module 3
module 3
HARDWARE ESSENTIALS
TO WEB DESIGN
1
MODULE 3
2
The Operating Systems Concept: An Introduction
What is a Software?
• Software is a collection of instructions, data, or computer programs that are used to run
machines
and carry out particular activities.
Types of Software
1. System Software
2. Application Software
• System Software : System software is software that directly operates the computer hardware
and provides the basic functionality to the users as well as to the other software to operate
smoothly.
3
The Operating Systems Concept: An Introduction
• System software basically controls a computer’s internal functioning and also controls
hardware devices such as monitors, printers, and storage devices, etc.
• It is like an interface between hardware and user applications, it helps them to communicate with
each other because hardware understands machine language(i.e. 1 or 0) whereas user
applications are work in human-readable languages.
• Eg: Operating system
4
The Operating Systems Concept: An Introduction
• Application software : Software that performs special functions or provides functions that are
much more than the basic operation of the computer is known as application software.
• Application software is designed to perform a specific task for end-users. It is a product or a
program that is designed only to fulfill end-users’ requirements.
• Example :
word processors, spreadsheets, database management, inventory, payroll programs, etc.
5
Operating System
The operating system acts as an intermediary between the user and the user’s programs and the
hardware of the computer. It makes the resources available to the user and the user’s programs in
a convenient way, on the one hand, and controls and manages the hardware, on the other.
A collection of computer programs that integrate the hardware resources of the computer and
make those resources available to a user and the user’s programs, in a way that allows the user
access to the computer in a productive, timely, and efficient manner.
6
Operating System
1. Command services. It accepts and processes commands and requests from the user and
the user’s programs and presents appropriate output results.
2. Program services. It manages, loads, and executes programs.
3. Hardware services. It manages the hardware resources of the computer, including the
interfaces to networks and other external parts of the system.
• A simple model of the relationship between the various components of a computer system is
shown schematically in Figure 16.1.
7
Operating System
8
Operating System
• Modern computer systems enable users to work with more than one program at the same time as
a way to improve their efficiency.
• A user can be listening to music on the Web while word processing a document.
• A programmer can be editing one program while compiling another.
• Every modern system provides means and support for manipulating multiple programs, even on
a system with only a single CPU core. This technique is known as multitasking or
multiprogramming.
• Since a system may be manipulating many tasks on a computer with one or a few CPUs,
the operating system must support concurrency, which simulates the simultaneous
execution of multiple programs to provide multitasking and multiuser support.
• Multitasking also enables multiple users to share the computer resources of a single system. Such
a system, known as a multiuser system,
9
Operating System
• The operating system provides interfaces for the user and also for the user’s programs.
• It provides file system access and file support services.
• It provides I/O support services that can be used by every program. The word bootstrapping
is often abbreviated simply to boot or booting.
• It handles all interrupt processing, including error handling and recovery, as well as I/O and
other
routine interrupts.
• It provides services for networking.
• The operating system provides services that allocate resources, including memory, I/O devices,
and CPU time to programs as they need them.
10
Operating System
• Figure 16.2 is a simplified diagram showing the relationships between the different components
of an operating system.
• These are part of the core services, which also include process and thread management, resource
allocation, scheduling, memory management, security, and inter process communication.
• The diagram also shows the command interface as part of the operating system.
• The command interface is viewed as a shell outside of the operating system.
• The memory resident components of an operating system are commonly known as the kernel of
the operating system.
11
Operating System
12
Operating System
• There are many different types of operating systems, some tailored for very specific purposes,
but general-purpose computing systems can be loosely divided into categories, as follows:
Single-user, single-tasking systems
Single-user, multitasking systems
Operating systems for mobile devices
Distributed systems
Network servers: Web servers, database servers, application servers
Embedded systems, such as those found in medical instruments, automobile control
systems, household appliances, TVs, electronic toys etc
13
Operating System
• Systems can also be categorized by the degree of activity between the user and the system
during program execution.
• Interactive systems : When the system is interactive, the user interacts directly with the
program
to provide input data and guidance during program execution.
