2. Types of Networks

You've got the mental model down. Now, let's talk about the physical and logical boundaries of these networks. Not all networks are built the same size!

2a. Local and Wide Area Networks

One-line definition: LANs are small, private networks in one building, while WANs connect many LANs across huge distances.

Why it exists: We need different technologies to send data 10 feet (fast/cheap) versus 1,000 miles (complex/expensive).

Break into components:

  • LAN (Local Area Network): High speed, low cost, small area.
  • WAN (Wide Area Network): Lower speed, high cost, massive area.
  • The Gateway: The point where your LAN meets the WAN.
2a-i. LAN (Home/Office) â–¼

Definition: A network restricted to a small geographic area like a single house, office, or floor.

Analogy: Like a Walkie-Talkie system in a house. It's free to use and super fast, but you can't talk to someone in another state with it.

How it works:

  1. Devices connect to a central switch or Wi-Fi router.
  2. Data moves through Ethernet cables or radio waves.
  3. Everything is managed by one person or company (You or your IT dept).
2a-ii. WAN (The Internet) â–¼

Definition: A network that covers a large geographic area, often connecting multiple LANs.

Analogy: Like the Global Shipping System. It uses ships, planes, and trucks to connect small local warehouses across the world.

How it works:

  1. LANs connect to an ISP (Internet Service Provider).
  2. The ISP uses long-distance fiber optic cables or satellites.
  3. Routers determine the best path across the globe to deliver your data.

Why this matters:

Inside a LAN, we often "trust" devices more (bad idea, but common). In a WAN, you trust nothing because the data is passing through cables owned by people you don't know.

Two Real Examples:

Example 1 (Basic): Your home Wi-Fi is a LAN. You can cast a YouTube video from your phone to your TV instantly. But to get that video from YouTube's servers in California to your house in New York, the data has to travel across the WAN (The Internet).

Example 2 (Cybersecurity): An attacker uses ARP Spoofing (a common attack) to intercept traffic. This attack usually only works on a LAN because you need to be on the same local "segment." However, if they want to steal data from a server on the other side of the world, they have to use WAN-based attacks like BGP Hijacking or targeting public-facing IP addresses.

Did you understand 2a?

2b. MAN and PAN

One-line definition: MANs cover cities, while PANs cover the space immediately around your body.

Why it exists: Because sometimes a LAN is too small, but a WAN is overkill; or you just need your watch to talk to your phone.

Break into components:

  • MAN (Metropolitan Area Network): City-wide connectivity.
  • PAN (Personal Area Network): Your personal "bubble."
  • Range: The physical distance the signal can travel.
2b-i. MAN (City-wide) â–¼

Definition: A network that connects users with computer resources in a geographic area larger than a LAN but smaller than a WAN.

Analogy: Like a City Bus Route. It doesn't go across the country, but it covers every major neighborhood in your town.

How it works:

  1. Multiple buildings (like university campuses or city offices) are linked.
  2. They usually use high-speed fiber optic cables buried under city streets.
  3. It acts as a high-speed "backbone" for the local area.
2b-ii. PAN (Bluetooth/Personal) â–¼

Definition: The smallest network, usually centered around an individual person and their devices.

Analogy: Like your Circle of Friends. Only people standing right next to you can hear your conversation.

How it works:

  1. Uses short-range wireless tech like Bluetooth or Zigbee.
  2. Devices "pair" with each other (e.g., phone to headphones).
  3. The range is typically less than 10 meters (30 feet).

Why this matters:

In cybersecurity, we call this the "Attack Surface." A PAN is hard to hack from another country, but easy for someone sitting next to you at Starbucks. A MAN is a prime target for "Infrastructure Attacks" that could take down a whole city's traffic light system.

Two Real Examples:

Example 1 (Basic): When you use Apple AirDrop to send a photo to a friend standing next to you, you are using a PAN. When a college campus links all its separate dorms and labs together so students can access the library from anywhere on campus, that’s a MAN.

Example 2 (Cybersecurity): An attacker uses Bluebugging to take control of a victim's phone. Because this is a PAN attack, the hacker has to be physically close to the victim (like in a crowded mall). On the flip side, if a hacker targets a city's "Smart Grid" (a MAN), they could potentially cause a blackout for thousands of people by exploiting one weak link in the city's fiber backbone.

Did you understand 2b?

2c. Network Access Control

One-line definition: This is the "ID check" that determines if a network is private, shared, or completely public.

Why it exists: Companies need a way to share secret files internally without the entire internet seeing them.

Break into components:

  • Intranet: Private, employees only.
  • Extranet: Semi-private, trusted partners only.
  • Internet: Public, everyone is invited.
2c-i. Intranet (Private) â–¼

Definition: A private network accessible only to an organization's staff.

Analogy: Like a Staff-Only Lounge in a restaurant. Customers can't see it, and you need a keycard to get through the door.

How it works:

  1. The network is physically or logically walled off from the outside.
  2. Users must be on-site or use a VPN (Virtual Private Network) to enter.
  3. It hosts sensitive stuff like payroll, internal wikis, and HR tools.
2c-ii. Extranet (Shared private) â–¼

Definition: An intranet that can be partially accessed by authorized outsiders (vendors, partners, customers).

Analogy: Like a VIP Backstage Pass. You aren't "in the band" (the company), but you're allowed in certain areas to do your job (like a caterer).

How it works:

  1. A "tunnel" or specific login is created for a partner company.
  2. Access is strictly limited to only the resources they need.
  3. It allows two different companies to collaborate without merging their whole networks.

Why this matters:

Hackers love "Privilege Escalation." They try to move from the Internet (public) into the Extranet (as a fake vendor), and finally into the Intranet (where the gold is).

Two Real Examples:

Example 1 (Basic): You work at a bank. You use the Intranet to check your coworkers' schedules. To order new pens, you log into an Extranet shared with Office Depot. To check the weather, you go to the Internet.

Example 2 (Cybersecurity): Remember the Target Hack? Attackers didn't hack Target directly. They hacked an HVAC (Air Conditioning) company that had Extranet access to Target’s network to monitor their fridges. Once the hackers were in the Extranet, they "hopped" over the fence into Target’s internal Intranet to steal credit card data.

Recap of Section 2: Types of Networks

  • LAN is your home/office; WAN is the whole world (Internet).
  • MAN is city-wide; PAN is your personal bubble (Bluetooth).
  • Intranet is "Staff Only"; Extranet is for trusted partners; Internet is for everyone.

Practical Uses

  • Asset Management: Knowing which devices are on your LAN so you can secure them.
  • Boundary Protection: Setting up "Bouncers" (Firewalls) between your Intranet and the Internet.

Real-World Connection

Most modern companies use a Zero Trust model. They treat their Intranet as if it were the Internet, assuming that a "bad guy" might already be inside the building.

Sources & References

  • ISO/IEC 27001: Information security management standards (Network security controls).
  • NIST SP 800-82: Guide to Industrial Control Systems (ICS) Security (covers MAN/Infrastructure).
  • Target Breach Case Study: A classic example of Extranet-to-Intranet lateral movement.

Did you understand Section 2? Ready to move to "Network Topologies"?