Page | 1

Computer Networking Devices Explained with Function

This tutorial explains the functions of the most common and the essential networking devices
(such as Hub, Switch, Router, Bridge, Modem, NIC, Proxy and Gateway) in detail with
examples.

Network Interface Card (NIC)

In the list of the networking devices, NIC stands on the first place. Without this device,
Computer Science [9618 ] By Mr Saem

networking cannot be done. This is also known as network adapter card, Ethernet Card and
LAN card.

1. NIC allows a networking device to communicate with the other networking device.
2. NIC converts the data packets between two different data transmission technologies.
3. A NIC converts parallel data stream into the serial data stream and the serial data
stream into the parallel data stream.

A PC uses parallel data transmission technology to transmit the data between its internal parts
while the media that provides connectivity between different PCs uses serial data
transmission technology.

Typically all modern PCs have the integrated NICs in the motherboards. If additional NICs are
required, they are also available as add-on devices separately.

For desktop or server system, they are available in the adapter form which can be plugged
into the available slots of the motherboard. For laptop or other small size devices, they are
available in the PCMCIA (Personal Computer Memory Card International Association) card
form which can be inserted into the PCMCIA slot.

Function
A network card functions as a middleman between your computer and the data
network. For example, when you log in to a website, the PC passes the site
information to the network card, which converts the address into electrical
impulses. Network cables carry these impulses to a Web server somewhere on
the Internet, which responds by sending a Web page back to you, once again in
the form of electronic signals. The card receives these signals and turns them into
data that your PC displays.
 Page | 2

Types of NICs
There are two types of NICs.

Media Specific: - LAN card are used according to the media type. Different types of the NICs
are used to connect the different types of media. To connect a specific media type, we must
have to use a NIC which is particularly made for that type of media.
Computer Science [9618 ] By Mr Saem

Network Design Specific: - A specific network design needs a specific LAN card. For example
FDDI, Token Ring and Ethernet have their own distinctive type of NIC cards. They cannot use
other types of NIC cards.

Following figure illustrates some common types of NICs.

Hub
Hub is a centralized device that connects multiple devices in a single LAN network. When Hub
receives the data signals from a connected device on any of its port, except that port, it
forwards those signals to all other connected devices from the remaining ports. Usually, Hub
has one or more uplink ports that are used to connect it with another Hub.

There are two types of the Hub.

 Page | 3
Passive Hub: - It forwards data signals in the same format in which it receives them. It does
not change the data signal in any manner.
Computer Science [9618 ] By Mr Saem

Active Hub: - It also works same as the passive Hub works. But before forwarding the data
signals, it amplifies them. Due to this added feature, the active Hub is also known as the
repeater.
Computer Science [9618 ] By Mr Saem Page | 4

Hubs are no longer used in the computer networks.

MAU and Patch panel

MAU and Patch Panel look like the Hub, but they are different. MAU (Multi Access Unit) is the
sibling of Hub for the token ring network. Differences between Hub and MAU are the
following: -

 Hub is used for the Ethernet Network while the MAU is used for the Token ring
network.
 Hub creates logically star topology while MAU creates logically ring topology.

Patch panel is used to organize the UTP cables systematically. It doesn't interfere in the data
signals.
Computer Science [9618 ] By Mr Saem Page | 5

Bridge
Bridge is used to divide a large network into smaller segments. Basic functions of the Bridge
are the following: -

 Breaking a large network into smaller segments.

 Connecting different media types. Such as connects UTP with the fiber optic.
 Connecting different network architectures. Such as connects Ethernet with the Token ring.

A Bridge can connect two different types of media or network architecture, but it cannot
connect two different types of network layer protocol such as TCP/IP or IPX. Bridge requires
the same network layer protocol in all segments.
 Page | 6
There are three types of Bridge:-

Local Bridge: - This Bridge connects two LAN segments directly. In Ethernet Implementation,
it is known as the Transparent Bridge. In Token Ring network, it is called the Source-Routed
Bridge.
Computer Science [9618 ] By Mr Saem

Remote Bridge: - This Bridge connects with another Bridge over the WAN link.

Wireless Bridge: - This Bridge connects with another Bridge without using wires. It uses radio
signals for the connectivity.

In OSI Layers /TCP-IP networking models, the functionalities of the Bridges are defined in the
physical layer and data link layer.

Just like Hubs, Bridge no longer used in the computer network. Bridges have been replaced
by the Switches.
m
 Page | 7
Switch
Just like Hub and Bridge, Switch is also used to connect the multiple devices together in a LAN
segment. Basically, a Switch is the upgraded version of the Bridge. Besides providing all the
functionalities of Bridge, it also offers several additional features.

The biggest advantage of Switch is that, it makes switching decisions in hardware by using
application specific integrated circuits (ASICs).

Unlike the generic processors that we use in our PC, ASICs are the specialized processors built
only to perform very few particular tasks. Usually, the ASICs in the Switches have single task
and that is the switching the frames as fast as possible.

