0% found this document useful (0 votes)
52 views414 pages

Advanced Networking New

This document provides an overview of systems and network administration concepts. It discusses systems theory, defining a system as a set of components that interact to achieve goals. It also covers information systems, noting they are a set of interrelated components that collect, manipulate, store, and disseminate data to meet objectives. Additionally, the document outlines responsibilities of an organizational information systems/information technology department, including planning, developing, maintaining, and protecting information systems and infrastructure.

Uploaded by

Kasahun Adiss
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
52 views414 pages

Advanced Networking New

This document provides an overview of systems and network administration concepts. It discusses systems theory, defining a system as a set of components that interact to achieve goals. It also covers information systems, noting they are a set of interrelated components that collect, manipulate, store, and disseminate data to meet objectives. Additionally, the document outlines responsibilities of an organizational information systems/information technology department, including planning, developing, maintaining, and protecting information systems and infrastructure.

Uploaded by

Kasahun Adiss
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 414

SYSTEMS AND NETWORK ADMINISTRATION

(INSY 3072)

Instructor: Tsegaye B.
Chapter 1

SYSTEMS CONCEPTS
Outline

 Systems theory and Organizational Concepts

 Information Systems

 Information Management (Information Systems

Management)

3
System theory
System
• A set of elements or components that interact
to accomplish goals
• A combination of components working
together
• A system is an orderly grouping of
interdependent components linked together
according to a plan to achieve a specific
objective.
4
System theory
 a system is a set of interrelated elements, with
inputs and outputs, and with a set of
processes which convert inputs into outputs.

 A system is defined as a set of objects


together with relationship between the objects
and between their attributes related to each
other and to their environment so as to form a
whole.
Components of a system

Control

6
System theory
 A system is an entity which maintains its existence
through the mutual interaction of its parts. The key
emphasis here is one of "mutual interaction," in that
something is occurring between the parts, over time,
which maintains the system. A system is different than a
heap or a collection.
 System is a collection of parts that interact with one
another to function as a whole. However, a system is
more than the sum of its parts – it is the product of their
interactions.
Characteristics of a System
 Environment: A system does not exist in a vacuum, it exists and
functions in an environment containing other systems
 Subsystem: A system that is a component of a larger system
 Boundary: A system separated from its environment
 Interface: Several systems may share the same environment
 Open System: Interacts with other systems
 Closed System: Does not interact
 Adaptive System: Modify themselves to meet the demands of a
changing environment

8
Systems thinking
 Systems thinking is a mind set or way of viewing
the world as a system.

 It helps to see the big picture; it also helps to


break problems down to their components to
avoid complexity.

 “A system is bigger than the sum of its


components”
Information System
Information System
 An information system (IS) is a set of interrelated
components that collect, manipulate, store, and
disseminate data and information and provide a feedback
mechanism to meet an objective
 Examples: ATMs; airline reservation systems; course
enrollment systems

11
Information System

 Information system is an arrangement of


people, data, processes, communication, and
information technology that interact to capture,
transmit, store, retrieve, manipulate and/or
display information needed to support and
improve day-to-day operations in a business as
well as support the problem solving and
decision making needs of management and
other users.
Computer-based Information
System (CBIS)
 Computer-based information system (CBIS) uses
computer technology to perform input, processing &
output activities
 CBIS consists of:
 Hardware
 Software
 Databases
 Telecommunications & networks
 People
 Procedures that are configured to collect and process data
into information
13
Types of Information Systems
 Based on the part of the business that they support (Business
types)
 Sales, Manufacturing, Finance, etc.
 HRMS Human Resource Management System
 BS Billing System
 FMS Finance Management System
 MMS Materials Management System
 PMS Project Management System
 AMS Audit Management System
 FMS Fleet Management System
Types of Information Systems
 Transaction Processing Systems
 Management Information Systems
 Decision Support Systems
 Executive Information Systems -- Expert Systems
 Office Automation Systems
 Knowledge Work Systems
 Enterprise Resource Planning (ERP) Systems
 Geographical Information Systems
 E-commerce Systems
 Multi-media Systems
 differences in:
 users
 size, scope
 complexity, certainty, familiarity
Organizational Information System

 In an organization of any size, there is an


organization function responsible for the
technology, activities and personnel to
support its technology-enabled work systems
and the information and communication
needs of the organization.
Organizational Information System

 Information systems and the organizations they


support are complex, artificial, and
purposefully designed.

 They are composed of people, structures,


technologies, and work systems
Organizational Information System

 In organizations, the term Information System (IS)


refers to both:

 the systems that deliver information and


communication services to an organization

 the organization function that plans, develops,


operates, and manages the information systems
Information Systems Management (ISM)
 ISM is the management of the systems, activities,
and data that allow information to be effectively
acquired, stored, processed, accessed,
communicated and archived.
 Information System Management includes the
manipulation, , re-organization, analysis, graphing ,
charting and presentation of data for specific
management and decision-making purpose
Knowing the IS/IT Department
From the perspective of systems and network
administrations, it is important to answer the following
questions
 Why do you need to know about IS/IT department?
 What are the responsibilities of the IS/IT department?
 How is the IS/IT department organized?
 What IS/IT related jobs exist?
 What are your responsibilities?
Why do you need to know about
IS/IT department?

 Need to know the duties and responsibilities


of the IT department is to be an effective user
of IT resources
 To be a better informed and more effective
manager/executive
What are the responsibilities of
the IS/IT department?

There are 4 major responsibilities


 Plan for information systems and IT
infrastructure
 Develop and adapt information systems and IT
infrastructure
 Maintain and operate IS and IT infrastructure
 Protect infrastructure and data
Plan for information systems
and IT infrastructure
 Position its activities to further advance the
competitive strategy and improve decision
making
 Test new technologies and adapt infrastructure
to meet business goals
 Agile enterprise: quickly and effectively modify
IT and IS activities to ever changing business and
market conditions
Develop and adapt information
systems and IT infrastructure

 IT infrastructure such as computers, networks,


servers, etc. must be deployed and applied to
advancing the business strategy
 Software and systems such as email and VPN
access must also be created and applied
Maintain IS and operate and
maintain IT infrastructure
 Systems not only setup, but they must be
maintained, adjusted, and repaired
 Maintaining network connectivity is a crucial
element of IT department’s responsibilities
since loss of connectivity can have far reaching
consequences
Protect infrastructure and data

 Major threats come from human error,


malicious human activity, and natural events
and disasters
 IT departments need to understand the risks
and specify safeguards against them
 Work with management to assess cost-benefit
of implementing potentially costly safeguards
Chapter 2
NETWORK FUNDAMENTALS
Outline
 Protocols and protocol layering (TCP/ IP)
 Bit, Frame, IP Packet, TCP and UDP segment
 Networking devices
 IP addressing (Subnetting and Suppernetting)
 Address resolution protocol (ARP)
 Internet Control Messaging Protocol (ICMP)
 VLAN (Virtual Local Area Network)
 Routing
 Routing table
 Routing protocols
28
What is Computer Network?

29
Network
 The term network
describes two or
more connected
computers that can
share resources
such as data, a
printer, an Internet
connection,
applications, or a
combination of
these.
30
Network Protocols
 In order for data packets to travel from a source to a
destination on a network, it is important that all the
devices on the network speak the same language. This
language is called protocol.
 A data communications protocol is a set of rules or an
agreement that determines the data format and how
transmission of data occurs.
 A protocol is a set of rules that make communication
on a network more efficient.
31
Layered Models
 A reference model (Layered Model) is a
conceptual blueprint of how communications
should take place.
 It addresses all the processes required for
effective communication and divides these
processes into logical groupings called layers.
 When a communication system is designed in
this manner, it is known as layered architecture.
32
Advantage of Layered Models
 It divides the network communication process into
smaller and simpler components, thus aiding
component development, design, and troubleshooting.
 It allows multiple-vendor development through
standardization of network components.
 It encourages industry standardization by defining what
functions occur at each layer of the model.
 It allows various types of network hardware and
software to communicate.
33
Types of Layered Models

 OSI Layered Model

 TCP/IP Layered Model

34
The TCP/IP Model
 The U.S. Department of Defense (DoD) created the
TCP/IP reference model, because it wanted to design a
network that could survive any conditions, including a
nuclear war.
 In a world connected by different types of
communication media such as copper wires, microwaves,
optical fibers and satellite links, the DoD wanted
transmission of packets every time and under any
conditions.
 This very difficult design problem brought about the
creation of the TCP/IP model.
35
The TCP/IP Model
 The DoD model is basically a condensed version of the
OSI model
 It’s composed of four, instead of seven, layers:
Application layer
Transport layer
Internet layer
Network Access layer

36
Two Models

37
Two Models: Side-By-Side
7 Application
Application
6 Presentation

5 Session

4 Transport Transport

3 Network Internet

2 Data Link Network


Access
1 Physical

38
39
TCP/IP vs OSI
Similarities include:
 Both have layers.
 Both have application layers, though they
include very different services.
 Both have comparable transport and network
layers.
 Both models need to be known by networking
professionals.
 Both assume packets are switched.
40
TCP/IP vs OSI
Differences include:
 TCP/IP combines the presentation and session layer
issues into its application layer.
 TCP/IP combines the OSI data link and physical
layers into the network access layer.
 TCP/IP appears simpler because it has fewer layers.
 TCP/IP protocols are the standards around which
the Internet developed, so the TCP/IP model gains
credibility just because of its protocols.
41
TCP/IP vs OSI
Although TCP/IP protocols are the standards with which the
Internet has grown, the OSI model is useful for the following
reasons:
 It is a generic standard.
 It has more details, which make it more helpful for teaching
and learning.
 It has more details, which can be helpful when
troubleshooting.
 Networking professionals differ in their opinions on which
model to use. Due to the nature of the industry it is necessary
to become familiar with both.
42
TCP/IP Model

Application

Transport
Internet

Network
Access

43
The Application Layer

The application
layer of the
TCP/IP model
handles high-
level protocols,
issues of
representation,
encoding, and
dialog control.
44
The Transport Layer
The transport layer
provides transport services
from the source host to the
destination host. It
constitutes a logical
connection between these
endpoints of the network.
Transport protocols
segment and reassemble
upper-layer applications
into the same data stream
between endpoints.
The transport layer data
stream provides end-to-
end transport services.
45
The Internet Layer
The purpose of the
Internet layer is to
select the best
path through the
network for packets
to travel. The main
protocol that
functions at this
layer is the Internet
Protocol (IP). Best
path determination
and packet
switching occur at
this layer.
46
The Network Access Layer
The network access layer is
also called the host-to-
network layer. It is the layer
that is concerned with all of
the issues that an IP packet
requires to actually make a
physical link to the network
media. It includes LAN and
WAN details, and all the
details contained in the OSI
physical and data-link layers.
NOTE: ARP & RARP work at
both the Internet and
Network Access Layers.
47
The TCP/IP Protocol Suite

The DoD and OSI models are alike in design and concept and have similar
functions in similar layers.

48

48
The TCP/IP Protocol

 Internet Protocols are most popular open system


protocol suite
 Internet Protocols are used for LAN and WAN
communications.
 The two best known Internet Protocols are
 Transmission Control Protocol (TCP)
 Internet Protocol (IP)

49
The TCP/IP Protocol

 Protocols are rules for communication on a


network or between two hosts
 The Transmission Control Protocol/Internet
Protocol is a protocol stack, or grouping of
many related protocols, each working together
within a prescribed standard.
 TCP/IP is the most popular model for
connection to the Internet and within most
networks
50
Transmission Control Protocol
(TCP)
Features
 Connection establishment
Transport layer protocol
 Error checking of data
 Guaranteed packet delivery
 Breaks data into pieces at transmitter and
reassembles at receiver
 Only handled by the sender and receiver
51
Internet Protocol (IP)
Features
 Network layer protocol
 Provides addressing of sender and receiver on the internet
 Protocol defines how to route messages through a network
 Packetized
 Not continuous
 Delivery not guaranteed
 Dealt with at every router on the way from sender to
receiver
52
TCP/IP Protocols Suite
 FTP - File Transport Protocol at the application layer.
 Telnet - Remote session at the application layer.
 SMTP - Simple Mail Transport Protocol at the application layer.
 DHCP - Dynamic host configuration protocol is used to assign IP addresses dynamically to network cards. It
works at the application layer.
 TCP - Transport Control protocol is a connection oriented reliable protocol working at the transport layer.
 UDP - User Datagram Protocol is a connection less unreliable protocol working at the transport layer.
 ICMP - Internet Control Message Protocol is used to perform network error reporting and status. It works at
the transport layer.
 IGMP - Internet Group Management Protocol is used to manage multicast groups and it works at the transport
layer.
 IP - Internet Protocol is used for software addressing of computers and works at the network layer.
 ARP - Address Resolution Protocol is used to resolve the hardware address of a card to package the Ethernet
data. It works at the network layer.
 RARP - Reverse Address Resolution Protocol used for disk less computers to determine their IP address using
the network. It works at the network layer.

