Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter [3] Computer Network and Network Security Created By Manish Mathur.

Similar presentations


Presentation on theme: "Chapter [3] Computer Network and Network Security Created By Manish Mathur."— Presentation transcript:

1 Chapter [3] Computer Network and Network Security Created By Manish Mathur

2 Definition :~ Collection of all types of computers, Terminals and peripheral devices connected together by a communication system is called Computer Network. File Sharing E-Mail Remote Access Fault Tolerance Security Better customer service Printer Sharing Fax Sharing Data Organization Internet Access Communication Reduced Cost Benefits Created By Manish Mathur

3 Function based Network Data network Voice network Multimedi a network Classification of Network Created By Manish Mathur

4 Coverage area based LANMANWAN Classification of Network Created By Manish Mathur

5 Forwarding based SwitchedSharedHybrid Classification of Network Created By Manish Mathur

6 Ownership based Public Private Virtual Private Leased Classification of Network Created By Manish Mathur

7 Communication media based Wired Wireless Classification of Network Created By Manish Mathur

8 [1] LAN :~ Limited geographic area Privately owned & operated Physical interconnection High speed Low error rate [2] MAN :~ Covers area larger then LAN Fiber-Optic transmission Physical interconnection Slower speed High error rate Created By Manish Mathur

9 [3] WAN :~ Unrestricted geographic area Wireless inter-connection Third party Communication channel Slow speed High Error rate Created By Manish Mathur

10 Network Models There is a centralized, NOS based computer called server. Server is connected to many other computers called clients. Clients makes the request for service and server provides the requested service. Advantage ~ –Resource efficiency. –High degree of security. –Server can be scaled upto many services. –Single updation for all. Disadvantage ~ –Dependency on single computer. –Large setup cost of server. –Server speed can slow down. [1] Client – Server models :~ Server Client Created By Manish Mathur

11 There is no dedicated server instead all computers are of equal status and called Peer. Every computer works as both client and server. Suitable with limited no. of users and where unrestricted communication is required. Advantage ~ –No dependency on single computer –Simplicity in design and maintenance –Less cable requirement Disadvantage ~ –Poor resource requirement –Security is not important [1] Peer - to - Peer model :~ Created By Manish Mathur

12 Components of a Network 1 Sender computer 2 Interface device 4 Receiver computer Interface device 3 Communication Channel 5 Communication Software Created By Manish Mathur

13 Communication Devices 1.NIC :~ - Connectivity- Memory - Protocol- Remote booting 2. Switches and Routers :~ - Switches creates temp. point to point link between nodes. It makes routing decision on the basis of physical address. It can also regenerate incoming signals. - Routers selects the appropriate link from the existing path. It makes routing decision on the basis of network address. 3. Hub :~ - Multi port connecting device that is used to interconnect devices by means of TPC. - Active hub can re-generate signals and Passive hub can sent incoming signals as it is. Created By Manish Mathur

14 4. Bridge and Gateway :~ Bridge allow communication between similar networks that employee same protocol, architecture and cabling where as Gateway allows communication between dissimilar networks. 5. Repeater :~ Amplifies the weak signals coming from one section of cable and pass strong signals to the other section. 6. Modem :~ - Used when data are communicated through phone lines. - Converts data from digital to analog (Modulation) and analog to digital (De-modulation). - It is connected to Serial or Parallel port of CPU. - Speed measured in terms of kbps and mbps. - Types Place : Internal v/s External Command acceptance : Standard v/s Intelligent Transmission : Short Haul v/s Wireless. Created By Manish Mathur

15 Internal v/s External ~ Card v/s Device Standard v/s Intelligent ~ User command v/s microprocessor chip Short Haul v/s Wireless ~ Land line v/s Cell phone 7. Multiplexer :~ Allows sharing of communication line between 2 or more nodes. Created By Manish Mathur

16 8. Front-end communication processor :~ - Computer connected to the server of a network to reduce the work load. - It leaves Storage and Processing to the server and performs other functions like : User identification, terminal recognition, code conversion, data validation, control of line etc. 9. Protocol converter :~ - Converts one protocol signals into another protocol signals. 10. RAD :~ - A Modem bank that serves as gateway to the NET. - Also does the routing of incoming and out going messages. Created By Manish Mathur

