Network

/ˌɛm.kjuːˌtiːˈtiː/

noun — "lightweight messaging protocol for IoT devices."

MQTT , short for Message Queuing Telemetry Transport, is a lightweight, publish-subscribe messaging protocol optimized for constrained devices and low-bandwidth, high-latency, or unreliable networks. It enables efficient, asynchronous communication between clients and brokers, making it widely used in Internet of Things (IoT) applications.

Technically, MQTT operates over TCP/IP and defines three types of Quality of Service (QoS) levels: at-most-once, at-least-once, and exactly-once. Messages are published to topics, and subscribers receive messages from topics they are interested in. The protocol uses a small header (just 2 bytes for most messages), minimizing overhead and allowing reliable messaging even on limited hardware.

An MQTT system consists of clients (publishers and subscribers) and a broker. Publishers send messages to topics on the broker, which manages delivery to subscribers. The broker can retain messages for new subscribers, support persistent sessions, and handle thousands of concurrent connections efficiently.

In workflow terms, a temperature sensor in a smart home might publish readings to a topic named home/temperature. Multiple subscribers, such as a monitoring dashboard, an alerting system, or a logging service, receive the readings independently and in near real-time. Publishers and subscribers are decoupled, allowing each component to scale or fail without impacting the others.

Conceptually, MQTT is a minimalist switchboard for device-to-device messaging, designed to keep communication reliable, low-overhead, and asynchronous across large networks of sensors and actuators.

See Pub/Sub, Streaming, Kafka.

/pɒn/

noun — "one fiber, many users, no powered middlemen."

PON, short for Passive Optical Networking, is a fiber-optic access architecture that delivers broadband services using only passive components between the service provider and end users. Instead of active electronics in the field, a single optical fiber is split to serve multiple customers, reducing cost, power usage, and maintenance complexity.

Technically, PON uses point-to-multipoint topology, where downstream data is broadcast to all connected endpoints and upstream data is time-shared. It is a foundational technology for FTTH deployments, connecting the provider’s central office directly to customer premises equipment (CPE) over optical fiber. Because the distribution network contains no active electronics, reliability is high and signal degradation is minimal.

Different PON standards define speed, reach, and capacity, but all share the same core advantages: high Bandwidth, low Latency, and long service life. Performance upgrades typically require only endpoint equipment changes rather than new cabling, making PON highly scalable.

Key characteristics of PON include:

• Passive infrastructure: no powered equipment between provider and user.
• Point-to-multipoint: one fiber serves many subscribers.
• High bandwidth: supports gigabit and multi-gigabit services.
• Low latency: ideal for real-time applications.
• Scalability: capacity increases via standards and optics upgrades.

In practice, PON underpins modern residential and business fiber rollouts, enabling high-speed Internet, IPTV, and voice services with minimal field equipment. Once installed, the passive fiber plant can remain in service for decades.

Conceptually, PON is like a silent tree of glass: one trunk, many branches, and nothing in the middle that needs power.

See FTTH, Bandwidth, Latency, CPE.

/ˈleɪ.tən.si/

noun — "the wait time between asking and getting."

Latency is the amount of time it takes for data to travel from a source to a destination across a network. It measures delay rather than capacity, and directly affects how responsive applications feel, especially in real-time systems such as voice, video, and interactive services.

Technically, Latency is usually measured in milliseconds (ms) and is influenced by propagation delay, processing delay, queuing delay, and transmission delay. It plays a critical role in IP-based networks, wide-area links (WAN), and transport protocols like TCP. Even with high Bandwidth, poor latency can make a network feel slow or unresponsive.

Network mechanisms such as QoS can reduce the impact of latency by prioritizing time-sensitive traffic, but they cannot eliminate physical limits like distance or speed-of-light constraints. This is why latency is typically lower in local networks than across global Internet paths.

Key characteristics of Latency include:

• Time-based metric: measures delay, not data volume.
• Distance-sensitive: increases with physical and logical path length.
• Critical for real-time traffic: voice, gaming, and video are highly sensitive.
• Independent of bandwidth: high throughput does not guarantee low latency.
• Cumulative: each network hop adds delay.

In real-world use, low latency is essential for online gaming, VoIP calls, financial trading, and industrial control systems. High latency may still allow large file transfers, but it degrades interactive experiences where immediate feedback matters.

Conceptually, Latency is the pause between pressing a doorbell and hearing it ring inside.

See Bandwidth, QoS, WAN, TCP.

/ˌɛf.tiː.tiːˈeɪtʃ/

noun — "fiber all the way, no copper excuses."

FTTH, short for Fiber to the Home, is a broadband access architecture in which optical fiber runs directly from a service provider’s core network to an individual residence or business. Unlike hybrid fiber deployments, FTTH eliminates copper entirely in the last mile, delivering data purely over fiber from end to end.