• Interactive systems are sometimes known as conversational systems.
• The user submits the program(s), or job(s), to the computer for processing. This type of
processing is known as batch processing.
• Event driven. This means that the operating system normally sits idle and executes only if
some event occurs that requires operating system action.
• Events include file requests, I/O, keyboard inputs from users, memory requests from
programs, messages sent from one program to another, clock interrupts etc
14
Services and Facilities
• There are ten major blocks to be considered, not all of which will necessarily be found in
any particular operating system:
15
Services and Facilities
16
Services and Facilities
• To the user, the most important and visible service provided by the operating system is the user
interface and the capability that it provides to execute commands.
• Different types of user interfaces exist. The most common are the graphical user interface (GUI)
and the command line interface (CLI).
• CLI allows users to execute commands by typing them into a terminal or console providing
precise
control and efficiency but requiring knowledge of command syntax.
• GUI permits users to use the graphics to interact with an operating system. In the graphical
user interface, menus are provided such as windows, scrollbars, buttons, wizards, painting
pictures, alternative icons, etc.
17
Services and Facilities
File Management :
• The file management system provides and maintains the mapping between a file’s logical
storage
needs and the physical location where it is stored.
• The file management system identifies and manipulates files by the names provided by their
users.
• It determines the physical requirements of the file, allocates space for it, stores it in that space,
and maintains the information about the file so that it may be retrieved.
Input/Output Services :
• To manage communication between the computer and external devices like keyboard, mouse,
printer, and hard drive, ensuring data is transferred smoothly and efficiently by deciding
which program can access which device at what time, while also handling error detection and
management of device drivers
18
Services and Facilities
19
Services and Facilities
• Memory Management : The purpose of the memory management system is to load programs
and program data into memory in such a way as to give each program loaded the memory that it
requires for execution.
•Each program that is being executed must reside in
memory. The memory management system has three primary
tasks.
1. It keeps track of memory, maintaining records that identify each program loaded into memory together
with the space being used and also keeps track of available space.
20
Services and Facilities
• Scheduling and Dispatch : The operating system is responsible for the allocation of CPU time
in a manner that is fair to the various programs competing for time, as well as maximizing
efficient utilization of the system overall.
• Network and Communications Support Services : The network and communications support
facilities within the operating system carry out the functions required to make the system
perform seamlessly in a networked and distributed environment.
• Security and Protection Services : modern systems require security and protection services
to protect the operating system from user processes, to protect processes from each other, and
to protect all processes from the outside world.
• Without protection, a malicious program, for example, could unintentionally or
intentionally modify or destroy the program code or data in the memory space
belonging to the operating system.
• It is also important to protect the system and user processes from unauthorized entry to the
system,
and against unauthorized use of the system, even by authorized users.
21
Services and Facilities
• Secondary Storage Management : The file management system keeps track of free
secondary storage space and maintains the file system and its directories.
• System Administration Support : The system administrator, or sysadmin, for short, is the
person who is responsible for maintaining the computer system or systems.
Important administrative tasks managed by a system administrator include:
• System configuration and setting group configuration policies
• Adding and deleting users
• Managing, maintaining, and upgrading networks
• Providing secure and reliable backups
• Recovering lost data
• Providing and monitoring appropriate security
22
Computer Communications
23
Basic Data Communication Concepts
• Fig shows a model that constitutes the essential elements of data communication.
• Two end nodes, or hosts, are connected by a communication channel.
• An interface connects each node with the channel. The channel carries signals that represent
messages between the nodes. Protocols define the ground rules for the channel signals and for
the messages.
24
Messages
• The message is the primary purpose of the communication. It can take many forms.
• It may also be a program or a file or a snippet of personal conversation or a request or status
information or a video or audio stream or some other agreed-upon content.
• Data communication is predominantly serial, we usually describe the data as a byte stream.
• The message is a communication between each node.
• The meaning of the message is established by the protocols recognized by the cooperating
applications.
• One of the major limitations of the use of messages as a communication tool is that the
message length may vary widely from application to application.
• Message might be as small as a few bytes.
