Advanced Networking by xiaohuicaicai


									Computer Networking
 Beyond the Basics

        FETC 2009

      Networking Trends - User
            • More users are being connected to
              networks as client/server applications
              become more widespread
            • Users are connecting more powerful
              workstations that require greater
              bandwidth to be fully productive
            • Everyone wants access to the Internet
            • Administrative and Instructional networks
              are merging

FETC 2009
   Networking Trends -Applications
            • Imaging, modeling,and graphics-based
              applications demand large amounts of
              sustained bandwidths to transfer files
            • New, real-time applications such as
              multimedia, video, and voice add a new
              requirement, constant delay, to the
              network design

FETC 2009
                  Network Size
            • Small, single segment networks
              • <100 users, one or two servers, Ethernet or
                Token Ring
            • Medium, several segments
              • <500 users, 5 servers, high speed
                backbone, router
            • Large, multi-segment
              • 500+ users, 5+ servers. high speed
                switched VLAN, router

FETC 2009
       Network Administration -
          Network Manager
            • Making the network more manageable for
              changes, moves and adds.
            • Adding redundancy and improving reliability
              of the network
            • Updating out-of-date equipment

FETC 2009
        Network Documentation
            • Hardware and Software inventory
            • Tech Support Contacts,
              Contracts, and Numbers
            • Vendor Information
            • Software Licensing
            • Original Software Diskettes and

FETC 2009
        Network Documentation
            • IP Addressing
            • MAC Addressing
            • Hub/Switch Documentation
            • Server Configuration Files
            • Wiring Labeling Scheme and
            • System passwords (stored for

FETC 2009
        Network Documentation
            •   Backup Log
            •   Trouble Log
            •   Service Log
            •   District Policies
            •   Purchase Orders and Invoices

FETC 2009
        Network Documentation
            • Develop a Baseline for your
            • Establish communication for
              vendors and staff
            • Improved response time
            • Know where equipment is located
            • Document on Paper as well as
              • Notebooks
              • Databases - share with others

FETC 2009
            Network Protocols
              • OSI Model
              • Protocol Rules

FETC 2009
            OSI Model

FETC 2009
            OSI Model

FETC 2009
                                   The Layers
            Think of the seven layers as the assembly line in the computer. At each layer, certain things
                 happen to the data that prepare it for the next layer. The seven layers, which separate into
                 two sets, are:

            •    Application Set
                  •    Layer 7: Application - This is the layer that actually interacts with the operating
                       system or application whenever the user chooses to transfer files, read
                       messages or perform other network-related activities.
                  •    Layer 6: Presentation - Layer 6 takes the data provided by the Application layer
                       and converts it into a standard format that the other layers can understand.
                  •    Layer 5: Session - Layer 5 establishes, maintains and ends communication with
                       the receiving device.

            •    Transport Set
                  •    Layer 4: Transport - This layer maintains flow control of data and provides for
                       error checking and recovery of data between the devices. Flow control means
                       that the Transport layer looks to see if data is coming from more than one
                       application and integrates each application's data into a single stream for the
                       physical network.
                  •    Layer 3: Network - The way that the data will be sent to the recipient device is
                       determined in this layer. Logical protocols, routing and addressing are handled
                  •    Layer 2: Data - In this layer, the appropriate physical protocol is assigned to the
                       data. Also, the type of network and the packet sequencing is defined.
                  •    Layer 1: Physical - This is the level of the actual hardware. It defines the
                       physical characteristics of the network such as connections, voltage levels and

FETC 2009
            OSI Model

FETC 2009
            ISO/OSI Layers

FETC 2009
            ISO/OSI Layers

FETC 2009
            ISO/OSI Layers

FETC 2009
            ISO/OSI Layers

FETC 2009
            ISO/OSI Layers

FETC 2009
            ISO/OSI Layers

FETC 2009
            ISO/OSI Layers

FETC 2009
            ISO/OSI Layers

FETC 2009
            ISO/OSI Layers

FETC 2009

FETC 2009
            LAN Addressing
             • each node must have a unique
               address for its hardware
             • each network on an internet must
               be unique
             • many protocols use a two-level
               hierarchy (network:node)
             • Unicast – sent to one node
             • Broadcast – sent to all nodes
             • Multicast – sent to group of

FETC 2009
            LAN Addressing
             • ARP (Address Resolution Protocol)

                • The ARP protocol is used to map
                  IP addresses to MAC addresses.

             • RARP (Reverse ARP Protocol)

                • RARP is used to map MAC
                  addresses to IP addresses

FETC 2009
            Binary Transmission

FETC 2009
            LAN Addressing
             •   DHCP
             •   Static
             •   Random
             •   IPX
             •   AppleTalk
             •   TCP/IP
             •   WINS and NetBIOS
             •   NAT - Network Address

FETC 2009
            LAN Addressing
             • MAC (Media Access Control)
             • IPX - 43456:000c.04b3.42a1
                • network (0-ffffffff)
                • MAC address
             • AppleTalk - 6501.239
                • Network (1-65279)
                • Node (1-254)
             • TCP/IP -
               Dotted Decimal Notation
                • Network
                • Host

FETC 2009
       LAN Addressing - DHCP
            • Addresses are assigned and
              leased from a specific range by a
              server running Dynamic Host
              Configuration Protocol (DHCP)
            • May also use Boot-P

FETC 2009
              LAN Addressing
        • IP Addressing
        • 32 bit numbers
        • expressed in dotted decimal notation
        • each decimal number is equal 8 bits of
          binary data between 0 and 255
        • =
        • IP Addresses are arranged in classes

FETC 2009
            LAN Addressing
            • Binary Numbers

            • Decimal place values (0-9)
                 105       104   103 102 101               100
              100,000    10,000 1,000 100 10                1

            • Binary place values (0-1)
               27       26     25     24         23   22    21   20
              128       64     32     16         8    4     2    1

            • Hexadecimal place values
               163       162    161        160
              4096       256    16          1

FETC 2009
            LAN Addressing

               Number Systems

FETC 2009
            LAN Addressing

FETC 2009
            LAN Addressing

FETC 2009
            LAN Addressing

FETC 2009
            LAN Addressing

FETC 2009
            LAN Addressing
            • IP Classes
            • Class A
              • 1-126 N.H.H.H.H
              • 001.hhh.hhh.hhh to 126.hhh.hhh.hhh
              • 126 Networks of 16,777,214 Hosts
            • Class B
              • 128-191 N.N.H.H
              • 128.001.hhh.hhh to 191.254.hhh.hhh
              • 16,382 Networks of 65,534 Hosts

FETC 2009
            LAN Addressing
            • IP Classes
            • Class C
              • 192-223 N.N.N.H
              • 192.000.001.hhh to 223.255.254.hhh
              • 2,097,152 Networks of 254 Hosts
            • Class D and E reserved
            • CIDR Classless Interdomain Routing

FETC 2009
              LAN Addressing
            • IP Subnet Masks
              • spits a network into a collection of smaller
              • makes networks more manageable
              • can reduce traffic on each subnet
              • each network operates as an
                independent network
              • Example:
                 • 10101000.11011101.00010100.11101011
                 • 11111111.11111111.11111111.00000000
              • Host 235 on network

FETC 2009
•Subnetting Network
              • One network
              • 254 hosts
              • Single broadcast domain

FETC 2009
 Subnetting Network
              • 126 hosts
              • 126 hosts
            • Two networks
            • Two collision domains
            • Total hosts = 252

FETC 2009
      Subnetting Network
              • 126 hosts
              • 62 hosts
              • 62 hosts
            • Three networks
            • Three collision domains
            • Total hosts = 250

FETC 2009
            Public and Private IP
             • Private network numbers
               • Class A
                  • - (10/8 prefix)
               • Class B
                  • -
                    (172.16/12 prefix)
               • Class C
                  • -
                    (192.168/16 prefix)
             • Use with a firewall or "IP Masquerade"
             • Network Address Translation.
FETC 2009
                           TCP & UDP
    • TCP stands for Transmission Control Protocol. Using this
      method, the computer sending the data connects directly
      to the computer it is sending the data it to, and stay
      connected for the duration of the transfer. With this
      method, the two computers can guarantee that the data
      has arrived safely and correctly, and then they disconnect
      the connection. This method of transferring data tends to
      be quicker and more reliable, but puts a higher load on
      the computer as it has to monitor the connection and the
      data going across it. A real life comparison to this method
      would be to pick up the phone and call a friend. You have
      a conversation and when it is over, you both hang up,
      releasing the connection.

