Data Communications and Networking 4: SDN, Cisco ACI, QoS, WAN & Network Security Guide

A complete visual guide to Data Communications and Networking 4 covering SDN and Cisco ACI, QoS queuing, WAN technologies, and enterprise network security conc

Data Communications and Networking 4 often focuses on modern enterprise networking—where networks must be faster, more flexible, and more secure than ever. Today’s infrastructures are expected to support cloud services, VoIP, video conferencing, mobile access, and a growing number of connected “things” through IoT. That’s why this topic typically combines concepts like SDN (Software-Defined Networking), Cisco ACI, QoS, WAN protocols, and security controls (ACLs, SNMP hardening, DHCP protection, and mitigation techniques).

This article is structured like a reviewer: it explains the concepts in simple terms, highlights the key points you’re expected to remember for exams, and includes a FAQ section and schema for rich results.

Jump to section

1. SDN & Cisco ACI Fundamentals
2. IoT & M2M Connections
3. QoS: Models, Classification, Marking, Queuing
4. Network Security: VLAN, MAC, DHCP, Telnet, SNMP
5. WAN Essentials: PPP, HDLC, VPN, GRE, BGP
6. Troubleshooting & Network Baselines
7. Internal Links (Cybersecurity Posts)
8. FAQ (Schema Section)
9. Final Thoughts

SDN & Cisco ACI Fundamentals

Traditional networks often rely on distributed control—each device makes decisions based on its own configuration and routing tables. Software-Defined Networking (SDN) changes that approach by separating the network into distinct planes and enabling centralized control. In SDN, policies can be managed more consistently across the network, and automation becomes much easier.

Exam memory tip: SDN is about separation of roles: Control Plane decides where traffic should go, while the Data Plane forwards packets based on those decisions.

Control Plane vs Data Plane

• Control Plane — often called the “brains” of the device. It builds the routing/forwarding decisions.
• Data Plane — also called the forwarding plane. It moves packets through the switch fabric between ports.

Network traffic management in SDN

Many SDN implementations use a controller-based approach where forwarding decisions can be programmed into switches. A widely known SDN traffic management technology is OpenFlow, which is used to communicate forwarding rules to network devices.

Cisco ACI (Application Centric Infrastructure)

Cisco Application Centric Infrastructure (ACI) is a purpose-built solution for integrating data center networking with automation and policy-based management. ACI is commonly described as “application-centric” because it focuses on what applications need (policies) rather than only configuring each device manually.

In Cisco ACI architecture, the Application Policy Infrastructure Controller (APIC) is considered the “brains” because it is the centralized controller that defines and pushes policies into the fabric.

Spine-Leaf Topology in Cisco ACI Fabric

Cisco ACI uses a two-tier spine-leaf fabric design. A core characteristic of this design is:

• Leaf switches always attach to spine switches, but leaf switches do not attach to each other.

Application Network Profile (ANP)

In ACI, an Application Network Profile (ANP) is a collection of endpoint groups (EPGs), their connections, and the policies that define those connections. In simple terms: ANP describes how different parts of an application are allowed to communicate.

A common hardware platform used in ACI deployments is the Cisco Nexus 9000 Series, which provides an application-aware switching fabric and works with APIC to manage both physical and virtual infrastructure.

IoT & M2M Connections

The Internet of Things (IoT) refers to billions of physical objects connected to the internet—devices that collect data, share it, and sometimes trigger actions. IoT overlaps with the concept of Machine-to-Machine (M2M), where devices communicate without direct human interaction.

M2M example to remember: a sensor in a garbage can signals that it’s full and sends data to a GPS mapping system so the sanitation truck can adjust routes.

IoT growth also introduces challenges: more devices means more endpoints to secure, more data to manage, and higher bandwidth requirements. It’s one reason why newer architectures like SDN and edge/fog computing have become important.

Fog Computing

Fog computing is a model where services are hosted closer to where they are used—at the network edge or near end devices. This reduces latency and improves efficiency for real-time IoT workloads.