An ASIC occupied switch performs this task blazingly fast. For example, an entry level Catalyst
Switch 2960 can process 2.7 million frames per second.
Computer Science [9618 ] By Mr Saem Page | 8

Modem
In simple language, a Modem is the device that is used to connect with the Internet.
Technically, it is the device that enables the digital data to be transmitted over the
telecommunication lines.

A Telco company uses entirely different data transmission technology from the technology
that a PC uses for the data transmission. A modem understands both technologies. It changes
the technology that a PC uses, in the technology which Telco Company understands.

It enables communication between the PC (Known as the DTE device) and the Telecom
company' office (Known as the DCE device).

Following figure shows some common types of the Modem.

Gateway
Gateway is used to forward the packets which are generated from the local host or network
and but intended for the remote network. If a data packet does not find its destination
address in the local network then it takes the help of the gateway device to find the
 Page | 9
destination address in the remote network. A gateway device knows the path of the remote
destination address. If require, it also changes the encapsulation of the packet so it can travel
through the other networks to get its destination address.
Computer Science [9618 ] By Mr Saem

Examples of the Gateway

Email Gateway: - Translates SMTP e-mail in standard X.400 format before forwarding.

GSNW Gateway: - Allows Windows clients to access resources from the NetWare server.

Router
The router connects the different network segments. It switches the data packets between
those networks which are either located in the different logical segments or built with the
different network layer protocols.

When a router receives a data packet on any of its interface, it checks the destination address
of that packet and based on that destination address, it forwards that data packet from the
interface which is connected with the destination address.

To forward a data packet to its destination, router keeps the records of connected networks.
These records are maintained in a database table known as the routing table. Routing table
can be built statically or dynamically.
Computer Science [9618 ] By Mr Saem Page | 10

Basically routers are used: -

 To connect different network segments.

 To connect different network protocols such as IP and IPX.
 To connect several smaller networks into a large network (known as the Internetwork)
 To break a large network into smaller networks (Known as the Subnets. Usually created to improve
the performance or manageability.)
 To connect two different media types such as UTP and Fiber optical.
 To connect two different network architectures such as Token Ring and Ethernet.
 To connect LAN network with Telco company’ office (Known as the DTE device).
 To access DSL services (known as the DSL Router).

Proxy
Proxy is used to hide the internal network from external world. It can be a dedicate device or
can be an application software. Once it is configured, all communication goes through it. Since
external devices cannot access the internal devices directly, they cannot tamper with the
internal devices.
Computer Science [9618 ] By Mr Saem Page | 11

Transceiver
Transceiver is a small device that has the capability of receiving and sending both types of
signals; analog and digital. Usually, it is inbuilt in network interface card. But, it is also available
as an individual device. It detects the type of signal from the network wire and converts the
passing signal accordingly.

For example, a transceiver is attached with a device that transmits signal in digital form. Now
suppose, this device is connected with the network wire that uses analog form for data
transmission. In this case, transceiver converts digital signals in the analog signals before
placing them in the network wire.

That’s all for this tutorial. If you like this tutorial, please don’t forget to share it with friends
through your favorite social network
 Page | 12
Types of Computer Network Explained in Easy
Language
This tutorial explains the different types of computer network such as LAN, MAN, WAN, PAN,
CAN, GAN, Internet, internet, Intranet, Extranet, VPN, Client/Server, Workgroup and
HomeGroup in detail. Learn the different types of computer network including their
definitions and characteristics in easy language.

What is a computer network?

A computer network is a group of two or more computers connected with each other for
sharing resources and information. A simple computer network can be built only from two
computers while a complex computer network can be built from several thousand computers.

Types of computer network

A computer network can be categorized based on geographical location and characteristic.
Based on geographical location, computer networks are outlined below.

LAN (Local Area Network)

A LAN is a computer network which spans over a small geographical area such as home,
building, office, etc. In LAN, computers are placed relatively close. Since computers are
located within small distance, they do not need special devices and cables to connect with
each other.
 Page | 13
MAN (Metropolitan area networks)
A MAN is a computer network which connects two or more LAN networks within same city.
When due to distance connecting two LANs is not possible, MAN network is used. It is larger
than LAN but smaller than WAN. It deploys special devices and cables to connect the LANs.

WAN (Wide Area Network)

WAN is a computer network which spans over a large geographical area such as state, region,
country etc. WANs are typically used to connect two or more LANs or MANs which are located
relatively very far from each other. To provide connectivity, this network uses special devices,
cables and technologies.

Above categorization (LAN, MAN and WAN) of computer network is purely based on
geographical location. It has nothing to do with the number of computers in each network.
For example, if one computer is located in Delhi and other computer is located in Mumbai,
connecting these two computers is the example of WAN networking. Just like this, if a
company starts a new branch office with 500 computers and all these computers are installed
within a building, this network will be considered as a LAN network.

There are three more types of computer network based on geographical location but they are
rarely used to define the network. In real life you may skip these but if you preparing for job
interview or for any networking exam, you should learn these also.
 Page | 14
PAN (Pearson Area Network)

Same as LAN network, but it is limited to a specific person or location such as home network.
This network is usually setup for sharing resources such as internet and printer within
personal computers.

