1 networking. 2 what is a network? 3 a network consists of 2 or more computers connected together,...

ENG224

INFORMATION TECHNOLOGY – Part II5. Introduction to Networking

1

Networking

ENG224


2

What is a Network?

ENG224


3

What is a Network?

A network consists of 2 or more computers connected together, and they can communicate and share resources (e.g. information)

ENG224


4

Why Networking?•Sharing information — i.e. data communication

•Do you prefer these?

•Or this?

ENG224


5

• Sharing hardware or software

• Centralize administration and support

• E.g. print document

• E.g. Internet-based, so everyone can access the same administrative or support application from their PCs

ENG224


• A modem, or modulator-demodulator, is a device that provides the computer with connectivity to a telephone line.

• Converts signals from analog to digital, and digital to analog.• Depending upon your “Internet connection”, you may have

just a NIC, just a modem or both.

NIC and modem

ENG224


7

Kinds of Networks?• Depending on one’s perspective, we can classify

networks in different ways

•Based on transmission media:

•Wired (UTP, coaxial cables, fiber-optic cables) and Wireless

ENG224


Wireless Networks Types

• There are two main types of wireless networks:– Ad hoc – also known as peer-to-peer or IBSS

(Independent Basic Service Set) – An ad hoc wireless network is when at least two devices such as two computers have wireless NICs.

– Infrastructure – Wireless network that connects multiple wireless network devices through an Access Point.

ENG224


9

•Based on network size:

•LAN and WAN (and MAN)

Kinds of Networks?

ENG224


10

Interconnecting LANs and WANs

To offsiteLANs

To theInternet

Host systems usually connect into a LAN switch– Number of hosts limited by

the number of ports on the switch

Routers have two main uses- Interconnecting LANs- Connecting to a WAN or to

the Internet Routers interconnect LANs

- To separate the users- To separate the traffic

switch

router

ENG224


11

LAN and WAN• Local Area Network (LAN)

• Small network, short distance• A room, a floor, a building• Limited by no. of computers and distance covered• Usually one kind of technology throughout the

LAN• Serve a department within an organization

• Examples: • Network inside the Student Computer Room• Network inside Laboratory• Network inside your home

ENG224


12

• Wide Area Network (WAN)• A network that uses long-range

telecommunication links to connect 2 or more LANs/computers housed in different places far apart.• Towns, states, countries

• Examples:• Network of our Campus• Internet

WAN

Student Computer Centre

Your home

USA

ENG224


13

• Example WAN technologies:

• ISDN – Integrated Service Digital Network• Basic rate: 192 Kbps Primary rate: 1.544Mbps

• T-Carriers ― basically digital phone lines• T1: 1.544Mbps T3: 28T1

• Frame relay• Each link offers 1.544Mbps or even higher

• ATM – Asynchronous Transfer Mode• Support B-ISDN: 155Mbps or 622Mbps or

higher• SONET – Synchronous Optical Network

• Basic rate OC1: 51.84Mbps• Support OC12 and up to OC192 (9953.28Mbps)

or even higher in the future

ENG224


14

• Example of WAN: Broadband Cable Network

• Cable TV services have been extensively developed in most modern cities

• Cable TV companies try to make use of their coaxial cable installed (that are supposed to carry TV signals) to deliver broadband data services

• Many cable network wiring has been replaced with hybrid fiber-coax (HFC) ― i.e. use of fiber-optic cable to connect to the subscribers’ buildings, and then the original coaxial cable to connect to each household

ENG224


15

The connection is shared by a number of subscribers, hence may raise performance and security problems

Fiber-optic cable

Cable companyCoaxial Cable

TV

PC

Cable Drop

ENG224


16

•Peer-to-peer and Client/Server

Based on management method

Kinds of Networks?

ENG224


– Server-Based Network – A basic type of LAN wherein users login to a controlling computer, called a server and is more secure. The server contains information about who can connect to the network and to what shared resources. It also provides some of these resources. These networks normally consist of 10 or more computers.

– Peer-to-Peer Network – One of two basic types of LANs wherein each computer user acts as a server. Each computer stores password and sharing information for its own resources. Usually has fewer than 10 computers.

