WEBVTT 1 00:00:00.000 --> 00:00:01.290 In this lesson, 2 00:00:01.290 --> 00:00:04.200 we will learn about network issues. 3 00:00:04.200 --> 00:00:06.570 Network issues include problems 4 00:00:06.570 --> 00:00:09.990 that disrupt the normal flow of network data 5 00:00:09.990 --> 00:00:14.280 and affect connectivity, performance, or security. 6 00:00:14.280 --> 00:00:15.990 Network issues include 7 00:00:15.990 --> 00:00:20.640 network access control list, or NACL, issues, 8 00:00:20.640 --> 00:00:22.140 resource exhaustion, 9 00:00:22.140 --> 00:00:27.140 and DDoS, or distributed denial of service, attacks. 10 00:00:27.180 --> 00:00:32.180 NACL issues arise when incorrectly configured rules 11 00:00:32.400 --> 00:00:35.250 allow inappropriate network traffic 12 00:00:35.250 --> 00:00:38.130 or block legitimate network traffic. 13 00:00:38.130 --> 00:00:42.180 Resource exhaustion is the depletion of critical resources 14 00:00:42.180 --> 00:00:46.050 like bandwidth, memory, or processing power. 15 00:00:46.050 --> 00:00:50.850 And DDoS, or distributed denial of service, attacks 16 00:00:50.850 --> 00:00:54.180 involve overwhelming a network or service 17 00:00:54.180 --> 00:00:57.690 with a flood of traffic from multiple sources 18 00:00:57.690 --> 00:01:00.540 with the goal of resource exhaustion 19 00:01:00.540 --> 00:01:02.790 and making the targeted services 20 00:01:02.790 --> 00:01:06.270 unavailable to legitimate users. 21 00:01:06.270 --> 00:01:07.680 Let's learn more about 22 00:01:07.680 --> 00:01:12.450 network access control list issues, resource exhaustion, 23 00:01:12.450 --> 00:01:15.840 and distributed denial of service attacks. 24 00:01:15.840 --> 00:01:17.190 First we have 25 00:01:17.190 --> 00:01:21.630 network access control list, or NACL, issues. 26 00:01:21.630 --> 00:01:25.500 A network access control list is a set of rules 27 00:01:25.500 --> 00:01:28.170 that determines what kind of traffic 28 00:01:28.170 --> 00:01:31.740 is allowed into and out of a network. 29 00:01:31.740 --> 00:01:35.550 These rules can either permit or deny traffic 30 00:01:35.550 --> 00:01:38.910 based on factors like source IP addresses, 31 00:01:38.910 --> 00:01:42.840 destination IP addresses, and protocols. 32 00:01:42.840 --> 00:01:45.240 If these rules are misconfigured, 33 00:01:45.240 --> 00:01:48.930 they may accidentally block legitimate traffic, 34 00:01:48.930 --> 00:01:53.010 which can lead to disruptions in business operations. 35 00:01:53.010 --> 00:01:57.120 For example, a misconfigured NACL 36 00:01:57.120 --> 00:01:59.850 might unintentionally block access 37 00:01:59.850 --> 00:02:02.730 to a company's internal applications 38 00:02:02.730 --> 00:02:05.880 by filtering out the IP address range 39 00:02:05.880 --> 00:02:10.590 used by a remote employee's geographical location. 40 00:02:10.590 --> 00:02:11.880 As a result, 41 00:02:11.880 --> 00:02:16.440 the employee would be unable to access internal systems 42 00:02:16.440 --> 00:02:19.320 such as the company's financial databases 43 00:02:19.320 --> 00:02:21.660 or internal email servers, 44 00:02:21.660 --> 00:02:25.500 preventing them from completing time-sensitive tasks 45 00:02:25.500 --> 00:02:29.340 and negatively impacting overall productivity. 