Quality of Service: Models, Classification, Marking, and Queuing

Modern networks carry different types of traffic—voice calls, video streaming, business applications, and bulk data transfers. Not all traffic is equal: voice and video are sensitive to delay (latency) and jitter, while file downloads can tolerate delays. Quality of Service (QoS) is the set of techniques that help networks prioritize critical traffic so performance stays acceptable.

When does congestion occur?

Congestion happens when the bandwidth demand exceeds the available bandwidth. When buffers fill, devices start dropping packets—often impacting real-time applications first.

What happens when the queue is full?

When the memory queue of a device fills and new traffic arrives, the device will drop the arriving packets. This is why queue management and prioritization matter.

QoS Models: Best-Effort, IntServ, DiffServ

• Best-effort — the simplest model; no guaranteed priority and no built-in classification mechanism.
• IntServ (Integrated Services) — provides end-to-end QoS by explicitly managing resources for specific flows (microflows). If a path can’t support the QoS request, traffic is not forwarded with that reservation.
• DiffServ (Differentiated Services) — scalable QoS approach using classification and marking to apply behaviors to groups of traffic.

Key QoS tools: Classification decides what traffic is what. Marking adds a value to the packet header so devices know what policy to apply.

Classification and Marking

Classification groups traffic based on criteria like protocols, ACLs, and interfaces. Marking adds a value to the packet header (Layer 2 or Layer 3) to indicate QoS treatment.

Queuing Methods

Queuing decides how packets are buffered and sent when congestion occurs. These are common terms you’ll see in exams:

• FIFO (First In, First Out) — also known as first-come, first-served (FCFS). Packets are forwarded in the order received.
• WFQ (Weighted Fair Queuing) — automated scheduling that provides fair bandwidth allocation across flows, often classified using header fields like ToS.
• CBWFQ (Class-Based WFQ) — extends WFQ by allowing user-defined traffic classes, each with a queue.
• LLQ (Low Latency Queuing) — adds a strict priority queue to CBWFQ for delay-sensitive traffic.

In LLQ, Cisco recommends putting voice traffic into the strict priority queue because voice is extremely delay-sensitive.

CoS Marking Levels

Class of Service (CoS) marking on frames provides 8 levels of priority (0–7).

Network Security: VLAN, MAC, DHCP, Telnet, SNMP, and Monitoring

Networking isn’t only about connectivity—security is equally important. Attacks often target Layer 2 weaknesses, misconfigurations, and management services. The best defense is understanding common threats and applying appropriate mitigations.

Layer 2 Attacks and Mitigations

• MAC address table flooding — mitigated using port security.
• VLAN attacks — controlled by disabling DTP and following trunk-port hardening guidelines.

DHCP Attacks

DHCP attacks are common because DHCP controls IP configuration for hosts.

• DHCP spoofing attack — attacker runs a fake DHCP server to give clients false IP settings.
• DHCP starvation attack — attacker floods DHCP with requests and consumes all IP leases.
• DHCP snooping — mitigation technique that prevents rogue DHCP servers from issuing false parameters.

Telnet Attacks

• Brute Force Password Attack — attacker tries common passwords/dictionary variations to guess admin credentials.
• Telnet DoS Attack — attacker repeatedly requests Telnet connections to render Telnet service unavailable.

For a DoS attack creating a switch buffer overflow, a strong mitigation plan is to place unused ports in an unused VLAN (and keep them shutdown). This reduces exposure and unnecessary attack surface.

SNMP Essentials

Simple Network Management Protocol (SNMP) enables monitoring and managing network devices. An SNMP management agent is software installed on devices that are managed via SNMP.

To restrict SNMP access to a specific manager, use an ACL and reference it with the snmp-server community command. SNMP is configured in global configuration mode.

SPAN / RSPAN Monitoring

SPAN (Switched Port Analyzer) is a port mirroring feature that copies frames from a source port to a destination port on the same switch. RSPAN (Remote SPAN) allows source and destination ports to be in different switches.

• Ingress traffic — traffic entering the switch.
• Egress traffic — traffic leaving the switch.
• Source SPAN Port — the monitored source port.

A default Cisco service that can reveal information and increase attack surface is CDP (Cisco Discovery Protocol), which is enabled by default.

