Basic concept(TCP vs UDP), trust & untrust network, firewall, route, gateway, protocols.

What is TCP?

TCP is a transport layer protocol in the Internet Protocol Suite (TCP/IP). It ensures reliable communication between two devices over a network.

Key Features

• Connection-oriented: Before data transfer, TCP establishes a connection using a 3-way handshake (SYN → SYN-ACK → ACK).

• Reliable delivery: Ensures all packets reach the destination, in the correct order.

• Error checking: Uses checksums to detect corrupted data.

• Flow control: Prevents overwhelming the receiver by adjusting the data rate.

• Congestion control: Manages traffic to avoid network overload.

What is UDP?

UDP stands for User Datagram Protocol. It is a connectionless transport layer protocol used to send data quickly without establishing a formal connection between sender and receiver.

🧩 Key Characteristics

• Connectionless: No handshake or session setup — data is sent directly.

• Unreliable: No guarantee that packets will arrive or arrive in order.

• Fast and lightweight: Minimal overhead, ideal for real-time applications.

• No acknowledgment (ACK): Sender doesn’t wait for confirmation of delivery.

• No retransmission: Lost packets are not resent.

🌐 What Is a Trusted Network?

A trusted network is an internal or private environment where devices, users, and data are considered secure and controlled. It’s typically managed by an organization and protected by security policies.

🔒 Characteristics

• Controlled access (authenticated users only)

• Managed by internal IT or cloud administrators

• Protected by firewalls, encryption, and monitoring tools

• Uses private IP ranges (RFC 1918: 10.x.x.x, 172.16.x.x, 192.168.x.x)

• Example: Corporate LAN, private subnet in a cloud VCN (Virtual Cloud Network)

🧠 Example in Cloud (OCI)

• Private Subnet → Hosts backend servers, databases, or internal apps.

• Security Lists / NSGs → Define inbound/outbound rules for trusted communication.

• NAT Gateway → Allows outbound internet access without exposing internal IPs.

🌍 What Is an Untrusted Network?

An untrusted network is any external or public environment where traffic cannot be guaranteed safe.

It’s outside the organization’s control and may contain malicious users or devices.

⚠️ Characteristics

• Open access (anyone can connect)

• No guaranteed security or authentication

• High risk of attacks (malware, phishing, DDoS)

• Example: The Internet, public Wi-Fi, external partner networks

🧠 Example in Cloud (OCI)

• Internet Gateway (IGW) → Connects your VCN to the public internet.

• Public Subnet → Hosts web servers or load balancers accessible from the internet.

• Firewall Rules → Restrict inbound traffic from untrusted sources.

Firewall

A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined rules. It acts as a barrier between a trusted internal network and an untrusted external network (like the internet), protecting computers and servers from unauthorized access, malware, and cyberattacks.

In General Ways

A firewall is essentially a gatekeeper for your network. It decides which traffic is allowed in or out based on rules you define, protecting systems from unauthorized access or malicious activity. Think of it as a security guard standing at the entrance of your cloud or on-premises environment.

🔒 How Firewalls Work

• Rule-based filtering: Allow or block traffic based on IP addresses, ports, and protocols.

• Stateful inspection: Tracks ongoing connections to ensure only valid traffic continues.

• Application-level control: Advanced firewalls can inspect traffic deeply (e.g., block specific websites or applications).

• Default stance: Usually "deny all, allow specific" for maximum security.

🚦 Route

A route tells network traffic where to go. It’s like a GPS map for packets.

In OCI:

Routes are defined in Route Tables attached to subnets.

Example: If a VM in a private subnet wants to reach the internet, the route table might say: 0.0.0.0/0 → NAT Gateway
meaning “all traffic destined anywhere goes through the NAT Gateway.”

Purpose: Ensures traffic flows correctly between subnets, gateways, and external networks.

🛣 Gateway Definition: A gateway is the exit/entry point between networks. It connects your private network to other networks (like the internet or on-premises).

Types in OCI:

Internet Gateway: Allows public subnets to talk to the internet.

NAT Gateway: Lets private subnets initiate outbound connections to the internet (but blocks inbound).

Service Gateway: Connects to OCI services (like Object Storage) without using the internet.

Dynamic Routing Gateway (DRG): Connects your VCN to on-premises or other VCNs.

Purpose: Gateways act as bridges between different network domains.

📡 Protocol Definition: A protocol is a set of rules for communication between devices.

Examples:

TCP (Transmission Control Protocol): Reliable, connection-oriented (used for web, email).

UDP (User Datagram Protocol): Fast, connectionless (used for streaming, DNS).

ICMP (Internet Control Message Protocol): Used for diagnostics (like ping).

In OCI:

When you define firewall rules (Security Lists or NSGs), you specify protocols (e.g., allow TCP on port 22 for SSH).

🔗 How They Work Together in OCI Imagine a VM in a private subnet wants to access a website:

Protocol: The VM uses TCP to request a web page (port 443 for HTTPS).

Route: The route table says “send traffic to NAT Gateway.”

Gateway: The NAT Gateway forwards traffic to the internet.

Firewall Rules: Security lists/NSGs allow outbound TCP traffic on port 443.

Response: The website’s response follows the same path back.