FETC 2009
                           TCP & UDP
      UDP stands for User Datagram Protocol. Using this method, the
      computer sending the data packages the information into a nice
      little package and releases it into the network with the hopes that it
      will get to the right place. What this means is that UDP does not
      connect directly to the receiving computer like TCP does, but rather
      sends the data out and relies on the devices in between the
      sending computer and the receiving computer to get the data where
      it is supposed to go properly. This method of transmission does not
      provide any guarantee that the data you send will ever reach its
      destination. On the other hand, this method of transmission has a
      very low overhead and is therefore very popular to use for services
      that are not that important to work on the first try. A comparison you
      can use for this method is the plain old US Postal Service. You
      place your mail in the mailbox and hope the Postal Service will get
      it to the proper location. Most of the time they do, but sometimes it
      gets lost along the way.
FETC 2009
                  TCP & UDP Ports
            • As you know every computer or device on the Internet
              must have a unique number assigned to it called the IP
              address. This IP address is used to recognize your
              particular computer out of the millions of other
              computers connected to the Internet. When
              information is sent over the Internet to your computer
              how does your computer accept that information? It
              accepts that information by using TCP or UDP ports.

            • An easy way to understand ports is to imagine your IP
              address is a cable box and the ports are the different
              channels on that cable box. The cable company knows
              how to send cable to your cable box based upon a
              unique serial number associated with that box (IP
              Address), and then you receive the individual shows
              on different channels (Ports).

FETC 2009
                      TCP & UDP Ports
   • Ports work the same way. You have an IP address, and then
     many ports on that IP address. When I say many, I mean many.
     You can have a total of 65,535 TCP Ports and another 65,535
     UDP ports. When a program on your computer sends or receives
     data over the Internet it sends that data to an ip address and a
     specific port on the remote computer, and receives the data on a
     usually random port on its own computer. If it uses the TCP
     protocol to send and receive the data then it will connect and bind
     itself to a TCP port. If it uses the UDP protocol to send and
     receive data, it will use a UDP port. Below, is a representation of
     an IP address split into its many TCP and UDP ports. Note that
     once an application binds itself to a particular port, that port can
     not be used by any other application. It is first come, first served.

FETC 2009
            Network Address
             • Using Private IP address on your
               network and translating them to
               Public IP outside your network

FETC 2009
            • The NAT router or Firewall translates
              traffic coming into and leaving the
              private network.

FETC 2009
   • Static NAT - Mapping an unregistered IP
     address to a registered IP address on a one-to-
     one basis. Particularly useful when a device
     needs to be accessible from outside the network.

               In static NAT, the computer with the IP address of
     will always translate to

FETC 2009
       • Dynamic NAT - Maps an unregistered IP address
         to a registered IP address from a group of
         registered IP addresses

            In dynamic NAT, the computer with the IP address
                will translate to the first available address in the range from
FETC 2009
 •   NAT overloading utilizes a feature of the TCP/IP protocol stack, multiplexing, that
     allows a computer to maintain several concurrent connections with a remote computer
     (or computers) using different TCP or UDP ports. An IP packet has a header that
     contains the following information:
 •   Source Address - The IP address of the originating computer, such as
 •   Source Port - The TCP or UDP port number assigned by the originating computer for
     this packet, such as Port 1080
 •   Destination Address - The IP address of the receiving computer, such as
 •   Destination Port - The TCP or UDP port number that the originating computer is
     asking the receiving computer to open, such as Port 3021

                                             Source          Source                     NAT Router's
                                 Source                                 NAT Router's
                                           Computer's      Computer's                    Assigned
                                Computer                                 IP Address
                                           IP Address         Port                      Port Number

                                   A      400        1

                                   B      50        2

                                   C     3750        3

                                   D      206        4

FETC 2009
                       What is IPv6?
    • IPv6 is short for "Internet Protocol Version 6". IPv6 is the "next
      generation" protocol designed by the IETF to replace the current
      version Internet Protocol, IP Version 4 ("IPv4")

    • The primary change from IPv4 to IPv6 is the length of network
      addresses. IPv6 addresses are 128 bits long, whereas IPv4
      addresses are 32 bits;
    • IPv4 address space contains 4,294,967,296 addresses
    • IPv6 has enough room for
      (340 undecillion, 282 decillion, 366 nonillion, 920 octillion, 938
      septillion, 463 sextillion, 463 quintillion, 374 quadrillion, 607
      trillion, 431 billion, 768 million, 211 thousand, 456) unique

FETC 2009
                   What is IPv6?
    • IPv6 addresses are normally written as eight groups
      of four hexadecimal digits.

    • For example,
          is a valid IPv6 address

FETC 2009
            Networking Models
              • Peer-to-Peer
              • Client Server

FETC 2009
            Network Topologies

FETC 2009
            • CSMA/CD
              • Carrier sense Multiple
                access/collision detection
              • networks with over 35%
                utilization experience high
                collision rates and delays
              • maximum number of nodes
              • four repeater rule

FETC 2009
            Token Ring
                • CSMA/CA
                  • Token passing
                  • Developed by IBM
                  • 260 nodes per

FETC 2009
        Hubs, Switches, and Routers
             • Unmanaged vs Managed
             • Growth Potential
             • Expansion
               • Cascade

FETC 2009
        Hubs, Switches, and Routers
                 • Hubs - Layer 2 (MAC
                    • Multiport Repeater
                 • Switches - Layer 2 or 3
                    • Layer 2 (MAC address)
                      segments network
                    • Layer 3 (Network address)
                      segments network
                 • Routers - Layer 3
                    • Network layer segments

FETC 2009

FETC 2009
            Power over Ethernet (POE)

FETC 2009
            Switches – MAC Table
                 Dynamic Address Count:                 116
                 Secure Address Count:                  0
                 Static Address (User-defined) Count:   0
                 System Self Address Count:             76
                 Total MAC addresses:                   192
                 Maximum MAC addresses:                 8192
                 Non-static Address Table:
                 Destination Address Address Type VLAN Destination Port
                 ------------------- ------------ ---- --------------------
                 0000.0c07.ac33       Dynamic         51 GigabitEthernet0/1
                 0000.0c07.acff       Dynamic        998 GigabitEthernet0/4
                 0001.023c.ad29       Dynamic         51 GigabitEthernet0/1
                 0001.e68a.7f84       Dynamic         51 GigabitEthernet0/5
                 0001.e697.2643       Dynamic         51 GigabitEthernet0/16
                 0001.e699.9263       Dynamic         51 GigabitEthernet0/6
                 0001.e69b.fe39       Dynamic         51 GigabitEthernet0/12
                 0001.e69d.2f99       Dynamic         51 GigabitEthernet0/1
                 0001.e69e.4f14       Dynamic         51 GigabitEthernet0/13
                 0002.a535.529b       Dynamic         51 GigabitEthernet0/12
                 0002.fd70.9ec0       Dynamic        998 GigabitEthernet0/8
                 0005.317b.83fc       Dynamic         51 GigabitEthernet0/12
                 0005.317b.83fc       Dynamic        998 GigabitEthernet0/1
                 0005.5e50.0b82       Dynamic         51 GigabitEthernet0/2
                 0005.5e50.0b82       Dynamic        998 GigabitEthernet0/2
                 0005.dd3e.b900       Dynamic        998 GigabitEthernet0/1
                 0006.2977.202d       Dynamic         51 GigabitEthernet0/1
                 0006.2977.352c       Dynamic         51 GigabitEthernet0/8
                 0006.536c.9ff2       Dynamic          1 GigabitEthernet0/3
                 0006.536c.9ff2       Dynamic         51 GigabitEthernet0/1
                 0006.536c.9ff2       Dynamic        998 GigabitEthernet0/9
                 0006.536c.c800       Dynamic        998 GigabitEthernet0/1
                 0006.5b16.0121       Dynamic         51 GigabitEthernet0/10

FETC 2009
            Hubs vs Switches

FETC 2009

FETC 2009
            Switching Layers
             • Layer 2 - (MAC address)
               segments network

             • Layer 3 - (Network address)
               segments network

             • Layer 4 - restricts access by port
               UDP TCP

FETC 2009
       QOS (Quality of Service)
    • Quality of Service is the ability to provide different
      priority to different applications, users, or data flows, or
      to guarantee a certain level of performance to a data

    • Quality of Service guarantees are important if the
      network capacity is limited, for example in cellular data
      communication, especially for real-time streaming
      multimedia applications, for example voice over IP and
      IP-TV, since these often require fixed bit rate and are
      delay sensitive.