53
Bits, Frame, IP Packet, TCP
Segment, UDP Segment
Reading Assignment

54
Networking Devices
 NIC
 Repeater
 Hub
 Bridge
 Switch
 Router
 Brouter
 Others?-Explore!
55
Network Interface Card (NIC)

At source:
 Receives the data packet from the Network Layer
 Attaches its MAC address to the data packet
 Attaches the MAC address of the destination
device to the data packet
 Converts data in to packets suitable for the
particular network (Ethernet, Token Ring, FDDI)
 Converts packets in to electrical, light or radio
signals
 Provides the physical connection to the media
56
NIC…
As a destination device
Provides the physical connection to the media
Translates the signal in to data
Reads the MAC address to see if it matches
its own address
If it does match, passes the data to the
Network Layer

57
Repeater
 Allows the connection of segments
 Extends the network beyond the maximum length of a single
segment
 Functions at the Physical Layer of the OSI model
 A multi-port repeater is known as a Hub
 Connects segments of the same network, even if they use different
media
 Has three basic functions
 Receives a signal which it cleans up
 Re-times the signal to avoid collisions
 Transmits the signal on to the next segment

58
Advantages and
disadvantages

Repeater
 Advantages – Can connect different types of
media, can extend a network in terms of
distance, does not increase network traffic
 Disadvantages – Extends the collision domain,
can not connect different network architectures,
limited number only can be used in network

59
Hub
 A central point of a star topology
 Allows the multiple connection of devices
 Can be more than a basic Hub – providing additional
services (Managed Hubs, Switched Hubs, Intelligent
Hubs)
 In reality a Hub is a Repeater with multiple ports
 Functions in a similar manner to a Repeater
 Works at the Physical Layer of the OSI model
 Passes data no matter which device it’s addressed to; and
this feature adds to congestion

60
Advantages and…

Hub
 Advantages – Cheap, can connect different media
types
 Disadvantages – Extends the collision domain, can
not filter information, passes packets to all
connected segments

61
Bridge

 Like a Repeater or Hub it connects


segments
 Works at Data Layer – not Physical
 Uses Mac address to make decisions
 Acts as a ’filter’, by determining whether
or not to forward a packet on to another
segment

62
Bridge…

 Builds a Bridging Table, keeps track of devices


on each segment
 Filters packets, does not forward them, by
examining their MAC address
 It forwards packets whose destination address
is on a different segment from its own
 It divides a network in to multiple collision
domains – so reducing the number of collisions
63
Bridge..

 Uses the Spanning Tree Protocol (STP) – to decide whether to pass a packet
on to a different network segment

G Transmits to
B, bridge will
A Transmits to pass it to
C, bridge will Segment A
not pass it to
Segment B

64
Advantages and…
Bridge

 Advantages – Limits the collision domain,


can extend network distances, uses MAC
address to filter traffic, eases congestion,
can connect different types of media, some
can connect differing architectures
 Disadvantages – more expensive than a
repeater, slower than a repeater – due to
additional processing of packets
65
Switch
 A multiport Bridge, functioning at the Data Link
Layer
 Each port of the bridge decides whether to
forward data packets to the attached network
 Keeps track of the Mac addresses of all attached
devices (just like a bridge)
 Similarly priced to Hubs – making them popular
 Acts like a Hub, but filters like a Bridge
 Each port on a Switch is a collision domain
66
Advantages and…

Switch
 Advantages - Limits the collision domain,
can provide bridging, can be configured to
limit broadcast domain
 Disadvantages – More expensive than a
hub or bridge, configuration of additional
functions can be very complex
67
Router

 Works at Network Layer in an intelligent manner


 Can connect different network segments, if they
are in the same building or even on the opposite
side of the globe
 Works in LAN, MAN and WAN environments
 Allows access to resources by selecting the best
path
 Can interconnect different networks – Ethernet
with Token Ring
 Changes packet size and format to match the
requirements of the destination network
68
Router…

 Two primary functions – to determine the ‘best path’ and to


share details of routes with other routers
 Routing Table – a database which keeps track of the routes to
networks and the associated costs
 Static Routing – routes are manually configured by a network
administrator
 Dynamic Routing – adjust automatically to changes in network
topology, and information it receives from other routers
 Routing Protocol – uses a special algorithm to route data
across a network eg RIP

69
Advantages and…
Router
 Advantages – Limits the collision domain, can
function in LAN or WAN, connects differing
media and architectures, can determine best
path/route, can filter broadcasts
 Disadvantages – Expensive, must use routable
protocols, can be difficult to configure (static
routing), slower than a bridge
70
Brouter

 Functions both as Bridge and a Router – hence


name
 Can work on networks using different protocols
 Can be programmed only to pass data packets
using a specific protocol forward to a segment –
in this case it is functioning in a similar manner
to a Bridge
 If a Brouter is set to route data packets to the
appropriate network with a routed protocol such
as IP, it is functioning as a Router
71
Gateways
 Allow different networks to communicate by offering
a translation service from one protocol stack to
another
 They work at all levels of the OSI model – due to the
type of translation service they are providing
 Address Gateway – connects networks using the same
protocol, but using different directory spaces such as
Message Handling Service
 Protocol Gateway – connects network using different
protocols. Translates source protocol so destination
can understand it
 Application Gateway – translates between
applications such as from an Internet email server to a
messaging server
72
IP ADDRESSING

73
What is an IP Address?

 An IP address (IPV4) is a 32-bit address.


 The IP addresses are unique
 Each device on a network is assigned an IP address.
 Each IP address has two fundamental parts:
• The network portion, which describes the physical
wire the device is attached to.
• The host portion, which identifies the host on that
wire.

74
What is an IP Address?

 The address space in a protocol that uses N-


bits to define an Address is 2n
 The address space of IPv4 is
232 or 4,294,967,296.

75
Binary Notation

Dotted-decimal notation

76
Change the following IP address from binary notation
to dotted-decimal notation.

10000001 00001011 00001011 11101111

129.11.11.239

77
Find the error in the following IP address
111.56.045.78
There are no leading zeroes in Dotted-decimal notation
(045)

75.45.301.14
 In decimal notation each number <= 255
 301 is out of the range

78
Finding the class in Binary notation

Finding the class in decimal notation

79
 Show that Class A has

231 = 2,147,483,648 addresses

 Show that Class B has


______________________?

 Show that Class C has


________________________?

80
Hosts for Classes of IP
Addresses

Class A (24 bits for hosts) 224 - 2* = 16,777,214 maximum hosts


Class B (16 bits for hosts) 216 - 2* = 65,534 maximum hosts
Class C (8 bits for hosts) 28 - 2* = 254 maximum hosts
81
Network id and Host id

82
IP Addresses as Decimal Numbers

83
Blocks in class A

Millions of class A addresses


are wasted.

84
Blocks in class B

Many class B addresses


are wasted

85
Blocks in class C

The number of addresses in a class C block is


smaller than the needs of most organizations.
86
Class D and C

 Class D addresses are used for multicasting


 There is only one block in this class

 Class E addresses are reserved for special purposes


such as research and most of the block is wasted.

87
PRIVATE and SPECIAL
IP Address Ranges

Class A: 10.0.0.0—10.255.255.255
Class B: 172.16.0.0—172.31.255.255
Class C: 192.168.0.0—192.168.255.255

 Private addresses created by RFC 1918 are to be used


for addressing internal networks.
 These IP addresses are not routable
88
Network Addresses
 In classful addressing, the network address (the
first address in the block) is the one that is
assigned to the organization.
 The network address defines the network to the
rest of the Internet.
 Given the network address, we can find the class
of the address, the block, and the range of the
addresses in the block
 It retains the netid of the block and sets the
hostid to zero.
89
Ex. Given the network address 132.21.0.0, find
the class
the block
the range of the addresses
 The 1st byte is between 128 and 191. Hence,
Class B
 The block has a netid of 132.21.
 The addresses range from 132.21.0.0 to
132.21.255.255.
90
Default Mask
 The subnet masks for various IP address classes have
certain default values.
 The actual subnet mask can be derived from these
values.
 The default subnet masks for various address classes
are:
 Class A default mask is 255.0.0.0
 Class B default mask is 255.255.0.0
 Class C Default mask 255.255.255.0

91
Subnet Mask
 It determines which part of an IP address is the
network field and which part is the host field
 Follow these steps to determine the subnet mask:
1. Express the subnetwork IP address in binary form.
2. Replace the network and subnet portion of the
address with all 1s.
3. Replace the host portion of the address with all 0s.
4. Convert the binary expression back to dotted-decimal
notation.
92
Subnet Mask

Subnet mask in decimal = 255.255.240.0

93
Subnet Mask
• A mask is a 32-bit binary number.

• The mask is ANDed with IP address to get the block address


(Network address)
Mask And IP address = Block Address

94
AND operation

95
Default mask and subnet mask

96
Exercise

1. 192.168.3.55/24
 What is the subnet mask?
 What is the network address?
2. 192.168.3.55/28
 What is the subnet mask?
 What is the network address?
 What is the broadcast address?
97
SUBNETTING
 The process of splitting a network into smaller
networks is called subnetting, and the smaller
networks thus formed are known as subnets
 Subnets are connected to the rest of the network
through address-resolving devices called
routers.
 Subnets can be freely assigned within the
organization
 Internally, subnets are treated as separate networks
 Subnet structure is not visible outside the organization
98
Subnetting . . .

 To create a subnet address, a network administrator


borrows bits from the original host portion and
designates them as the subnet field.
 A network with no subnets will have one of these
default subnet mask values depending upon its class
address.
 However, when subnetting is implemented, the actual
subnet mask value is calculated to determine valid IP
addresses for hosts on a subnet.
99
Basic Idea of Subnetting
 Split the host number portion of an IP address into a subnet
number and a (smaller) host number.
 Result is a 3-layer hierarchy
network prefix host number

network prefix subnet number host number

extended network prefix

100
Advantages of Subnetting
 Improves efficiency of IP addresses by not consuming
an entire address space for each physical network.
 Reduces router complexity. Since external routers do
not know about subnetting, the complexity of routing
tables at external routers is reduced.
 Reduced network traffic
 Optimized network performance
 Simplified management

 Facilitated spanning of large geographical distances .


101
Addresses in a network with and without
subnetting

102
Finding the Subnet Address

 Given an IP address, we can find the subnet


address the same way we found the network
address.
 Apply the mask to the address
 Use binary notation for both the address and the
mask and then apply the AND operation to find
the subnet address.
 AND

103
Finding the Subnet Address

What is the subnetwork address if the destination address is


200.45.34.56 and the subnet mask is 255.255.240.0?

 11001000 00101101 00100010 00111000


 11111111 11111111 11110000 00000000
 11001000 00101101 00100000 00000000

The subnetwork address is 200.45.32.0.


 AND
104
Finding the Subnet Address

 If the byte in the mask is 255, copy the byte


in the address.
 If the byte in the mask is 0, replace the byte
in the address with 0.
 If the byte in the mask is neither 255 nor 0,
we write the mask and the address in binary
and apply the AND operation.
105
Finding the Subnet Address
 What is the subnetwork address if the destination address
is 19.30.80.5 and the mask is 255.255.192.0?

106
Comparison of a default mask and a subnet mask

107
A company is granted the site address
201.70.64.0 (class C). The company needs
six subnets. Design the subnets.

 The number of 1s in the default mask is 24 (class C).

 The company needs six subnets. This number 6 is not a power


of 2. The next number that is a power of 2 is 8 (23). We need
3 more 1s in the subnet mask. The total number of 1s in the
subnet mask is 27 (24 + 3).
 The total number of 0s is 5 (32 − 27).

108
The mask is
11111111 11111111 11111111 11100000
or
255.255.255.224

The number of subnets is 8.


The number of addresses in each subnet is 25 (5 is
the number of 0s) or 32.
The number of host is 32-2=30

109
110
Exercise:
You have a network that needs 29 subnets while
maximizing the number of host addresses
available on each subnet.
How many bits must you borrow from the host
field to provide the correct subnet mask?

111
Class C subnetting

192.168.1.153/27
1. What is the subnet mask?
2. how many subnets?
3. how many hosts?
4. what are the valid hosts?
5. what are the valid subnet?
6. what are the broadcast address for each subnet?

112
Class B subnetting

172.16.0.0
255.255.255.224
1. how many subnets?
2. how many hosts?
3. what are the network address of each subnet?
4. what are the broadcast address for each subnet?
5. what are the valid hosts?
113
Class B subnetting
255.255.240.0/20
1. how many subnets?
2. how many hosts?
3. what are the valid subnet?
4. what are the broadcast address for each
subnet?
5. what are the valid hosts?

114
subnetting

255.255.0.0 (/20)
1. how many subnets?
2. how many hosts?
3. what are the valid subnet?
4. what are the valid hosts?
5. what are the broadcast address for each
subnet?
115
Subnetting
A company would like to break its Class B
private IP address 172.16.0.0 into as many
subnets as possible provided that they can get at
least 300 clients per subnet. Find ranges of IP
addresses for each subnet and new mask.

116
 If an Ethernet port on a router were assigned an
IP address of 172.16.112.1/25, what would be
the valid subnet address of this host?

 A.172.16.112.0
 B.172.16.0.0
 C.172.16.96.0
 D.172.16.255.0

117
A company is granted the site address 181.56.0.0
(class B). The company needs 1000 subnets.
Design the subnets.

The number of 1s in the default mask is 16 (class B).


The company needs 1000 subnets. This number is not a
power of 2. The next number that is a power of 2 is 1024
(210). We need 10 more 1s in the subnet mask.
The total number of 1s in the subnet mask is 26 (16 + 10).
The total number of 0s is 6 (32 − 26).