CAN (Campus Area Network)

Same as MAN network, but it is limited to a university or an academy. This network is usually
setup for educational activities such as classroom updates, practices labs, emails, exams,
notifications, polls, etc.
 Page | 15
GAN (Global Area Networks)

Same as WAN network, but it covers unlimited geographical area. For example a company
has an office in Delhi and another one Washington D.C., connecting these two offices will be
considered as a GAN network. In other words, GAN is a computer network which connects
two or more WANs. This network is increasingly gaining popularity as many companies are
expending their working area beyond their native countries.

So far, we have discussed the types of computer based on geographical location. In following
section we will understand the types of computer network based on characteristic.

Internet

This is the largest computer network ever created by mankind. It interconnects thousands of
millions of computing devices including PCs, Laptops, Workstations, Server, Smartphones,
tablets, TVs, Webcams, Environmental devices, Automobiles, Security cameras and many
mores. According to a report published in January 2018, there were 2150 million end systems
connected with the Internet. To connect these devices, a lot of technologies and
infrastructure are used. Internet is open for everyone. Anyone can connect with it. Since
anyone can connect with it, it is also considered as the most insecure network.
 Page | 16

internet

The internet sounds similar to Internet but it is different. The word Internet starts with
capital I, while the word internet begins with small i. Any group of network which is connected
with external network through a gateway such as BGP is considered as internet. Usually this
type of network is setup to provide the connectivity between two companies.

Intranet

Intranet is a computer network which is controlled and administered by a single entity such
as company or organization. In Intranet, external users are not allowed to connect. Usually in
this network, proper authorization is required to access any resources. Further each access is
monitored and logged to ensure that only authorized users get access.

Extranet

An Extranet is an extended Intranet where external users are allowed to access a small portion
of network. Normally this access is filtered and secured by several security implementations
on both hardware and software levels.

VPN (Virtual Private Network)

VPN is the cost effective solution to utilize the goodies of Internet. Companies which can’t
afford their own infrastructure for connectivity can use VPN. VPN provides a secure
connection over the Internet. For example a company has two offices; one in Delhi and other
in Mumbai. Now suppose, company can’t afford a dedicate line to connect these two offices.
In this case company can use VPN to connect both offices. VPN creates a secure line over the
Internet and uses it for data transmission.
 Page | 17

Client/Server Network

In this network, a dedicate computer known as server provides sharing resources. All other
computers know as clients are used to access the shared resources. This type of network is
commonly used in company environment. It provides great security features but requires
special hardware and software to setup.

Workgroup Network

In this network, all computers are equal. Any computer can provide and access shared
resources. This type of network is usually used in small office or home network. It is easy to
 Page | 18
setup and does not require any special hardware and software. The downside of this network
is that it provides very less security.

That’s all for this tutorial. For any suggestion, feedback or comment about this tutorial, please
mail me. I really love to listen from you. If you like this tutorial, please share it with friends.

Network Security Types, Terms and Definitions Explained

This tutorial presents a collection of network security types, terms and definitions. This
network security terminology collection will help you in learning the basic concepts of
network security in computer network with possible security threats and solutions.

Port Blocking / Filtering

A network layer firewall works as a packet filter by deciding what packets will pass the firewall
according to rules defined by the administrator. Filtering rules can act on the basis of source
and destination address and on ports, in addition to whatever higher-level network protocols
the packet contains. Network layer firewalls tend to operate very fast, and transparently to
users. Network layer firewalls generally fall into two sub-categories, stateful and stateless.
Stateful firewalls hold some information on the state of connections (for example: established
or not, initiation, handshaking, data or breaking down the connection) as part of their rules
(e.g. only hosts inside the firewall can establish connections on a certain port).

Stateless firewalls have packet-filtering capabilities but cannot make more complex decisions
on what stage communications between hosts have reached. Stateless firewalls therefore
offer less security. Stateless firewalls somewhat resemble a router in their ability to filter
packets.

Any normal computer running an operating system which supports packet filtering and
routing can function as a network layer firewall. Appropriate operating systems for such a
configuration include Linux, Solaris, BSDs or Windows Server.
 Page | 19
Authentication
The process of identifying an individual, usually based on a username and password. In
security systems, authentication is distinct from authorization , which is the process of giving
individuals access to system objects based on their identity. Authentication merely ensures
that the individual is who he or she claims to be, but says nothing about the access rights of
the individual.

Encryption
Encryption is part of a larger process of encoding and decoding messages to keep information
secure. This process, though commonly called encryption, is more correctly called
cryptography, is the use of mathematical transformations to protect data. Cryptography is
primarily a software-based solution and, in most cases, should not include significant
hardware costs. It is a key tool in protecting privacy as it allows only authorized parties to
view the data. Encryption is also used to ensure data integrity, as it protects data from being
modified or corrupted.

VLANs (Virtual Local Area Networks).

A virtual LAN (VLAN) is a logical grouping of network devices in the same broadcast domain
that can span multiple physical segments.A VLAN is a group of devices in the same broadcast
domain or subnet. VLANs are good at logically separating traffic between different groups of
users. VLANs contain/isolate broadcast traffic, where you need a router to move traffic
between VLANs.