25
Packets
• To solve the related problems of channel availability and maximum utilization, there must be a
way to break long messages into smaller units. These units are called packets.
• Packets from different sources can share the channel, using one or more of several multiplexing
techniques.
• Packets are used for most data communications.
• Like envelopes, packets come in different shapes and sizes. There are standards for a number
of different types of packets, defined for different purposes.
• Some types of packets go by specific names, such as frame or datagram, which identify
their purpose.
26
Packets
• A description of the packet, the designated receiver and source addresses, and information
about the data enclosed is provided in a header, followed by the data.
• The amount of data depends on the type and length of the messages, the design of the packet,
and
the requirements of the channel.
• Some packet types require a fixed amount of data, most allow a variable amount within
some maximum limit.
• A long message may consist of many packets.
• With multiple links, individual packets may travel different paths and arrive in an order
different from the order in which they were sent.
27
Packets
• To recover the message, it is sometimes necessary to number the packets, so that they may
be reassembled in their original order at the receiving node.
• As an example of message and packet flow, consider the typical situation in Figure.
• Two users with cell phones send messages to the local cell tower for forwarding to
their destination. The messages are broken into packets at the source.
• At the cell tower, the two messages are multiplexed, i.e., transmitted alternately, packet by
packet, and relayed to the next node for further processing.
28
Packets
29
Packets
30
Packets
• The receiving computer is able to process a block of data all at once, instead of a character or
a byte at a time.
• It simplifies synchronization of the sending and receiving systems.
• In addition to data transmission, packets can also be used for control of the network itself.
31
General Channel Characteristics
32
Medium
33
Medium
34
Medium
• Guided media limit communications to a specific path constrained to a cable of some sort.
• Guided media can be either electrical or optical and can include various forms of wire and fiber-
optic cables.
• GuidedMedia is also referred to as Wired or Bounded transmission media. Signals
being transmitted are directed and confined in a narrow pathway by using physical links.
Features:
• High Speed
• Secure
• Used for comparatively shorter distances
There are 3 major types of Guided Media: Twisted pair cable, coaxial cable, fiber optic cable.
35
Medium
36
Data Transmission Directionality
• Channels can also be characterized by the direction in which the messages can flow.
• A channel that carries messages in only one direction is known as a simplex channel.
• Television broadcasting stations use a simplex channel. Programs are sent from a transmitting
antenna to television receivers, but the receivers do not respond with messages or data back to
the broadcasting station.
• A half duplex channel may carry messages in both directions, but only one direction at a time.
• If the computer at point B wants to send a message to point A, it must wait until point A has
stopped transmitting to do so. Most walkie-talkies are half-duplex communication devices.
• Channels which carry signals simultaneously in both directions are called full-duplex
channels. Traditional telephone landlines are full-duplex channels.
37
Number and Types Of Connections
38
Network Topology
39
Network Topology
• Network topology is the way devices are connected in a network. It defines how these
components are connected and how data transfer between the network.
• Network topology describes the fundamental configuration, or layout, of a network. Topology is
an important characteristic of all networks, large and small.
• It defines the path, or paths, between any two points in the network.
• The topology of a network affects the performance of the network, particularly in terms
of availability, speed, and traffic congestion.
• Network topologies can provide a useful template when designing a network or when analyzing
a network’s behavior.
40
Network Topology
• There are two major categories of Network Topology i.e. Physical Network topology and
Logical Network Topology.
• Physical Network Topology refers to the actual structure of the physical medium for the
transmission of data.
• Logical network Topology refers to the transmission of data between devices present in
the network irrespective of the way devices are connected.
41
Network Topology
42
Network Topology
43
45
Mesh Network
• Every device in a network is directly connected to every other device, creating multiple paths
for data transmission and enhancing redundancy and fault tolerance
• The failure of an individual intermediate node will slow, but not stop network traffic as long as
an
alternative path is available.
• The “best” configuration for connecting a number of end nodes would be to provide a direct
point- to-point channel connecting each pair of nodes. This scheme, known as a full mesh
network, is not practical.
