Network Protocols Definition

Network protocols are a set of rules outlining how connected devices

communicate across a network to exchange information easily and
safely. Protocols serve as a common language for devices to enable
communication irrespective of differences in software, hardware, or
internal processes.

Types of network protocols

• Network Communication Protocols

• Network Security Protocols
• Network Management Protocols

Network Communication Protocols

• Hyper-Text Transfer Protocol (HTTP):

• Transmission Control Protocol (TCP):.
• Internet Protocol (IP):
• User Datagram Protocol (UDP)
• File Transfer Protocol (FTP):

Network Security Protocols

• Secure File Transfer Protocol (SFTP):

• Hyper-Text Transfer Protocol Secure (HTTPS):
• Secure Socket Layer (SSL):

Network Management Protocols

• Simple Network Management Protocol (SNMP): .

• Internet Control Message Protocol (ICMP):
 How do network protocols function in each OSI model layer?

The OSI (Open Systems Interconnection) model is a reference

framework that explains how data is transmitted between computers.
It consists of seven layers, each with specific functions: “Please Do
Not Touch Steve’s Pet Alligator.”

Layer 7: Application

• Function: Provides services directly to applications like web

browsers, email clients, and file transfer programs.
• Protocols: HTTP, HTTPS, FTP, SMTP, DNS, SSH, Telnet

Layer 6: Presentation

• Function: Handles data

encryption, decryption, compression, and formatting.
• Protocols: SSL/TLS, ASCII

Layer 5: Session

• Function: Establishes, manages, and terminates sessions

between communicating applications.
• Protocols: RPC, NetBIOS

Layer 4: Transport

• Function: Provides reliable data transfer between applications

on different hosts.
• Protocols: TCP, UDP, SCTP

Layer 3: Network

• Function: Handles routing and logical addressing of data packets

across networks.
• Protocols: IP, IPv6, ICMP, BGP, OSPF
Layer 2: Data Link

• Function: Provides error-free transmission of data frames over

physical links.
• Protocols: Ethernet, Wi-Fi, Token Ring, PPP

Layer 1: Physical

• Function: Transmits raw data bits over physical media like cables
or wireless signals.
• Protocols: RS-232, USB, Fiber Optic

tcp/ip format

TCP/IP, or Transmission Control Protocol/Internet Protocol, is a suite

of protocols responsible for data communication over networks.
While it isn't a single format, both TCP and IP have their own distinct
structures and roles within the communication process.

TCP Segment:

• Function: Provides reliable, in-order delivery of data between

applications on different hosts.

IP Datagram:

• Function: Routes data packets across networks based on their

destination IP addresses.

Imagine sending a physical letter. The paper with the written message
is like the TCP segment (data), and the envelope with the addresses
and stamps is like the IP datagram (routing information). You put the
letter inside the envelope and address it before sending it through the
postal system (similar to how TCP segments are wrapped within IP
datagrams for network routing).
Explain about firewall

It acts as a security barrier, controlling incoming and outgoing traffic

to protect your precious data and systems from unwanted intruders.
Filters traffic: the firewall examines incoming and outgoing data
packets based on predefined rules. t allows authorized traffic and
blocks suspicious or malicious traffic

Types of firewalls:

• Packet-filtering: Inspects individual data packets based on

source/destination addresses and ports.
• Stateful firewalls: Tracks connections and monitors their
activity, offering more granular control.
• Application-level firewalls: Analyze data
content, identifying and blocking specific applications or
malware.

what is ftp

FTP, or File Transfer Protocol, is a communication protocol used

for transferring files between computers over a network. In
summary, FTP remains a versatile tool for efficient and reliable
file transfers over networks, especially when security is not a
primary concern. For highly sensitive data, consider secure
alternatives like FTPS or SFTP.
What Is DNS?

• The Domain Name System (DNS) serves as the phonebook of

the Internet.
• Humans access online information through domain names

• Dynamic IP Addresses: DNS handles dynamic IP changes for

devices with changing addresses.

DHCP

Dynamic Host Configuration Protocol (DHCP) is a network

management protocol used in Internet Protocol (IP) networks. Its
primary purpose is to automatically assign IP addresses and other
communication parameters to devices connected to the network.

NMS (Network Management System)

Definition:

o An NMS is a software platform designed for monitoring,

controlling, and troubleshooting computer networks.
SSH (Secure Shell):

• Function: Provides secure remote access to a computer over a

network.
• How it works:
o Establishes an encrypted connection between two
computers.
o Uses strong authentication methods like passwords and
keys to verify your identity.
o Allows you to execute commands on the remote computer
as if you were sitting directly in front of it.

