1 networking. 2 what is a network? 3 a network consists of 2 or more computers connected together,...
TRANSCRIPT
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
1
Networking
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
2
What is a Network?
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
3
What is a Network?
A network consists of 2 or more computers connected together, and they can communicate and share resources (e.g. information)
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
4
Why Networking?•Sharing information — i.e. data communication
•Do you prefer these?
•Or this?
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
5
• Sharing hardware or software
• Centralize administration and support
• E.g. print document
• E.g. Internet-based, so everyone can access the same administrative or support application from their PCs
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
• A modem, or modulator-demodulator, is a device that provides the computer with connectivity to a telephone line.
• Converts signals from analog to digital, and digital to analog.• Depending upon your “Internet connection”, you may have
just a NIC, just a modem or both.
NIC and modem
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
7
Kinds of Networks?• Depending on one’s perspective, we can classify
networks in different ways
•Based on transmission media:
•Wired (UTP, coaxial cables, fiber-optic cables) and Wireless
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Wireless Networks Types
• There are two main types of wireless networks:– Ad hoc – also known as peer-to-peer or IBSS
(Independent Basic Service Set) – An ad hoc wireless network is when at least two devices such as two computers have wireless NICs.
– Infrastructure – Wireless network that connects multiple wireless network devices through an Access Point.
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
9
•Based on network size:
•LAN and WAN (and MAN)
Kinds of Networks?
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
10
Interconnecting LANs and WANs
To offsiteLANs
To theInternet
Host systems usually connect into a LAN switch– Number of hosts limited by
the number of ports on the switch
Routers have two main uses- Interconnecting LANs- Connecting to a WAN or to
the Internet Routers interconnect LANs
- To separate the users- To separate the traffic
switch
router
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
11
LAN and WAN• Local Area Network (LAN)
• Small network, short distance• A room, a floor, a building• Limited by no. of computers and distance covered• Usually one kind of technology throughout the
LAN• Serve a department within an organization
• Examples: • Network inside the Student Computer Room• Network inside Laboratory• Network inside your home
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
12
• Wide Area Network (WAN)• A network that uses long-range
telecommunication links to connect 2 or more LANs/computers housed in different places far apart.• Towns, states, countries
• Examples:• Network of our Campus• Internet
WAN
Student Computer Centre
Your home
USA
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
13
• Example WAN technologies:
• ISDN – Integrated Service Digital Network• Basic rate: 192 Kbps Primary rate: 1.544Mbps
• T-Carriers ― basically digital phone lines• T1: 1.544Mbps T3: 28T1
• Frame relay• Each link offers 1.544Mbps or even higher
• ATM – Asynchronous Transfer Mode• Support B-ISDN: 155Mbps or 622Mbps or
higher• SONET – Synchronous Optical Network
• Basic rate OC1: 51.84Mbps• Support OC12 and up to OC192 (9953.28Mbps)
or even higher in the future
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
14
• Example of WAN: Broadband Cable Network
• Cable TV services have been extensively developed in most modern cities
• Cable TV companies try to make use of their coaxial cable installed (that are supposed to carry TV signals) to deliver broadband data services
• Many cable network wiring has been replaced with hybrid fiber-coax (HFC) ― i.e. use of fiber-optic cable to connect to the subscribers’ buildings, and then the original coaxial cable to connect to each household
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
15
The connection is shared by a number of subscribers, hence may raise performance and security problems
Fiber-optic cable
Cable companyCoaxial Cable
TV
PC
Cable Drop
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
16
•Peer-to-peer and Client/Server
Based on management method
Kinds of Networks?
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
– Server-Based Network – A basic type of LAN wherein users login to a controlling computer, called a server and is more secure. The server contains information about who can connect to the network and to what shared resources. It also provides some of these resources. These networks normally consist of 10 or more computers.
– Peer-to-Peer Network – One of two basic types of LANs wherein each computer user acts as a server. Each computer stores password and sharing information for its own resources. Usually has fewer than 10 computers.