46 00:02:29.340 --> 00:02:33.120 This type of issue usually goes unnoticed 47 00:02:33.120 --> 00:02:36.510 until it begins to affect multiple users 48 00:02:36.510 --> 00:02:38.460 or critical systems. 49 00:02:38.460 --> 00:02:41.280 Aside from blocking legitimate traffic, 50 00:02:41.280 --> 00:02:46.280 NACL issues can also result in security vulnerabilities. 51 00:02:47.070 --> 00:02:50.880 If a network access control list is too permissive, 52 00:02:50.880 --> 00:02:54.360 it may allow harmful traffic into the network, 53 00:02:54.360 --> 00:02:56.970 increasing the risk of attack. 54 00:02:56.970 --> 00:03:00.150 For instance, if rules are not properly set 55 00:03:00.150 --> 00:03:03.480 to deny unnecessary incoming traffic 56 00:03:03.480 --> 00:03:07.200 from untrusted or known bad IP addresses, 57 00:03:07.200 --> 00:03:10.200 attackers could exploit open ports 58 00:03:10.200 --> 00:03:12.420 to infiltrate the network. 59 00:03:12.420 --> 00:03:13.950 In these cases, 60 00:03:13.950 --> 00:03:18.030 NACLs that fail to properly restrict network traffic 61 00:03:18.030 --> 00:03:22.350 can leave sensitive data and systems exposed to threats 62 00:03:22.350 --> 00:03:25.650 like malware and unauthorized access. 63 00:03:25.650 --> 00:03:30.300 So, to avoid network access control list issues, 64 00:03:30.300 --> 00:03:35.040 regular auditing and fine tuning of the rules are necessary. 65 00:03:35.040 --> 00:03:39.120 Network administrators should carefully design NACLs 66 00:03:39.120 --> 00:03:42.270 to balance security and accessibility, 67 00:03:42.270 --> 00:03:45.870 ensuring that legitimate traffic flows smoothly 68 00:03:45.870 --> 00:03:50.100 while malicious or unnecessary traffic is blocked. 69 00:03:50.100 --> 00:03:53.910 Automated tools such as network monitoring systems 70 00:03:53.910 --> 00:03:58.910 like SolarWinds, Cisco Prime, or AWS CloudWatch 71 00:03:58.920 --> 00:04:02.250 can also help by monitoring network traffic 72 00:04:02.250 --> 00:04:05.610 and identifying potential configuration errors 73 00:04:05.610 --> 00:04:08.400 before they lead to serious disruptions 74 00:04:08.400 --> 00:04:10.710 or security breaches. 75 00:04:10.710 --> 00:04:14.160 Second, we have resource exhaustion. 76 00:04:14.160 --> 00:04:16.140 Resource exhaustion occurs 77 00:04:16.140 --> 00:04:18.480 when a network's critical resources 78 00:04:18.480 --> 00:04:23.130 like bandwidth, memory, or processing power are depleted, 79 00:04:23.130 --> 00:04:26.880 leading to performance issues or outages. 80 00:04:26.880 --> 00:04:28.770 In an enterprise network, 81 00:04:28.770 --> 00:04:31.740 resource exhaustion often results 82 00:04:31.740 --> 00:04:36.740 from excessive demand placed on servers or network devices. 83 00:04:36.750 --> 00:04:41.040 For example, a sudden surge in user activity 84 00:04:41.040 --> 00:04:43.230 during peak business hours 85 00:04:43.230 --> 00:04:46.590 can consume all available bandwidth, 86 00:04:46.590 --> 00:04:49.500 causing slowdowns or making services 87 00:04:49.500 --> 00:04:51.870 temporarily unavailable. 88 00:04:51.870 --> 00:04:53.790 If not managed properly, 89 00:04:53.790 --> 00:04:57.150 resource exhaustion can degrade productivity 90 00:04:57.150 --> 00:04:59.640 and customer experience. 91 00:04:59.640 --> 00:05:02.040 Along with excessive demand, 92 00:05:02.040 --> 00:05:05.010 another cause of resource exhaustion 93 00:05:05.010 --> 00:05:07.740 is inefficient resource management. 