VLAN (Virtual Local Area Network):

• Function: Logically segments a single physical network into

multiple isolated sub-networks.
• How it works:

• Uses special switches that tag data packets with VLAN

identifiers.
• Devices can only communicate with others in the same
VLAN, enhancing security and network management.
• Useful for creating separate networks for different
departments, guest access, or security levels.

VPN (Virtual Private Network):

• Function: Creates a secure tunnel over a public network like the

internet.
• How it works:

• Encrypts data before sending it over the public network.

• Requires authentication to access the VPN tunnel.
• Allows you to connect to a private network remotely as
if you were physically on it.

Switching:
 • Function: Connects devices within a single network, like your
home network or a company's internal network.

How it works:

o Each device connected to the switch has a unique MAC

address.
o When a device sends data, the switch reads the destination
address in the data packet.
o The switch then forwards the data only to the port
connected to the intended recipient device, not everyone
on the network. This avoids unnecessary traffic and
improves network performance.

Routing:

• Function: Connects different networks together, allowing

devices on different networks to communicate.

How it works:

o Uses logical addresses like IP addresses to determine the

best path for data packets.
o Routers have routing tables that tell them which direction
to send packets based on their destination network.
o Packets travel through multiple routers until they reach the
desired network and then the final device.

Key Differences:

• Scope: Switching operates within a single network, while routing

connects different networks.
• Addressing: Switching uses MAC addresses, while routing uses
IP addresses.

In summary:
 • Switching keeps traffic flowing smoothly within a network.
• Routing connects different networks and guides data to its final
destination.

SNMP (Simple Network Management Protocol):

Both SNMP and NetFlow are crucial tools for monitoring network
traffic and performance, but they serve different purposes:

• Function: Provides device-specific information about network

devices like routers, switches, and servers.
• Think of it as: A questionnaire system for network
devices, retrieving answers about their
health, performance, and configuration.

• How it works:
o Network management stations (NMS) send queries to
network devices equipped with SNMP agents.
o Agents respond with detailed information like CPU
usage, memory utilization, interface statistics, and error
messages.
o NMS can use this information to monitor network
health, troubleshoot issues, and optimize performance.
• Benefits:
o Simple and widely supported protocol.
o Offers a range of data points for monitoring various device
parameters.
o Can be used with different vendors and platforms.

NetFlow:
 • Function: Monitors network traffic flow in real-time, providing
insights into data volume, source and
destination, applications, and protocols.
• Think of it as: A traffic monitor on a highway, tracking the
number, type, and origin of vehicles (data packets) flowing
through.
• How it works:
o Network devices export NetFlow records containing
information about each data packet they process.
o NetFlow collectors analyze these records, providing
insights into traffic patterns, bandwidth usage, and
potential security threats.
• Benefits:
o Offers granular visibility into network traffic behavior.
o Helps identify network congestion, bottlenecks, and
suspicious activity.
o Can be used for traffic accounting, capacity planning, and
security analysis.

Key Differences:

• Focus: SNMP gathers device-specific information, while NetFlow

focuses on traffic flow.
• Data granularity: SNMP provides a broader range of device
data, while NetFlow offers detailed traffic information.
• Real-time vs. polling: SNMP uses polling for information, while
NetFlow offers real-time traffic visibility.

Choosing the right tool:

• Use SNMP: When you need detailed information about specific

devices, their configuration, and health.
• Use NetFlow: When you need real-time insights into traffic
patterns, sources, destinations, and potential security threats.
• Combine both: For a comprehensive understanding of your
network, use both SNMP and NetFlow together.
Additional notes:

• Both SNMP and NetFlow have different versions and

implementations.
• Security considerations are important when using these
protocols.

Windows Server and Cloud Computing Explained:

Windows Server:

• Function: An operating system specifically designed for

running servers on the Microsoft Windows platform.

Cloud Computing:

• Function: Delivery of on-demand computing services

(servers, storage, databases, networking) over the internet
instead of using physical hardware.