• NOS (Network Operating System) – Special operating system on a server containing utilities for managing users, resources, and security.

ENG224


18

Peer-to-Peer Networks

• Peer-to-peer network is also called workgroup• No hierarchy among computers all are equal• No administrator responsible for the network

Peer-to-peer

ENG224


Peer-to Peer Network

ENG224


• Advantages of peer-to-peer networks:• Low cost• Simple to configure• User has full accessibility of the computer

• Disadvantages of peer-to-peer networks:• May have duplication in resources• Difficult to uphold security policy• Difficult to handle uneven loading

• Where peer-to-peer network is appropriate:• 10 or less users• No specialized services required• Security is not an issue• Only limited growth in the foreseeable future

ENG224


21

Clients and Servers• Network Clients (Workstation)

• Computers that request network resources or services

• Network Servers• Computers that manage and provide network

resources and services to clients• Usually have more processing power, memory and

hard disk space than clients• Run Network Operating System that can manage

not only data, but also users, groups, security, and applications on the network

• Servers often have a more stringent requirement on its performance and reliability

ENG224


Server-Based Network

ENG224


23

• Advantages of client/server networks• Facilitate resource sharing – centrally administrate

and control• Facilitate system backup and improve fault tolerance• Enhance security – only administrator can have access

to Server• Support more users – difficult to achieve with peer-to-

peer networks

• Disadvantages of client/server networks• High cost for Servers• Need expert to configure the network• Introduce a single point of failure to the system

ENG224


24

•Based on topology (connectivity):

Bus, Star, Ring …

Kinds of Networks?

ENG224


25

Topology

• How so many computers are connected together?

Bus Topology Ring Topology

Star Topology

Hub

ENG224


Hub/Switch

ENG224


Star Topology

ENG224


Ring Topology

ENG224


Bus Topology

ENG224


30

TCP/IP description and configuration

• Transmission Control Protocol/Internet Protocol (TCP/IP) is a set of protocols or rules developed to allow cooperating computers to share resources across a network.

• Includes a “unique” (well, not always) address assigned to your computer

ENG224


Verify IP Configuration: Win XP, NT, 2000

• ipconfig• ipconfig /all

1

2

3

ENG224


Verify IP Configuration: Win 9x

1 2

3 4

ENG224


TCP/IP description and configuration

ENG224


Testing connectivity with ping

• The ping command works by sending multiple IP packets to a specified destination. Each packet sent is a request for a reply.

• The ping command is used to test the NIC transmit/receive function, the TCP/IP configuration, and network connectivity.

ENG224


H-35

Network Management• Network management is the process

of controlling a complex data network to maximize its efficiency and productivity

• The overall goal of network management is to help with the complexity of a data network and to ensure that data can go across it with maximum efficiency and transparency to the users

ENG224


H-36

Network Management

• The International Organization for Standardization (ISO) Network Management Forum divided network management into five functional areas:– Fault Management– Configuration Management– Security Management– Performance Management– Accounting Management

ENG224


Fault Management

• Is the process of locating problems, or faults, on the data network

• It involves the following steps:– Discover the problem– Isolate the problem– Fix the problem (if possible)

ENG224


Fault Management: Activities

• Trace (Monitor) & Identify Faults (Abnormal Operation)

• Accept Facts & Act on Error-Detection Notification

• Carry Out Sequences of Diagnostic Tests

• Correct Faults• Maintain and Examine Error Logs

ENG224


Fault Management: Summary

• Alarm

(Categories / Priorities) • Response

(Repair / Clear Alarm)• Recording

(Report)

ENG224


Configuration Management

• The configuration of certain network devices controls the behavior of the data network

• Configuration management is the process of finding and setting up (configuring) these critical devices

ENG224


Configuration Management: Summary

• Continuous Information Collection• Detection of Changes• Scheduling Resource Provisioning

in Response to Changes

ENG224


Security Management

• Is the process of controlling access to information on the data network

• Provides a way to monitor access points and records information on a periodic basis

• Provides audit trails and sounds alarms for security breaches

ENG224


Security Management

• Security Management is more than locking server rooms or insisting on password discipline.