118
A company is granted the site address 181.56.0.0 (class B).
The company needs 1000 subnets. Design the subnets.

119
The mask is

11111111 11111111 11111111 11000000


or
255.255.255.192.
The number of subnets is 1024.
The number of addresses in each subnet is 26 (6 is the
number of 0s) or 64.

120
See next slide
121
SUPERNETTING
 Supernetting is combining a group of networks into
one large supernetwork.
 Supernetting is the opposite of subnetting
 Converting network bits to host bits
 In subnetting you borrow bits from the host part,
Supernetting is done by borrowing bits from the
network side.
 Supernetting is the process of summarizing a bunch of
contiguous Subnetted networks back in a single large
network.
 Supernetting is also known as route summarization and
route aggregation
122
SUPERNETTING
 Supernetting is mainly done for optimizing the routing
tables.
 A routing table is the summary of all known networks.
 Routers share routing tables to find the new path and
locate the best path for destination.
 Without Supernetting, router will share all routes from
routing tables as they are.
 With Supernetting, it will summarize them before
sharing.
 Route summarization reduces the size of routing updates
dramatically.
123
A supernetwork

124
A supernetwork

125
Comparison of subnet, default, and supernet masks

126
Example 1

Supernet the following IP addresses to a single


network
200.1.0.0/24
200.1.1.0/24
200.1.2.0/24
200.1.3.0/24
127
Answer: 200.1.0.0/22
Example 2
Supernet the following IP Addresses
 172.168.197.0/24
 172.168.198.0/24
 172.168.199.0/24
 172.168.200.0/24
 172.168.204.0/24
 172.168.206.0/24

128
Example 3:
Four class C addresses appear to
networks outside as a single network
 4 address-contiguous networks:
213.2.96.0 11010101.00000010.01100000.00000000
213.2.97.0 11010101.00000010.01100001.00000000
213.2.98.0 11010101.00000010.01100010.00000000
213.2.99.0 11010101.00000010.01100011.00000000
 What is the Supernet mask?
255.255.252.0
 What is the Supernet address?
213.2.96.0/22
11010101 . 00000010 . 011000 00 . 00000000
129
 In subnetting, we need the first address
of the subnet and the subnet mask to
define the range of addresses.
 In supernetting, we need the first
address of the supernet and the supernet
mask to define the range of addresses.

130
We need to make a supernetwork out of 16 class C
blocks. What is the supernet mask?

Solution
We need 16 blocks. For 16 blocks we need to change four 1s to 0s
in the default mask. So the mask is
11111111 11111111 11110000 00000000
or

255.255.240.0

131
A supernet has a first address of 205.16.32.0 and
a supernet mask of 255.255.248.0. A router
receives three packets with the following
destination addresses:
205.16.37.44
205.16.42.56
205.17.33.76
Which packet belongs to the supernet?

132
We apply the supernet mask to see if we can find
the beginning address.
205.16.37.44 AND 255.255.248.0  205.16.32.0
205.16.42.56 AND 255.255.248.0  205.16.40.0
205.17.33.76 AND 255.255.248.0  205.17.32.0
Only the first address belongs to this supernet.

133
A supernet has a first address of 205.16.32.0
and a supernet mask of 255.255.248.0. How
many blocks are in this supernet and what is
the range of addresses?

Solution

The supernet has 21 1s. The default mask has 24 1s. Since the difference is 3,
there are 23 or 8 blocks in this supernet.
The blocks are 205.16.32.0 to 205.16.39.0.
The first address is 205.16.32.0.
The last address is 205.16.39.255.
134
ARP (Address Resolution Protocol)

 ARP is used for mapping a network address ( IPv4


Address) to a physical address/Ethernet address (MAC
address)
 The MAC address is always used for direct communications
(i.e, sending information on the wire).
 ARP has to know the physical address of the machine to
which it is going to send datagrams/frames
 IP is used to determine routes and move packets from
network to network.
135
ARP
 ARP is responsible for finding a map to any local
physical address that IP may request.
 If ARP does not have a map in memory, it has to find
one on the network.
 ARP uses a local broadcast, asking all the systems on
the network if they have the IP that is being resolved.

136
How ARP works?
 ARP broadcasts a packet that contains the IP address and MAC
of the originating host; these can then be stored at the target
machine.
 The target stores the address and responds with a packet that
contains its MAC address. The originating machine then stores
this in the local ARP cache. The two systems now have each
other’s IP and MAC addresses and can communicate.
 ARP can resolve only the address of a local machine. When an IP
address is determined to be on a remote subnet, IP sends the
packet to the default gateway; in this case, ARP is used to find
the MAC address of the gateway.
137
How ARP works?

138
Internet Control Messaging Protocol
(ICMP)
 Internet Control Message Protocol (ICMP), a part
of the Internet layer, is responsible for reporting
errors and messages regarding the delivery of IP
datagrams.
 ICMP always reports error message to the
original source
 It is a protocol for the exchange of error messages and
other vital information between (Physical) Internet
entities such as hosts and routers.
139
ICMP
 ICMP warns you when a destination host is
unreachable, or informs you of how long it took to get
to a destination host.
 ICMP Error messages include the following:
 Destination unreachable
 Source Quench
 Time exceeded
 Redirection
 Parameter problem, etc…

140
ICMP
 Destination unreachable
The ICMP destination unreachable message is generated by a
router to inform the source host that the destination address
is unreachable.
 Source Quench
Source quench is a message from one host computer to another
telling it to reduce the pace at which it is sending packet to that host.
 Time exceeded
The ICMP Time Exceeded message notifies a host when a packet it
sent has been discarded because it was "out of time.

141
ICMP
 Redirection error
 An ICMP redirect is an error message sent by a router
to the sender of an IP packet .
 Redirects are used when a router believes a packet is
being routed sub optimally and it would like to inform the
sending host that it should forward subsequent packets to
that same destination through a different gateway
 Parameter error
The Parameter Problem error message generally means that
something is wrong with the IP datagram itself, and that the
datagram is being discarded
142
VLAN- Virtual Local Area Network
 A VLAN is a logical grouping of workstations, servers and network
devices that appear to be on the same LAN despite their geographical
distribution.
 VLAN can be grouped by function, department, or application,
regardless of their physical segment location.
 VLANs function by logically segmenting the network into
different broadcast domains so that packets are only switched
between ports that are designated for the same VLAN
 The router interconnecting each shared hub typically provides
segmentation and can act as a broadcast firewall.

143
144
Why VLAN?
 Routers in VLAN topologies provide
 Broadcast filtering
 Security
 Traffic flow management
 VLANs address
 Scalability,
 Security, and
 Network management
 Switches may not bridge any traffic between VLANs
 Traffic should only be routed between VLANs.

145
VLAN
 VLANs can be used to create broadcast domains
which eliminate the need for expensive routers.
 Periodically, sensitive data may be broadcast on a
network. In such cases, placing only those users who
can have access to that data on a VLAN can reduce the
chances of an outsider gaining access to the data
 A VLAN allows several networks to work virtually as
one LAN.

146
Routing
 Routing is used for taking a packet from one
device and sending it through the network to
another device on a different network
 Routers route traffic to all networks by selecting
the best route to reach remote network
 Routers communicate with one another to
maintain their routing tables through the
transmission of routing update messages
147
Routing
 A router is a network layer device that uses one
or more routing metrics to determine the
optimal path along which network traffic
should be forwarded.
 Routers must maintain routing tables and make
sure other routers know of changes in the
network topology.
 When packets arrive at an interface, the router
must use the routing table to determine where
to send them.
148
Routing

149
Routing Protocol
A routing protocol specifies how routers
communicate with each other to distribute
information that enables them to select routes
between any two nodes on a computer network
 Routing protocols are created for routers
 Routing protocols have been designed to allow
the exchange of routing tables between routers
 Routing protocols use various combinations of
metrics for determining the best path for data.
150
Routing Protocol
 Routing metrics are values used in determining the
advantage of one route over another such as
 Hop count, Bandwidth, Load, Delay and reliability are
some of the metrics used to determine route
 Some routing protocols transmit update messages
periodically, while others send them only when there
are changes in the network topology
 Some protocols transmit the entire routing table in
each update message, and some transmit only routes
151
that have changed
Routing Metrics
Some of the routing metrics used to determine routes are:
 Bandwidth – The data capacity of a link.
 Delay – The length of time required to move a packet along
each link from source to destination
 Load – The amount of activity on a network resource such as a
router or a link
 Reliability – Usually a reference to the error rate of each
network link
 Hop count – The number of routers that a packet must travel
through before reaching its destination.
 Cost – A value based on bandwidth, monetary expense, or
other measurement, that is assigned by a network administrator
152
Routing Table
 A routing table is a database that keeps track of paths,
like a map, and uses these to determine which way to
forward traffic.
 A routing table is a data file in RAM that is used to
store route information about directly connected and
remote networks.
 A routing table is a set of rules, often viewed in table
format, that is used to determine where data packets
traveling over an IP network will be directed.
153
Routing Table
 All IP-enabled devices, including routers and switches, use
routing tables.
 A routing table contains the information necessary to forward
a packet along the best path toward its destination.
 Each packet contains information about its origin and
destination
 A routing table does not contain a list of all possible
destinations. Rather, it contains a list of destinations that are
next in line to the router. Each router contains this list and
when it receive packets of data it directs that packet to the next
link or hop in the network until it reaches its final destination.
154
Routing Table
 Routers use routing protocols to build and maintain
routing tables that contain route information
 Routing protocols fill routing tables with a variety of
route information

155
Routing Table
Routing Table contains information like:
 The network and the subnet mask –
specifies a range of IP addresses
 Protocol type
 Destination/next-hop associations
 the IP address of the router used to reach that
network.
 Outgoing interfaces: the outgoing interface the
packet should go out to reach the destination
network.
156
Routing Table
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.100 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.100 192.168.0.100 10
192.168.0.100 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.0.1 255.255.255.255 192.168.0.100 192.168.0.100 10
The column Network Destination and Netmask together describe the Network ID as mentioned earlier.
For example, destination 192.168.0.0 and netmask 255.255.255.0 can be written as network ID
192.168.0.0/24.
The Gateway column contains the same information as the Next hop, i.e. it points to the gateway through
which the network can be reached.
The Interface indicates what locally available interface is responsible for reaching the gateway. In this
example, gateway 192.168.0.1 (the internet router) can be reached through the local network card with
address 192.168.0.100.
Finally, the Metric indicates the associated cost of using the indicated route. This is useful for determining the
efficiency of a certain route from two points in a network. In this example, it is more efficient to communicate
with the computer itself through the use of address 127.0.0.1 (called “localhost”) than it would be through
192.168.0.100 (the IP address of the local network card).

157
Routing Table

158
Type of Routing protocols
(Individual Assignment)
1. Rip - Routing Information Protocol
2. IGP - Interior gateway protocol
3. IGRP - Interior Gateway Routing Protocol
4. EIGRP - Enhanced Interior Gateway Routing Protocol
5. BGP - Border Gateway Protocol
6. OSPF - Open Shortest Path First
7. RPT - Routing Protocols Timeline.
8. EGP - Exterior Gateway Protocol ()
9. IS-IS - Intermediate System-to-Intermediate System
159
Chapter 3
WIRELESS NETWORK
AND
WAN TECHNOLOGIES
WLAN- Wireless-LAN
 A Wireless LAN is a wireless computer network
that links two or more devices using a wireless
distribution method within a limited area such as
a home, school, computer laboratory, or office
building.
 WLAN gives users the ability to move around
within a local coverage area and yet still be
connected to the network.
161
Wireless LAN?
 A wireless LAN or WLAN is a wireless local area
network that uses radio waves as its carrier.
 To give a network connection to all users in a
building or campus, the last link with the users is
wireless.
 The backbone network usually uses cables/wired
 Wireless LANs have become popular for use in
the home, due to their ease of installation and
162
use.
Wireless-LAN
 They are also popular in commercial complexes that
offer wireless access to their customers

163
WLAN Common Topologies
Infrastructure Wireless LAN Ad-hoc Wireless LAN

164
ad hoc Wireless LAN
 ad hoc networks are self-organizing networks without any
centralized control
 Suited for temporary situations such as meetings and
conferences.
 A WLAN without an AP is called as Ad hoc network.
 ad hoc wireless nodes communicate directly with one
another using the same radio frequency.
 The physical size of the network is determined by the
maximum reliable propagation range of the radio signals.
 an ad hoc network is an independent BSS (basic service set)
that contains no access points, which means they cannot
connect to any other basic service set.
165
Ad-Hoc Wireless LAN

166
Infrastructure Wireless LAN
 The wireless LAN is connected to a wired LAN.
 There is a need of an Access Point (AP) that
bridges wireless LAN traffic into the wired LAN.
 The AP can also act as a repeater for wireless
nodes, effectively doubling the maximum
possible distance between nodes.
 Infrastructure mode is an 802.11 networking
framework in which devices communicate with
each other by first going through an Access Point
(AP)
167
Infrastructure Wireless LAN
 In the area of wireless computer networking, a
Base station is a wireless router/radio
receiver/transmitter that serves as the hub of the
WLAN, and may also be the gateway between a
wired network and the wireless network.
 Base station network is connected to the Wired
Internet. Other nodes can be fixed or mobile
 Wireless stations fall into two categories:
wireless access points, and clients.
168
169
Architecture
Stations
 All components that can connect into a wireless medium in a
network are referred to as stations (STA). All stations are equipped
with wireless network interface controllers (WNICs).
 AP (wireless routers) are base stations for the wireless network.
They transmit and receive radio frequencies (RF) for wireless
enabled devices to communicate with.
 Wireless clients can be mobile devices such as laptops, personal
digital assistants, IP phones and other smartphones, or non-portable
devices such as desktop computers, printers, and workstations that
are equipped with a wireless network interface.