47
Mesh Network
• Here each node is connected to four others, the network also requires four interfaces for each
node, for a total of twenty interfaces.
• Simply increasing the number of nodes to twenty increases the number of connections to 190 and
requires 380 interfaces.
• The number of connections for a fully connected mesh network with N nodes is ,
48
Mesh Network
49
Star Topology
• In Star Topology, all the devices are connected to a single hub through a cable.
• This topology is used primarily for local area networks, although it is sometimes used in
metropolitan and wide area networks to connect individual centers of activity to a central office.
• In this configuration, all nodes are connected point-to-point to a central device.
Nodes communicate through the central device.
• Switching in the central device connects pairs of nodes together to allow them to
communicate directly and steers data from one node to another as required.
Advantages of Star Topology
• If N devices are connected to each other in a star topology, then the number of cables required
to connect them is N. So, it is easy to set up.
• Each device requires only 1 port i.e. to connect to the hub, therefore the total number of ports
required is N.
50
Star Topology
51
Bus Topology
• With a bus topology, each node is tapped into the bus along the bus.
• To communicate, a sending node “broadcasts” a message which travels along the bus. Every
other
node receives the message.
• Each node compares its address to that of the message; therefore, the message is ignored by
every node except that of the desired recipient.
• Each end of the bus is equipped with a terminator.
• Branches can be added to a bus, expanding it into a tree. Messages are still broadcast through the
tree. Terminators are placed at the ends of each branch in the tree.
52
Bus Topology
53
Ring Topology
• A ring topology consists of a point-to-point connection from each node on the network to the
next.
• The last node on the network is connected back to the first to form a closed ring.
• Each node retransmits the signal that it receives from the previous node to the next node in the
ring.
• Packets are placed on the loop at a node, and travel from node to node until the desired node
is reached.
• The ring is inherently unidirectional (data passes through it in one direction), it is possible to
build
a bidirectional ring network.
• If someone wants to send some data to the last node in the ring topology with 100 nodes, then
the data will have to pass through 99 nodes to reach the 100th node.
54
Ring Topology
55
Types of area networks
LAN, MAN,WAN
56
Types of area networks
• The Network allows computers to connect and communicate with different computers via
any medium.
• LAN, MAN, and WAN are the three major types of networks designed to operate over the area
they cover. There are some similarities and dissimilarities between them.
• One of the major differences is the geographical area they cover, i.e. LAN covers the
smallest area, MAN covers an area larger than LAN and WAN comprises the largest of all.
57
Local Area Networks
• A local area network (LAN) is a network that connects computers and other supporting
devices over a relatively small localized area, typically a room, the floor of a building, a
building, or multiple buildings within close range of each other.
• Most of the computers in a LAN are personal computers or workstations, although there may
be larger server computers present.
• Routers, and gateways, will be used to connect the LAN to other networks.
• There are different kinds of LANs, each defined by its network protocols, maximum bit rate,
connecting media, topology (the physical and logical layout), and various features.
• Most modern LANs are based on a set of standards and associated protocols called
Ethernet, which are defined and identified by their IEEE standards.
• Ethernet comes in a number of “flavors”, switched Ethernet (IEEE 802.3), Wi-Fi (IEEE
802.11), and hub-based Ethernet (also IEEE 802.3).
58
Local Area Networks
• The Ethernet protocols are designed to make it possible to mix different flavors in a
single network.
• As an example consider a home network with a router that also provides a wireless
access point
and an Ethernet switch.
• The router uses Ethernet to connect to a DSL or cable modem for Internet access. An Ethernet
cable connects a printer directly to the switch, and one or more computers use wireless Ethernet
to connect wirelessly.
59
Local Area Networks
60
Local Area Networks
61
Local Area Networks
62
Local Area Networks
Advantages:
• Provides fast data transfer rates and high-speed communication.
• Easy to set up and manage.
• Can be used to share peripheral devices such as printers and
scanners.
• Provides increased security and fault tolerance compared to WANs.
63
Local Area Networks
Disadvantages:
• Limited geographical coverage.
• Limited scalability and may require significant infrastructure upgrades to accommodate
growth.