FETC 2009
     A router is a device in computer networking that forwards data
     packets to their destinations, based on their addresses. The work
     a router does it called routing, which is somewhat like switching,
     but a router is different from a switch. The latter is simply a device
     to connect machines to form a LAN.

FETC 2009
 When data packets are transmitted over a network (say the Internet), they
 move through many routers (because they pass through many networks)
 in their journey from the source machine to the destination machine.
 Routers work with IP packets, meaning that it works at the level of the IP

 Each router keeps information about its neighbors (other routers in the
 same or other networks). This information includes the IP address and the
 cost, which is in terms of time, delay and other network considerations.
 This information is kept in a routing table, found in all routers.

 When a packet of data arrives at a router, its header information is
 scrutinized by the router. Based on the destination and source IP
 addresses of the packet, the router decides which neighbor it will forward
 it to. It chooses the route with the least cost, and forwards the packet to
 the first router on that route.
FETC 2009

FETC 2009
            Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
               D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
               N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
               E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
               i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
               * - candidate default, U - per-user static route, o - ODR
               P - periodic downloaded static route

            Gateway of last resort is to network

            S [1/0] via
       is variably subnetted, 597 subnets, 9 masks
            D [90/190976] via, 23:39:18, Serial3/1.1
            D [90/190976] via, 23:39:15, Serial3/1.4
            D [90/190976] via, 23:39:08, Serial3/1.1
            D [90/190976] via, 23:39:17, Serial3/0.1
            D [90/190976] via, 23:39:11, Serial3/0.7
                    [90/24821248] via, 00:31:26, GigabitEthernet4/0.3
                    [90/24821248] via, 00:31:26, GigabitEthernet4/0.1
                    [90/24821248] via, 00:31:26, GigabitEthernet4/0.2
                    [90/24821248] via, 00:31:26, GigabitEthernet4/0.1
            D [90/190976] via, 23:39:14, Serial3/0.1
            D [90/190976] via, 23:39:21, Serial3/0.29

FETC 2009
            Network Protocols
              • VLAN
              • Trunking
              • Half Duplex/Full Duplex

FETC 2009

FETC 2009

FETC 2009
            Wireless Networking

FETC 2009
    Wireless Networking – 802.11

     In 1997, the Institute of Electrical and Electronics
     Engineers (IEEE) created the first WLAN standard.
     They called it 802.11 after the name of the group
     formed to oversee its development. Unfortunately,
     802.11 only supported a maximum bandwidth of 2
     Mbps - too slow for most applications. For this reason,
     ordinary 802.11 wireless products are no longer being

FETC 2009
                Wireless - WiFi
            •   Short for ‘wireless fidelity’. A term for certain
                types of wireless local area networks (WLAN)
                that use specifications conforming to IEEE
                802.11b. WiFi has gained acceptance in many
                environments as an alternative to a wired LAN.

            •   Many airports, hotels, and other services offer
                public access to WiFi networks so people can
                log onto the Internet and receive emails on the
                move. These locations are known as hotspots.

            •   Low power, Short Distance, Non-penetrating,

FETC 2009
   Wireless Networking – 802.11b
IEEE expanded on the original 802.11 standard in 1999, creating the
802.11b specification. 802.11b supports bandwidth up to 11 Mbps,
comparable to traditional Ethernet. 802.11b uses the same radio signaling
frequency - 2.4 GHz - as the original 802.11 standard. Being an
unregulated frequency, 802.11b gear can incur interference from
microwave ovens, cordless phones, and other appliances using the same
2.4 GHz range. However, by installing 802.11b gear a reasonable distance
from other appliances, interference can easily be avoided. Vendors often
prefer using unregulated frequencies to lower their production costs.

Pros of 802.11b - lowest cost; signal range is best and is not easily

Cons of 802.11b - slowest maximum speed; supports fewer simultaneous
users; appliances may interfere on the unregulated frequency band.

FETC 2009
    Wireless Networking – 802.11a
At the same time 802.11b was developed, IEEE created a second extension to the
original 802.11 standard called 802.11a. Because 802.11b gained in popularity
much faster than did 802.11a, some folks believe that 802.11a was created after
802.11b. In fact, 802.11a was created at the same time and intended mainly for
the business market, whereas 802.11b better serves the home market. 802.11a
supports bandwidth up to 54 Mbps and signals in a regulated 5 GHz range.
Compared to 802.11b, this higher frequency limits the range of 802.11a. The
higher frequency also means 802.11a signals have more difficulty penetrating
walls and other obstructions. Because 802.11a and 802.11b utilize different
frequencies, the two technologies are incompatible with each other. Some vendors
offer hybrid 802.11a/b network gear, but these products simply implement the two
standards side by side.

Pros of 802.11a - fastest maximum speed; supports more simultaneous users;
regulated frequencies prevent signal interference from other devices

Cons of 802.11a - highest cost; shorter range signal that is more easily obstructed

FETC 2009
   Wireless Networking – 802.11g
In 2002 and 2003, WLAN products supporting a new standard called
802.11g began to appear on the scene. 802.11g attempts to combine the
best of both 802.11a and 802.11g. 802.11g supports bandwidth up to 54
Mbps, and it uses the 2.4 Ghz frequency for greater range. 802.11g is
backwards compatible with 802.11b, meaning that 802.11g access points
will work with 802.11b wireless network adapters and vice versa.

Pros of 802.11g - fastest maximum speed; supports more simultaneous
users; signal range is best and is not easily obstructed

Cons of 802.11g - costs more than 802.11b; appliances may interfere on
the unregulated signal

FETC 2009
            Wireless - WiMax
             •   WiMAX refers to broadband wireless networks
                 that are based on the IEEE 802.16 standard,
                 which ensures compatibility and interoperability
                 between broadband wireless access equipment.

             •   Acronym that stands for Worldwide Interoperability
                 for Microwave Access

             •   High power, long distance (31 miles), penetrating,
                 usually licensed

FETC 2009
            Wireless – WiMax (802.16)
                • Broadband Wireless Access Standard
                  that provides secure, full-duplex, fixed
                  wireless MAN service. Also known as
                  WiMAX, throughput can reach 75 Mbps
                  and does not require line-of-sight to
                  operate. The 802.16e extension adds
                  roaming outside of a “home” service
                  area. Reach can extend from one mile
                  at full speed to 30 miles at reduced

FETC 2009
Wireless Networking – Bluetooth

Bluetooth is an alternative wireless network technology that
followed a different development path than the 802.11 family.
Bluetooth supports a very short range (approximately 10
meters) and relatively low bandwidth (1 Mbps). In practice,
Bluetooth networks PDAs or cell phones with PCs but does
not offer much value for general-purpose WLAN networking.
The very low manufacturing cost of Bluetooth appeals to

FETC 2009
      Wireless Security - Authentication
            •   PAP          Password Authentication Protocol.
            •   CHAP         Challenge Handshake Authentication Protocol.
            •   MS-CHAP      Microsoft implementation of CHAP protocol.