170
Architecture
Basic service set (BSS)
 BSS is a set of all stations that can communicate with
each other at physical layer.
 Every BSS has an identification (ID) called the BSS-ID,
which is the MAC address of the access point servicing
the BSS.
 There are two types of BSS:
 Independent BSS (IBSS)- ad hoc
 Infrastructure BSS.
171
Architecture
Independent basic service set
 An IBSS is a set of Stations configured in ad hoc (peer-to-peer)mode.
Extended service set
 An extended service set (ESS) is a set of connected BSSs.
 Access points in an ESS are connected by a distribution system.
 Each ESS has an ID called the SSID which is a 32-byte (maximum) character
string.
Distribution system
 A distribution system (DS) connects access points in an extended service set.
 The concept of a DS can be used to increase network coverage through
roaming between cells.
 DS can be wired or wireless. Current wireless distribution systems are mostly
based on WDS or MESH protocols, though other systems are in use.
172
173
How do wireless LANs work?
 A WLAN serves the same purpose as a wired one — to
link a group of computers
 WLAN uses the same networking protocols and
supporting most of the same applications.
 Wireless networks operate using radio frequency
(RF) technology, a frequency within the
electromagnetic spectrum associated with radio wave
propagation

174
How are WLANs Different?
They use specialized physical and data link protocols
They integrate into existing networks through
Access Points (AP) which provide a bridging
function
They let you stay connected as you roam from one
coverage area to another
They have unique security considerations
They have specific interoperability requirements
They require different hardware
They offer performance that differs from wired
LANs.

175
Physical and Data Link Layers WLAN

Physical Layer:
 The wireless NIC takes frames of data from the data link
layer, scrambles the data in a predetermined way, then uses
the modified data stream to modulate a radio carrier
signal.
Data Link Layer:
 Uses Carriers-Sense-Multiple-Access with Collision
Avoidance (CSMA/CA). CSMA/CA in computer
networking, is a network multiple access method in which
carrier sensing is used, but nodes attempt to avoid collisions
by transmitting only when the channel is sensed to be idle
176
Integration With Existing Networks

 Wireless Access Points (APs) - a small device that


bridges wireless traffic to your network.
 Access point is designed to broadcast a
wireless signal that computers can detect
and "tune" into.
 Most access points bridge wireless LANs into
Ethernet networks
177
Integration With Existing Networks

178
Roaming
Roaming refers to the ability for a cellular
customer to automatically make and
receive voice calls, send and receive data,
or access other services, including
home data services, when travelling
outside the geographical coverage area
of the home network.
 Users maintain a continuous connection as they roam
from one physical area to another
 Mobile nodes automatically register with the new access
point.
 Methods: DHCP, Mobile IP
179
WLAN Security
 The IEEE 802.11 standard specifies optional security
called "Wired Equivalent Privacy" whose goal is that
a wireless LAN offers privacy equivalent to that
offered by a wired LAN.
 The standard also specifies optional authentication
measures.
 Common standard encryption schemes are
 Wired Equivalent Privacy (WEP)
 Wi-Fi Protected Access (WPA)
 Wi-Fi Protected Access 2 (WPA2)
180
Interoperability
 Before the IEEE 802.11, interoperability was based on
cooperation between vendors.
 IEEE 802.11 only standardizes the physical and Medias
Access Control layers.
 Vendors must still work with each other to ensure
their IEEE 802.11 implementations interoperate
 Wireless Ethernet Compatibility Alliance (WECA)
introduces the Wi-Fi Certification to ensure cross-
vendor interoperability of 802.11b solutions
181
Hardware
 Wireless router (AP)
 Wire-based connections:
 Wireless NIC: with antenna

 Handheld terminals /computers with wireless NIC

182
Hardware

Wireless Handheld Terminal


CISCO Aironet 350 series

Semi Parabolic Antenna BreezeCOM AP

183
Wireless Technology Standards
 Most modern Wireless Local Area Networks are based
on IEEE 802.11 standards and are marketed under the
Wi-Fi brand name.
 IEEE 802.11 is a set of media access control (MAC)
and physical layer specifications for implementing
wireless local area network (WLAN) computer
communication.

184
Wireless Technology Standards
 A family of wireless LAN (WLAN) specifications
developed by a working group at the Institute of
Electrical and Electronic Engineers (IEEE)
 Versions:
 802.11a
 802.11b
 802.11g
 802.11e
 802.11f
 802.11i

185
802.11 - Transmission
 Most wireless LAN products operate in
unlicensed radio bands
 2.4 GHz is most popular
 Available in most parts of the world
 No need for user licensing
 Most wireless LANs use spread-spectrum radio
 Resistant to interference, secure

186
IEEE 802.11a
 Ultra-high spectrum efficiency
 5 GHz band
 More data can travel over a smaller amount of
bandwidth
 High speed
 Up to 54 Mbps
 Less interference
 Fewer products using the frequency
 2.4 GHz band shared by cordless phones,
microwave ovens, Bluetooth, and WLANs
187
IEEE 802.11b
 Operates in 2.4GHz band.
 Its speed is 11 Mbps.
 It covers up to 300 feet distance.
 It normally installed in both business and
homes
 deployed in “hot spots” such as hotels,
airports and Starbucks.
188
802.11g
 802.11g is a high-speed extension to 802.11b
 Compatible with 802.11b
 High speed up to 54 Mbps
 2.4 GHz
 offering greater performance (that is, speed and
range) and remains today's most common
wireless networking technology

189
Performance
 802.11a offers speeds with a theoretically maximum

rate of 54Mbps in the 5 GHz band


 802.11b offers speeds with a theoretically maximum

rate of 11Mbps at in the 2.4 GHz spectrum band


 802.11g is a new standard for data rates of up to a

theoretical maximum of 54 Mbps at 2.4 GHz.


190
Choose the right technology

 Usually IEEE 802.11b or 802.11a


 802.11b offers interoperability
 802.11a offers higher data rates (up to 54
mbps)
 Higher throughput per user.
 Limited interoperability.

191
Access Point Placement and Power

 Typically – mounted at ceiling height.


 Between 15 and 25 feet (4.5m to 8m)
 The greater the height, the greater the
difficulty to get power to the unit.
 Solution: consider devices that can be powered
using CAT7 Ethernet cable (CISCO Aironet
1200 Series).
 Access points have internal or external
antennas
192
Antenna Selection and Placement

 Permanently attached.
 Remote antennas connected using an antenna cable.
 Coax cable has a high signal loss, should not be mounted
more than a 1 or 2 meters away from the device.
 Placement: consider building construction, ceiling height,
obstacles.
 Different materials (cement, steel) have different radio
propagation characteristics.
193
Connecting to the Wired LAN

 Consider user mobility. If users move between


subnets, there are challenges to consider.
 OSes like Windows XP and 2000, Linux support
DHCP to obtain the new IP address for the
subnet. Certain applications such as VPN will fail.
 Solution: access points in a roaming area are on
the same segment.
194
The Site Survey

 Helps define the coverage areas, data rates, the


precise placement of access point.
 Gather information:
 diagramming the coverage area and measuring
the signal strength

195
WAN Technologies

196
WAN Technologies
 A WAN is a data communications network that
covers a relatively broad geographic area and that
often uses transmission facilities provided by
common carriers, such as telephone companies.
 WAN technologies are designed for WAN
infrastructures
 WAN technologies generally function at the
lower three layers of the OSI reference model:
Network layer, Data link layer and Physical layer
197
WAN Technologies

198
WAN Physical Layer Terminology
 CSU/DSU (Channel Service Unit/Data Service Unit)
 Customer Premises Equipment (CPE)
 Packet-Switching Exchange (PSE)
 Data Communication Equipment (DCE)
 Data Terminal Equipment (DTE)
 Local Loop
 Central Office (CO)
 Toll Network

199
CPE- Customer Premises Equipment

 Also called customer-provided equipment


 The subscriber either owns the CPE or leases the
CPE from the service provider
 A subscriber in this context is a company that
arranges for WAN services from the service
provider
 CPE generally refers to devices such as telephones,
routers, network switches, residential gateways
200
CPE- Customer Premises Equipment

201
DTE- Data Terminal Equipment
 End systems that communicate across the WAN
technologies
 The customer devices that pass the data from a customer
network or host computer for transmission over the
WAN
 The DTE connects to the DCE through the local loop
 They are usually terminals, personal computers or
network hosts and are located on the premises of
individual subscribers.
202
DCE- Data Communication Equipment

 Also called Data Circuit Terminating Equipment


 DCE consists of devices that put data on the local loop
 DCE provides an interface to connect subscribers to a
communication link on the WAN cloud
 DCE is a communication devices such as modems and
packet switches that provide the interface between the
DTE devices and the carriers facilities.

203
204
 Local Loop
 The actual copper or fiber cable that connects the CPE to the
central office (CO) of the service provider.
 The local loop is sometimes called the last-mile
 Central Office (CO)
 The CO is the local service provider facility or building that
connects the CPE to the provider network
 Toll Network
 This consists of all digital, fiber optic communication lines,
switches, routers and other equipment inside the WAN
provider network

205
CSU/DSU-
Channel Service Unit/Digital Service Unit
 A CSU/DSU is a digital-interface device that adapts the
physical interface on a DTE device to the interface of DCE
device in a switched-carrier network.
 The CSU/DSU terminates the digital signals at customer
location.
 CSU/DSU is required to prepare data traffic for digital lines
 Can be used by a router to connect to digital line
 WAN Switch-a multiport internetworking device used in service
provider networks

206
WAN Devices

207
208
Other WAN Devices
Dialup modem
WAN Switch
Router
Core Router
Access Server
Broadband modem

209
WAN Switching Technology

Circuit Switching

Packet Switching

Message Switching

Cell Switching

210
Circuit Switching
 a circuit switched network is one that establishes a
dedicated circuit or channel between nodes and terminals
before the users may communicate/send data
 Circuit switching dynamically establishes a dedicated
virtual connection (VC) for voice or data between a sender
and a receiver (example- Phone call)
 Before communication can start, it is necessary to establish
the connection through the network of the service provider
 The two most common types of circuit switched networks
 The Public Switched Telephone Network (PSTN)

211
 The Integrated Service Digital Network (ISDN)
Circuit Switching

212
Packet Switching
 Packet switching splits traffic data in to packets that are
routed over a shared network.
 Packet switched network do not require a circuit to be
established
 The switches in packet switched network determine
the links that packets must be sent over based on the
addressing information in each packet

213
Packet Switching
 Packet-switched networks move data in separate,
small blocks (packets) based on the destination
address in each packet.
 When the circuit is established temporarily while a
packet is travelling through it, and then breaks
down again, it is called a virtual circuit (VC)
 Because the internal links between the switches are
shared between many users, the cost of packet
switching network is lower than that of circuit-
switching network
214
Packet Switching
 Packet switching is a WAN technology in which
users share common carrier resources.
 Packet-switching networks include
 Asynchronous Transfer Mode (ATM)
 Frame Relay
 Switched Multimegabit Data Services (SMDS)
 X.25

215
Packet Switching

216
WAN Technologies
PPP
ISDN
ATM
Frame relay
DSL
X.25
217
PPP (Point-to-Point Protocol)
 PPP link provides a pre-established WAN communications
path from the customer sites through the provider network to
a remote destination.
 PPP lines are usually leased from a carrier and are called
leased lines because its established path is permanent and
fixed for each remote network reached through the carrier
facilities
 PPPs commonly used as a layer 2 protocol on dedicated
Leased lines.
 PPP is communications protocol used to establish a direct
connection between two routers without any host or any
218
other networking device in between.
219
ISDN-Integrated Services Digital Network
 ISDN is a set of communication standards for
simultaneous digital transmission of voice, video, data,
and other network services over the traditional
circuits of the public switched telephone network
(PSTN).
 Prior to ISDN, the telephone system was viewed as a
way to transport voice, with some special services
available for data.
 The key feature of ISDN is that it integrates speech
and data (Internet) on the same lines, adding features
that were not available in the classic telephone system.
220
Integrated Services Digital Network
 ISDN is a circuit-switched telephone network system
which provides a better voice quality than an analog
phone can provide.
 ISDN supports multiple channels
 B (Bearer) channels for 64 Kbps channels on a single
connection- basic traffic
 D (Delta or data) channel for 16 Kbps for return
signaling data
 ISDN is faster than telephone line connections
 ISDN is consisting of ISDN switches
221
Integrated Services Digital Network

 The ISDN standards define several kinds of access


interfaces, such as:
 Basic Rate Interface (BRI)

 Offers a two 64 Kbps B channels with 16 Kbps D channels

 Primary Rate Interface (PRI)

 Offers a 1.472 Mbps data path over B channel and a 64 Kbps D channel

 Narrowband ISDN (NISDN),

 Broadband ISDN (BISDN)