Logically speaking, VLANs are subnets. A subnet, or a network, is a contained broadcast

domain. A broadcast that occurs in one subnet will not be forwarded, by default, to another
subnet.

Routers, or layer 3 devices, provide this boundary function. Each of these subnets requires a
unique network number. And to move from one network number to another, you need a
router. In the case of broadcast domains and switches, each of these separate broadcast
domains is a separate VLAN; therefore, you still need a routing function to move traffic
between different VLANs.

Extranets
An extranet is a private network that uses Internet protocols, network connectivity, to
securely share part of an organization's information or operations with suppliers, vendors,
partners, customers or other businesses. An extranet can be viewed as part of a company's
Intranet that is extended to users outside the company normally over the Internet. An
extranet requires security and privacy. These can include firewalls, server management, the
issuance and use of digital certificates or similar means of user authentication, encryption of
messages, and the use of virtual private networks (VPNs) that tunnel through the public
network.
 Page | 20

Advantages

 Extranets can improve organization productivity by automating processes that were previously done
manually.
 Extranets allow organization or project information to be viewed at times convenient for business
partners, customers, employees, suppliers and other stake-holders.
 Information on an extranet can be updated, edited and changed instantly. All authorised users
therefore have immediate access to the most up-to-date information.

Disadvantages

 Extranets can be expensive to implement and maintain within an organisation

 Security of extranets can be a big concern when dealing with valuable information.
 Extranets can reduce personal contact (face-to-face meetings) with customers and business
partners. This could cause a lack of connections made between people and a company

Intranet
Intranets differ from "Extranets" in that the former is generally restricted to employees of the
organization while extranets can generally be accessed by customers, suppliers, or other
approved parties. An intranet is a private computer network that uses Internet protocols,
network connectivity, to securely share part of an organization's information or operations
with its employees. Sometimes the term refers only to the most visible service, the internal
website. The same concepts and technologies of the Internet such as clients and servers
running on the Internet protocol suite are used to build an intranet. HTTP and other Internet
protocols are commonly used as well, especially FTP and e-mail.

Antivirus Software.
Antivirus software consists of computer programs that attempt to identify, thwart and
eliminate computer viruses and other malicious software. Antivirus software typically uses
two different techniques to accomplish this:

 Examining files to look for known viruses matching definitions in a virus dictionary
 Identifying suspicious behavior from any computer program which might indicate infection. Such
analysis may include data captures, port monitoring and other methods.

Most commercial antivirus software uses both of these approaches, with an emphasis on the
virus dictionary approach.

Dictionary Approach:
When the antivirus software looks at a file, it refers to a dictionary of known viruses that the
authors of the antivirus software have identified. If a piece of code in the file matches any
virus identified in the dictionary, then the antivirus software can take one of the following
actions:

 attempt to repair the file by removing the virus itself from the file
 quarantine the file
 delete the infected file.
 Page | 21
Suspicious Behavior Approach:
Unlike the dictionary approach, the suspicious behavior approach therefore provides
protection against brand-new viruses that do not yet exist in any virus dictionaries. Most
antivirus software are not using this approach much today. Using this approach the antivirus
software:

 Doesn't attempt to identify known viruses

 Monitors the behavior of all programs.
 If one program tries to write data to an executable program, the antivirus software can flag this
suspicious behavior
 alert a user and ask what to do.

Analysis Approach:

 Antivirus software could try to emulate the beginning of the code of each new executable that the
system invokes before transferring control to that executable.
 If the program seems to use self-modifying code or otherwise appears as a virus, one could assume
that a virus has infected the executable. However, this method could result in a lot of false positives.

Fault Tolerance:
Fault tolerance is the ability of a system to continue functioning when part of the system fails.
Normally, fault tolerance is used in describing disk subsystems, but it can also apply to other
parts of the system or the entire system. Fully fault-tolerant systems use redundant disk
controllers and power supplies as well as fault-tolerant disk subsystems. You can also use an
uninterruptible power supply (UPS) to safeguard against local power failure. Although the
data is always available in a fault-tolerant system, you still need to make backups that are
stored offsite to protect the data against disasters such as a fire.

Network Redundancy
Service interruptions on a network are not always the result of a computer or drive failure.
Sometimes the network itself is to blame. For this reason, many larger internetworks are
designed with redundant components that enable traffic to reach a given destination in more
than one way. If a network cable is cut or broken, or if a router or switch fails, redundant
equipment enables data to take another path to its destination. There are several ways to
provide redundant paths. Typically, you have at least two routers or switches connected to
each network, so that the computers can use either one as a gateway to the other segments.
Example, you can build a network with two backbones. Each workstation can use either of
the routers on its local segment as a gateway. You can also use this arrangement to balance
the traffic on the two backbones by configuring half of the computers on each local area
network (LAN) to use one of the routers as its default gateway and the other half to use the
other router.
 Page | 22
Disaster recovery

Fault Tolerance
Most people think about disaster recovery in terms of restoration of the damaged network,
but it’s actually less expensive to prevent a disaster than to restore one.

Fault tolerance is another term for redundancy. You can have redundant components within
a server, redundant servers, and even redundant networks, in the case of a hot site. A fault-
tolerant system simply has a spare part that takes over if another part fails. Fault tolerance
can work for the following:

Memory
Some servers support error-correcting memory with a spare memory module to use in case
of memory failure.