            •   Wireless LAN authentication Extensible Authentication Protocol
                (EAP) for 802.1x port-based authentication used in 802.11

            •   EAP-MD5      Mandatory EAP authentication method
            •   EAP-LEAP     EAP-Lightweight EAP. Cisco's proprietary EAP
                             method; works only with Cisco and Apple WLAN
            •   EAP-TLS      EAP-Transport Layer Security. Provides mutual
                             authentication, but requires client and server
            •   EAP-TTLS     EAP-Tunneled Transport Layer Security. A
                             proprietary method that provides mutual
                             authentication, but requires server certificate
                             distribution and administration. The clients are
                             proprietary and cost between $25-$50 each.
            •   EAP-PEAP     EAP-Protected EAP. An emerging protocol
                             backed by Microsoft, Cisco, and RSA Security
                             that provides mutual authentication.
FETC 2009
      Wireless Security - Authentication
              • Local Database

              • Radius (Remote Authentication
                Dial In User Service)

              • Active Directory

FETC 2009
            Wiring Types
            • Fiber Optics
              • Connectors
              • Single mode vs Multimode
            • Copper(Twisted Pair)
              • Categories
            • Copper (Coaxial)

FETC 2009
            Structured Networking
                • Future-Proof the Network Design
                  • ...the objective is to enable the
                    adoption of new technologies
                    with minimal retrofit and cost
                     • provide a scalable foundation
                       that allows new technologies to
                       be added incrementally and
                       economically, enhancing the
                       capabilities of the network

FETC 2009
            Structured Networking
                • Implement structured wiring and
                  intelligent hubs
                  • provides path for upgrading
                  • remotely monitor port-level
                  • isolated problem station
                  • collect statistics

FETC 2009
            Structured Networking
                • Structured network design
                  • highly organized
                  • hierarchical approach

FETC 2009
            Structured Networking
                • Establish network centers
                  • centralize expensive equipment
                  • easier to troubleshoot
                  • easier to secure

FETC 2009
  Factors in Network Design

            • Performance

            • Scalability

            • Cost

            • Manageability

FETC 2009
       Broadband vs Baseband
            • broadband (multiplexing)
              • transmitting multiple signals at
                once by subdividing into
            • baseband
              • transmits all signals through a
                single channel
            • bandwidth
              • network carrying capacity

FETC 2009
            • Time division multiplexing


            • Frequency division multiplexing

FETC 2009
            Traffic Management
              •   IP TV
              •   Real Audio
              •   PointCast
              •   Broadcast
              •   Unicast
              •   Multicast
              •   Viruses
              •   Worms

FETC 2009
            Troubleshooting Your
               • Knowing your network
                  •   Application metering
                  •   Network management systems
                  •   Baseline and trend analysis
                  •   Broadcasts
                  •   Response time
                  •   Retransmissions
                  •   Routing
                  •   Bandwidth and throughput
                  •   Traffic characterization
                  •   Optimization

FETC 2009
            Troubleshooting Your
               • Troubleshooting Methodology
                 •   Gather information
                 •   Isolate the problem
                 •   Apply corrective measures
                 •   Monitor results

FETC 2009
            Troubleshooting Your
               •   Analyzer (packet capture)
               •   Tone and Probe
               •   Test All
               •   DVM
               •   Performance Monitor
               •   Network Health Monitor

FETC 2009
        Troubleshooting Your
            •   Protocol analyzers
            •   Triggers
            •   Displays
            •   Monitoring
            •   Filters
            •   Report

FETC 2009
            Troubleshooting Your

               •   Link - Determine whether the drop is active, identify
                   its speed, duplex capabilities and service type.
                   10/100/1000 Mbps
               •   Ping - Verify connectivity to key devices.
               •   Cable verification - Multiple tests help you quickly
                   determine if cable is the problem.
               •   Cable identification - Document unmarked
                   segments, saving you hours of troubleshooting time.
               •   CDP/EDP - Precisely determine where network
                   drops terminate on Cisco and Extreme switches
FETC 2009
            Troubleshooting Your
               • Cable Testers
                 •   Impedance and crosstalk
                 •   Near-end crosstalk (NEXT)
                 •   Pair-matching
                 •   Cable length

FETC 2009
            Troubleshooting Your
               •   Ping
               •   Trace Route
               •   NSLookup
               •   Telnet
               •   Routing Tables
               •   IP Config
               •   Winipcfg

FETC 2009
            Ping (Packet Internet

FETC 2009

FETC 2009
              •   Tracert

              •   Tracing route to []
              •   over a maximum of 30 hops:
              •   1 21 ms 20 ms 20 ms []
              •    2 21 ms 21 ms 22 ms []
              •    3 21 ms 21 ms 21 ms
              •    4 21 ms 20 ms 21 ms []
              •    5 20 ms 21 ms 21 ms []
              •    6 22 ms 21 ms 22 ms []
              •    7 21 ms 21 ms 21 ms []
              •    8 37 ms 39 ms 38 ms []
              •    9 37 ms 37 ms 37 ms []
              •   10 54 ms 54 ms 54 ms
              •   11 55 ms 53 ms 54 ms []
              •   12 83 ms 82 ms 83 ms []
              •   13 93 ms 94 ms 93 ms []
              •   14 98 ms 97 ms 98 ms
              •   15 96 ms 95 ms 96 ms []
              •   16 273 ms 261 ms 274 ms []
              •   17 276 ms 275 ms 274 ms []
              •   18 434 ms 290 ms 286 ms []
              •   19 280 ms 295 ms 295 ms []
              •   20 322 ms 322 ms 323 ms []
              •   21 302 ms 304 ms 302 ms
              •   22 302 ms 302 ms 305 ms []

              •   Trace complete.
FETC 2009

FETC 2009

FETC 2009
            IPConfig -a

FETC 2009
             • Intranet
               • network and resources available
                 only to members of your
                 organization on your network.
             • Extranet
               • network and resources available
                 to members of your organization
                 on your network and selected
                 users off your network.
             • Not open to the public
               (anonymous users)

FETC 2009
            Packet Sniffer Capture

FETC 2009
       Internet Access - Access

FETC 2009
            Wide Area Networking
                • connecting LANs together over
                  great distance
                • connecting schools to district
                  offices or each other
                • connecting schools to the Internet
                • usually done with leased lines
                  and services

FETC 2009
            WAN Technologies
             • Methods of connecting two or more sites
             • Universal Service Fund (Chapter 364)
               may provide up to $20,000 to offset
               installation charges
             • E-Rate available to reduce monthly
             • 2 Charges - line charges and Internet
               Access charges
             • Both charges based on bandwidth
             • All require equipment to connect to WAN
               - router and CSU/DSU etc

FETC 2009
            WAN Technologies
              • POTS (Plain Old Telephone Service)
                 • 56 Kbps<
                 • analog multipurpose phone line
                 • available everywhere
                 • unlimited distance with long distance
                 • requires modem to connect network to
                   phone line ($150)
                 • installation about $75 - monthly charges

FETC 2009
            WAN Technologies
              • Wireless – WiMax
                • Point-to-Point
                • Point-to-Multipoint

              • MetroEthernet (NMLI – Native
                Mode LAN Interconnect)
                • Same speeds as ethernet
                • 10Mbs; 100Mbs; 1000Mbs

FETC 2009
        Internet Access - Frame

FETC 2009
        Internet Access - Registration
            • What is ICANN?

            • The Internet Corporation for Assigned Names and Numbers
              (ICANN) is responsible for managing and coordinating the
              Domain Name System (DNS) to ensure that every address is
              unique and that all users of the Internet can find all valid
              addresses. It does this by overseeing the distribution of
              unique IP addresses and domain names. It also ensures that
              each domain name maps to the correct IP address.