17 Communication Channels Communication Channels Guided Media Twisted Pair Cable Co-axial Cable Fiber Optical Cable Unguided Media Radio Wave Micro Wave Infrared Wave Created By Manish Mathur

18 [1] Twisted-Pair Cable :~ OldestCheapestSlowest Short distanceHigh error rateLow band width [2] Co-axial Cable :~ CostlierFasterCover long distances Low error rateHigh securityHigher band width [3] Optical-fiber cable :~ CostliestFastestLong distance Low error rateHigh securityHighest band width Light weightCan be used in hostile environment Created By Manish Mathur

19 [4] Radio wave :~ It is an Electronic-Magnetic radiation created as beam of energy. It travels in a straight path. wave length 1mm to 100,000km [5] Micro Wave :~ It is also a radio wave. wave length : 1mm to 1m. [6] Infrared wave :~ It is wave of light. Used in medical and scientific application; Night vision devices etc. Created By Manish Mathur

20 Selection of Channel Reliability Cost Security Speed Band width Created By Manish Mathur

21 Communication Software Access Control –Linking and de-linking of devices. –Auto dialing –Checking user authorisation. Networking Management –Checking devices for data –Queuing the data –Routing the message Created By Manish Mathur

22 Data & File Transmission –Allowing file transfer as attachment –Text and Binary file can be attached Error detection and control –Send acknowledgement back to sender –Re-send the data when lost in transit Data Security –Employ ID system to protect data from unauthorised discloser. Created By Manish Mathur

23 Network Topology The geometric arrangement of nodes in the network is called Network Topology. [1] STAR Topology Advantages ~ - Easy to add and remove nodes. - Node failure does not turn down the network. - Easy to diagnose problem Disadvantages ~ - High dependency on server. - High cabling cost. S C1C2C3C4C5 Created By Manish Mathur

24 [2] RING Topology Advantages ~ - Nodes has similar work load. - Easy to expand. Disadvantages ~ - Expensive. - Difficult to install. - Node failure turn down the network. - Difficult to troubleshoot. - Adding and removing node disturb the network. Created By Manish Mathur

25 [3] BUS Topology Advantages ~ - Easy to use & form the network. - Minimum cable requirement. - Easy to expand. Disadvantages ~ - Heavy network traffic can slow down bus transmission. - Each connection between weaken the signals. - Difficult to troubleshoot. Created By Manish Mathur

26 [4] MESH Topology Advantages ~ - Redundancy of communication path. - Highly reliable. - Network problems are easy to diagnose. Disadvantages ~ - Cost of installation and maintenance is high. Created By Manish Mathur

27 Transmission Techniques Serial Transmission Single communication path. Bits travels along a single path. Cheaper mode Covers long distance Slow in speed. Parallel Transmission 8 Communication paths All bits of a byte travels together. Costly Not practical for long distance Faster transmission Created By Manish Mathur

28 Synchronous Sender and Receiver know in advance. Data are send in multi - word block. Start and Stop bytes are used. Transmission is fast. Costly device. Asynchronous Only sender know the time of transmission. Data are send character by character. Each character is delimited by Start and Stop bit. High reliable. Transmission is slow. 00000000110110101001011111010110110101010011100111111111 0 11011001 1 0 10101100 1 0 10011001 1 0 11000011 1 0 10101100 Created By Manish Mathur

29 Transmission Mode Mode Simplex Full Duplex Half Duplex Created By Manish Mathur

30 Transmission Techniques [1] Circuit Switching :~ It uses single fixed bandwidth channel between nodes to communicate. First the communication path is selected based on resource-optimizing algorithm. For the communication session the path is dedicated and exclusive. Created By Manish Mathur

31 [2] Message Switching :~ There is no direct connection between source and destination. When the message is routed from source to destination, each intermediate node stores the entire message and transmit further. When congestion occurs the nodes stores and delay the transmission. Created By Manish Mathur

32 [3] Packet Switching :~ Every user gets a pre-defined time to access the network. Message is divided into small units, called data packets, before they are transmitted. Every packet has header containing destination address and sequence number. Each packet may take a different route to reach destination. At destination the packets are reassembled in the original message. Created By Manish Mathur