Network interface cards (NICs).

NICs can be redundant in two ways. They can share the network traffic, or one of the NICs
can wait until the first fails before it kicks in.

Redundant Array of Inexpensive Disks (RAID).

Data is mirrored, shared, or striped across multiple disks. Pay attention to these versions of
RAID:

RAID 1:
Mirroring disks connected to a single hard disk controller, or duplexing disks connected to
two different hard disk controllers.

RAID 5:
A group of three or more disks is combined into a volume with the disk striped across the
disks, and parity is used to ensure that if any one of the disks fails, the remaining disks will
still have all data available.

Power supplies.
One power supply takes over if the original fails.
 Page | 23
Clusters.
Two or more servers are grouped to provide services as if the group were a single server. A
cluster is transparent to end users. Usually, a server member of a cluster can take over for a
failed partner with no impact on the network.

Backup / restore
Offsite storage
A remote backup service, online backup service or managed backup service is a service that
provides users with an online system for backing up and storing computer files. Managed
backup providers are companies that have the software and server space for storing files.

Hot and cold spares

 A hot spare disk is running, ready to start working in the case of a failure.
 A cold spare disk is not running.

A hot spare is used as a failover mechanism to provide reliability in system configurations.

The hot spare is active and connected as part of a working system. When a key component
fails, the hot spare is switched into operation. Examples of hot spares are components such
as networked printers, and hard disks. The equipment is powered on, or considered "hot",
but not actively functioning in the system. In the case of a disk drive, data is being mirrored
so when the hot spare takes over, the system continues to operate with minimal or no
downtime.

Hot Spare Disk

is a disk or group of disks used to automatically or manually, replace a failing or failed disk in
a RAID configuration. The hot spare disk reduces the mean time to recovery (MTTR) for the
RAID redundancy group, thus reducing the probability of a second disk failure and the
resultant data loss that would occur in any singly redundant RAID (e.g., RAID-1, RAID-5,
RAID-10).

Hot, warm and cold sites

A backup site is a location where a business can easily relocate following a disaster, such as
fire, flood. There are three types of backup sites, including cold sites, warm sites, and hot
sites. The differences between the types are determined by the costs and effort required to
implement each.

Hot Site is a duplicate of the original site of the business, with full computer systems as well
as near-complete backups of user data. Following a disaster, the hot site exists so that the
business can relocate with minimal losses to normal operations. Ideally, a hot site will be up
and running within a matter of hours. This type of backup site is the most expensive to
operate.

Warm Site is a location where the business can relocate to after the disaster that is already
stocked with computer hardware similar to that of the original site, but does not contain
backed up copies of data and information.
 Page | 24
Cold Site is the most inexpensive type of backup site for a business to operate. It does not
include backed up copies of data and information from the its original location, nor does it
include hardware already set up. The lack of hardware contributes to the minimal startup
costs of the cold site, but requires additional time following the disaster to have the operation
running at a capacity close to that prior to the disaster.

Security protocols protect a computer from attacks. To understand how security protocols
work, you must first understand what types of attacks they protect against. Networks and
data are vulnerable to both active attacks, in which information is altered or destroyed, and
passive attacks, in which information is monitored. Attacks that you might encounter include
the following:

Altering data
This active attack takes place when data is interrupted in transit and modified before it
reaches its destination, or when stored data is altered. This passive attack takes advantage of
network traffic that is transmitted across the wire in clear text. The attacker simply uses a
device that monitors traffic and "listens in" to discover information. You'll hear this term
referred to as sniffing the wire, and sometimes as snooping.

IP address spoofing
One way to authenticate data is to check the IP address in data packets. If the IP address is
valid, that data is allowed to pass into the private network. IP address spoofing is the process
of changing the IP address so that data packets will be accepted. IP address spoofing can be
used to modify or delete data, or to perpetuate an additional type of attack.

Password pilfering
A hacker will obtain user IDs and passwords, or even encryption keys, to gain access to
network data, which can then be altered, deleted, or even used to create another attack. This
type of attack is usually done by asking unsuspecting users, reading sticky notes containing
passwords that are posted next to computers, or sniffing the wire for password information.
Sometimes a hacker will attempt to get hired at a company merely to obtain an ID and
password with access rights to the network.

Denial of service
This active attack is intended to cause full or partial network outages so that people will not
be able to use network resources and productivity will be affected. The attacker floods so
many packets through the network or through specific resources that other users can't access
those resources. The denial-of-service attack can also serve as a diversion while the hacker
alters information or damages systems.
 Page | 25
Virus
A virus is an attack on a system. It is a piece of software code that is buried inside a trusted
application (or even an e-mail message) that invokes some action to wreak havoc on the
computer or other network resources.