            • ICANN is also responsible for accrediting the domain name
              registrars. "Accredit" means to identify and set minimum
              standards for the performance of registration functions, to
              recognize persons or entities meeting those standards, and to
              enter into an accreditation agreement that sets forth the rules
              and procedures applicable to the provision of Registrar

FETC 2009
        Internet Access - Registration
             • Internic - .com .gov .edu .net
                • Internet Network Information Center
                • (800) 444-4345
                • Managed by Network Solutions, Inc.
                • Herndon, Virginia
                • Registering your domain -
                • Official names and numbers must be
                  registered with the InterNIC

FETC 2009
       Internet Access - Registration
            • The US Domain is an official top-level
              domain in the DNS of the Internet
            • It is administered by the US Domain Registry
              at the Information Sciences Institute of the
              University of Southern California (ISI), under
              the Internet Assigned Numbers Authority
            • US is the ISO-3166 2-letter country code for
              the United States and thus the US Domain is
              established as a top-level domain and
              registered with the Internic the same way
              other country domains are.
FETC 2009
            Internet Access -

FETC 2009
            Internet Access - DNS
                • Converts Hostnames to IP
                • ---
                • You may host your own DNS or
                  contract with another source
                • Must have primary DNS and
                  secondary DNS
                • DNS is a text file and special
                  software that is on a server
FETC 2009
            Internet Access - DNS
                • Must register your domain and
                  range of IP addresses
                • DNS contains name to address
                • DNS contains Mail Exchange
                • Caching DNS servers
                • Authoritative and Non-

FETC 2009
            How DNS works

FETC 2009
            Sample of DNS file

FETC 2009

FETC 2009
            • Limit access to network (dial in)
            • Develop a security policy
            • Limit protocols IP, IPX, AT
            • NT and Novell running IP are vulnerable
            • Internal and External Attacks
            • Software for testing vulnerabilities
              (SATAN, Pingware, NetProbe)
            • Data Encryption
                • Mathematical algorithm rearranges bits
                • Both side must know the key to encrypt
                  or decrypt

FETC 2009
       Security - Vulnerabilities
            •   Back Orifice/Subseven/VNC
            •   Net Bus
            •   Operating System
            •   Attacks
            •   Spoofing
            •   Snooping/Sniffing
            •   Modems
            •   Viruses
            •   File and print sharing
FETC 2009
            How Hackers Gain Access
 • Stealing Passwords
         • People who use the same password on multiple accounts,
           especially when some of those accounts are on public Internet
           sites with little to no security.
        • People who write their passwords down and store them in
          obvious places. Writing down passwords is often encouraged
          by the need to frequently change passwords.
        • The continued use of insecure protocols that transfer
          passwords in clear text, such as those used for Web surfing, e-
          mail, chat, file transfer, etc.
        • The threat of software and hardware keystroke loggers.
        • The problem of shoulder surfing or video surveillance.
 • Trojan Horses
         • The malicious payload of a Trojan horse can be anything. This
           includes programs that destroy hard drives, corrupt files, record
           keystrokes, monitor network traffic, track Web usage, duplicate e-
           mails, allow remote control and remote access, transmit data files
           to others, launch attacks against other targets, plant proxy
           servers, host file sharing services, and more.
FETC 2009
            How Hackers Gain Access
 • Exploiting Defaults
    • Nothing makes attacking a target network easier than when that
      target is using the defaults set by the vendor or manufacturer.
      Many attack tools and exploit scripts assume that the target is
      configured using the default settings. Thus, one of the most
      effective and often overlooked security precautions is simply to
      change the defaults.

 • Trojan Horses
    • The malicious payload of a Trojan horse can be anything. This
      includes programs that destroy hard drives, corrupt
    • files, record keystrokes, monitor network traffic, track Web usage,
      duplicate e-mails, allow remote control
    • and remote access, transmit data files to others, launch attacks
      against other targets, plant proxy servers, host
    • file sharing services, and more.

FETC 2009
             How Hackers Gain Access
 • Wireless Attacks
   • It is often the case that the time, effort, and expense required to
      secure wireless networks is significantly more than deploying a
      traditional wired network.

 • Research
     •   Knowing names of key employees and users
     •   Documents posted on the web
     •   Operating systems used
     •   Flaws in products

 • Being Persistent

 • Being a user on your network

 • Monitoring Vulnerability Research
FETC 2009
       Security - Vulnerabilities
            •   Denial-of-service
            •   Trojan horse
            •   Worm
            •   PING sweeps
            •   Port scanning
            •   Software holes
            •   Social engineering
            •   SPAM
            •   Spyware/Malware
FETC 2009
            Security - Policies
              • Business Continuity Plan
              • Disaster Recovery Plan
              • Physical Security Policy
                • Barriers, Detection, Response
              • User Security Policy
                • User Education
                • Security Awareness
              • Network Security
                • Architecture
                • Services and Access

FETC 2009
        Security - Configuration
             •   New System with patches
             •   Disable Excess Services
             •   Remove Nonessential Programs
             •   Use Warning Banners
             •   Limit User Access
             •   Enable Logging
             •   Enable Auditing
             •   Disable scripting

FETC 2009
            Security - Tools
             • Vulnerability Assessments
                 •   Nessus (Open Source)
                 •   X-Scan (Open Source)
                 •   Retina
                 •   NewT
                 •   LANguard
             •   Ping Sweeps
             •   Port Scanners
             •   Banner Grabbing
             •   OS Guessing

FETC 2009
            Security - Response
               •   Preparation
               •   Initial Response
               •   Incident Management
               •   Forensics
               •   Tools Analysis
               •   Documentation

FETC 2009
            Security – Wireless
              • Not very secure
              • Factory defaults
              • War driving
                  • Netstumbler
              •   WEP
              •   Mac address tables
              •   VPN
              •   Passwords

FETC 2009
         Viruses, Worms and Trojans, Oh My!
     Viruses - A virus is a small piece of software that piggybacks on real programs. For
      example, a virus might attach itself to a program such as a spreadsheet program.
      Each time the spreadsheet program runs, the virus runs, too, and it has the chance to
      reproduce (by attaching to other programs) or wreak havoc.

     E-mail viruses - An e-mail virus moves around in e-mail messages, and usually
      replicates itself by automatically mailing itself to dozens of people in the victim's e-
      mail address book.

     Worms - A worm is a small piece of software that uses computer networks and
      security holes to replicate itself. A copy of the worm scans the network for another
      machine that has a specific security hole. It copies itself to the new machine using the
      security hole, and then starts replicating from there, as well.

     Trojan horses - A Trojan horse is simply a computer program. The program claims
      to do one thing (it may claim to be a game) but instead does damage when you run it
      (it may erase your hard disk). Trojan horses have no way to replicate automatically.

FETC 2009
            Security - Hackers
             • Hacks, Cracks, Phreaks, Pirates

FETC 2009
      Internet Access - Security
            •   Passwords             •   Tunneling
            •   Password generators   •   Firewall
            •   Password Encryption   •   Access lists
            •   Timed passwords       •   Servers
            •   Encryption            •   DMZ
            •   Private IP networks   •   VPN
            •   Routing tables

FETC 2009
 • Connecting your network to the world gives the world
   access to your network
 • A firewall is simply a program or hardware device that
   filters the information coming through the Internet
   connection into your private network or computer system.
   If an incoming packet of information is flagged by the
   filters, it is not allowed through.
 • The firewall applies a set of rules to either accept or reject
   each packet

FETC 2009
 • Firewalls use one or more of three methods to control traffic flowing in
   and out of the network:

     • Packet filtering - Packets (small chunks of data) are analyzed
       against a set of filters. Packets that make it through the filters are
       sent to the requesting system and all others are discarded.

     • Proxy service - Information from the Internet is retrieved by the
       firewall and then sent to the requesting system and vice versa.

     • Stateful inspection - A newer method that doesn't examine the
       contents of each packet but instead compares certain key parts of
       the packet to a database of trusted information. Information
       traveling from inside the firewall to the outside is monitored for
       specific defining characteristics, then incoming information is
       compared to these characteristics. If the comparison yields a
       reasonable match, the information is allowed through. Otherwise it
       is discarded.
FETC 2009
 • Firewalls are customizable. This means that you can add or remove
   filters based on several conditions. Some of these are:

    • IP addresses - Each machine on the Internet is assigned a unique
      address called an IP address. IP addresses are 32-bit numbers,
      normally expressed as four "octets" in a "dotted decimal number."
      A typical IP address looks like this: For example, if
      a certain IP address outside the company is reading too many files
      from a server, the firewall can block all traffic to or from that IP

    • Domain names - A company might block all access to certain
      domain names, or allow access only to specific domain names.