• May experience congestion and network performance issues with increased usage.
64
Metropolitan Area Networks
65
Metropolitan Area Networks
• To create network links to connect properties over areas that would require right-of-way
access, that is, permission to run wires through somebody else’s property.
• To obtain right-of-way access, a company generally requires services from a service provider
(SP).
• A service provider is a company that provides the equivalent of a link or links between nodes
that are not directly accessible to simple forms of connection, like wire or fiber-optic cable.
• The connection is often referred to as an edge connection, a router at the access point would be
called an edge router.
Example:
• If a company connects its internal network to an internet service provider (ISP), the router
placed at the connection point between them is called an edge router. It helps manage data
flow between the local network and external networks efficiently.
66
Metropolitan Area Networks
67
Metropolitan Area Networks
• It covers a large geographical area and may serve as an ISP (Internet Service Provider).
• MAN is designed for customers who need high-speed connectivity.
• Speeds of MAN range in terms of Mbps. It’s hard to design and maintain a Metropolitan
Area
Network.
Advantages:
• Provides
high-speed
connectivit
y over a
larger
geographic
al area
than LAN.
68
• Can be
Metropolitan Area Networks
Disadvantages:
• Can be expensive to set up and maintain.
• May experience congestion and network performance issues with increased
usage.
• May have limited fault tolerance and security compared to LANs.
69
Wide Area Networks
• Wide area networks (WANs) are networks designed to facilitate communications between
users and applications over large distances—between the various corporate offices of an
international organization that are located in cities all over the world, for example.
• WAN has a range of above 50 km.
There are two primary compelling reasons for designing and building wide area network
capabilities:
• An organization requires data communication links between widely spread facilities and
between
an organization and its business partners, customers, and suppliers.
• An organization requires fast access to the Internet, either as a consumer or as a provider
of Internet services, or both.
70
Wide Area Networks
• Wide area networks require the use of resources that are within the sphere of public switched
telephone networks (PSTNs), large cable companies, and other common carrier service
providers.
• Many WANs use PSTN infrastructure (such as leased telephone lines, fiber optics, or DSL) to
facilitate long-distance communication.
• PSTN is the global network of interconnected public telephone networks that allows users to
make and receive calls using traditional landlines.
• A WAN could be a connection of LAN connecting to other LANs via telephone lines and radio
waves and may be limited to an enterprise (a corporation or an organization) or accessible to
the public.
• The technology is high-speed and relatively expensive.
• A Communication medium used for WAN is PSTN(Public Switched Telephone Network) or
Satellite Link. Due to long-distance transmission, the noise and error tend to be more in
WAN.
71
WAN
72
Wide Area Networks
Advantages:
• Covers large geographical areas and can connect remote locations.
• Provides connectivity to the internet.
• Offers remote access to resources and applications.
• Can be used to support multiple users and applications simultaneously.
Disadvantages:
• Can be expensive to set up and maintain.
• Offers slower data transfer rates than LAN or MAN.
• May experience higher latency and longer propagation delays due to longer distances and
multiple network hops.
• May have lower fault tolerance and security compared to LANs.
73
Difference between LAN,MAN,WAN
The internet,
City-wide networks,
Office networks, school multinational corporate
Examples university campuses,
labs, home networks. networks, military
large regional offices.
communications.
Interconnecting LANs,
Interconnecting devices Interconnecting LANs MANs, and remote
Primary Use in a small area to share within a metropolitan networks across the
resources and data. area. globe.
75
Client–Server Computing
76
Client–Server Computing
77
Client–Server Computing
• The client–server model describes the relationship and behavior of programs in one or
two computer systems.
• It is important to understand that the client–server model does not require any special
computer
hardware.
• The only “special” software required is the software within the application programs that
provides the communications between the programs.
• The requests and responses take the form of data messages between the client and server that are
understood by both application programs.
• As an example, slightly simplified, the HTTP request message sent to a Web server by a
Web browser requesting a Web page consists of the word get followed by a URL. If the
request is successful, the message returned by the server contains the HTML text for the
page.