At a technical level, FTTH uses optical transmission from the provider’s central office to customer premises equipment (CPE). Most modern deployments rely on passive optical networking (PON), where a single fiber is split optically to serve multiple customers without powered equipment in between. Common standards include GPON, XGS-PON, and 10G-PON, each increasing available bandwidth.

Because fiber transmits data using light rather than electrical signals, FTTH offers extremely high throughput, low latency, and strong resistance to electromagnetic interference. Performance is largely independent of distance within typical neighborhood ranges, a sharp contrast to copper-based technologies where speed drops as line length increases.

Key characteristics of FTTH include:

• End-to-end fiber: no copper in the access path.
• High bandwidth: symmetrical gigabit speeds are common.
• Low latency: ideal for real-time applications.
• Future-proofing: capacity increases via equipment upgrades, not new cabling.
• High reliability: minimal signal degradation over distance.

In practice, FTTH is favored for dense urban builds, new housing developments, and long-term infrastructure investment. While initial deployment costs are higher than hybrid solutions, operational costs are lower and scalability is far greater. Once fiber is in the ground, upgrading service often means swapping optics rather than replacing physical cables.

Conceptually, FTTH removes the weakest link entirely. There is no “last-mile compromise” because the last mile is the same medium as the backbone.

Intuition anchor: FTTH is what happens when the network stops apologizing.

See FTTC, PON, Bandwidth, Latency.

/ˌɛf.tiː.tiːˈsiː/

noun — "fiber close enough to make copper feel fast again."

FTTC, short for Fiber to the Cabinet, is a broadband access architecture where optical fiber runs from the service provider’s core network to a street-side cabinet, with existing copper lines completing the final connection to homes or businesses. It is a widely used compromise between full fiber deployment and legacy copper networks.

Technically, FTTC places fiber termination equipment in a roadside cabinet that feeds a DSLAM or DPU. From there, high-speed DSL technologies such as VDSL2 or G.fast deliver data over short copper loops to customer premises equipment (CPE). Keeping the copper run short significantly improves bandwidth and signal quality compared to long-distance DSL.

Key characteristics of FTTC include:

• Hybrid architecture: combines fiber backhaul with copper last-mile access.
• Cost efficiency: avoids full fiber installation to every building.
• Improved speeds: much faster than traditional ADSL deployments.
• Short copper loops: reduces attenuation and interference.
• Scalable design: can evolve toward deeper fiber or FTTH.

In real-world deployments, FTTC is commonly used in suburban and urban areas where fiber rollout to each home is expensive or disruptive. Operators upgrade cabinets with fiber and modern DSL equipment, delivering high-speed broadband quickly using existing infrastructure.

Conceptually, FTTC is like running a high-speed rail line to the edge of a neighborhood, then using local roads for the final stretch.

Intuition anchor: FTTC brings fiber close enough that copper stops being the bottleneck.

See FTTH, VDSL, Bandwidth.

/ˈviː.diː.ɛs.ɛl.tuː/

noun — "squeezing fiber-class speed out of copper."

VDSL2, short for Very-high-bit-rate Digital Subscriber Line 2, is an enhanced broadband access technology that delivers high-speed data over existing copper telephone lines. It improves upon VDSL by supporting higher data rates, wider frequency bands, and better performance over short loop lengths, making it a key technology for last-mile broadband.

Technically, VDSL2 uses DMT modulation across multiple frequency profiles, allowing downstream speeds that can exceed 100 Mbps under ideal conditions. It is typically deployed from a DSLAM or a street-level DPU, where the copper run to the customer is short enough to preserve signal quality. Features such as vectoring further reduce crosstalk between lines, increasing stability and throughput.

Key characteristics of VDSL2 include:

• High data rates: significantly faster than ADSL and early VDSL.
• Short-loop optimization: best performance when fiber is close to the user.
• Advanced modulation: relies on DMT and multiple profiles.
• Vectoring support: minimizes interference between copper pairs.
• Upgrade path: bridges legacy copper and newer technologies like G.fast.

In practical deployments, VDSL2 is commonly used in fiber-to-the-cabinet (FTTC) architectures, where fiber reaches a neighborhood cabinet and copper completes the final connection to homes or offices. This approach delivers high speeds without the cost of full fiber installation.

Conceptually, VDSL2 is like putting a high-performance engine into an old road: the road stays the same, but the ride gets much faster.

Intuition anchor: VDSL2 extracts maximum broadband performance from existing copper lines.

See ADSL, SDSL, Bandwidth.

/aɪ.piː.ɛs/

noun — "the security guard that stops attacks in their tracks."

IPS, short for Intrusion Prevention System, is a network security device or software that monitors traffic for malicious activity and takes immediate action to block or prevent threats. Unlike IDS, which only detects and alerts, an IPS actively intervenes to stop attacks, unauthorized access, and malware in real time.