FETC 2009
 •   Protocols - The protocol is the pre-defined way that someone who wants to use a
     service talks with that service. The "someone" could be a person, but more often it is a
     computer program like a Web browser. Protocols are often text, and simply describe
     how the client and server will have their conversation. The http in the Web's protocol.
     Some common protocols that you can set firewall filters for include:

      •   IP (Internet Protocol) - the main delivery system for information over the Internet
      •   TCP (Transport Control Protocol) - used to break apart and rebuild information that
          travels over the Internet
      •   HTTP (Hyper Text Transfer Protocol) - used for Web pages
      •   FTP (File Transfer Protocol) - used to download and upload files
      •   UDP (User Datagram Protocol) - used for information that requires no response, such as
          streaming audio and video
      •   ICMP (Internet Control Message Protocol) - used by a router to exchange the information
          with other routers
      •   SMTP (Simple Mail Transport Protocol) - used to send text-based information (e-mail)
      •   SNMP (Simple Network Management Protocol) - used to collect system information from
          a remote computer
      •   Telnet - used to perform commands on a remote computer

 •   A company might set up only one or two machines to handle a specific protocol and ban
     that protocol on all other machines.

FETC 2009
 • Ports - Any server machine makes its services available to the
   Internet using numbered ports, one for each service that is available
   on the server. For example, if a server machine is running a Web
   (HTTP) server and an FTP server, the Web server would typically be
   available on port 80, and the FTP server would be available on port
   21. A company might block port 21 access on all machines but one
   inside the company.

 • Specific words and phrases - This can be anything. The firewall will
   sniff (search through) each packet of information for an exact match of
   the text listed in the filter. For example, you could instruct the firewall
   to block any packet with the word "X-rated" in it. The key here is that it
   has to be an exact match. The "X-rated" filter would not catch "X
   rated" (no hyphen). But you can include as many words, phrases and
   variations of them as you need.
FETC 2009
         Firewalls – What they can protect you from

 •   Remote login - When someone is able to connect to your computer and
     control it in some form. This can range from being able to view or access your
     files to actually running programs on your computer.

 •   Application backdoors - Some programs have special features that allow for
     remote access. Others contain bugs that provide a backdoor, or hidden
     access, that provides some level of control of the program.

 •   SMTP session hijacking - SMTP is the most common method of sending e-
     mail over the Internet. By gaining access to a list of e-mail addresses, a
     person can send unsolicited junk e-mail (spam) to thousands of users. This is
     done quite often by redirecting the e-mail through the SMTP server of an
     unsuspecting host, making the actual sender of the spam difficult to trace.

 •   Operating system bugs - Like applications, some operating systems have
     backdoors. Others provide remote access with insufficient security controls or
     have bugs that an experienced hacker can take advantage of.

FETC 2009
         Firewalls – What they can protect you from

 •   Denial of service - You have probably heard this phrase used in news reports
     on the attacks on major Web sites. This type of attack is nearly impossible to
     counter. What happens is that the hacker sends a request to the server to
     connect to it. When the server responds with an acknowledgement and tries to
     establish a session, it cannot find the system that made the request. By
     inundating a server with these unanswerable session requests, a hacker
     causes the server to slow to a crawl or eventually crash.

 •   E-mail bombs - An e-mail bomb is usually a personal attack. Someone sends
     you the same e-mail hundreds or thousands of times until your e-mail system
     cannot accept any more messages.

 •   Macros - To simplify complicated procedures, many applications allow you to
     create a script of commands that the application can run. This script is known
     as a macro. Hackers have taken advantage of this to create their own macros
     that, depending on the application, can destroy your data or crash your

FETC 2009
        Firewalls – What they can protect you from

 • Viruses - Probably the most well-known threat is computer viruses. A
   virus is a small program that can copy itself to other computers. This
   way it can spread quickly from one system to the next. Viruses range
   from harmless messages to erasing all of your data.

 • Spam - Typically harmless but always annoying, spam is the
   electronic equivalent of junk mail. Spam can be dangerous though.
   Quite often it contains links to Web sites. Be careful of clicking on
   these because you may accidentally accept a cookie that provides a
   backdoor to your computer.

 • Redirect bombs - Hackers can use ICMP to change (redirect) the
   path information takes by sending it to a different router. This is one of
   the ways that a denial of service attack is set up.

FETC 2009
            • IP address filtering - checking
              source and destination addresses
            • TCP/UDP port filtering (server
              and client)
              • permit access to port 80 (http)
              • deny access to port 23 (telnet)
            • ACK bit

FETC 2009

FETC 2009


FETC 2009
            Firewall Compliments
                  •Bastion Hosts
                  •Proxy servers
                  •Reverse proxy servers
                  •Cache engines
                  •Packet filter
                  •Intrusion detection systems
                  •Packet hound
                  •Stateful inspection
                  •SPAM/Virus filter
FETC 2009
Intrusion Detection and Prevention (IDS & IPS)

              • ID stands for Intrusion Detection,
                which is the art of detecting
                inappropriate, incorrect, or
                anomalous activity. ID systems
                that operate on a host to detect
                malicious activity on that host are
                called host-based ID systems,
                and ID systems that operate on
                network data flows are called
                network-based ID systems.

FETC 2009
Intrusion Detection and Prevention (IDS & IPS)

              • Sometimes, a distinction is made
                between misuse and intrusion

                 • The term intrusion is used to describe
                   attacks from the outside; whereas,

                 • misuse is used to describe an attack
                   that originates from the internal
                   network. However, most people don't
                   draw such distinctions.

              • The most common approaches to ID
                are statistical anomaly detection and
                pattern-matching detection.

FETC 2009
 Spyware is any technology that aids in gathering information about a person or organization
 without their knowledge. On the Internet (where it is sometimes called a spybot or tracking
 software), spyware is programming that is put in someone's computer to secretly gather
 information about the user and relay it to advertisers or other interested parties. Spyware can
 get in a computer as a software virus or as the result of installing a new program.

 Data collecting programs that are installed with the user's knowledge are not, properly
 speaking, spyware, if the user fully understands what data is being collected and with whom it
 is being shared. However, spyware is often installed without the user's consent, as a drive-by
 download, or as the result of clicking some option in a deceptive pop-up window.

 The cookie is a well-known mechanism for storing information about an Internet user on their
 own computer. However, the existence of cookies and their use is generally not concealed from
 users, who can also disallow access to cookie information. Nevertheless, to the extent that a
 Web site stores information about you in a cookie that you don't know about, the cookie
 mechanism could be considered a form of spyware.

FETC 2009
            • adware (spelled all lower case) is
              any software application in which
              advertising banners are displayed
              while the program is running

FETC 2009
      Removing Spyware and adware
            • Free programs
              •   Spysweeper
              •   Spybott
              •   Ad-Aware
              •   Spychecker
              •   Microsoft Windows Defender
                  (Beta 2)
            • Immunize your system

FETC 2009
      Internet Access - Filtering
            • Filter on known sites
              • Found by Bots - checked by
              • Key words or word searches

FETC 2009
       VPN – Virtual Private Network
            •   A virtual private network (VPN) is a way to use a public
                telecommunication infrastructure, such as the Internet,
                to provide remote offices or individual users with
                secure access to their organization's network. A virtual
                private network can be contrasted with an expensive
                system of owned or leased lines that can only be used
                by one organization. The goal of a VPN is to provide
                the organization with the same capabilities, but at a
                much lower cost.

            •   A VPN works by using the shared public infrastructure
                while maintaining privacy through security procedures
                and tunneling protocols such as the Layer Two
                Tunneling Protocol (L2TP). In effect, the protocols, by
                encrypting data at the sending end and decrypting it at
                the receiving end, send the data through a "tunnel" that
                cannot be "entered" by data that is not properly
                encrypted. An additional level of security involves
                encrypting not only the data, but also the originating
                and receiving network addresses.