78
Client–Server Computing
The use of client–server processing as a basis for IT system architecture has a number of advantages:
• Providing services on a single computer or on a small number of computers in a central location
makes the resources and services easy to locate and available to everyone who needs them, but
also allows the IT administrators to protect the resources and control and manage their use.
• The amount of data to be stored, processed, and managed may be extremely large.
• Humans request information from knowledgeable sources as they need it. Thus, the client–server
approach is naturally consistent with the way humans acquire and use information.
79
Peer to Peer architecture
80
Peer to Peer architecture
81
Which one is better?
What are the disadvantages of a large company using a peer-to-peer network model?
The disadvantages of peer to peer network
• A computer can be accessed anytime.
• Network security has to be applied to each computer separately.
• Backup has to be performed on each computer separately.
• No centralized server is available to manage and control the access of data.
82
Difference Between Client-Server and Peer-to-Peer Network
In Client-Server Network, Clients and server are In Peer-to-Peer Network, Clients and server are not
differentiated, Specific server and clients are present. differentiated.
Client-Server Network focuses on information sharing. While Peer-to-Peer Network focuses on connectivity.
In Client-Server Network, Centralized server is used to While in Peer-to-Peer Network, Each peer has its own
store the data. data.
In Client-Server Network, Server respond the services While in Peer-to-Peer Network, Each and every node
which is request by Client. can do both request and respond for the services.
Client-Server Network are costlier than Peer-to-Peer While Peer-to-Peer Network are less costlier than
Network. Client-Server Network.
Client-Server Network are more stable than Peer-to- While Peer-to-Peer Network are less stable if number
Peer Network. of peer is increase.
Client-Server Network is used for both small and large While Peer-to-Peer Network is generally suited for
networks. small networks with fewer than 10 computers.
83
IP
Addresses
84
IP Address-
• A computer network is a group of computers and various networking devices that connect to
share information and resources.
• To uniquely identify each computer or networking device in the network, computer networks also
use addresses. Addresses in computer networks are known as IP addresses.
• An IP address consists of two components: the network address and the host address.
• The network address is used to find the subnet in which the computer or the device is located
and the host address is used to find the computer or the device in the subnet.
• If a large computer network is divided into smaller groups, each group is known as a subnet.
• IP addresses can be written in three notations: binary, dotted-decimal, and hexadecimal. From
these notations, computers understand only binary notation.
85
IP Address- IPV4
86
IP Address-
87
Classes of IPv4 Address
• IP addresses are also classified into different classes based on their range and intended
use:
88
IP Address-Classes
89
IP Address-Classes
• A network ID also known as NetID is a fixed bit in the IP address that represents the entire
network of any host It is connected to the network. i.e., it tells the network of the host by which the
host is connected.
90
IP Address-
91
Subnet address
92
Subnet address
• In this case, all devices in the 192.168.1.0/24 subnet will have IPs ranging from 192.168.1.1
to 192.168.1.254, while 192.168.1.0 is the subnet address, and 192.168.1.255 is the
broadcast address.
93
Network Address Translation (NAT)
94
Network Address Translation (NAT)
• NAT is a technique that translates private IP addresses within a network to a single public
IP address before sending data packets to the internet, and vice versa.
• Even with the challenges of managing a private network, NAT is often implemented as a
security measure;
• The NAT-enabled router is the only computer visible to the Internet, computers on the private
network are not addressable from outside the local network, and are essentially invisible to
the public networks, providing extra protection to an organization’s internal network.
• Network Address Translation (NAT) is a method that allows multiple devices on a private
network to share a single public IP address, enabling them to communicate with the internet while
conserving public IP addresses and enhancing security by hiding internal network addresses
95
How it works:
• When a device on the private network wants to communicate with a device on the public
network, the router (or NAT device) intercepts the outgoing packet.
• It replaces the source IP address with the router's public IP address and potentially a different
port
number.
• The router sends the modified packet to the destination on the public network.
• When the destination sends a response, the router intercepts the incoming packet, replaces the
destination IP address with the original source IP address and port, and forwards the packet to
the original device on the private network.
