Computer Networks

LAN vs WAN

A Local Area Network (LAN) covers a small geographical area such as a single building, school or home. The hardware in a LAN is typically owned and maintained by the organisation that uses it. LANs can use wired connections (Ethernet cables) or wireless connections (Wi-Fi) and offer high data transfer speeds with low latency because the devices are close together.

A Wide Area Network (WAN) covers a large geographical area, potentially spanning cities, countries or even continents. The internet is the largest WAN in the world. WANs rely on third-party telecommunications infrastructure such as fibre-optic cables, telephone lines and satellite links. Because data must travel much further, WANs generally have higher latency and lower speeds than LANs.

Client-server vs peer-to-peer

In a client-server network, a central server stores files, manages security and provides services to client devices. Clients send requests to the server, which processes them and returns the results. This model is used in most schools and businesses because it allows centralised management, easier backups and better security. However, if the server fails, the whole network can be disrupted, and servers are expensive to purchase and maintain.

In a peer-to-peer (P2P) network, all devices have equal status and can act as both clients and servers. Each device stores its own files and shares resources directly with other devices. P2P networks are cheaper to set up because they do not require a dedicated server, making them suitable for small networks like home setups. However, they are harder to manage as the network grows, security is weaker because there is no central control, and if one device is switched off, its files become unavailable.

Protocols

TCP/IP

TCP/IP (Transmission Control Protocol / Internet Protocol) is the fundamental protocol suite used for communication on the internet. It works in layers. IP is responsible for addressing and routing packets of data to the correct destination using IP addresses. TCP breaks data into packets, numbers them, sends them across the network, and reassembles them in the correct order at the destination. If any packets are lost or corrupted, TCP requests retransmission, ensuring reliable data delivery.

DNS

The Domain Name System (DNS) acts like a phonebook for the internet. When you type a web address such as www.google.com into a browser, your device sends a request to a DNS server, which looks up the corresponding IP address (for example, 142.250.187.46) and returns it. Your device then uses this IP address to connect to the correct web server. Without DNS, users would need to remember numerical IP addresses for every website they visit.

HTTP and HTTPS

HTTP (Hypertext Transfer Protocol) is the protocol used for transferring web pages across the internet. When you visit a website, your browser sends an HTTP request to the web server, which responds with the HTML content of the page. HTTPS is the secure version of HTTP. It encrypts data using TLS (Transport Layer Security), preventing attackers from intercepting sensitive information such as passwords, credit card numbers or personal details. You can tell a website uses HTTPS by the padlock icon in the browser address bar.

Network hardware

A router directs data packets between different networks. It reads the destination IP address of each packet and forwards it along the most efficient route. Your home router connects your LAN to the internet (a WAN). A switch connects devices within a LAN. It reads the MAC address of incoming data frames and forwards them only to the correct device, rather than broadcasting to all devices, which makes the network more efficient. A wireless access point (WAP) allows wireless devices to connect to a wired network using Wi-Fi. A network interface card (NIC) is the hardware component inside a device that allows it to connect to a network, either via Ethernet or Wi-Fi.

Network security

Firewalls

A firewall monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a set of security rules. It acts as a barrier between a trusted internal network and untrusted external networks such as the internet. Firewalls can be hardware-based (a physical device) or software-based (a program running on a computer). They help prevent unauthorised access and can block malicious traffic.

Encryption

Encryption converts plaintext data into unreadable ciphertext using an algorithm and a key. Only someone with the correct decryption key can convert it back to readable form. Encryption protects data both in transit (when being sent across a network) and at rest (when stored on a device). HTTPS uses encryption to secure web communications. If an attacker intercepts encrypted data, they cannot read it without the key.

Authentication

Authentication is the process of verifying that a user is who they claim to be. The most common method is a username and password combination, but stronger security uses multi-factor authentication (MFA), which combines something you know (password), something you have (a phone or security key) and something you are (biometric data like a fingerprint). Strong authentication helps prevent unauthorised access even if a password is compromised.