Security Method Type of Attack Notes

Authentication Password guessing Verifies the user's identity

attacks

Access control Password pilfering Protects sensitive data from access by the average user

Encryption Data alteration Prevents the content of the packets from being tampered
with

Certificates Eavesdropping Transmits identity information securely

Firewalls Denial of service (as When configured correctly, can prevent many denial-of-
well as others) service attacks

Signatures Data alteration Protects stored data from tampering

Public key Spoofing Ensures that data received is from correct sender
infrastructure

Code Virus and other code Protects the computer from altered executables
authentication attacks

Physical Password pilfering Protects unauthorized persons from having access to

security authorized users and their IDs and passwords

Password Password pilfering Ensures that passwords are difficult to guess or otherwise
policies decipher

IPSec (Internet Protocol Security)

IPSec Is a set of protocols used to support secure exchange of packets at the IP layer. IPsec
supports two encryption modes: Transport and Tunnel.

Transport mode encrypts only the data portion of each packet, but leaves the header
untouched.

The more secure Tunnel mode encrypts both the header and the data portion.

For IPsec to work, the sending and receiving devices must share a public key. This is
accomplished through a protocol known as Internet Security Association and Key
Management Protocol/Oakley, which allows the receiver to obtain a public key and
authenticate the sender using digital certificates. IPsec protocols operate at the network
layer, layer 3 of the OSI model. Other Internet security protocols in widespread use, such as
 Page | 26
SSL and TLS, operate from the transport layer up (OSI layers 4 - 7). This makes IPsec more
flexible, as it can be used for protecting both TCP and UDP based protocols

L2TP (Layer 2 Tunneling Protocol)

Layer 2 Tunneling Protocol is a tunneling protocol used to support virtual private networks
VPNs. L2TP is an extension to the PPP protocol that enables ISPs to operate Virtual Private
Networks. L2TP combines the best features of two other tunneling protocols: PPTP from
Microsoft and L2F from Cisco Systems.

SSL (Secure Sockets Layer)

Secure Sockets Layer is a protocol that supplies secure data communication through data
encryption and decryption. SSL enables communications privacy over networks by using a
combination of public key, and bulk data encryption.

WEP (Wired Equivalent Privacy)

Wired Equivalent Privacy is a scheme that is part of the IEEE 802.11 wireless networking
standard to secure IEEE 802.11 wireless networks. Because a wireless network broadcasts
messages using radio, it is particularly susceptible to eavesdropping.
WEP was intended to provide comparable confidentiality to a traditional wired network and
thus it does not protect users of the network from each other.

WPA (Wi-Fi Protected Access)

A security protocol for wireless networks that builds on the basic foundations of WEP. It
secures wireless data transmission by using a key similar to WEP, but the added strength of
WPA is that the key changes dynamically. The changing key makes it much more difficult for
a hacker to learn the key and gain access to the network.

WPA2 (Wi-Fi Protected Access 2)

WPA2 is the second generation of WPA security and provides a stronger encryption
mechanism through Advanced Encryption Standard (AES), which is a requirement for some
government users.

802.11x
IEEE 802.11 also known by the brand Wi-Fi, denotes a set of Wireless LAN/WLAN standards
developed by working group 11 of the IEEE LAN/MAN Standards Committee (IEEE 802). The
term 802.11x is also used to denote this set of standards and is not to be mistaken for any
one of its elements. There is no single 802.11x standard.

Networking Basic Concepts and Fundamentals Explained

This tutorial explains the basic and fundamental concepts of the computer networking. Learn
the essential networking topics in detail with examples.

Computer networking is one of the most complex subjects. Describing all of its topics requires
an encyclopedia. Learning and understanding all these topics at the primary stage are neither
required nor recommended. It is just like learning the vocabulary from the dictionary. Unless
you know what you need to know, you would not learn what you should learn.
 Page | 27
I have already explained the definition, purpose and benefits of the computer networking in
the following article.

What is computer networking explained with examples

In this tutorial, I will discuss two essential topics that you should learn at the elementary level.
Understanding these topics will set the foundation for the rest of your studies.

Essential components of the computer network

When learning computer networking, this should be your first topic. A computer is built from
the four essential components; End devices, Media, Protocols and Networking devices. Let’s
understand each of these components.

End devices
An end device is the device that sends or receives the data or service in the network. An end
device might be a PC, Laptop, Smartphone or any other device that is capable of the sending
and receiving data the data and connected with the network. To build a network, at least two
end devices are required.

Broadly end devices are categorized in two types; server end device and client end device.
Server end device is the device which provides data or service. Client end device is the device
which receives the offered data or service from the server end device.

Media
The media provides connectivity between the end devices. Unless end devices are connected
through the any kind of media, they cannot exchange the data or service. Mainly there are
two types of media; Wireless media and wired media.

In wireless media, radio signals are used to transfer the data between end devices, whereas
in wired media, the data is transferred through cables.

Both media types are further classified into several subtypes. Subtypes are categorized based
on the various factors such as length, data transfer speed, used metal, frequency band, etc.
Subtypes are defined as the media standards. Two common media standards are the Ethernet
and the IEEE802.11 or Wi-Fi standards.

The Ethernet defines the standards for the wired media. The IEEE802.11 or Wi-Fi defines the
standards for the wireless media.

Protocols
Protocols enable communication between two or more end devices. A protocol is a set of
predefined rules that specifies standards for a particular stage or all stages of the
communication.