222
223
Frame Relay
 Intended to be an intermediate solution for the demand of
high bandwidth networking
 uses a protocol that works at the data link layer of the OSI
 A number of DTE can communicate over a single physical
connection
 Each DTE is identified by a single Data link connection
identifier (DLCI)
 Relatively low cost and widespread availability compared to
leased lines
 Frame relay sites are connected via virtual circuits (VC)
 VCs are either Point to point or point to multipoint connection
224
Frame Relay
 High performance WAN protocol
 Higher degree of connectivity
 Does not provide error checking for packets
 Employs packet switching technology

225
ATM -Asynchronous Transfer Mode
 ATM is a telecommunications standards for carriage of a
complete range of user traffic including voice, data, image,
text and video signals.
 ATM was developed to meet the needs of the Broadband
Integrated Services Digital Network (B-ISDN).
 ATM works at the three lowest layers of the reference
model: network layer, data link layer, and physical layer
 ATM is a core protocol used over the
 Public switched telephone network (PSTN) and
 Integrated Services Digital Network (ISDN)
226
ATM
 ATM provides a permanent shared network technology
that offered very low latency and jitter at much higher
bandwidths.
 ATM has data rates beyond 155 Mbps.
 As with the other shared technologies, such as X.25
and Frame Relay, diagrams for ATM WANs look the
same.
 A typical ATM line needs almost 20% greater
bandwidth than Frame Relay to carry the same volume
of network layer data.
227
ATM
 ATM is a connection-oriented packet switching technique in
which a virtual circuit must be established between two
endpoints before the actual data exchange begins.
 These virtual circuits(VC) may be
 Permanent Virtual Circuit (PVC): dedicated
connections that are usually preconfigured by the
service provider
 Switched Virtual Circuit (SVC): set up on a per-call
basis using signaling and disconnected when the call is
terminated.
 ATM eventually became dominated by Internet Protocol
228
ATM
 ATM is different from the others because it
uses small fixed size cells of 53 bytes(5 bytes
for header and 48 bytes for data), transmits
them over a physical medium using digital
signal technology, unlike the other packet
switched technologies, which uses variable
sized packets
 Speeds on ATM networks can reach 10 Gbps
229
230
DSL (Digital Subscriber Line)
 DSL technology is a broadband technology that uses
existing twisted-pair telephone lines to transport high-
bandwidth data to service subscribers.
 The term xDSL covers a number of similar forms of
DSL technologies.
 DSL technology allows the local loop line to be used
for
 Normal telephone voice connection and
 Instant network connectivity.
231
DSL (Digital Subscriber Line)
 The two basic types of DSL technologies are
 Asymmetric (ADSL)
 Symmetric (SDSL).
 All forms of DSL service are categorized as ADSL or
SDSL and there are several varieties of each type.
 ADSL service provides higher download or downstream
bandwidth to the user than upload bandwidth.
 SDSL service provides the same capacity in both
directions.

232
DSL (Digital Subscriber Line)
 Asymmetric DSL
 Voice and Data on the same line
 Downstream: up to 8 Mbps
 Upstream: up to 1.544 Mbps
 Symmetric DSL
 No simultaneous voice and data on the same line
 Downstream: 1.168 Mbps
 Upstream: 1.168 Mbps
 Very high bit rate DSL
 Downstream: up to 52 Mbps
233  Upstream: up to 12 Mbps
DSL

234
X.25
 The first of these packet-switched networks was standardized as
the X.25 group of protocols.
 X.25 provides a low bit rate shared variable capacity that may be
either switched or permanent circuits.
 X.25 is a network-layer protocol and subscribers are provided
with a network address.
 Virtual circuits can be established through the network with call
request packets to the target address. The resulting SVC is
identified by a channel number.
 X.25 technology is no longer widely available as a WAN
technology
 Frame Relay has replaced X.25 at many service provider
235 locations.
X.25

236
Summary

237
Other WAN Technologies
Individual Assignment
1. VPN
2. Synchronous Optical Network (SONET)
3. MPLS- Multiprotocol Label Switching
4. VPN-Virtual Private Network
5. SDLC protocol
6. POTS
7. HDLC- High-level Data Link Control
8. SMDS
9. LAPB
10. LRE/ Long Range Ethernet
11. T1/T2/E1/E2
12. WIMAX
13. GSM
14. CDMA
15. 4G LTE
16. SLIP
238
Chapter 4

NETWORK DESIGN
AND
IMPLEMENTATION
Network Design Overview
 Computer networks are critical to the success of any
businesses.(Network-based Economy)
 Computer networks connect people, support applications
and services, and provide access to the resources that keep
the businesses running.
 To meet the daily requirements of businesses, networks
themselves are becoming quite complex.
 There is a direct correlation between the network design
project and the company’s business success. Therefore,
Network design is the ultimate target of todays networking
240
Network Design Overview
 Today, the Internet-based economy often demands
around-the-clock customer service.
 Business networks must be available nearly 100 percent
of the time.
 They must be smart enough to automatically protect
against unexpected security incidents.
 These business networks must also be able to adjust to
changing traffic loads to maintain consistent application
response times.
 Computer networks need careful planning and design.
241
Network Design Overview
Businesses have requirements for their network:
o The network should stay up all the time, even in
the event of failed links, equipment failure, and
overloaded conditions.
o The network should deliver applications and
provide reasonable response times from any host to
any host.
o The network should be easy to modify to adapt to
network growth and general business changes.
242
Network Design Overview
o The network should be secure. It should
protect the data that is transmitted over it and
data stored on the devices that connect to it.
o Because failures occasionally occur,
troubleshooting should be easy.
o Finding and fixing a problem should not be too
time-consuming.
243
Network Design Overview
 Network design refers to the planning of
the implementation of a computer network
infrastructure.
 Network design is generally performed by
network designers, network engineers, IT
administrators and other related staff.
 It is done before the implementation of a
network infrastructure
244
Network Design Methodologies
Large network design projects are normally divided
into three distinct steps:
Step 1. Identify the network requirements
Step 2. Characterize the existing network
Step 3. Design the network topology and solutions

245
Network Design Methodologies

Step 1: Identifying Network Requirements


 In this step, the network designer works closely
with the customer to document the goals of the
project.
 Goals are usually separated into two categories:
 Business goals: Focus on how the network can
make the business more successful
 Technical requirements: Focus on how the
technology is implemented within the network
246
Network Design Methodologies
Step 2: Characterizing the Existing Network
 Information about the current network and services
is gathered and analyzed.
 It is necessary to compare the functionality of the
existing network with the defined goals of the new
project.
 The network designer determines whether any
existing equipment, infrastructure, and protocols can
be reused, and what new equipment and protocols
are needed to complete the design.
247
Network Design Methodologies
Step 3: Designing the Network Topology
 A common strategy for network design is to take a
top-down approach.
 In this approach, the network applications and
service requirements are identified, and then the
network is designed to support them.
 When the design is complete, a prototype is
performed.
 This approach ensures that the new design functions
248 as expected before it is implemented.
Building a Good Network
 After the network requirements have been
identified, the steps to design a good network are
followed as the project implementation moves
forward.
 Network users generally do not think in terms of
the complexity of the underlying network.
 They think of the network as a way to access the
applications they need, when they need them.

249
Building a Good Network
 Good networks do not happen by accident.
 Good networks are the result of hardworking by
network designers and technicians, who identify
network requirements and select the best
solutions to meet the needs of a business

250
Building a Good Network
Good Network Designs should:
 Deliver services requested by users
 Deliver acceptable throughput and response times
 Be within budget and maximise cost efficiencies
 Be reliable
 Be expandable without major redesign
 Be manageable by maintenance and support staff
 Be well documented
251
What to be considered?
• Connections:
• Provided by Hardware that ties things together.
 Wires/Wireless, Routers, Switches/Hubs, Computers,
Bridges, etc.
 Communications/Protocols:
 Provided by Software
 A common language for two systems to communicate with
each other
TCP/IP (Internet/Windows ), IPX/SPX (Novell
Netware 4), AppleTalk, Other NOS
 Services/Application:
 The Heart of Networking .
 Cooperation between two or more systems to perform some
function.
 Applications such as Telnet, FTP, HTTP, SMTP
252
What to be considered?
 To build a well-balanced network, a number of
factors must be taken into consideration
 Desired network size (number of machines)
 Layout/Topology
 Amount of current traffic
 Future traffic expectations
 Security requirements
 Base on these factors, a flexible solution with
budget and with sufficient room for expansion
can be designed
253
Network Design: Achievable?

Response Time Cost

Reliability
Business Growth

254
Types of Network Design

 New Network Design


 Re-Engineering network Design
 Expansion Network Design

255
New Network Design
 Designing a network from a scratch
 Major driver is the budget
 no compatibility issues to worry about
Methodologies
 Planning/Feasibility study
 Study Existing Situation
 Rough proposal of the designed network
 Requirements Analysis
 Design
 Specification of network items and Procurement
 (Buying items)
 Implementation (Installations and Administration)
256
Re-engineering Network Design
 Modifications to an existing network to compensate
for original design problems.
 Sometimes required when network users change
existing applications or functionality
 More of the type of problems seen today
Network Expansion Design
 Network designs that expand network capacity
 Technology upgrades
 Adding more users or networked equipment
257
Fundamental Design Goals
The four fundamental network design goals are:
 Scalability: Scalable network designs can grow to
include new user groups and remote sites and can
support new applications without impacting the level
of service delivered to existing users.
 Availability: A network designed for availability is
one that delivers consistent, reliable performance, 24
hours a day, 7 days a week. In addition, the failure of
a single link or piece of equipment should not
significantly impact network performance.
258
Fundamental Design Goals
 Security: Security is a feature that must be designed
into the network, not added on after the network is
complete. Planning the location of security devices,
filters, and firewall features is critical to safeguarding
network resources.
 Manageability: No matter how good the initial
network design is, the available network staff must be
able to manage and support the network. A network
that is too complex or difficult to maintain cannot
259 function effectively and efficiently.
Network Design Phase

 Two phases in Network design


oLogical Network Design
oPhysical Network Design

 The network designer’s task is to develop


the logical and physical design of the
network project.
260
Logical Network Design
 The logical network design phase is a foundation
for the physical network design, and it is where
the designer develops a hierarchical and modular
network.
 The logical design phase includes designing of
network layer addressing, selection of switching
and routing protocols, security planning and
network management design.
261
Physical Network Design
 The physical design of the network is concerned
with the identification of LAN and WAN
technologies and network devices that are
supposed to realize the performance of the
logical design at large.
 During the physical design phase, the network
designer is responsible for selecting devices such
as cabling, wires, switches, bridges, routers,
wireless access point and others.
262
Network Design Topology

Flat Network Design

Hierarchical Network Design

263
Flat Network Design
 A flat network topology is an unstructured type
of network designing , which is adequate in
designing a small-sized network.
 It is a non-hierarchical designing model where
each inter-networking device performs the same
task.
 This model is easy to plan, design and implement
for small-sized networks but it would be difficult
to scale up the network when a need for growth
264
arises.
Flat Network Design
• aims to reduce cost, maintenance and administration.
• aims to reduce the number of routers and switches
on a computer network by connecting the devices to
a single switch instead of separate switches.

265
Flat Network Design
 lack of hierarchy makes network troubleshooting
and expansion difficult.
 Devices in flat network design belongs to the
same broadcast domain and shares the same
bandwidth together, and receives a copy of every
message sent.
 In the case of link failure, it is difficult to get an
alternative path to the destination.
266
267
Hierarchical Network Design
Hierarchical networks have advantages over flat network
designs.
 The benefit of dividing a network into smaller, more
manageable hierarchical blocks is that local traffic remains
local.
 Only traffic intended for other networks is moved to a higher
layer.
 Layer 2 devices in a flat network provide little opportunity to
control broadcasts or to filter undesirable traffic.
 As more devices and applications are added to a flat network,
response times degrade until the network becomes unusable.
268
Hierarchical Network Design
 when an organization's network grows and becomes
more complex; the network designers might need to
consider building a network in a modular approach.
 A modular designing helps to split the huge and
complex task by a specific function and makes the
design project more manageable.
 For instance, a company network system might include
the company’s LANs, remote-access system, wireless
connection system and WAN functionalities, in such
scenario a hierarchical modelling methods fit well.
269
Hierarchical Network Design
 Hierarchical model is a three-layer modular and
structural design technique used to design a LAN
or WAN network.
 Hierarchical model design has three layers,
namely Core, Distribution and Access layers,
 Each layer has its own functions and they are built
using network devices like routers or switches or
combined in single device.
270
Hierarchical Network Design

271
Hierarchical Network Design
Advantages in using a hierarchical model of
designing a network are
 Scalability
 Flexibility
 Adaptability
 Simplicity
 Improved/high performance
 Fault isolation and
 Easier network manageability.
272
Advantage of Hierarchical Network Model

 High Performance: You can design high performance


networks, where only certain layers are susceptible to congestion.
 Efficient management & troubleshooting: Allows you to
efficiently organize network management and isolate causes of
network trouble.
 Policy creation: You can easily create policies and specify filters
and rules.
 Scalability: You can grow the network easily by dividing your
network into functional areas.
 Behavior prediction: When planning or managing a network,
the model allows you determine what will happen to the network
when new stresses are placed on it.
273
Hierarchical Network Design Layers
 In networking, a hierarchical design is used to group
devices into multiple networks. The networks are
organized in a layered approach. The hierarchical design
model has three basic layers:

 Access Layer

 Distribution Layer

 Core Layer

274
Hierarchical Network Design

275
Core layer
 A core layer is a high-speed switching backbone
responsible for interconnecting distribution layer
devices.
 This layer aggregates traffic from all distribution layer
devices and is responsible for forwarding a large amount
of data with a high speed over the network.
 This layer is considered the backbone of the network and
includes the high-end Router/core switches and high-
speed cables such as fiber cables.
 High-end routers and switches that are optimized
for availability and high speed
276
Core layer
 no packet manipulation is done by devices in this layer.
 This layer is concerned with speed and ensures reliable
delivery of packets.
 The core layer needs to be highly reliable and fault
tolerant. This happens by establishing a full mesh
redundancy link between the core layer routers and
between the distribution layer routers and vice versa.
 It is necessary to have backup power supplies in case of
power failures.
277
Goals of the Core Layer
 The core layer design enables the efficient, high-
speed transfer of data between one section of the
network and another.
 The primary design goals at the core layer are:
 Provide 100% uptime.
 Maximize throughput.
 Facilitate network growth.