96
Network Address Translation (NAT)
97
Dynamic Host Configuration Protocol (DHCP)
98
Dynamic Host Configuration Protocol (DHCP)
• The DHCP server responds with a lease ,which includes an IP address, and other
configuration parameters, including the domain name of the network, the IP address of a
local DNS server, a subnet mask to identify other nodes on the local area network, and
the default IP address of the Internet gateway.
99
Domain Name System (DNS)
• Domain Name System (DNS) protocol, to translate domain names into IP addresses.
• The DNS application uses a massive distributed database, Each entry in the database consists of
a
domain name and an associated IP address.
• The Domain Name System (DNS) translates human-readable domain names (e.g.,
www.google.com) into machine-readable IP addresses (e.g., 142.250.190.14), enabling
internet communication
100
Domain Name System (DNS)
101
Domain Name System (DNS)
• At the top of the tree is the root directory, called the DNS root server.
• The DNS root servers have entries for all of the so-called top-level domains.
• There are country-code top-level domain name servers (ccTLDs) for every identifiable
country in the world plus a number of authorized commercial and noncommercial generic top-
level domain name servers (gTLDs).
102
Domain Name System (DNS)
103
Domain Name System (DNS) - Steps
104
Domain Name System (DNS)
1. The HTTP application extracts the domain name from the URL and requests resolution of the
name from the DNS support application. The DNS client issues a query packet with the name to
a local DNS server for resolution.
2. The local DNS server table contains the addresses for various root servers. It also stores
in a cache, on a short-term basis, the names and IP addresses resulting from other recently
issued requests. If the information is in the local DNS table, the information is returned to the
DNS client by the local DNS server as a response to the query. The DNS client passes the IP
address to the HTTP application. The DNS application’s job is done.
3. If the IP address is not found in the local cache, the request is sent to the Recursive DNS
Resolver, which is usually provided by the ISP (Internet Service Provider). The resolver sends
a query to one of the Root DNS Servers (13 root servers worldwide, .com, org etc) The root
server does not know the exact IP, but it directs the resolver to the TLD (Top-Level Domain)
DNS server.
105
Domain Name System (DNS)
4.Next, the local DNS server issues a query to the DNS top-level server, requesting the IP
address of the authoritative DNS server associated with the requested domain name.
5.Finally, the authoritative DNS server responds with the requested IP address. The local DNS
server returns the address to the DNS client on the host machine making the original request. The
IP address is delivered to the HTTP application. We’re done!
106
VPN- VIRTUAL PRIVATE NETWORK
• A Virtual Private Network (VPN) creates a secure, encrypted connection over an untrusted
network (like the internet), allowing users to access a private network or the internet as if they
were directly connected, enhancing security and privacy.
• To obtain network security is to transmit via a Virtual Private Network (VPN).
• When you have an account with a VPN provider, then you can use the software provided by
that VPN to connect to one of their servers.
• This connection is made via an encrypted connection (sometimes called a VPN tunnel ) so that
all
traffic back and forth between your device and that server is encrypted.
• The VPN server assigns a unique IP address to your device.
107
VPN- VIRTUAL PRIVATE NETWORK
• For subsequent data traffic from your device, your ISP sends that traffic through the Internet to
the VPN server for further processing, but that traffic is encrypted.
• Therefore, the ISP can neither read that data nor know what subsequent service you are asking
the
VPN server to perform, such as connecting you to some website.
•All traffic between the VPN server and the rest of the Internet sees only your assigned IP
address. Two advantages of using a VPN:
1. Your device’s IP address is “hidden” behind the IP address assigned by the VPN server, so web
traffic cannot easily be connected directly to you, that is, to the device you are using.
2.All network traffic between you and the VPN server is encrypted, so at least that leg of the
journey is secure.
108
VPN-Router
• A VPN router, which connects to a Virtual Private Network (VPN), encrypts all data shared via
your network, providing secure and private internet access for all connected devices, hiding
your IP address and bypassing geo-restrictions.
IP Address Masking:
• By connecting to a VPN server, the router obtains a new IP address, concealing your actual IP
address and location from your ISP and other potential observers.
