A computer network, also referred to as a data network, is a series of interconnected nodes that can transmit, receive and exchange data, voice and video traffic. Network devices use a variety of protocols and algorithms to specify exactly how endpoints should transmit and receive data. For example, the Ethernet standard establishes a common language for wired networks to communicate, and the 802.11 standard does the same for wireless local area networks (WLANs).
All packet switched networks use TCP/IP to establish a standard means of communication. Each endpoint in a network has a unique identifier which is used to indicate the source or destination of the transmission. Identifiers include the node's IP address or Media Access Control (MAC) address. Endpoint nodes include switches and routers, servers, personal computers, phones, networked printers and other peripheral computing devices, as well as sensors and actuators.
A network's capacity is how much traffic the network can support at any one time while still meeting service level agreements (SLAs). Network capacity is measured in terms of bandwidth. Bandwidth is quantified by the theoretical maximum number of bits per second that can pass through a network device. Throughput is a measure of the actual speed of a successful transmission after accounting for factors like latency, processing power and protocol overhead.
Types of computer networks
Networks are often categorized by the wired or wireless transmission medium they support, as well as the scope of their domains. For example, local area networks (LANs) interconnect endpoints in a single domain. In contrast, wide area networks interconnect multiple LANs. Networks may also be divided into subnetworks, also called subnets.
Other types of computer networks include personal area networks (PANs), wireless local area networks (WLANs), campus area networks (CANs), virtual private networks (VPNs) and passive optical networks (PONs).
Networks can be public or private. While anyone can access the public internet, access to private and virtually private networks requires the end user to be assigned access credentials.
In the enterprise, network access control systems typically use security policies to control access to the organization's network. This means that network devices are not allowed to connect unless they meet a pre-defined business policy, which is enforced by network access control products. When deployed, network access control systems immediately discover all the devices connected to a network, categorize them by type and then react to them based on pre-configured compliance rules implemented by the organization's security team.
NAC products enable device access to a network based on a specific, per device basis, with granular controls over what type and level of access is allowed. These controls are delivered by policies that are defined in a central control system. Most network access control systems can also integrate with Active Directory in order to control network access based on group policy, ensuring users only have the network access required to fulfill their jobs.
Network topology vs. network fabric
A network topology is the physical or logical structure of a network. The term network fabric describes the way each topology creates a particular type of criss-cross pattern of connections. Common topologies and their fabrics include:
- Full mesh networks - all nodes are connected to each other and can exchange data.
- Partial mesh networks - some nodes are connected to each other in a full mesh scheme, but others are only connected to one or two other nodes in the network.
- Point to point networks - network connectivity is limited to two endpoints.
- Star network - all network nodes are connected to a common central computer.
- Tree network - two or more star networks are connected together.
- Bus - network devices are attached directly to a transmission line. All signals pass through all devices, but each device has a unique identity and recognizes signals intended for it.