278
Core Layer Technologies
Technologies used at the core layer include the following:
 Routers or multilayer switches that combine routing
and switching in the same device
 Redundancy and load balancing
 High-speed and aggregate links
 Routing protocols that scale well and converge quickly,
such as:
 Enhanced Interior Gateway Routing Protocol (EIGRP)
 Open Shortest Path First (OSPF) Protocol

279
Redundant Links
 Implementing redundant links at the core layer ensures
that network devices can find alternate paths to send data
in the event of a failure. When Layer 3 devices are placed
at the core layer, these redundant links can be used for
load balancing in addition to providing backup.

280
Mesh Topology
 Most core layers in a network are wired in either a full-
mesh or partial-mesh topology.
 A full-mesh topology is one in which every device has a
connection to every other device. Although full-mesh
topologies provide the benefit of a fully redundant
network, they can be difficult to wire and manage and
are more costly.
 For larger installations, a modified partial-mesh topology
is used. In a partial-mesh topology, each device is
connected to at least two others, creating sufficient
redundancy without the complexity of a full mesh.
281
Redundancy in a Mesh Topology

282
Distribution Layer
 The distribution layer is the middle (demarcation
point) layer between the access layer and core layer of a
network.
 It is at this point where traffic flow control and access
control takes place.
 Distribution layer is a preferred place for designing
virtual LANs (VLANs) to create one or more broadcast
domains and to configure network devices like routers
to route IP packets across VLANs.
 This layer ensures that packets are properly routed
between subnets and VLANs in the enterprise.
 This layer is also called the Workgroup layer
283
284
Distribution Layer
 The distribution layer is commonly built using Layer 2 switching
technology.
 Multilayer switches, located at the distribution layer, provide
many functions critical for meeting the goals of the network
design, including the following:
 Filtering and managing traffic flows
 Enforcing access control policies
 Summarizing routes before advertising the routes to
the Core
 Isolating the core from access layer failures
 Routing between access layer VLANs
285
Access Layer
 The main task of the access layer is to connect local users
to the network so that they can access network resources
and services.
 This layer is designed to deliver local user packets to the
targeted end user computer and also to ensure a
legitimate access of network resources and services.
 End devices such as personal computers, printers and IP
phones are connected to the access layer.
 Interconnecting devices such as switches, hubs and
286
wireless access points are part of the access layer.
Access Layer
 This layer connects users via hubs, switches, and other
devices
 This layer is also called the desktop layer because it
focuses on connecting client nodes, such as workstations
to the network.
 This layer ensures that packets are delivered to end user
computers.

287
Network Design and
Implementation Phases

Project Management

288
PDIOO Lifecycle Approach to Network
Design and Implementation
 PDIOO stands for
 Plan
 Design
 Implement
 Operate
 Optimize
 PDIOO is a Cisco methodology phases that defines
the continuous life-cycle of services required for a
network design and Implementation
289
Plan Phase:
 Network requirements are identified in this phase
 business and technical requirements
 Analysis of areas where the network will be installed
 Identification of users who will require network
services
 If there is an existing network in place, then the
project plan is developed (or updated), but only
after an audit of the existing infrastructure, sites and
operational environment is completed.
290
Plan Phase:
The typical deliverables from the Plan phase
include:
 Site/location Requirements Specifications
 Solutions Test Plan
 Site Survey Form
 Customer Requirements Document Response

291
Design Phase:
 Accomplish the logical and physical design,
according to requirements gathered during the
Plan phase
 The company develops (or updates) a
comprehensive network design.
 It is important that the information gathered from
the first phases is used to ensure that the design
meets all of the business and technical
requirements that were previously developed.
292
Design Phase:
 If everything has been completed correctly, the design
will provide a network that is able to manage the
everyday tasks that are required of it and meet or exceed
all expected availability, reliability, security, scalability,
and performance metrics.
 Documents that are developed during this phase guide
the deployment, configuration, and commission of
network devices and services.
 The typical deliverables from this phase include:
 Low Level Design (LLD)

293
Implementation Phase:
 Network is built according to the Design
specifications
 Implementation also serves to verify the design
 This method allows the implementers the ability
to find any potential problems; if found, these
problems are resolved inside this test bed before
full scale implementation continues.

294
Implementation Phase
 Once the network has been implemented, a series of
tests should be run to ensure that the operation of the
new network is as expected and designed.
 If any issues are found, it is best that they are handled as
early in the implementation as possible to ensure the
issue impacts as few parts of the network as possible.
 The typical deliverables from this phase include:
 Network Ready For Use
 Network Ready For Use Test Report
 Implementation Log

295
Operate Phase:
 The Operate phase is by far the longest of the
PPDIOO phases; this is because in this phase a
company is operating without making major
changes to the network.
 Operation is the final test of the effectiveness of the
design
 The network is monitored during this phase for
performance problems and any faults, to provide input
into the Optimize phase
296
Operate Phase:
 During this phase, the company spends the majority
of their funds managing the network which includes
proactive and reactive monitoring, performance
management, trouble management, security
management, and capacity planning and monitoring,
among others.
 The typical deliverables from this phase include:
 Root Cause Analysis Reports
 Support Contract Analysis
297
Optimize Phase:
 Based on proactive network management which
identifies and resolves problems before network
disruptions arise, the optimize phase may lead to a
network redesign if too many problems arise
due to design errors, or as network
performance degrades over time as actual use
and capabilities diverge
 Redesign may also be required when
requirements change significantly
298
Retire Phase:

 When the network, or a part of the network, is out-


of-date, it may be taken out of production
 Although Retire is not incorporated into the name of
the life cycle (PDIOO), it is nonetheless an important
phase

299
Chapter 5

Systems and Network


Administration
Systems and Network
Administration
 It is a branch of engineering that concerns the
operational management of human-computer
systems
 It addresses both the technology of computer
systems and the users of the technology
 It is about putting together a network of
computers, getting and keeping them running
in spite of the activities of users who tend to cause
the systems to fail.
301
System and Network
Administration
 System and network administration involves the
design, installation, configuration,
troubleshooting, and maintenance of computing
infrastructures.
 It is about the diagnosis, repairing and prevention
of hardware and software, and user support
 System and network administration is an
extremely demanding engineer’s job
302
System and Network
Administration
 Network and systems administrators are responsible
for the day-to-day operation of these networks.
 They organize, install, and support an organization's
local area networks (LANs), wide area networks
(WANs), network segments, intranets, and other data
communication systems
 System and network administrators need to be good at
technical, administrative and socio-psychological
skills.
303
System Administration
 System administration entails
o Hardware and software troubleshooting
o Knowledge of operating system and applications
o Knowledge of the purposes for which people in the
organization use the computers.
 Problem solving is the most important skill of
System administration.
 A person specialized in maintaining and operating
a computer system is called system administrator
(Sysadmin)
304
Tasks of System and Network
Administrator
A system and network administrator's responsibilities might include:
o Applying operating system updates, patches, and
configuration changes.
o Installing and configuring new hardware and software.
o Adding, removing, or updating user account
information, resetting passwords, etc.
o Supporting and maintain servers
o System performance tuning
o Train users on software and security.
305
Tasks of System and Network
Administrator
o Responsibility for documenting the configuration of the
system.
o Responsibility for security.
o Performing backups.
o Analyzing system logs and identifying potential issues with
computer systems.
o Troubleshooting any reported problems.
o Introducing and integrating new technologies into existing
data center environments.
o Answering technical queries.
o Insuring that the network infrastructure is up and running
o Hardware and software configurations
306
Network configuration tools
Based on command line Interface (CLI)
 ipconfig – network configuration to display Interface Settings
 Ipconfig or ipconfig /all
 Ping –requests echo reply from a computer/Destination reachability
 Ping hostname or IP address
 Sends an ICMP echo request and responds an ICMP echo reply
 traceroute – show path taken by IP packets through a network
 Router hops to destination
 Traceroute [-n] hostname or IP
 Tcpdump -show network traffic on the wire/Packet sniffing
 Tcpdump [-e] [-n] –i fa0/0

307
Network configuration tools
 Netstat- display network summary information for the device
Network performance status
Netstat [-n] -a
 Arp-show/modify IP Its job is to map IP addresses to MAC addresses.
arp -a
 Ndp (Neighbor Discovery Protocol)-Show debug
 Route- is used to show/modify the routing table
-Set/Display gateway
 route [-n] get default
 Mtr-combines ping and traceroute
 Mtr [hostname or IP]
 nslookup – DNS lookups/DNS Queries
 netsh – Change Interface Settings/Display or modify the network
configuration of a computer that is currently running
308
Types of Administrations
 In a larger company, the following types of administrations may all be in
separate positions within Information Services department.
 In a smaller group, they may be shared by a few sysadmins, or even a single
person.

 Network Administration
 User administration
 Mail administration
 Web administration
 FTP administration
 Database systems administration
 Remote access administration
 Backup administration
 DNS/DHCP administration
 Proxy server administration
309
310
Network Administration
 Network administration normally includes the
deployment, configuration, maintenance and
monitoring of active network gears:
 Switches
 Routers
 Firewalls
 Other network attached infrastructures
 A person who is involved in computer network
and that carry out network administration is
called network administrator or network
specialist or network analyst.
311
312
Network Administration
Network administration activities includes:
 Network address assignment
 Assignment of routing protocols and routing table
configuration
 Configuration of authentication and authorization
 Maintenance of personal computers, printers, etc.
 Maintenance of network servers such as file server, VPN
gateways, intrusion detection system, etc
 Network design and security
 Troubleshooting and debugging network related problems.
313
Directory Service
(User Administration)
 Directory Service - is a software application that stores
and organizes information about a computer network's
users and network resources, and that allows network
administrators to manage users' access to the resources.
 LDAP (Lightweight Directory Access Protocol) is the
directory service for Unix.
 Active Directory (AD) is the directory service for
Windows Server. It stores information about objects on
the network and makes this information easy for
administrators and users to find and use.
314
Directory Service
(User Administration)
 With a single network logon, administrators can
manage directory data and organization throughout
their network, and authorized network users can
access resources anywhere on the network.
 Server-client architecture
 User Account management
 Accounting and restrictions
 User IDs
 Home directories (Quotas, Drive capacities)
 Permission, group membership
315
 Disabling/ removing user accounts
Mail Administration
 Install/configure/manage e-mail software
 mail transfer agents, mail readers.
 Managing E-mail servers
 Email servers are open by design to accept email from
anyone
 Spam can be a problem to manage
 Specific utilities can be used to help minimize spam
 Viruses are commonly sent by email
 Use virus detection software and keep it updated

316
Web Administrators
 Systems administrators may specialize in maintaining
websites, which requires constant observation and
maintenance.
 These administrators monitor the speed of the website and
approve all content before it is published.
 As part of their mission to constantly improve the website,
web administrators analyze data regarding the site’s traffic
patterns and may implement changes based on user feedback
 A web administrator maintains web server services that
allow for internal or external access to web sites.
 Web server administrators focus on the internet
 Need to work with ISPs and web page developers
317
Web Administration
 Web server provides information to anyone who
requests it over the internet
 Tasks of web administrators include
 managing multiple sites
 administering security
 Control access to webpages
 configuring necessary components and software.
 Responsibilities include software change
management.
318
Web
 Hypertext Transfer Protocol (HTTP) works with the World
Wide Web. A Web browser is a client-server application
 A Web browser presents data in multimedia formats on Web
pages that use text, graphics, sound, and video. The Web
pages are created with a format language called Hypertext
Markup Language (HTML). HTML specifies locations for
the placement of text, files, and objects that are to be
transferred from the Web server to the Web browser.
 Hyperlinks make the World Wide Web easy to navigate
 A hyperlink is an object, word, phrase, or picture, on a Web
page
319
Web
 When that hyperlink is clicked, it directs the browser to a
new Web page
 The Web page contains, often hidden within its HTML
description, an address location known as a Uniform
Resource Locator (URL)
 In the URL http://www.cisco.com/edu/,
 the "http://" tells the browser which protocol to use.
 The "www.cisco.com ", is the hostname or name of a
specific machine with a specific IP address.
 The /edu identifies the specific folder location on the
server that contains the default web page.
320
FTP Administration
 FTP is a commonly used protocol for exchanging files
over any network that supports the TCP/IP protocol
(such as the Internet or an intranet).
 There are two computers involved in an FTP transfer: a
FTP server and FTP client.
 client can do a number of file manipulation operations
(if he has the authority) such as uploading files to the
server, download files from the server, rename or delete
files on the server and so on.
321
FTP Administration
 Usually users are asked to enter a username and
password to access an FTP site.
 Many sites that run FTP servers enable so called
"anonymous ftp". Under this arrangement, users do
not need an account on the server.
 FTP administrator are responsible to Install and
Configure Internet Information Services (IIS) to make
the ftp server accessible
322
Database Administration
 Maintaining a database system and insuring the integrity
of the data and the efficiency and performance of the
system is called database administration
 A person who is responsible for the environmental
aspect of a database is called a database administrator
(DBA)
 The duties of DBA vary and depend on the job
description, corporate and IT policies and the technical
features and capability of the DBMS being administered.
323
Database Administration
The roles of DBA include
 Disaster recovery (backup)
 Performance analysis and tuning
 Installation of database software
 Configuration of hardware and software with the
system administrator
 Secure the database
 Data analysis, database design and data modeling
and optimization
324
Security Administration
 Security administration needs a person who is specialist
(security administrator) in computer and network
security including the administration of security devices
such as firewall as well as consulting on general security
measures.
 Ensures that the organization's systems are secure and
very difficult to hack.
 protecting security breaches.
 Becoming a very big deal!
325
Security Administration
 May keep watch over employees for inappropriate
network usage.
 Dealing with viruses that threaten core equipment.
 In-depth firewall knowledge is required, as well as a
solid understanding of system hacking.
 In case a security breach could not be averted, it is the
security administrator’s responsibility to close the
systems, determine damages, trace the culprit and
ensure that it doesn’t happen again.