• Hyper-Text Transfer Protocol (HTTP): Commonly referred

to as the protocol of the internet that allows
communication between a server and browser.
• Transmission Control Protocol (TCP): A reliable,
connection-oriented protocol that helps in the sequential
transmission of data packets to ensure data reaches the
destination on time without duplication.
• Internet Protocol (IP): Facilitates routing the data packets
across networks. IP contains addressing and control
information to deliver packets across a network. It works
along with TCP. While it ensures delivering the packets to
the right address, TCP aligns them in the right order.
• User Datagram Protocol (UDP): Unlike TCP, UDP is a
connectionless protocol that doesn’t ensure a connection
between the application and server before transmitting a
message. It’s effective for use cases such as broadcasts or
multicast connections.
• File Transfer Protocol (FTP): Allows file sharing between
servers by establishing two TCP connections, one for data
transfer and the other for control. The data transfer
connection transfers the actual files while the control
connection transfers control information such as
passwords to ensure data retrieval in case of data loss.
• Secure File Transfer Protocol (SFTP): Helps securely
transfer files across a network by using public-key
encryption and authenticating the client and server.
• Hyper-Text Transfer Protocol Secure (HTTPS):
Overcomes the limitation of HTTP by ensuring the security
of data transmitted between the browser and server
through data encryption. HTTPS is a secure version of
HTTP.
• Secure Socket Layer (SSL): Primarily helps secure internet
connections and safeguard sensitive data using
encryption. SSL protocol enables both server-client
communication and server-server communication.
• Simple Network Management Protocol (SNMP): Helps
administrators manage network devices by monitoring
endpoint information to proactively track network
performance and pinpoint network glitches for quick
troubleshooting.
• Internet Control Message Protocol (ICMP): Helps
diagnose network connectivity issues. Network devices
employ ICMP for sending error messages, highlighting
congestion and timeouts, and transmitting other
operational information to assist in network
troubleshooting.
What Is a Network Protocol?

A network protocol is a mechanism or a set of procedures that

enables devices to communicate back and forth across the
internet. In order to communicate together, two devices must
support the same protocol or a gateway will need to be used to
translate the communication.

There are three main types of network protocols you need to be

aware of:

• Network management protocols – These protocols set

out policies designed to monitor, manage and maintain a
network. Examples include SNMP, FTP, POP3 and Telnet.
• Network communication protocols – A group of
protocols used to establish rules and formatting (such as
syntax, synchronization and semantics) for exchanging
data across a network. Types of network communication
protocols include TCP, UDP, IP, HTTP, IRC, BGP and ARP.
• Network security protocols – Security protocols are
protocols that use security measures such as cryptography
and encryption to protect data. Examples include SFTP,
SSL and HTTPS.
Network Protocol vs. Internet Protocol

While there are many different types of network protocols,

Transmission Control Protocol (TCP) is one of the most widely
used due to its ability to break down data into packets so they can
be transferred (you can read more about TCP further below).
Under the traditional TCP/IP model of networking, TCP is used
alongside the Internet Protocol (IP) to identify hosts to send data
across the internet.

Within this model, IP identifies and defines the IP address of

devices or applications that data will be forwarded to, and then
TCP routes the data through a network to guide the content to its
final destination.

Network Protocol vs. Communication Protocol

Network management and communication protocols are two of

the most important types of protocols.

Essentially, communication protocols including TCP/IP and

HTTP are designed to enable two devices to exchange data,
whereas network management protocols are designed to help
manage and troubleshoot performance.

For example, network management protocols such as Simple

Network Management Protocol (SNMP) can monitor and
troubleshoot the connection between an endpoint and the
network so that administrators can better understand the status
and availability of infrastructure.

In contrast, communication protocols are mainly concerned with

defining formatting and syntax rules to set out a framework for
two devices to exchange data with each other.

Below we’re going to look at nine types of network protocols that

empower and drive modern networking.

1. Transmission Control Protocol (TCP) A.K.A. Internet

Protocol (IP)
TCP is a protocol that converts data into packets so that it can be
sent between a server and a client. Organizations use TCP to
transfer content such as files, text, images and emails because it
guarantees that the packets will be delivered accurately and in
the correct order.

It’s worth noting that TCP will establish a connection between

the origin and the destination devices before attempting to
transfer data. This three-way handshake is outlined briefly
below:

• The client or web browser sends the destination server a

Synchronize Sequence Number (SYN).
• The destination server sends an acknowledgement message
known as SYN-ACK.
• The origin device receives the SYN-ACK message and
generates an ACK acknowledgement message, which
finalizes the connection.
2. User Datagram Protocol (UDP)

UDP is a communication protocol that’s designed to send

packets from one device to another on a network. Many
organizations use UDP as an alternative to TCP because it offers
higher transfer speeds.