• Security Management is the process of managing a defined level of security on information and IT services

• Security Management is a part of every manager’s job. Management is responsible for taking appropriate measures to reduce the chances of failure to an acceptable level.

ENG224


Security Management: Activities

• Access Management

(Users / Use)• Detection of Attacks

(Against Information)• Protection Measures

(Encryption)

ENG224

INFORMATION TECHNOLOGY – Part II5. Introduction to NetworkingThreats to Network Security

• Viruses: Computer programs written by devious programmers and designed to replicate themselves and infect computers when triggered by a specific event.

• Trojan Horse Program: Delivery vehicles for destructive code, which appear to be harmless or useful software program.

• Vandals: Software applications or applets that cause destruction.

ENG224


Threats to Network Security

• Attacks: Including reconnaissance attacks (information-gathering activities to collect data that is later used to compromise networks); access attacks (which exploit network vulnerabilities in order to gain entry to e-mail, databases, or the corporate networks); and denial-of-service attacks (which prevent access to part or all of computer system)

• Data Interception: Involves eavesdropping on communications or altering data packets being transmitted

ENG224

INFORMATION TECHNOLOGY – Part II5. Introduction to NetworkingThreats to Network Security

• Social Engineering: Obtaining confidential network security information through nontechnical means, such as posing as technical support person and asking for people’s passwords.

ENG224


Network Security Tools

• Antivirus Software Packages: This packages counter most virus threats if regularly updated and correctly maintained.

• Secure Network Infrastructure: Switches and Routers have hardware and software features tat support secure connectivity, perimeter security, intrusion protection, identity services, and security management.

• Virtual Private Networks: These networks provide access control and data encryption between two different computers on a network.

ENG224


Network Security Tools

• Identity Services: These services help to identify users and control their activities and transactions on the network.

• Encryption: Encryption ensures that messages cannot be intercepted or read by anyone other than the authorized recipient.

• Security Management: This is the glue that holds together the other building blocks of a strong security solutions.

ENG224


Performance Management

• Involves measuring the performance of the network hardware, software, and media

• Examples of measured activities are:– Overall throughput– Percentage utilization– Error rates– Response time

ENG224


Accounting Management

• Involves tracking individual’s utilization and grouping of network resources to ensure that users have sufficient resources

• Involves granting or removing permission for access to the network

ENG224


Accounting Management

Identifying• Cost

(Charges to be Paid)

For the • Use of Network Resources

(By Users / Subscribers )

ENG224


Accounting Management: Activities

• Set Tariff / Costing

(For Use of Resources / Services)• Accumulate Use

(Traffic Information / Data Collection / Recording)

• Charging / Billing

(To be Paid by Subscribers )• Accounting / Book Keeping

ENG224


Standard Documents: Functions

ISO Network Management Functions

Fault ISO: 2687

Performance ISO: 2673

Configuration ISO: 2686

Security ISO: 2688

Accounting ISO: 2687

ENG224


55

Authentication, authorization, and accounting, commonly known as AAA (triple A) provides a framework for managing and controlling access to computer resources on a network. All these processes combined provide an effective network management and security.

AUTHORIZATION,AUTHENTICATION & ACCOUNTING

ENG224


56

The AAA model is defined as follows: •Authentication: Who are you? •Authorization: What resources are you permitted to use? •Accounting: What resources were accessed, at what time, by whom, and what commands were issued?

ENG224


57

Authentication – the process of identifying a user, typically by challenging for valid credentials (user ID /Password) before granting the access. The credentials are matched against the database and upon successful match the access is granted.

ENG224


58

Authorization- once the user is authenticated, the user must now gain authorization to perform the tasks. The authorization process determines the level of command execution that can be permitted to the user. Simply put, this is the process that enforces the policies.

ENG224


59

Accounting – is the process of measuring the resource access by a user. This is typically achieved by recording session statistics like Data access (send/received), resources accessed, activities performed, and system usage information. This information is used for billing purposes (for a service provider); Authorization control; conducting trend analysis; resource utilization and importantly for capacity planning activities.