• NOS (Network Operating System) – Special operating system on a server containing utilities for managing users, resources, and security.
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
18
Peer-to-Peer Networks
• Peer-to-peer network is also called workgroup• No hierarchy among computers all are equal• No administrator responsible for the network
Peer-to-peer
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Peer-to Peer Network
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
• Advantages of peer-to-peer networks:• Low cost• Simple to configure• User has full accessibility of the computer
• Disadvantages of peer-to-peer networks:• May have duplication in resources• Difficult to uphold security policy• Difficult to handle uneven loading
• Where peer-to-peer network is appropriate:• 10 or less users• No specialized services required• Security is not an issue• Only limited growth in the foreseeable future
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
21
Clients and Servers• Network Clients (Workstation)
• Computers that request network resources or services
• Network Servers• Computers that manage and provide network
resources and services to clients• Usually have more processing power, memory and
hard disk space than clients• Run Network Operating System that can manage
not only data, but also users, groups, security, and applications on the network
• Servers often have a more stringent requirement on its performance and reliability
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Server-Based Network
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
23
• Advantages of client/server networks• Facilitate resource sharing – centrally administrate
and control• Facilitate system backup and improve fault tolerance• Enhance security – only administrator can have access
to Server• Support more users – difficult to achieve with peer-to-
peer networks
• Disadvantages of client/server networks• High cost for Servers• Need expert to configure the network• Introduce a single point of failure to the system
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
24
•Based on topology (connectivity):
Bus, Star, Ring …
Kinds of Networks?
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
25
Topology
• How so many computers are connected together?
Bus Topology Ring Topology
Star Topology
Hub
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Hub/Switch
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Star Topology
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Ring Topology
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Bus Topology
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
30
TCP/IP description and configuration
• Transmission Control Protocol/Internet Protocol (TCP/IP) is a set of protocols or rules developed to allow cooperating computers to share resources across a network.
• Includes a “unique” (well, not always) address assigned to your computer
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Verify IP Configuration: Win XP, NT, 2000
• ipconfig• ipconfig /all
1
2
3
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Verify IP Configuration: Win 9x
1 2
3 4
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
TCP/IP description and configuration
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Testing connectivity with ping
• The ping command works by sending multiple IP packets to a specified destination. Each packet sent is a request for a reply.
• The ping command is used to test the NIC transmit/receive function, the TCP/IP configuration, and network connectivity.
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
H-35
Network Management• Network management is the process
of controlling a complex data network to maximize its efficiency and productivity
• The overall goal of network management is to help with the complexity of a data network and to ensure that data can go across it with maximum efficiency and transparency to the users
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
H-36
Network Management
• The International Organization for Standardization (ISO) Network Management Forum divided network management into five functional areas:– Fault Management– Configuration Management– Security Management– Performance Management– Accounting Management
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Fault Management
• Is the process of locating problems, or faults, on the data network
• It involves the following steps:– Discover the problem– Isolate the problem– Fix the problem (if possible)
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Fault Management: Activities
• Trace (Monitor) & Identify Faults (Abnormal Operation)
• Accept Facts & Act on Error-Detection Notification
• Carry Out Sequences of Diagnostic Tests
• Correct Faults• Maintain and Examine Error Logs
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Fault Management: Summary
• Alarm
(Categories / Priorities) • Response
(Repair / Clear Alarm)• Recording
(Report)
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Configuration Management
• The configuration of certain network devices controls the behavior of the data network
• Configuration management is the process of finding and setting up (configuring) these critical devices
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Configuration Management: Summary
• Continuous Information Collection• Detection of Changes• Scheduling Resource Provisioning
in Response to Changes
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Security Management
• Is the process of controlling access to information on the data network
• Provides a way to monitor access points and records information on a periodic basis
• Provides audit trails and sounds alarms for security breaches
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Security Management
• Security Management is more than locking server rooms or insisting on password discipline.