326
DNS/DHCP Administration
DHCP
 DHCP stands for Dynamic Host Configuration
Protocol
 It is an Internet protocol for automating the
configuration of computers that use TCP/IP
 DHCP can be used to automatically assign IP addresses,
to deliver TCP/IP stack configuration parameters such
as the subnet mask and default router, and to provide
other configuration information such as the addresses
for printer, time and news servers.
327
DHCP Administration
 Under DHCP, a computer is designated as the DHCP
server. All of the other computers on the network that
need an IP address - will be DHCP clients (computers
that already have a permanently set IP address don't
need to participate).
 The network administrator needs to initially configure
the DHCP server.
 Part of that configuration process involves assigning the
DHCP server a block of IP address numbers that it can
dispense to nodes that need IP addresses.
328
How DHCP Works?
 When a new node comes onto the network assuming it
is capable of being a DHCP client, it will broadcast a
request for an IP address.
 The DHCP server will respond by checking its table of
address assignments, selecting the next available
address, and sending a response back to the requesting
node.
 The requesting node sends acknowledgement to the
server hose offer is accepted.
329
330
DHCP clients obtain a DHCP lease for an IP address, a subnet mask,
and various DHCP options from DHCP servers in a four-step process:
1. DHCPDISCOVER: The client broadcasts an IP request for a DHCP server.
2. DHCPOFFER: DHCP servers on the network offer an IP address to the client.
3. DHCPREQUEST: IP address selection
4. DHCPACK: IP address Acknowledgment

331
DNS Administration
DNS:
 DNS stands for Domain Name System
 It helps users to find their way around the Internet
 Every computer on the Internet has a unique address –"IP
address". But it is hard to remember everyone's IP address
 The DNS makes it easier by allowing a familiar string of
letters (the "domain name") to be used instead of the
arcane IP address
 So instead of typing 192.0.34.65, you can type
www.icann.org. It is a "mnemonic" device that makes
addresses easier to remember
332
DNS Administration
 Translating the domain name into the IP address is
called "resolving the domain name.“
 The goal of the DNS is for any Internet user any place
in the world to reach a specific website IP address by
entering its domain name.
 These logical names are connected to their IP address.
 The logical name that is associated to an IP address is
also referred to as the domain name.

333
How DNS Works?
 When a client computer wishes to communicate with
the host computer, it must translate its logical name
into its IP address
 It does this via a domain name lookup query, which
asks a domain name server (DNS) the IP address of the
destination host given the domain name.
 The domain name server has a set of static tables that it
uses to find the IP address associated with a domain
name.
334
Remote Access Administration
 Remote administration refers to any method of
controlling a computer from a remote location.
 Software that allows remote administration is becoming
increasingly common and is often used when it is
difficult or impractical to be physically near a system in
order to use it.
 A remote location may refer to a computer in the next
room or one on the other side of the world. It may also
refer to both legal and illegal (i.e. hacking) remote
administration.
335
Remote Access Administration
 Any computer with an Internet connection,TCP/IP or
on a Local Area Network can be remotely administered.
 For non-malicious administration, the user must install
or enable server software on the host system in order to
be viewed. Then the user/client can access the host
system from another computer using the
installed software.
 Usually, both systems should be connected to the
internet, and the IP address of the server system must
be known.
336
Proxy Server Administration
 A proxy server is a computer system or router that functions
as a relay between client and server.
 It helps prevent an attacker from invading a private network
and is one of several tools used to build a firewall.
 The word proxy means "to act on behalf of another," and a
proxy server acts on behalf of the user
 By using the proxy server you can hide, conceal and
make your network id anonymous by hiding your IP
address.
 A server that sits between a client application, such as a
Web browser, and a real server
337
Proxy Server Administration
 A Proxy server administration is to configure a proxy
server on Windows, and Windows applications so that
the network traffic will pass through the proxy server.

338
Backup Administration
 In information technology, a backup, or
the process of backing up, refers to the
copying into an archive file of computer data
so it may be used to restore the original
after a data loss even
 The primary purpose is to recover data after
its loss, be it by data deletion or corruption.
339
Backup Administration
 The Backup Administrator is responsible for
installing, configuring and managing data on disk
storage devices and magnetic tape and associated
libraries.
 They are also responsible for ensuring that the data is
accessible and recoverable, ensuring that there is
available capacity for allocation of new data and
archiving or removing obsolete data from the system,
performance using appropriate reporting &
monitoring tools.
340
Challenges of System/Network
Administration
• Systems or Network Administration is
more than just installing computers or
networks.
• It is about planning and designing an
efficient community of computers that
allow users to get their jobs done.

341
Challenges of Administration
 Design Logical, Efficient networks
 Easily deploy & update many machines
 Decide what services are needed
 know the business tasks & customers
 Plan and implement adequate security
 Provide comfortable User environment
 Be able to fix errors and problems
 Keep track of & be able to use knowledge
342
Ethics for system and network
administrators
 The task of systems and network administration is a
balancing act. It requires patience, understanding,
knowledge and experience.
 Codes of ethics for systems and network admin
 Professionalism- Treat people professionally
 Personal integrity- be honest, unbiased
 Privacy- protect the confidentiality of any
information
 Laws and policies
343
Ethics for system and network
administrators
 Communication
 System integrity- available the system
 Education
 Responsibility to computing community
 Social responsibility
 Ethical responsibility

344
Ethics for system and network
administrators
 A Sysadmin is a customer service agent!
 The Sysadmin must be able to communicate with
technical and non-technical users.
 The Sysadmin should be patient, and have a sense of
humor.
 The Sysadmin must be able to solve difficult technical
problems.
 The Sysadmin must be able to work in a group setting.
 The Sysadmin must document activities in order to
reproduce the results.
345
Network Certifications
levels of Cisco network certification:
Entry
Associate
Professional
Expert
Architect

346
Entry

 Both the CCENT and the CCT certifications


serve as starting points for individuals interested
in starting a career as a networking professional.
 CCENT- Cisco Certified Entry Networking
Technician
 CCT- Cisco Certified Technician

347
Associate
 The Associate level of Cisco Certifications can begin directly with
 CCNA (Cisco Certified Network Associate) for network installation,
operations and troubleshooting or
 CCDA (Cisco Certified Design Associate) for network design.
 Think of the Associate Level as the foundation level of networking
certification.
 CCDA
 CCNA Cloud
 CCNA Collaboration
 CCNA Cyber Ops
 CCNA Data Center
 CCNA Industrial
 CCNA Routing and Switching
 CCNA Security
 CCNA Service Provider
 CCNA Wireless
348
Professional
The Cisco Certified Network Professional (CCNP) level is an
advanced level of certification that shows more expertise with
networking skills. Each certification covers a different technology to
meet the needs of varying job roles.
 CCDP- Cisco Certified Design Professional
 CCNP Cloud
 CCNP Collaboration
 CCNP Data Center
 CCNP Routing and Switching
 CCNP Security
 CCNP Service Provider
 CCNP Wireless
349
Expert
The Cisco Certified Internetwork Expert (CCIE) certification is
accepted worldwide as the most prestigious networking
certification in the industry.
 CCDE- Cisco Certified Design Expert
 CCIE Collaboration
 CCIE Data Center
 CCIE Routing and Switching
 CCIE Security
 CCIE Service Provider
 CCIE Wireless
350
Architect
Cisco Certified Architect is the highest level of
accreditation achievable and recognizes the
architectural expertise of network designers who
can support the increasingly complex networks of
global organizations and effectively translate
business strategies into evolutionary technical
strategies.
CCAr - Cisco Certified Architect
351
Chapter 6
COMPUTER SECURITY
Outline
 What is Computer Security?

 Computer Security Goals

 Security Threats

 Security Solutions
353
What is Security?
 The quality or state of being secure—to be free from
danger.
 Security is about the well-being of computer systems
and data
 Computer security is the protection of data, networks
and computing power.
 Security is the prevention and protection of computer
assets from unauthorized access, use, alteration,
degradation, destruction, and other threats.
354
What is Security?
 Computer security, also known as cyber security or
IT security, is the protection of computer systems
from theft to the:
 Computer hardware
 Computer software
 Information or Data
 disruption or misdirection of the services they
provide
 Computer systems should have a set of protection
policies to restrict and control the system resources
355
Why Computer Security?
 Computer security is required because most organizations
can be damaged by software or intruders.
 The damages include:
o Damage or destruction of computer systems.
o Damage or destruction of internal data.
o Loss of sensitive information to hostile parties.
o Damage to the reputation of an organization.
o Use of sensitive information to steal items of
monetary value.
o Losing the ability to use the system
356
Importance of Security?

Computer security is important


 To protect vital information
 To allow access to those who are authorized
 To provide authentication for resources
 To provide access control for resources
 To guarantee availability of resources

357
Who is vulnerable?
 Financial institutions and banks
 Internet service providers
 Educational Institutions
 Government and defense agencies
 Contractors to various government agencies
 Multinational corporations
 ANYONE ON THE NETWORK/INTERNET

358
Computer Security

 “The most secure


computers are those
not connected to the
Internet and shielded
from any interference”

359
Computer Security Goals
 Computer security addresses the following goals:
oConfidentiality
oIntegrity
oAvailability Confidentiality

Integrity
Availability

360
Confidentiality
 Confidentiality refers to protecting
information from being accessed by
unauthorized parties.
 only authorized people can gain access to
sensitive data
 It is concerned with having secret data
remain secret
 Privacy is the ability to keep things
private/confidential
361
Integrity
 Integrity refers to the trustworthiness of data
or resources within a computer system
 Unauthorized users should not be able to
modify any data without the owners
permission
 It refers to information protection from
modifications, change or destruction.
 Modification occurs when an unauthorized
users change data or adding false data
362
Availability
 Availability refers to the ability to use the
computer system and information resources at
desired times by authorized parties.
 nobody can disturb the system to make it
unusable
 Availability is an important aspect of reliability
 Unavailable system is at least as bad as no system
at all.
 Interruption occurs when an unauthorized party
reduces the availability of or to a resource.
363
Security Threats
 A threat is a potential violation of security
 A computer security threat is any person,
act, or object that poses a danger to
computer security.
 The effects of threats can be an affect on the
 Confidentiality of data
 Integrity of data
 Availability of a system.
364
Causes of Security Threats
 Physical Threats:
 Weather, natural disaster, bombs, power failures,
terrorism, etc.
 Human Threats:
 stealing, fraud, bribery, spying, sabotage,
accidents.
 Software Threats:
 viruses, Trojan horses, denial of service.
365
Types of Security Threats/Attacks

 Fraud and Theft


 Loss of Physical and Infrastructure Support
 Intruders
 Malicious Software
 Threats to Personal Privacy
 Denial of Service (DoS)

366
Fraud and Theft
 An illegal taking of another’s physical,
electronic, or intellectual property
 Insiders or outsiders can commit computer fraud
and theft.
 Insiders can be both general users (such as clerks)
and technical staff members.
 An organization’s former employees, with their
knowledge of an organization's operations, may
also pose a threat, particularly if their access is
not terminated promptly.
367
Fraud and Theft
 Example of fraud and theft
 individuals may use a computer to skim small amounts of
money from a large number of financial accounts, assuming that
small discrepancies may not be investigated.
 Targets of fraud and theft
 Financial systems
 Time and attendance systems
 inventory systems
 school grading systems
 long distance telephone systems
 Insiders (i.e., authorized users of a system) are
responsible for the majority of fraud.
368
Loss of Physical and Infrastructure Support

 Power failures
 Outages
 a period when a power supply is not available
 Spikes
 contain very high voltages
 Brownouts
 reduction in the availability of electrical power
 Disasters (natural and man-made)
369
Malicious Hackers (Intruders)
 The term malicious hackers, sometimes called crackers, refer to
those who break into computers without authorization.
 They can include both outsiders and insiders.
 Much of the rise of hacker activity is often attributed to increases
in connectivity in both government and industry.
 One 1992 study of a particular Internet site (i.e., one computer
system) found that hackers attempted to break in at least once
every other day.
 The hacker threat should be considered in terms of past and
potential future damage.
 Although current losses due to hacker attacks are significantly
smaller than losses due to insider theft and sabotage, the hacker
problem is widespread and serious.
370
Malicious Hackers (Intruders)
 Intruders are usually trying to gain access to a
system, or to increased privileges to which they are
not entitled, often by obtaining the password for a
legitimate account.
 Hacking: is any attempt to intrude or gain
unauthorized access to a system.
 It can be via some operating system flaw or other
means.
 It may or may not be for malicious purposes.