Bypassing Geo-Restrictions:
• VPN routers allow you to access content that may be blocked or restricted in your location, as
your internet traffic appears to originate from the VPN server's location.
110
VPN Client:
• It's a software application (program, app) that acts as the interface between your device and
the VPN server.
• It encrypts your internet traffic, making it unreadable to anyone who might be trying to
intercept it.
• It routes your internet traffic through the VPN server, making it appear as if you're browsing
from the server's location, which can be useful for bypassing geo-restrictions or enhancing
privacy.
• Most VPN providers offer their own VPN client software, designed for easy access to their
servers and advanced security features.
111
VPN Server:
• It's a server that acts as a gateway, accepting client connections and providing secure access to
a network.
• It's the endpoint that the VPN client connects to, establishing the secure tunnel.
• It can be a physical server or a virtualized server.
How it works:
1. You install and launch the VPN client software on your device.
2. The client connects to a VPN server, establishing a secure, encrypted tunnel
3. All your internet traffic is routed through this tunnel, ensuring privacy and security.
112
Network security
• Network security is the protection of a network's data and usability from threats.
• Network security encompasses both desktop and perimeter security, with perimeter security
focusing on protecting the network boundary from external threats, while desktop security
focuses on securing individual devices and data within the network.
• Firewall : A firewall is a network security device that monitors and controls incoming
and outgoing traffic. It can be hardware-based or software-based.
• Firewalls help protect your network from unwanted visitors and potential threats.
• Before Firewalls, network security was performed by Access Control Lists (ACLs)
residing on
routers.
• ACLs are rules that determine whether network access should be granted or denied to specific
IP address.
• But ACLs cannot determine the nature of the packet it is blocking.
• ACL alone does not have the capacity to keep threats out of the network
113
Firewall
• When you connect personal computers to other IT systems or the internet, it opens up
many benefits like collaboration, resource sharing, and creativity.
• But it also exposes your network and devices to risks like hacking, identity theft, malware,
and
online fraud.
• Once a malicious person finds your network, they can easily access and threaten it.
• Using a firewall is essential for proactive protection against these risks.
• A firewall serves as a security barrier for a network, narrowing the attack surface to a
single point
of contact.
• Instead of every device on a network being exposed to the internet, all traffic must first go
through the firewall.
• This way, the firewall can filter and block non-permitted traffic.
114
Firewall
115
Types of Firewall
Hardware firewalls
• Independent hardware devices with their own resources.
• Can be modular, fixed, desktop, or card-style
Software firewalls
• Installed on a computer like other software
•Can be configured to control how they work and what security measures are
included Cloud firewalls
• Implemented in the cloud computing environment
• Secure cloud structures, applications, and distributed network systems
116
Network Desktop Security:
• Desktop security focuses on securing individual devices and data within the network,
including operating systems, applications, and user data.
• Protects the network from internal threats, such as malware infections, data leaks, and insider
threats.
Key Components:
• Antivirus and Antimalware Software: Protects against malware and other malicious
software.
• Firewalls (on individual devices): Control network traffic to and from the device.
• Data Encryption: Protects sensitive data stored on the device.
• Strong Passwords and Multi-Factor Authentication: Prevents unauthorized access to the
device and user accounts.
• Regular Software Updates: Patches vulnerabilities in operating systems and applications.
117
Network Perimeter Security:
• Network perimeter security involves safeguarding a company's network from external threats, such as
hackers, malware, and ransomware, by establishing a secure boundary between the private network and
the public internet.
• Protects the network from unauthorized access, data breaches, and other security incidents.
Key Components:
• Firewalls: Control incoming and outgoing network traffic based on predefined security rules.
• Border Routers: Direct traffic into and out of networks, acting as the last point of defense before
traffic
enters the public internet.
• Intrusion Detection Systems (IDS): Detect and alert administrators to suspicious activity on
the network.
• Intrusion Prevention Systems (IPS): Not only detect but also actively block or prevent malicious
activity. Eg: Versa Analytics(Signature based security plan)
118
119
THANK
YOU
120