400000 Or are they only supposed to be available like at certain times of the 0:06:03.400000 --> 0:06:07.500000 day? Ban with allowances. 0:06:07.500000 --> 0:06:10.480000 You know, there's certain applications, for example, multicast. 0:06:10.480000 --> 0:06:14.680000 If we're talking about multicast video, multicast video consumes a lot 0:06:14.680000 --> 0:06:18.260000 of bandwidth, especially if we're talking about high-definition crystal 0:06:18.260000 --> 0:06:21.460000 -clear video consumes a lot of bandwidth. 0:06:21.460000 --> 0:06:25.300000 So you might have to know, okay, is video allowed in my network? 0:06:25.300000 --> 0:06:28.840000 What part of my network is it allowed in? 0:06:28.840000 --> 0:06:32.380000 And how much bandwidth do I really want it to use? 0:06:32.380000 --> 0:06:35.320000 Do I want people to be able to start and use video wherever, whenever 0:06:35.320000 --> 0:06:40.920000 they want? Because if I do, I might end up accidentally starving out the 0:06:40.920000 --> 0:06:42.080000 bandwidth of some other stuff. 0:06:42.080000 --> 0:06:46.120000 Maybe some voice-over IP phone call will start dropping because there's 0:06:46.120000 --> 0:06:49.940000 not enough bandwidth left for my IP telephony traffic or other types of 0:06:49.940000 --> 0:06:52.760000 things. So we need to know, you know, what kind of bandwidth allowances 0:06:52.760000 --> 0:06:57.940000 am I going to provide for the various authorized applications that are 0:06:57.940000 --> 0:07:03.480000 in my network? And credential storage and administration for applications 0:07:03.480000 --> 0:07:05.320000 that require credentials. 0:07:05.320000 --> 0:07:09.260000 In other words, applications that require someone to provide a username 0:07:09.260000 --> 0:07:13.740000 and a password or require someone to provide a digital certificate or 0:07:13.740000 --> 0:07:16.700000 something. Where are those credentials stored? 0:07:16.700000 --> 0:07:18.320000 Once again, are they on-site? 0:07:18.320000 --> 0:07:19.840000 And if so, where? 0:07:19.840000 --> 0:07:21.120000 Where is the server located? 0:07:21.120000 --> 0:07:23.060000 What closet and what room? 0:07:23.060000 --> 0:07:26.160000 How is it connected to the network where those credentials are stored? 0:07:26.160000 --> 0:07:27.540000 Or is it off-site? 0:07:27.540000 --> 0:07:31.320000 And if so, who's the contact I'm going to call if I have problems with 0:07:31.320000 --> 0:07:33.760000 the credentials? 0:07:33.760000 --> 0:07:37.700000 And also, what's my policy going to be if I discover that there's a rogue 0:07:37.700000 --> 0:07:39.540000 application in the network? 0:07:39.540000 --> 0:07:43.880000 Is my policy going to be that I'm going to let it keep going and I'm going 0:07:43.880000 --> 0:07:47.480000 to monitor it so I can try to track down and be who's doing it? 0:07:47.480000 --> 0:07:50.400000 Or is my policy that I'm going to have a firewall or an access list in 0:07:50.400000 --> 0:07:52.700000 place so that it can't even start? 0:07:52.700000 --> 0:07:54.300000 I don't even care about tracking it down. 0:07:54.300000 --> 0:07:57.060000 It's just stop dead and can't even start in the first place. 0:07:57.060000 --> 0:08:00.740000 Or some other policy, what am I going to do if I discover there's a rogue 0:08:00.740000 --> 0:08:04.220000 application that I did not authorize running in my network? 0:08:04.220000 --> 0:08:08.660000 So as a network administrator or network engineer, these are all application 0:08:08.660000 --> 0:08:12.620000 -related questions that you're going to need to deal with at some point 0:08:12.620000 --> 0:08:14.880000 and you're going to need to be able to answer. 0:08:14.880000 --> 0:08:19.960000 So in summary, a network admin doesn't necessarily need to know the intricate 0:08:19.960000 --> 0:08:23.680000 details of how an application works. 0:08:23.680000 --> 0:08:28.720000 In other words, you don't need to know the gory details of emails necessarily. 0:08:28.720000 --> 0:08:32.420000 Maybe you actually are not the email administrator. 0:08:32.420000 --> 0:08:37.360000 It's not your job to set up the email application, configure it, get all 0:08:37.360000 --> 0:08:40.200000 the bells and whistles working so you don't have to know all the various 0:08:40.200000 --> 0:08:42.580000 different options of your email system. 0:08:42.580000 --> 0:08:47.120000 You don't have to know specifically the message types and message sizes 0:08:47.120000 --> 0:08:48.520000 are going back and forth. 0:08:48.520000 --> 0:08:53.140000 But you do need to know is email being used? 0:08:53.140000 --> 0:08:55.160000 What kind of email is being used? 0:08:55.160000 --> 0:08:57.440000 Who's allowed to use the email? 0:08:57.440000 --> 0:09:00.440000 So without the information that we talked about the preceding slides, 0:09:00.440000 --> 0:09:06.840000 configuring a network to meet predefined requirements would be impossible. 0:09:06.840000 --> 0:09:10.280000 So hopefully by now you've got a pretty good idea of, okay, even though 0:09:10.280000 --> 0:09:13.660000 I really love routers and switches, I probably need to know a little bit 0:09:13.660000 --> 0:09:15.760000 about applications as well. 0:09:15.760000 --> 0:09:18.700000 So that being the case, let's go into the next video where I'm going to 0:09:18.700000 --> 0:09:23.600000 provide a high-level overview of the differences between TCP and UDP.