• Security Management is the process of managing a defined level of security on information and IT services
• Security Management is a part of every manager’s job. Management is responsible for taking appropriate measures to reduce the chances of failure to an acceptable level.
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Security Management: Activities
• Access Management
(Users / Use)• Detection of Attacks
(Against Information)• Protection Measures
(Encryption)
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to NetworkingThreats to Network Security
• Viruses: Computer programs written by devious programmers and designed to replicate themselves and infect computers when triggered by a specific event.
• Trojan Horse Program: Delivery vehicles for destructive code, which appear to be harmless or useful software program.
• Vandals: Software applications or applets that cause destruction.
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Threats to Network Security
• Attacks: Including reconnaissance attacks (information-gathering activities to collect data that is later used to compromise networks); access attacks (which exploit network vulnerabilities in order to gain entry to e-mail, databases, or the corporate networks); and denial-of-service attacks (which prevent access to part or all of computer system)
• Data Interception: Involves eavesdropping on communications or altering data packets being transmitted
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to NetworkingThreats to Network Security
• Social Engineering: Obtaining confidential network security information through nontechnical means, such as posing as technical support person and asking for people’s passwords.
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Network Security Tools
• Antivirus Software Packages: This packages counter most virus threats if regularly updated and correctly maintained.
• Secure Network Infrastructure: Switches and Routers have hardware and software features tat support secure connectivity, perimeter security, intrusion protection, identity services, and security management.
• Virtual Private Networks: These networks provide access control and data encryption between two different computers on a network.
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Network Security Tools
• Identity Services: These services help to identify users and control their activities and transactions on the network.
• Encryption: Encryption ensures that messages cannot be intercepted or read by anyone other than the authorized recipient.
• Security Management: This is the glue that holds together the other building blocks of a strong security solutions.
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Performance Management
• Involves measuring the performance of the network hardware, software, and media
• Examples of measured activities are:– Overall throughput– Percentage utilization– Error rates– Response time
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Accounting Management
• Involves tracking individual’s utilization and grouping of network resources to ensure that users have sufficient resources
• Involves granting or removing permission for access to the network
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Accounting Management
Identifying• Cost
(Charges to be Paid)
For the • Use of Network Resources
(By Users / Subscribers )
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Accounting Management: Activities
• Set Tariff / Costing
(For Use of Resources / Services)• Accumulate Use
(Traffic Information / Data Collection / Recording)
• Charging / Billing
(To be Paid by Subscribers )• Accounting / Book Keeping
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
Standard Documents: Functions
ISO Network Management Functions
Fault ISO: 2687
Performance ISO: 2673
Configuration ISO: 2686
Security ISO: 2688
Accounting ISO: 2687
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
55
Authentication, authorization, and accounting, commonly known as AAA (triple A) provides a framework for managing and controlling access to computer resources on a network. All these processes combined provide an effective network management and security.
AUTHORIZATION,AUTHENTICATION & ACCOUNTING
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
56
The AAA model is defined as follows: •Authentication: Who are you? •Authorization: What resources are you permitted to use? •Accounting: What resources were accessed, at what time, by whom, and what commands were issued?
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
57
Authentication – the process of identifying a user, typically by challenging for valid credentials (user ID /Password) before granting the access. The credentials are matched against the database and upon successful match the access is granted.
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
58
Authorization- once the user is authenticated, the user must now gain authorization to perform the tasks. The authorization process determines the level of command execution that can be permitted to the user. Simply put, this is the process that enforces the policies.
ENG224
INFORMATION TECHNOLOGY – Part II5. Introduction to Networking
59
Accounting – is the process of measuring the resource access by a user. This is typically achieved by recording session statistics like Data access (send/received), resources accessed, activities performed, and system usage information. This information is used for billing purposes (for a service provider); Authorization control; conducting trend analysis; resource utilization and importantly for capacity planning activities.