Routers In Business Security
Blog Credit: Trupti Thakur
Image Courtesy: Google
Overview
Routers are essentially “traffic cops” for your small business network. They keep data moving efficiently among multiple network sites as well as to your Internet service provider (ISP), and “translate” different media types and protocols. Different routers serve different types of business needs.
What is a router?
A router is a device that connects two or more packet-switched networks or subnetworks. It serves two primary functions: managing traffic between these networks by forwarding data packets to their intended IP addresses and allowing multiple devices to use the same Internet connection.
There are several types of routers, but most routers pass data between LANs (Local area networks.) and WANs (wide area networks). A LAN is a group of connected devices restricted to a specific geographic area. A LAN usually requires a single router.
A WAN, by contrast, is a large network spread out over a vast geographic area. Large organizations and companies that operate in multiple locations across the country, for instance, will need separate LANs for each location, which then connect to the other LANs to form a WAN. Because a WAN is distributed over a large area, it often necessitates multiple routers and switches*.
*A network switch forwards data packets between groups of devices in the same network, whereas a router forwards data between different networks.
What do routers do?
To keep networks up and running, routers connect computers and other devices such as printers, allowing them to “talk” to each other. They analyze the data that’s sent over networks, change how it’s packaged, and then send it to another network or over a different type of network.
How do routers help a business run smoothly?
Routers connect your business to the outside world, protect critical business information from security threats, and even decide which computers get priority over others. They can increase productivity, reduce costs, and improve security and customer service.
How do businesses use routers?
Routers manage all kinds of business communications, from data and voice to video and Wi-Fi access. How routers can help:
- Sharing business applications
Routers can help you share business applications with workers, even those in different locations, so that everyone has equal access to critical tools and can improve their productivity. Routers can also provide access to advanced applications and enable useful business services, such as IP voice and videoconferencing.
- Improving access to information
Workers need fast access to information so they can make better decisions. Routers help provide access, so workers have visibility into business data.
- Enhancing customer service
Today’s customers expect fast responses to their questions as well as personalized service. To meet these demands, businesses need responsive and reliable networks, which routers can provide.
- Reducing operating costs
Routing technology can positively impact your business’s bottom line–for example, saving money by using shared printers and servers that can be accessed by everyone on the network. With routers and a reliable network, you can grow your small business infrastructure without constantly replacing technology.
Types of routers:
Wired and wireless routers
These routers are mostly used in homes and small offices. Wired routers share data over cables and create wired local area networks (LANs), while wireless routers use antennas to share data and create wireless local area networks (WLANs).
- Edge routers
This is a wired or wireless router that distributes data packets between one or more networks but not within a network. As their name indicates, edge routers are placed at the edge or boundary of networks, and typically connect to Internet service providers (ISPs) or other organizations’ networks. Their job is to keep your network communicating smoothly with other networks.
- Core routers
These wired or wireless routers distribute data packets within networks, but not between multiple networks. They’re designed to become the backbone of your network and do the heavy lifting of data transfer, which is why they’re usually high-performance.
- Virtual routers
Unlike physical routers, virtual routers are pieces of software that allow computers and servers to operate like routers. They’ll share data packets just as physical routers do. They can offer more flexibility than physical devices since they can be scaled as the business grows; they can also help get remote offices up and running on your network more quickly.
How does a router work?
Think of a router as an air traffic controller and data packets as aircraft headed to different airports (or networks). Just as each plane has a unique destination and follows a unique route, each packet needs to be guided to its destination as efficiently as possible. In the same way that an air traffic controller ensures that planes reach their destinations without getting lost or suffering a major disruption along the way, a router helps direct data packets to their destination IP address.
In order to direct packets effectively, a router uses an internal routing table — a list of paths to various network destinations. The router reads a packet’s header to determine where it is going, then consults the routing table to figure out the most efficient path to that destination. It then forwards the packet to the next network in the path.
What is the difference between a router and a modem?
Although some Internet service providers (ISPs) may combine a router and a modem within a single device, they are not the same. Each plays a different but equally important role in connecting networks to each other and to the Internet.
A router forms networks and manages the flow of data within and between those networks, while a modem connects those networks to the Internet. Modems forge a connection to the Internet by converting signals from an ISP into a digital signal that can be interpreted by any connected device. A single device may plug into a modem in order to connect to the Internet; alternately, a router can help distribute this signal to multiple devices within an established network, allowing all of them to connect to the Internet simultaneously.
Think of it like this: If Bob has a router, but no modem, he will be able to create a LAN and send data between the devices on that network. However, he will not be able to connect that network to the Internet. Alice, on the other hand, has a modem, but no router. She will be able to connect a single device to the Internet (for example, her work laptop), but cannot distribute that Internet connection to multiple devices (say, her laptop and her smartphone). Carol, meanwhile, has a router and a modem. Using both devices, she can form a LAN with her desktop computer, tablet, and smartphone and connect them all to the Internet at the same time.
What are the different types of routers?
In order to connect a LAN to the Internet, a router first needs to communicate with a modem. There are two primary ways to do this:
- Wireless router:A wireless router uses an Ethernet cable to connect to a modem. It distributes data by converting packets from binary code into radio signals, then wirelessly broadcasts them using antennae. Wireless routers do not establish LANs; instead, they create WLANs (wireless local area networks), which connect multiple devices using wireless communication.
- Wired router:Like a wireless router, a wired router also uses an Ethernet cable to connect to a modem. It then uses separate cables to connect to one or more devices within the network, create a LAN, and link the devices within that network to the Internet.
In addition to wireless and wired routers for small LANs, there are many specialized types of routers that serve specific functions:
- Core router:Unlike the routers used within a home or small business LAN, a core router is used by large corporations and businesses that transmit a high volume of data packets within their network. Core routers operate at the “core” of a network and do not communicate with external networks.
- Edge router:While a core router exclusively manages data traffic within a large-scale network, an edge router communicates with both core routers and external networks. Edge routers live at the “edge” of a network and use the BGP (Border Gateway Protocol) to send and receive data from other LANs and WANs.
- Virtual router:A virtual router is a software application that performs the same function as a standard hardware router. It may use the Virtual Router Redundancy Protocol (VRRP) to establish primary and backup virtual routers, should one fail.
What is an SSID?
SSID stands for “service set identifier,” and it is the technical term for the name of the network that WLAN routers broadcast. SSIDs enable users to find and connect to the wireless network broadcast by the router (a properly secured router should require password entry as well). Consumer routers for WiFi networks usually have their factory-default SSID printed on the side or bottom.
What are some of the security challenges associated with routers?
Vulnerability exploits: All hardware-based routers come with automatically installed software known as firmware that helps the router perform its functions. Like any other piece of software, router firmware often contains vulnerabilities that cyber attackers can exploit (one example), and router vendors periodically issue updates to patch these vulnerabilities. For this reason, router firmware needs to be updated regularly. Unpatched routers can be compromised by attackers, enabling them to monitor traffic or use the router as part of a botnet.
DDoS attacks: Small and large organizations often are the targets of distributed denial-of-service (DDoS) attacks directed at their network infrastructure. Unmitigated network layer DDoS attacks can overwhelm routers or cause them to crash, resulting in network downtime. Cloudflare Magic Transit is one solution for protecting routers and networks from these kinds of DDoS attacks.
Administrative credentials: All routers come with a set of admin credentials for performing administrative functions. These credentials are set to default values, such as “admin” as the username and “admin” as the password. The username and password should be reset to something more secure as soon as possible: attackers are aware of the common default values for these credentials and can use them to gain control of the router remotely if they are not reset.
Blog By: Trupti Thakur