While this increase in speed comes at the cost of accuracy, UDP

better supports video/audio streaming services, online games or
voice-over-internet-protocol (VoIP) calls, which can handle
some degree of data loss.

Another key difference between the two is that UDP won’t

attempt to establish a connection before sending packets on to
the destination. At the same time, it also doesn’t guarantee the
delivery of data to the other device.
3. File Transfer Protocol (FTP)

FTP is a network protocol that’s used to transfer files from one

device to another over an unencrypted TCP/IP connection. With
FTP, a user can load up a web browser or FTP client such as
FileZilla or FTP Voyager and send up to 2GB at once.

Many organizations use FTP because of its ability to send large

files or lots of files at once in a way that’s fast and efficient.
Unfortunately, this efficiency comes at the cost of security as FTP
transmits all data in plain text.

For this reason, many organizations opt to use a secure version

of FTP called File Transfer Protocol Secure Sockets Layer
(FTPS), which functions the same but uses SSL encryption to
obscure the transferred data.

4. Hypertext Transfer Protocol (HTTP)

HTTP is a communication protocol that enables systems to

communicate on the World Wide Web. With HTTP, a client will
send a hypertext message request to a web server asking for
access to the resources needed to load a web page.

The server hosting the content will then respond and enable the
client to load all the necessary text, images and videos featured
on the page. HTTP’s request-response cycle is outlined briefly
below:

• The client sends an HTTP request message to the web

server to request access to the web page content.
• The web server processes the request message.
• The web server sends a response message that includes the
requested content or web page.
 • The client receives the message and loads the content in the
web browser for the end user to view.
There is also an encrypted version of HTTP called HTTPS, which
uses SSL/TLS encryption to encrypt requests and responses so
they can’t be accessed by third parties.

5. Simple Network Management Protocol (SNMP)

SNMP is an application layer protocol that’s used to collect

management information from devices such as computers,
routers, switchers, firewalls and printers.

Network monitoring platforms often use SNMP to monitor the

performance and status of devices throughout a network in real
time.

The protocol works with an SNMP manager or software client

sending SNMP GET requests to SNMP-enabled devices.

SNMP-enabled devices each have a local SNMP agent that

collects performance data from the device and will forward this
information to the SNMP manager so that an administrator can
get a top-down view of performance and status.

6. Internet Control Message Protocol (ICMP)

ICMP is a network protocol that devices use to warn about

connectivity issues and errors. ICMP can notify devices that a
forwarded message was too long or arrived out of order, and will
issue an error message requesting that the device resend the
content.

Troubleshooting tools such as Ping send ICMP requests to a

device and measure the round-trip time, or the time it takes for
the device to respond to the request. The amount of delay in the
response can then be used to measure the quality of the
connection.

Other tools such as traceroute use ICMP to troubleshoot and

measure the efficiency of network routes, telling the user how
much time it took to traverse from one device to another.

Sometimes, cybercriminals will use the protocol as part of an

ICMP flood attack where they attempt to overwhelm a server
with illegitimate ICMP requests to take its computing resources
away from the end user.

7. Post Office Protocol (POP)

POP3 is a network protocol that enables a server to retrieve

emails from a remote server and download them to the local
device. Whenever the client connects to the server via TCP, it
automatically downloads all the new messages to it, making
them accessible to the user both online and off-line.

Email platforms like Microsoft Outlook can use POP3 to collect

email messages from remote servers via TCP/IP so that they’re
available off-line.

Under the default setting, all emails are deleted from the server
automatically once the download is complete, but the user can
also configure it to store emails on the server for a certain time
period.

8. Internet Message Access Protocol (IMAP)

IMAP is another protocol that’s used for retrieving emails. With

IMAP, whenever a user clicks on an email, it isn’t downloaded or
stored on their computer locally but remains on the remote
server, enabling the user to check their email from multiple
devices.

The main difference between IMAP and POP3 is that the latter
only allows users to download and access emails locally on the
same computer. IMAP also doesn’t automatically delete emails
from the server.

9. Simple Mail Transfer Protocol (SMTP)

SMTP is a mail delivery protocol that allows a device to send and

deploy email to a remote endpoint with a TCP connection

Unlike POP3, SMTP cannot retrieve emails from a mailbox, and

unlike POP3, it doesn’t automatically delete emails.

Bottom Line

If you’re struggling to get to grips with the different types of

network protocols, try to focus on understanding TCP/IP first, as
this is the technical foundation that many of the most important
communication protocols will use to communicate.