FETC 2009
       VPN – Virtual Private Network

FETC 2009
      Internet Access - Filtering
                      •   X-Stop
                      •   SurfWatch
                      •   Net Nanny
                      •   Cyber Patrol
                      •   Cyber Sitter
                      •   WebSense
                      •   WatchGuard
                      •   Proxy Servers
                      •   Router Tables

FETC 2009
           Internet Access - Filtering 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED http:// partners.starnetsystem 2003/01/21 0013:38:42 GAMB 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 BANNER 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PORN;sec=_all_ 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED 2003/01/21 0013:38:42 PASSED

FETC 2009
            Content Filters

FETC 2009
            Content Filters

FETC 2009
            Packet Shapers
             • Controls flow of specific types of
               traffic in or out of your network
             • Can completely block traffic
             • Can only allow a % of traffic to be
               specified type
             • Can allow bursting when
               bandwidth is available

FETC 2009
            Packet Shapers

FETC 2009
            Packet Shapers

FETC 2009
            Packet Shapers

FETC 2009
            Packet Shapers

FETC 2009
            Packet Shapers

FETC 2009
            Packet Shapers

FETC 2009
            Packet Shapers (Inbound)

FETC 2009
            Packet Shapers (Outbound)

FETC 2009

                • Enhance Internet and Intranet Content Delivery
                • Accelerate web-based applications
                • Minimize Internet bandwidth consumption
                • Minimize WAN bandwidth consumption
                • Improve network performance
                • Authenticate and Manage employee Internet use
                • Distribute and locally store patches and file
                • Provide Anti-Virus screening of web traffic
                • Enable detailed reporting of web use statistics
                • Serve as a local file storage point

FETC 2009
            •   Spam is unsolicited e-mail on the Internet.

                 • From the sender's point-of-view, spam is a form of bulk mail,
                   often sent to a list obtained from a spambot or to a list obtained
                   by companies that specialize in creating e-mail distribution lists.
                 • To the receiver, it usually seems like junk e-mail.

            •   Spam is roughly equivalent to unsolicited telephone marketing
                calls except that the user pays for part of the message since
                everyone shares the cost of maintaining the Internet. It has
                become a major problem for all Internet users.

            •   The term spam is said to derive from a famous Monty Python
                sketch that was current when spam first began arriving on the

            •   SPAM is a trademarked Hormel meat product that was well-
                known in the U.S. Armed Forces during World War II.

FETC 2009

FETC 2009
                  SPAM - SPAMbots
            • A spambot is a program designed to collect, or
              harvest, e-mail addresses from the Internet in
              order to build mailing lists for sending
              unsolicited e-mail, also known as spam. A
              spambot can gather e-mail addresses from Web
              sites, newsgroups, special-interest group (SIG)
              postings, and chat-room conversations.
              Because e-mail addresses have a distinctive
              format, spambots are easy to write.

            • A number of legislators in the U.S. are reported
              to be devising laws that would outlaw the
FETC 2009
                 SPAM - SPAMbots
            • A number of programs and approaches
              have been devised to foil spambots.

            • One such technique is known as
              munging, in which an e-mail address is
              deliberately modified so that a human
              reader can decode it but a spambot
              cannot. This has led to the evolution of
              sophisticated spambots that can recover
              e-mail addresses from character strings
              that appear to be munged.

FETC 2009
                     SPAM - Munging
            • Munging (pronounced (MUHN-jing or MUHN-ging) is the
              deliberate alteration of an e-mail address online with the
              intent of making the address unusable for Web-based
              programs that build e-mail lists for spamming purposes.

            • Here are examples of the munging of
                • stangib at reno dot com
                • s-t-a-n-g-i-b-at-r-e-n-o-d-o-t-c-o-m
                • My username is stangib, and the domain name is
                  reno dot com.

            • The term munging probably derives from the acronym
              mung (pronounced just as it looks), which stands for
              "mash until no good." It may also derive from the hackers'
              slang term munge (pronounced MUHNJ), which means
              "to alter information so it is no longer accurate."
FETC 2009
       • Blacklists and Whitelists

       • A spam filter is a program that is used to detect
         unsolicited and unwanted e-mail and prevent those
         messages from getting to a user's inbox

       • Spammers have ways to avoid SPAM filters.
            • V!I!A!G!R!A

       • Phishing
            • The act of sending an e-mail to a user falsely
              claiming to be an established legitimate enterprise in
              an attempt to scam the user into surrendering
              private information that will be used for identity theft.

FETC 2009

FETC 2009
        Internet Access - Proxy
            • Act as agents for your network
            • Prevents internal clients form
              connecting to remote sites
            • Has the ability to cache (store
            • You trust your proxy server

FETC 2009
        Internet Access - Cache

             • A cache acts as a proxy to get and
               store data. This can save bandwidth to
               the Internet.
             • Reverse caches can also deliver
               content to outside users. This prevents
               them from having to access devices
               deep within your network.
FETC 2009
            Internet Access - Web
       • Advertise your school and projects to the world
       • Do you host or let your ISP/District?
       • Requires both technical and publishing skills
          • Web publishing tools available
       • Runs on almost any platform
          • Win3.x, Win95, WinNT, Macintosh, UNIX, Novell
          • Microsoft IIS, Netscape Suitespot, Apache
       • Database Access

FETC 2009
            Internet Access - Mail
              • POP mail, Microsoft Mail, Exchange,
                ccMail, Lotus Notes, First Class,
                Apple Internet Mail Server, Quick
                Mail, many shareware
              • each uses its own protocol
              • SMTP (Simple Mail Transfer
                Protocol) - transfers mail from user
                to email server
              • POP (Post Office Protocol) - allows
                the user to read mail from an email
FETC 2009
            Internet Access
             • News Servers
             • FTP Servers
             • FAX Servers

FETC 2009
            Server Requirements
              • CPU, Motherboard, Memory, EN
                Adapters, Hard disk controllers, Tape
                backup, CD-ROM, video adapter,
                • Server Capacity - number of bay
                • Storage Capacity - # and size of HDs
                • Fault Tolerance - ability to survive
                • Performance - speed of access to

FETC 2009
            Server Requirements
              • Sizing servers (Users,
                WINS/NDS, DHCP, File and Print
                Services, Applications (WWW
                server, email, FTP server, DNS)
                • Microsoft
                • Novell Netware
                • AppleShare

FETC 2009
            Virtual Servers (Virtualization)
                 •   Virtualization is an abstraction layer that decouples
                     the physical hardware from the operating system to
                     deliver greater IT resource utilization and flexibility.
                 •   Virtualization allows multiple virtual machines, with
                     heterogeneous operating systems to run in isolation,
                     side-by-side on the same physical machine. Each
                     virtual machine has its own set of virtual hardware
                     (e.g., RAM, CPU, NIC, etc.) upon which an
                     operating system and applications are loaded. The
                     operating system sees a consistent, normalized set
                     of hardware regardless of the actual physical
                     hardware components.
                 •   Virtual machines are encapsulated into files, making
                     it possible to rapidly save, copy and provision a
                     virtual machine. Full systems (fully configured
                     applications, operating systems, BIOS and virtual
                     hardware) can be moved, within seconds, from one
                     physical server to another for zero-downtime
                     maintenance and continuous workload

FETC 2009
            Network FAX services

FETC 2009
       Remote Access Services
             • Dial in or Dial Out
             • Access Servers
                • Cisco, Shiva, WinNT
             • access to the network from
               remote locations
             • use phone lines
             • surf the net at home
             • access file servers
             • access e-mail
             • access web servers
             • remote printing

FETC 2009
            Protecting Your Data
               •   Viruses
               •   Vandals
               •   Mail Bombs
               •   Spam
               •   Users

FETC 2009
            Desktop Management
               • Policies and Profiles
               • Desktop Locking Programs
                 • Winshield
                 • Fool Proof
                 • WAM (Windows Access