Technically, IPS can operate using signature-based detection, anomaly-based detection, or a combination of both. It integrates with firewalls (Firewall), VPNs (VPN), and SIEM systems to enforce security policies, prevent intrusions, and maintain network integrity.

Key characteristics of IPS include:

• Active blocking: prevents attacks as they occur.
• Detection: identifies threats using signatures and behavior analysis.
• Policy enforcement: integrates with firewalls and VPNs for comprehensive security.
• Real-time response: stops unauthorized activity immediately.
• Reporting: generates logs and alerts for auditing and analysis.

In practical workflows, IPS devices are deployed alongside firewalls and IDS to protect networks, servers, and critical applications from malware, intrusion attempts, and other malicious activities.

Conceptually, an IPS is like a security guard who not only spots intruders but physically blocks them from entering the building.

Intuition anchor: IPS actively defends networks by stopping attacks before they cause damage.

See Firewall, VPN, IDS, SIEM, Network.

/aɪ.diː.ɛs/

noun — "the alarm system that spots network threats before they strike."

IDS, short for Intrusion Detection System, is a security tool that monitors network or system activity for suspicious behavior or policy violations. It identifies potential attacks, unauthorized access, and malicious activity, alerting administrators so they can respond quickly.

Technically, IDS can operate in two modes: signature-based, which compares traffic against known threat patterns, and anomaly-based, which detects deviations from normal behavior. It often integrates with firewalls (Firewall), VPNs (VPN), and SIEM systems for comprehensive security monitoring.

Key characteristics of IDS include:

• Detection: identifies intrusions, malware, or suspicious activity.
• Alerts: notifies administrators in real-time or via logs.
• Analysis: can perform signature matching or anomaly detection.
• Integration: works with firewalls, VPNs, and other security tools.
• Non-intrusive: monitors without directly blocking traffic (contrast with IPS).

In practical workflows, IDS devices are deployed at network perimeters or critical internal segments to monitor traffic, detect policy violations, and provide alerts for potential security breaches.

Conceptually, an IDS is like a security camera system for your network: it watches, recognizes suspicious behavior, and raises the alarm before damage occurs.

Intuition anchor: IDS keeps networks aware of threats without actively stopping them.

See Firewall, VPN, IPS, SIEM, Network.

/ˈfaɪər.wɔːl/

noun — "the digital gatekeeper that keeps networks safe."

Firewall is a network security device or software that monitors and controls incoming and outgoing network traffic based on predefined security rules. It protects networks, devices, and applications from unauthorized access, malware, and cyberattacks while allowing legitimate communications to pass through.

Technically, a Firewall can operate at different layers, including network (packet filtering), transport (stateful inspection), and application (proxy or deep packet inspection). It enforces policies such as IP filtering, port blocking, NAT, and VPN access control, often working alongside intrusion detection/prevention systems (IDS/IPS) and QoS (QoS) for traffic management.

Key characteristics of Firewalls include:

• Traffic filtering: blocks or allows traffic based on rules.
• Access control: enforces who or what can enter the network.
• Layered security: can inspect packets from network to application layers.
• Policy enforcement: integrates with NAT, VPNs, and QoS.
• Monitoring and logging: tracks traffic and potential threats.

In practical workflows, firewalls are deployed at network perimeters, between VLANs, and on individual devices to prevent unauthorized access while allowing legitimate business communications to flow efficiently.

Conceptually, a Firewall is like a security checkpoint: it inspects everyone and everything coming in and going out, letting only authorized traffic pass.

Intuition anchor: Firewall keeps your network secure without blocking the data you actually need.

See NAT, VPN, QoS, Router, Switch.

/viː.læn/

noun — "the invisible walls that organize a network."

VLAN, short for Virtual Local Area Network, is a network configuration that segments a physical LAN into multiple logical networks, allowing devices to be grouped together based on function, department, or security requirements rather than physical location. VLANs improve traffic management, enhance security, and reduce broadcast domains within enterprise networks.

Technically, VLANs use tagging protocols like IEEE 802.1Q to mark Ethernet frames, enabling switches to identify and segregate traffic. Switches and routers enforce VLAN boundaries, apply QoS (QoS), and support inter-VLAN routing to allow controlled communication between segments.

Key characteristics of VLANs include:

• Segmentation: separates network traffic into logical groups.
• Traffic control: improves performance and reduces congestion.
• Security: limits access to sensitive resources.
• Scalability: easy to reconfigure without changing physical cabling.
• Inter-VLAN communication: controlled via routers or Layer 3 switches.

In practical workflows, network engineers configure VLANs on switches to isolate departments, separate guest Wi-Fi traffic, or prioritize critical applications, ensuring efficient and secure network operation.

Conceptually, a VLAN is like having separate rooms in an open office: everyone shares the same building but works in isolated, well-defined spaces.

Intuition anchor: VLAN organizes networks logically, giving control and security without extra hardware.

See Switch, QoS, LAN, Router, IP.