Following are the some common functions performed by the protocols.

 Page | 28
 Initializing and terminating the communication process
 Performing encryption and compression before sending the data
 Packing data in such a format that it can travel in the network
 Providing logical addressing
 Performing error correction
 Performing authentication

Two popular networking models; OSI Reference model and TCP/IP model describe the
functionalities of the most common protocols. Both models divide the entire communication
process in logical layers. Further, they explain how the protocols work in each layer to enable
the communication process.

Networking device
A networking device works between the end devices. It controls and forwards the flow of
data. Based on the functionalities, a networking device can be categorized in three types;
forwarding device, connecting device and the securing device.

A forwarding device forwards the data. This device usually has multiple ports which are used
to connect more than two end devices in a single network. Hub, bridge and Ethernet switch
provide this functionality.

A connecting device connects two or more different types of media and protocols. If two end
devices are located in the different logical networks or connected through the different types
of media, they need a connecting device to exchange the data. Router and Multilayer switch
provide this functionality.

A securing device secures the data from unauthorized access. When data packet arrives to it,
based on pre-defined rules it performs security checks and takes the forwarding decision.
Common devices which provide this functionality are the Firewall and NAT.

Classification of the computer network

Once you learned the essential components of the network, this should be your next topic.
Computer networks are mainly categorized based on the geographical location, access types
and relationship between end devices.

Based on the geographical location

Based on the geographical coverage, the network is classified into three types; LAN, MAN and
WAN. Network that is geographically spread over a small, medium and large area is known as
the LAN, MAN and WAN network respectively.

Based on the access type

On the basis of allowing users to access network resources, the network is classified into three
types; Intranet, Extranet and Internet. An Intranet is a private network. In this network,
external users are not allowed to access the network resources. An Extranet is also a private
network. But in this network, after proper authorization, external users are allowed to access
 Page | 29
a small portion of the network. The Internet is the public network. Any user can connect with
this network.

Based on the relationship between the end devices

Based on how the end devices access each other, the network is categorized in two types;
peer to peer network and clients/server network. In peer to peer network, all end devices
have equal rights. In clients/server network, server decides which client will have what rights.
Computer Science [9618 ] By Mr Saem

Resources for further study

To learn the foundation topics introduced above, you can use the following tutorials.
 Network Topology Comparison
Information
Topology Setup Expansion Troubleshooting Cost Cabling Concerns
Transfer
Each computer must
Uses twisted pair
be close to the When one computer More expensive of
cable.
Star Bus central device. Add a new computer goes down, the rest the simple
All information Requires large
100 meters by plugging in a new of the network is topologies, it
passes through the amounts of cable.
Each computer maximum cable cable from the unaffected. If the requires costly
central network No more than 100
connects to a central length. computer to the connection device connection device.
connection. meters from the
connection device. Up to 24 computers connection device. goes down, then the Usually cheaper than
computer to the
per network. network is down. a hybrid network.
connection device.
One computer at a
Single continuous
time sends Connect the cable
To add a computer, cable connects the
Bus information. from one computer
you must shut down If one computer A cheaper network devices.
Information goes to the next and so on
the network and malfunctions, the since there is usually Terminator is
Single cable connects along the cable and to the end. A
disconnect the cable entire network goes one continuous required at each end
everything. the computer terminator is placed
from the existing down. copper cable. of the cable.
accesses the at each end of the
computers. Uses coaxial or
information off the network.
twisted pair cabling.
cable.
If there's a break in
the cable or an error
Computers are in the network,
located close to each Cable between the information
Information goes in
Ring one direction around
other. computers must be continues to transfer
One of the more Requires more
Setup is easy. broken to add a new through the rest of
the ring and passes expensive topologies cabling than other
Single cable configured There is no computer, so the the ring until
along the ring until it due to high cable topologies. Uses
in a ring. connector. network is down until reaching the point of
reaches the correct costs. twisted pair.
The ring has no the new device is the break. This
computer.
beginning and no back online. makes
end. troubleshooting
easy.

Cabling depends on
Often used across the types of
Hybrid Mesh long distances. Often created when Connection devices Troubleshooting is networks.
Information transfer expanding an make combining most difficult in this Expensive, large, Can use twisted pair
Combines two or more can happen in existing network. different networks topology because of and usually and coaxial cable.
different structures. different ways, Can use a variety of and different the variety of complicated. Also incorporates
depending on the connection devices. topologies easy. technologies. fiber optic cabling
other topologies. over long distances.

www.mrsaem.com |
 Ring Network Topology Bus Network Topology

Star Network Topology Mesh Network Topology

www.mrsaem.com |
 Tree Network Topology

Extranet
An intranet that allows customers, vendors or other partners to access resources or information is called an extranet. Most companies
extend their intranets into extranets when they see the benefits of giving customers and vendors quick access to current information.
For example, companies that once relied on regular mail-outs can now make the same information available via an extranet to save
printing and postage costs.