94 00:05:07.740 --> 00:05:11.640 Poorly optimized applications, outdated hardware, 95 00:05:11.640 --> 00:05:13.800 or unbalanced workloads 96 00:05:13.800 --> 00:05:17.790 can put excessive strain on network resources, 97 00:05:17.790 --> 00:05:22.410 leading to reduced performance and even system failures. 98 00:05:22.410 --> 00:05:24.990 For example, if a critical server 99 00:05:24.990 --> 00:05:27.450 is not properly load balanced, 100 00:05:27.450 --> 00:05:31.440 it may receive far more traffic than it can handle. 101 00:05:31.440 --> 00:05:34.020 This could cause the server to slow down, 102 00:05:34.020 --> 00:05:37.590 experience a high latency, or even crash, 103 00:05:37.590 --> 00:05:40.920 resulting in downtime for essential services 104 00:05:40.920 --> 00:05:45.920 like email, databases, or customer-facing applications. 105 00:05:45.930 --> 00:05:50.910 Such an outage not only disrupt normal business operations 106 00:05:50.910 --> 00:05:53.910 but can also affect user experience 107 00:05:53.910 --> 00:05:57.090 and potentially lead to revenue loss. 108 00:05:57.090 --> 00:05:59.970 So, mitigating resource exhaustion 109 00:05:59.970 --> 00:06:04.560 involves proactive monitoring and scaling resources 110 00:06:04.560 --> 00:06:06.000 based on demand. 111 00:06:06.000 --> 00:06:07.410 This can include 112 00:06:07.410 --> 00:06:11.910 dynamically adding more bandwidth, upgrading hardware, 113 00:06:11.910 --> 00:06:16.350 or optimizing applications to handle larger loads. 114 00:06:16.350 --> 00:06:20.310 Network administrators can also use load balancers 115 00:06:20.310 --> 00:06:22.590 and traffic prioritization 116 00:06:22.590 --> 00:06:26.190 to ensure critical services remain operational 117 00:06:26.190 --> 00:06:29.460 even during periods of high demand. 118 00:06:29.460 --> 00:06:31.320 Third and last, 119 00:06:31.320 --> 00:06:36.320 we have distributed denial of service, or DDoS, attacks. 120 00:06:36.840 --> 00:06:39.270 Distributed denial of service attacks 121 00:06:39.270 --> 00:06:43.170 are one of the most common forms of resource exhaustion 122 00:06:43.170 --> 00:06:45.390 in enterprise networks. 123 00:06:45.390 --> 00:06:47.760 In a DDoS attack, 124 00:06:47.760 --> 00:06:52.620 attackers flood a target with traffic from multiple sources, 125 00:06:52.620 --> 00:06:55.290 overwhelming the network's capacity 126 00:06:55.290 --> 00:06:58.530 and making it impossible for legitimate users 127 00:06:58.530 --> 00:07:00.390 to access services. 128 00:07:00.390 --> 00:07:04.470 For example, in a large-scale DDoS attack 129 00:07:04.470 --> 00:07:07.200 on an e-commerce company's website, 130 00:07:07.200 --> 00:07:10.920 millions of fake requests might be generated 131 00:07:10.920 --> 00:07:15.150 from thousands of compromised devices worldwide. 132 00:07:15.150 --> 00:07:19.140 These requests would overwhelm the website's server, 133 00:07:19.140 --> 00:07:20.850 causing slow performance 134 00:07:20.850 --> 00:07:23.940 or making the site completely unreachable 135 00:07:23.940 --> 00:07:27.660 to actual customers trying to make purchases, 136 00:07:27.660 --> 00:07:31.170 resulting in significant financial loss. 137 00:07:31.170 --> 00:07:34.470 DDoS attacks can have serious consequences 138 00:07:34.470 --> 00:07:36.390 for enterprise networks, 139 00:07:36.390 --> 00:07:38.460 including loss of revenue, 140 00:07:38.460 --> 00:07:41.760 damage to reputation and downtime. 