FETC 2009
            Patch Management
             •   Provides a centralized real-time (seconds and minutes), view of
                 patch compliance status of an entire enterprise to enable IT
                 departments to make informed priority setting and action decisions
             •   Enables administrators to meet high service level expectations
                 through real-time detection, remediation and verification of patch
             •   Simplifies targeting and deployment through pre-packaged, pre-
                 tested security patches
             •   Enforces policy-defined patch baselines on endpoint devices, even
                 when not connected to the enterprise network, to insure that mobile
                 and remote computers maintain patch compliance wherever they
             •   Provides roll-back (for patches that support uninstall), to provide a
                 safety net in the event that a patch triggers unintended
                 consequences in the network
             •   Insures that only authorized administrators can apply patches, and
                 that patches are authentic through built-in Public Key Infrastructure
                 (PKI) security and secure hash validation of patch packages
             •   Provides a full audit trail of patching actions and patching steps
                 taken on every computer
             •   Provides ongoing continuous enforcement of patch compliance
                 through policy-based automation
             •   Examples: BigFix; Microsoft SMS

FETC 2009
            Back-up Technologies
                    • All storage systems will
                      eventually fail
                    • Minor and Major
                    • Human Failures
                      • Accidental file
                      • Accidental file
                      • Deliberate deletion of
                        other user’s files

FETC 2009
            Network Access Control
               • Network Admission Control (NAC), a
                 set of technologies and solutions, uses
                 the network infrastructure to enforce
                 security policy compliance on all
                 devices seeking to access network
                 computing resources, thereby limiting
                 damage from emerging security
                 threats. Customers using NAC can
                 allow network access only to compliant
                 and trusted endpoint devices (PCs,
                 servers, and PDAs, for example) and
                 can restrict the access of noncompliant

FETC 2009
   Network Access Control

             •   Dramatically improves security
             •   Ensures endpoints (laptops, PCs, PDAs, servers, etc.) conform to
                 security policy
             •   Proactively protects against worms, viruses, spyware, and malware
                 Focuses operations on prevention, not reaction

             •   Extends existing investment
             •   Broad integration with multi-vendor security and management
             •   Enhances investment in network infrastructure and vendor software.

             •   Increases enterprise resilience
             •   Comprehensive admission control across all access methods
             •   Prevents non-compliant and rogue endpoints from impacting
                 network availability
             •   Reduces Operating Expenses related to identifying and repairing
                 non-compliant, rogue, and infected systems

             •   Comprehensive span of control
             •   Assesses all endpoints across all access methods, including LAN,
                 wireless, remote access, and WAN
FETC 2009
            Back-up Technologies
                • Full Backup
                   • starting point to rebuild data
                   • done every week
                • Incremental Backup
                   • changes since last backup
                   • as frequently as possible
                • To rebuild data replace last full
                  backup then all incrementals

FETC 2009
            Back-up Technologies
              •   Automate scheduled backups
              •   Check backups to verify completion
              •   Store some tapes off site
              •   Backup Strategies
              •   Gaps in backup system
                  • work saved to disk between backups
                  • build failure resistant storage
                  • can easily lose a whole day’s work

FETC 2009
            Back-up Technologies
                • Backup Media Options
                  • Taped-based systems
                     • DAT(Digital Audio Tape)
                     • 24 GB per tape - 2.2Mbps
                • DLT (Digital Linear Tape)
                     • 64 GB per tape - 5Mbps transfer
                • Optical
                  • Magneto-Optical; CD-R; WORM

FETC 2009
                  RAID Systems
            • no longer just disk drives - disk subsystems
            • Redundant Array of Inexpensive Disks
            • Duplicate disk controllers with independent
            • RAID 0: Disk striping
               • multiple drives into single volume
               • increased performance but no redundancy
            • RAID 1: Disk mirroring
               • data written to two disk drives
               • if one fails, the other is available

FETC 2009
            Raid - Level 0

FETC 2009
            Raid - Level 1

FETC 2009
            Raid Systems
            • RAID 3: Striped array plus parity
              • written across several drives
              • parity bit written to drive to
                reconstruct data
            • RAID 5: Independent striped
              array with distributed parity
              • written across several drives
              • parity bit written over all drives to
                reconstruct data
            • Duplexing (two drives and two
FETC 2009
            Raid - Level 3

FETC 2009
            Raid - Level 5

FETC 2009
            Raid - Levels 2, 4 and 6

FETC 2009
            Raid - Levels Other

FETC 2009
            Networking Goal
             • To keep your network running no
               matter what happens
             • To maximize the number of
               failures your network can handle
             • To minimize potential

FETC 2009
            • Every aspect of your network
              needs to work together to make it
            • workstations - servers - hubs -
              routers - software - cabling -
            • Each major component should
              have redundancy in your network
            • Fault-tolerance is expensive, but
              cheap compared to the cost of
              downtime in business
FETC 2009
            • Disaster Recovery Plan
            • Service Agreements
            • Fault-Tolerant Networking - Workstations
            • Minimize individual users installing software
              or Operating Systems
            • Define operating systems and applications
              that have been tested and will be supported
              on the network
            • Keep spares of components - monitors,
              keyboards, mouse, NIC cards, etc

FETC 2009
            Networking - Servers
            •   UPS for orderly shutdown
            •   Backup server data
            •   Raid or Disk Mirroring
            •   Novell SFTIII or Vinca Corp.’s StandbyServer
                (mirrored servers)
            •   Redunant NIC cards to different LAN segments,
                hubs, or switches
            •   Test new software or services before placing
                them on a production server
            •   Use network management to monitor trends in
                your servers
            •   Clustering/drive arrays

FETC 2009
            Networking - Wiring
               • Start with a cabling system
               • tested, documented, labeled,
               • Use more cable that you think
                 you will need (have spares)
               • Have test equipment handy
               • You are your own worst enemy
                 when it comes to wiring

FETC 2009
        Hot Spare/Replacement
            • Always keep several spares
            • Several 16 ports hubs rather than one 48 port
            • Select fault-resilient hubs for important areas
            • Use a hub for a short time solution for switch
            • On site replacement or service (4 hour
            • Spare depot at central office
            • Keep configurations handy to reconfigure
            • Provide dial backup for most important protocols

FETC 2009
            Fault Tolerant Network

FETC 2009
   Licensing and Copyright Issues
            • Document all licenses
            • Keep track of serial numbers
            • Prevent copying software from
            • Enforce copyright laws

FETC 2009
            LAN Management
            • Simple Network Management
              Protocols (SNMP)
              • Access to databases in intelligent
              • Information stored in agents on
                 •   Hubs      Printers
                 •   Routers   Switches
                 •   Bridges   Workstations
                 •   Servers   Gateways

FETC 2009
            LAN Management
             • SNMP (Simple Network
               Management Protocol)
             • SMS
             • Syslog Daemon

FETC 2009
            Traffic Management

FETC 2009
            Traffic Management

FETC 2009
            Traffic Management

FETC 2009
            Traffic Management

FETC 2009
            Traffic Management

FETC 2009
            Network Management
               •   Evaluation
               •   Verification
               •   Baselining
               •   Trend analysis
               •   Device monitoring
               •   Network monitoring

FETC 2009
           Networking Tends -
        Management and Monitoring
                 •   Microsoft SMS
                 •   MangeWise
                 •   Network Assistant
                 •   LapLink, Timbuktu
                 •   RMON
                 •   Baselining and Trending

FETC 2009
            Power Requirements
               • Clean Power
               • Powerstrips
               • UPS
                 • Intellignet
                 • Non-intelligent

FETC 2009
   Disaster Recovery and Planning
            • Pre-planning for emergencies
            • Recovery plan for unexpected
              • Fire, Rain, Flood
            • What is most knowledgeable staff
              person leaves

FETC 2009
            New Technologies
              •   Gigabit Ethernet
              •   Satellite Internet Access
              •   Voice over IP
              •   Video over IP
              •   Video conferencing
              •   Biometrics

FETC 2009

FETC 2009

To top