What is Extranet?

is an intranet for outside authorized users using same internet technologies. The
outside users are trusted partners of the organization who have access to
information of their interest & concern.
It extends the intranet concept to provide a network that connects a company‟s
network to the networks of its business partners, selected customers, or suppliers.

www.mrsaem.com |
How it is different from Intranets?
Intranets differ from extranet in that the former are generally restricted to employees of the organization while extranets may also be
accessed by customers, suppliers, or other approved parties. Extranets extend a private network onto the Internet with special
provisions for access, authorization and authentication.

Types of Extranet
Public Network Extranet
Exists when an organization allows the public to access its intranet from any public network. Security is an issue in this
configuration, because a public network does not provide any security protection.

Private Network Extranet

Is a private, leased-line connection bet. Two companies that physically connects their intranets to one another. The single
advantage of this is Security. The single largest drawback is Cost.

Virtual Private Network (VPN) [Will shortly discuss this is detail]

Is a network that uses public networks and their protocols to send sensitive data to partners, customers, suppliers, and
employees by using system called “tunneling”. Tunnels are private passage ways through the public internet that provide secure

Companies can use an extranet to:

 Exchange large volumes of data using Electronic Data Interchange (EDI)

 Share product catalogs exclusively with wholesalers or those "in the trade"
 Collaborate with other companies on joint development efforts.
 Jointly develop and use training programs with other companies.
 Provide or access services provided by one company to a group of other companies, such as an online banking application
managed by one company on behalf of affiliated banks
 Share news of common interest exclusively with partner companies

www.mrsaem.com |
Virtual Private Network (VPN)

Some example uses for a VPN network include:

 Access your computers, servers and files in your

office from your home
 Connect 2 or more remote offices together to
make it appear they are all on the same
computer network. You'll have access to all files
stored on a server, access to all printers, etc.. It
will seem like all remote offices are in the same
building. Employees will have access to all
resources on the computer networks of all
offices setup in your VPN.
 Work from a public hotspot, like at an internet
cafe, and still have access to your files,
computers and servers in your office.
 While on vacation or off-island you can have access to your files, computers and servers from anywhere in the world
 If you have a dialup internet account, you can use your computer/laptop from a remote location to connect to your office using
the public telephone network.
 Work from home using your DSL or broadband connection while still having access to your office computer network.

A well-designed VPN can greatly benefit a company.

For example, it can:

 Extend geographic connectivity
 Improve security
 Reduce operational costs versus traditional WAN
 Reduce transit time and transportation costs for remote users
 Improve productivity
 Simplify network topology
 Provide global networking opportunities
 Provide telecommuter support
 Provide broadband networking compatibility
 Provide faster ROI (return on investment) than traditional WAN
www.mrsaem.com |
www.mrsaem.com |
What is Intranet?
The term Intranet is derived from two words: „Intra‟ which means within and „net‟ which means group of interconnected computers.
is a private computer network that uses Internet protocols and network connectivity to securely share any part of an organization's
information or operational systems with its employees.
In short, an intranet is private network, similar to the Internet and using the same protocols and technology, contained within an
enterprise or not-for-profit organization.

How it is different from Internet?

The technologies used in Intranet and Internet may be same but the main difference between them is that the information shared in
intranet can be access only by authorized persons especially members or employees of the organization or company where as in
internet the information is shared world wide with any public user to explain in simple terms, intranet is private, within the organization
while internet is public available for global access requirement. Thus, Intranet is like a private Internet.

www.mrsaem.com |
 Benefits of intranets
Workforce productivity:
Intranets can help users to locate and view information faster and use app. relevant to their roles and responsibilities. With
the help of a web browser interface, users can access data held in any database the organization wants to make available, anytime and
- subject to security provisions – from anywhere within the company workstations, increasing employees' ability to perform their jobs
faster, more accurately, and with confidence that they have the right information. It also helps to improve the services provided to the
users.

Time:
With intranets, organizations can make more information available to employees on a "pull" basis (i.e., employees can link
to relevant information at a time which suits them) rather than being deluged indiscriminately by emails.

Communication:
Intranets can serve as powerful tools for communication within an organization, vertically and horizontally. From a
communications standpoint, intranets are useful to communicate strategic initiatives that have a global reach throughout the
organization. The type of information that can easily be conveyed is the purpose of the initiative and what the initiative is aiming to
achieve, who is driving the initiative, results achieved to date, and who to speak to for more information. By providing this information on
the intranet, staff has the opportunity to keep up-to-date with the strategic focus of the organization.

Cost-effective:
Most organizations have already established TCP/IP networks, and the incremental infrastructure cost of adding Web
servers to the network is well within even departmental-level budgets. Users can view information and data via web-browser rather than
maintaining physical documents such as procedure manuals, internal phone list and requisition forms.

Low maintenance
With information residing in only one place - the Web server - it is relatively easy and affordable to add new information or
to update existing information and make it instantly available.

WLANs (Wireless local area networks) using spread spectrum transmission

Spread spectrum is a form of wireless communications in which the frequency of the transmitted signal is deliberately varied. This
results in a much greater bandwidth than the signal would have if its frequency were not varied.

Wireless Networking: What is it?

To loosely define the term wireless networking is to say that it is any connection between two points for the purpose of transmitting

information without any physical connection, i.e. fiber optics, copper wires, phone lines, etc.

www.mrsaem.com |