371
Malicious Hackers (Intruders)
 Cracking: is hacking conducted for malicious
purposes
 A cracker is one who breaks into or otherwise
violates the system integrity of remote machines
with malicious intent

372
Threats to Personal Privacy
 Personal Privacy: The right of the
individual to be protected against intrusion
into his personal life or affairs, or those of
his family, by direct physical means or by
publication of information.
 Threat to individual privacy has arisen as a
danger of the modern information age.

373
Malicious Software
 The most sophisticated threats to computer systems are
through malicious software, sometimes called malware.
 Malware attempts to cause damage to, or consume the
resources of a target system.
 Malicious code can attack personal computers and other
platforms.
 Malicious Software refers to
 Virus  Multi-Partite
 Trojan Horse  Companion Virus
 Worm  Boot sector or MBR virus
 Logic bomb  Stealth Virus
 Trap door  Macro Virus
 Zombie
374
The effects of malicious software
 Corrupt or destroy data
 Format the hard disk
 Degrade system performance
 Manipulate the directory contents
 Rename all files with different name
 Corrupting the systems data
 Increasing file size

375
Virus
 A small program that replicates and hides itself
inside other programs usually without your
knowledge
 A virus is a program that can ”infect” other
programs by modification, as well as causing
local damage.
 Such modification includes a copy of the virus,
which can then spread further to other programs.

376
Virus
 It gets attached to some part of an operating
system or any other computer program
(executable code)
 The new copy of the virus is executed when a
user executes the new host program.
 Similar to biological virus: Replicates and Spreads

377
Worm
 Worm is an independent program that
spreads via network connections, typically
using either email, remote execution etc.
 Worm reproduces by copying itself from one
computer to another and causes it to execute;
no user intervention is required
 It can do as much harm as a virus
 It often creates denial of service (DoS)

378
Trojan Horse
 A Trojan (or Trojan Horse) is a program which
carries out an unauthorized function while hidden
inside an authorized program.
 Seems to do something good but covertly doing
something else
 Secretly downloading a virus or some other type
of malware on to your computers.
 Popular mechanism for hiding a virus or a worm
379
Spy-wares
 A software that literally spies on what you do on
your computer.
 Spyware is unwanted software that penetrates
your computing device, stealing your internet
usage data and sensitive information.
 Spyware is designed to gain access to or
damage your computer, often without your
knowledge
Example: Simple Cookies and Key Loggers
380
381
Logic Bomb
 One of oldest types of malicious software
 code embedded in legitimate program
 Activated when specified conditions met
 presence/absence of some file
 particular date/time
 particular user
 particular series of keystrokes
 when triggered typically damage system
 modify/delete files/disks
382
Trap door/Backdoor
 A trap door is a secret entry point into a program that
allows someone that is aware of the trap door to gain
access without going through the usual security access
procedures
 Is a mechanism built into a system by its designer
 A trapdoor usually gives the designer away to sneak
back into the system
 Gives the original designer a secret route into the
system
 A backdoor is a method of bypassing normal authentication
or encryption in a computer
383
Other Malwares
A. Multi-Partite
o A virus that attempts to attack both the boot sector and the executable, or program, files at the
same time.
o When the virus attaches to the boot sector, it will in turn affect the system’s files, and when the
virus attaches to the files, it will in turn infect the boot sector.
o Such viruses are highly infectious.
B. Companion Virus
 A virus which infects executable files by creating a ‘companion’ file with the same name but an
.COM extension.
 Since DOS executes .COM files, followed by .EXE files, and finally .BAT files, the virus loads
before the executable file.
C. Boot sector or MBR virus
 A virus which infects the boot sector of disks
Boot sector
 Hard disk drives, floppy diskettes, and logical drives (partitions) all have boot sectors where
critical drive information is stored.
Master Boot Record
 On all PC fixed disks, the first physical sector is reserved for a short bootstrap program. This
sector is the master Boot (MBR).
384
Other Malware
D. Stealth Virus
 A computer virus that actively hides itself from antivirus software by either
masking the size of the file that it hides in or temporarily removing itself from
the infected file and placing a copy of itself in another location on the drive,
replacing the infected file with an uninfected one that it has stored on the hard
drive.
 A stealth virus is one that conceals the changes it makes
 A stealth virus is programmed as such that it is able to conceal itself from
discovery or defends itself against attempts to analyze or remove it
E. Macro Virus
 A macro virus is a virus written in one of the many macro languages.
 The macro viruses spread via infected files, which can be documents,
spreadsheets, databases, or any computer program which allows use of a
macro language.
 At present these viruses can infect Microsoft Word and Lotus AmiPro
documents.
 This virus attaches itself to a word processing or spreadsheet file(mainly
Microsoft Word or Excel file)

385
DoS- Denial of Service Attack
 DoS attack is a cyber-attack in which the
perpetrator seeks to make a machine or network
resource unavailable to its intended users by
disrupting services of a host connected to the
Internet
 Is blocking access of legitimate users to a service.
 It aims to inhibit the normal use of communication
facilities
 Make a network service unusable, usually by
overloading the server or network
386
Denial of Service Attack
Simple illustration of DoS attack

C:\>Ping <address of X> -l 65000 –w 0 -t

Web Server X

Ping
Ping

Ping

Legitimate User Ping


Types of Security
 Physical security

 Logical security

388
Physical security:
 refers to the issues related to the physical security
of the equipment that comprises or is connected
to the network.
 Keeping rooms locked
 Keeping computers locked
 A combination of locks and alarms is an
excellent theft prevention system for computer
labs
 Surge protectors and uninterruptable power
supplies (UPS) are a low cost investment that
can save very costly equipment damage.
389
Logical security
 Logical security is concerned with security of
data stored on devices connected to the network.
 It involves
 controlling passwords and password policies
 controlling access to data on servers
 controlling access to backup tapes
 preventing sources outside the network from
gaining access to the network

390
Security Solutions
There are a number of basic ways that a computer can be
made more secure.
 Backups/disaster recovery
 Encryption
 Cryptography
 Authentication
 Validation
 Data Protection
 Anti-Viruses
 Firewall
 Intrusion Detection System (IDS)
391
Backups (redundancy/disaster recovery)
 The purpose of a backup is to make a copy of data,
which is unlikely to be lost or destroyed.
 If we want a backup to be protected from the some
accidents that would destroy the data, we have to
store it in a different physical location.
 Backups can be done on tapes, disks and at a
different physical location by using network
copying.
392
Backups
 The key principle of backups is redundancy.
 Redundancy is like an insurance policy.
 Redundancy means making multiple copies of
data, so that we always have something to fall
back on
 We can have backups of data, but we can also
have backup of services, in case we lose an
important piece of hardware.

393
Backups
There are two kinds of backup
 Full dump: copies every file on a source medium to a
backup medium.
 Incremental or differential dump: copies files
according to the level of the dump.
 A level 0 dump copies everything.
 A level 1 dump copies everything, which has
changed since the last level 0 dump.
 A level 2 dump copies everything which has changed
since the last level 1 dump or level 0 dump and so
on.
394
Encryption
 Encryption is a process that encodes a message or file so
that it can be only be read by certain people.
 Process of converting plaintext (readable data) into
ciphertext (unreadable characters) to prevent unauthorized
parties from viewing or modifying it.
 Encryption uses an algorithm to scramble, or encrypt,
data and then uses a key for the receiving party to
unscramble, or decrypt, the information
 Encryption key specifies the transformation of plaintext
into ciphertext, and vice versa for decryption algorithms
 To read the data, the recipient must decrypt, or decipher the
data
395
Encryption- Authentication
 Authentication is the process of logging in, signing on in a
manner that proves his or her identity
 The most common example of authentication is the use
of username and password to gain access to a system,
network or web site.
 The username and password combination is often
referred to as a person’s credentials and it is frequently
sent over networks.

396
Encryption- Authentication
 Encryption is used to protect these credentials. If no
encryption is used to protect the information as it is sent
over the network, an attacker could capture those
credentials and assume the identity of the originator.
 Item that you must carry to gain access to computer or
facility are called personal identification number (PIN)
 Fingerprint, hand geometry, voice, signature, and iris are
a means of authentication

397
Encryption- Validation
 Validation describes the ability to provide
assurance that a sender’s identity is true and that a
message, document or file has not been modified.
 Encryption can be used to provide validation by
making a digital fingerprint of the information
contained within a message.
 A digital fingerprint is a code that uniquely
identifies a file or a message by reflecting the
content of the file with tremendous specificity.
398
Encryption- Data Protection
 Encryption of files protects the data that is written to the hard disk on
the computer.
 Data protection is vital in the event of theft of the computer itself or
if an attacker successfully breaks into the system.
 file encryption becomes more difficult to use and manage if the
encryption key is shared among multiple employees..
 The more people who have access to encryption keys, the less
effective encryption becomes.
 The risk of loss, theft or compromise of information rises as the
number of users increases.
 Files that have been encrypted are also vulnerable to employees who
leave the organization
399
Antiviruses
To prevent viruses from entering a system
there are two options.
 Isolate the machine
 disconnect it from the Internet or any other
network, not using USB disks or any other
removable disks.
 This way one can be sure that no virus enters
into the computer.

400
Antiviruses

 Install an Antivirus program


 Antivirus programs are designed to keep a
watch at all incoming files so that no
malicious code can enter the computer.
 Antivirus is a software utility, which
searches the hard disk for viruses and
removes which are found.

401
Antiviruses
 Most Antivirus programs include an
auto-update feature that enables the
program to download profiles of new
viruses so that it can check for the new
viruses as soon as they are discovered.
 AVG, Norton, Kaspersky, AVAST and
McAfee are some of the examples of
Antivirus programs.
402
Functions of Anti-virus
 Identification of known viruses
 Detection of suspected viruses
 Blocking of possible viruses
 Disinfection of infected objects
 Deletion infected objects
 Overwriting of infected objects

403
Firewall
 A firewall is a security system consisting of
hardware and/or software that prevents
unauthorized network access
 A firewall provides a security barrier between
networks or network segments.
 Firewalls are generally set up to protect a
particular network or network component from
attack, or unauthorized penetration by outside
invaders.
 Limits network access b/n trusted and untrusted
hosts
404
Firewall
 A firewall also may be set up to protect vital
corporate or institutional data or resources
from internal attacks or incompetence.
 Internal firewalls are generally placed
between administrative, or security, domains
in a corporate or institutional network.

405
Firewall
 All traffic to or from the protected network
must go through the firewall; the firewall is
designed to allow only authorized traffics
 If the firewall does its filtering job
successfully, attacks will never even reach the
protected network.
 If a received packet is legitimate, the firewall
will pass on the traffic to the appropriate
machine.
406
Firewalls
 They are configured with a table of destination’s IP
addresses that characterize the packets they will, and
will not, forward.
 It gives the IP address and TCP (or UDP) port number
for both the source and destination.
 a firewall divides a network into a more-trusted zone
internal to the firewall, and a less-trusted zone
external to the firewall. These are
 The internal network
 The DMZ (“demilitarized zone”)
 The rest of the Internet.
Firewall
Three broad categories of firewall are distinguished
 Packet-filtering
 pass or drop packets based on their source or
destination addresses or ports.
 Application filtering
 filters screen traffic involving specific applications or
services (ftp, Http)
 Circuit-level
 looks not only at source and destination addresses but
also at the circuits that have been established for a
connection.
408
Personal firewall utility

 Program that protects personal computer


and its data from unauthorized intrusions
 Monitors transmissions to and from
computer
 Informs you of attempted intrusion

409
Firewall

Internet DMZ
Web server, email
server, web proxy,
etc
Firewall

Firewall Intranet
410
Firewall

411
Intrusion Detection System (IDS)
 An IDS gathers and analyzes information from
various areas within a computer or a network to
identify possible security breaches
 Used to monitor for “suspicious activity” on a
network
 It detects both intrusions and misuse

412
Intrusion Detection System (IDS)
Intrusion detection functions include
 Monitoring and analyzing both user and system
activities
 Analyzing system configurations and
vulnerabilities
 Assessing system and file integrity
 Ability to recognize patterns typical of attacks
 Analysis of abnormal activity patterns
 Tracking user policy violations
413
Network Security Tools
 Nessus- vulnerability scanners
 Wireshark-- packet sniffers
 Snort (IDS- - intrusion detection system
 Netcat-- Netcat)
 Metasploit -Framework (vulnerability exploitation tools)
 HPing2 -- packet crafting tools
 Kismet -- wireless tools or packet sniffers
 TCPDump --- packet sniffers
 Cain and Abel (password crackers or packet sniffers)
 John The Ripper (password crackers)

414

You might also like