WAN Essentials: PPP, HDLC, VPN, GRE, and BGP

A Wide Area Network (WAN) connects networks across large geographic areas. WAN providers include carriers such as telephone networks and satellite services. Unlike LANs, WAN links are often leased or delivered via service provider infrastructure.

Leased Lines

A major disadvantage of leased lines is high cost, even though they can provide stable performance.

HDLC and PPP Encapsulation

HDLC is the default encapsulation on point-to-point links when two Cisco devices are used. PPP is a WAN protocol that supports router-to-router and host-to-network connections over synchronous and asynchronous circuits.

When switching encapsulation from HDLC to PPP, an added capability is authentication.

PPP Control Protocols: LCP and NCP

PPP uses:

• LCP (Link Control Protocol) — establishes the link and negotiates configuration options at Layer 2.
• NCP (Network Control Protocol) — completes configuration for the network layer protocol being used (Layer 3).

PPP Authentication

PPP authentication happens at OSI Layer 2. For authentication and protection from playback attacks, PPP can use CHAP.

PPPoE

PPPoE allows ISPs to send PPP frames over DSL networks.

VPN and GRE

A VPN provides security using encrypted tunnels over internet connections. A site-to-site VPN is created when devices on both sides are aware of the VPN configuration in advance.

GRE is a basic, non-secure tunneling protocol (without built-in encryption). A key advantage of GRE is support for IP multicast tunneling. GRE tunnels can be verified with show interface tunnel.

BGP Basics

BGP uses TCP port 179. External BGP (eBGP) is used between routers in different autonomous systems, while Internal BGP (iBGP) is used between routers within the same AS.

WAN Fiber Transmission

Service providers use fiber optic for SONET, SDH, and DWDM WAN transport.

Remote Connectivity Example

For extremely remote locations without land-based internet, satellite internet is often the most suitable public WAN technology.

Troubleshooting & Network Baselines

Effective troubleshooting isn’t guessing—it’s structured. One best practice is creating a network performance baseline by measuring network operations at the same time each day across a set period of average working days. This helps establish typical traffic patterns.

A powerful Cisco command that runs multiple show commands and generates detailed troubleshooting output is show tech-support. For cable issues, a cable tester can help identify faults, and network topology diagrams help track device locations and status.

For network performance measurement between multiple locations, IP SLA sends simulated traffic and measures results like delay, jitter, and loss.

Related Cybersecurity Guides (Internal Links)

Strong networks need strong security. Continue learning with these TechPC Mug guides:

• Phishing Prevention in 2026 — stop fake login pages and account takeovers.
• Ransomware Protection Guide — protect backups and critical files.
• Best Antivirus Software in 2026 — stronger endpoint security.
• Best Password Managers in 2026 — unique passwords and MFA readiness.
• Top VPNs for Security in 2026 — safer browsing on public Wi-Fi.

FAQ (Schema Section)

What is the role of APIC in Cisco ACI?

The Application Policy Infrastructure Controller (APIC) is the centralized controller of Cisco ACI. It defines and pushes policies to the fabric and is considered the “brains” of the architecture.

What is the key spine-leaf characteristic in Cisco ACI?

Leaf switches always connect to spine switches, but leaf switches do not connect directly to other leaf switches.

Which traffic should be placed in the LLQ strict priority queue?

Cisco recommends placing voice traffic in the strict priority queue because it is highly sensitive to delay and jitter.

What is DHCP snooping used for?

DHCP snooping helps prevent rogue DHCP servers from providing false IP configuration parameters and mitigates common DHCP-based attacks.

What TCP port does BGP use?

BGP uses TCP port 179 to exchange routing messages between routers.

Final Thoughts

Data Communications and Networking 4 connects modern networking (SDN and Cisco ACI), traffic engineering (QoS), WAN connectivity (PPP/HDLC/VPN/GRE/BGP), and essential security controls (DHCP snooping, port security, VLAN hardening, SNMP restriction). If you focus on the “why” behind each concept—policy-based control, prioritization under congestion, secure management, and scalable WAN design—you’ll be ready for exams and real-world networking tasks.