141 00:07:41.760 --> 00:07:44.850 Attackers often target vulnerable networks 142 00:07:44.850 --> 00:07:46.890 that lack proper defenses, 143 00:07:46.890 --> 00:07:51.300 such as improperly configured network access control lists 144 00:07:51.300 --> 00:07:53.400 or outdated firewalls. 145 00:07:53.400 --> 00:07:58.170 The flood of traffic can also overwhelm network devices 146 00:07:58.170 --> 00:08:00.120 like routers and switches, 147 00:08:00.120 --> 00:08:03.390 leading to a complete network failure. 148 00:08:03.390 --> 00:08:06.420 So, preventing DDoS attacks 149 00:08:06.420 --> 00:08:09.180 involves using specialized tools 150 00:08:09.180 --> 00:08:12.480 such as DDoS mitigation services 151 00:08:12.480 --> 00:08:16.320 that can detect and filter out malicious traffic. 152 00:08:16.320 --> 00:08:19.410 Firewalls, intrusion detection systems, 153 00:08:19.410 --> 00:08:23.010 and properly configured network access control lists 154 00:08:23.010 --> 00:08:26.100 can also help block suspicious traffic 155 00:08:26.100 --> 00:08:29.070 before it reaches critical systems. 156 00:08:29.070 --> 00:08:32.370 Additionally, distributing network resources 157 00:08:32.370 --> 00:08:34.620 across multiple data centers 158 00:08:34.620 --> 00:08:38.040 can reduce the risk of a single point of failure 159 00:08:38.040 --> 00:08:41.670 during a large-scale DDoS attack. 160 00:08:41.670 --> 00:08:44.070 By implementing these measures, 161 00:08:44.070 --> 00:08:46.740 enterprises can reduce the likelihood 162 00:08:46.740 --> 00:08:49.290 of a successful DDoS attack 163 00:08:49.290 --> 00:08:51.960 and maintain network availability 164 00:08:51.960 --> 00:08:54.750 during malicious traffic surges. 165 00:08:54.750 --> 00:08:59.750 So, remember, network issues can significantly disrupt 166 00:09:00.120 --> 00:09:01.680 the flow of data, 167 00:09:01.680 --> 00:09:05.610 affecting connectivity, performance, and security 168 00:09:05.610 --> 00:09:07.710 in enterprise networks. 169 00:09:07.710 --> 00:09:10.260 Common network issues include 170 00:09:10.260 --> 00:09:15.120 network access control list problems, resource exhaustion, 171 00:09:15.120 --> 00:09:18.450 and distributed denial of service attacks. 172 00:09:18.450 --> 00:09:21.060 Network access control list issues 173 00:09:21.060 --> 00:09:23.820 occur when misconfigured rules 174 00:09:23.820 --> 00:09:26.250 either block legitimate traffic 175 00:09:26.250 --> 00:09:29.520 or allow harmful traffic to enter the network. 176 00:09:29.520 --> 00:09:34.110 Next, resource exhaustion happens when critical resources 177 00:09:34.110 --> 00:09:38.370 like bandwidth, memory, or processing power are depleted, 178 00:09:38.370 --> 00:09:41.940 causing degraded performance or outages. 179 00:09:41.940 --> 00:09:45.420 Finally, distributed denial of service attacks 180 00:09:45.420 --> 00:09:48.420 overwhelm networks with a flood of traffic 181 00:09:48.420 --> 00:09:50.370 from multiple sources, 182 00:09:50.370 --> 00:09:52.740 leading to resource exhaustion 183 00:09:52.740 --> 00:09:57.740 and making services unavailable to legitimate users.