33 Transmission Protocol Definition –Language of communication. –Set of rule for inter-computer communication. –Standards of communication. –Software to perform actions in communication. Functions –Physical aspect of communication –Linking and de-linking of devices –Syntax ~ character set, coding, format –Semantics ~ type and order –Timing ~ Created By Manish Mathur

34 Types ~ –Ready-made X.12 (EDI), Ethernet (LAN), TCP/IP (Internet) –User Defined (OSI model) Application Presentation Session Transport Network Data Link Physical Created By Manish Mathur

35 Physical –Voltage determination, Topology Data Link –Access control, data integrity Network –Route determination, linking and de-linking Transport –Assembling and dissembling of message –Error recovery, multiplexing, encryption Session –Establishing and termination of session Presentation –Display of message, application interface Application –User services, Database concurrency, Deadlocks Created By Manish Mathur

36 TCP/IP (Transmission Control Protocol/Internet Protocol) Provides services to user FTP, HTTP, SMTP Application Transmission of data packet Verify be acknowledgement TCP, UDP Transport Routing, Error checking Data integrity IP, ARP Internet Provides interface to network hardware and software. PPP, FDDI Network Interface Created By Manish Mathur

37 LANLAN Micro computer based network. Inexpensive transmission device. Physical interconnection. High data transmission rate. Limited geographical area. Several topologies possible. Transmission speed is independent of attached devices. Central computer provides only storage. Protected mode transmission. Freedom of communication. LAN is a inter-connection of 2 or more computers and associated devices within restricted geographic area Created By Manish Mathur

38 Benefits Of LAN Security Hardware Cost reduction Communi- cation Distributed processing Data Management benefit Software Cost saving Organal benefits Benefits Created By Manish Mathur

39 LAN Requirement Compatibility Inter- networking ModularityMaintenance Pre-requisites of LAN Created By Manish Mathur

40 LAN Components File Server NOS Work Station NICCable LAN C O M P O N E N T Created By Manish Mathur

41 The LAN which does not require any physical media for data transmission. It employ Radio waves or Infrared signals. A transceiver device, called access point, is connected to server and support a small group of users. End user access WLAN through WLAN adapter installed in their computer. Created By Manish Mathur

42 Client – Server Technology Traditional Models Mainframe Architecture PC Architecture File-sharing Architecture Created By Manish Mathur

43 C/S divides the processing task and processing power between client and server. Server sends only that record which is required by the client thereby support database concurrency. C/s software is based on versatile, message- based and modular infrastructure to improve usability, flexibility, interoperability, scalability. Created By Manish Mathur

44 Reasons and Benefits to C/S computing Easy use of MIS Better customer services Lowering IT cost Direct access to required data. Better connectivity (OFC) Easy implementation and use Increased data security Direct centralised control of NOS Distributed processing Software cost benefits (purchase & upgrade) Platform independent Easy adaptability to new hardware. Created By Manish Mathur

45 Characteristics of C/S computing Consist of client and server process that can be distinguished. Client and server process can operate on different computer. Any plate form can be upgraded individually. Server can service multiple client and client can avail services of multiple servers. Some part of application logic resides at client end. Actions are initiated by client. GUI based interface. SQL capability. DB Security Network capability. Created By Manish Mathur

46 Components of C/S computing Client ~ –Non-GUI based –GUI based –OOUI based Server ~ –Printer, Modem, Database, Processing server Middleware ~ –4 layers Service layerBack-end processing layer NOS layerTransport layer Fat client/server ~ –Fat client : 2-tier system –Fat server : 3-tier system Network Created By Manish Mathur

47 VPN is a privately operated network of an organization that uses a public server. Types ~ –Remote-access VPN –Site-to-site VPN Intranet based Extranet based Created By Manish Mathur

48 Broad Band Network (ISDN) It is a system of combining voice and data transmission. Bandwidth 64kbps. Types ~ –BRI : 2voice and 1 data channel –PRI : 3 voice and 1 data channel Advantages ~ –Allows multiple digital channels to operate on regular phone line. –Easy routing to the proper destination. –Keep noise and interference out, even after combining. –Does not disturb the established connection. Created By Manish Mathur

49 Type of Server [1] Data base server :~ The central computer of a network which stores, updates and manage Data Base of an organization. User interface and Processing logic resides on the Clients PC. It is found in the networks with 2-tier architecture. [2] Printer Server :~ The central computer of a network which is connected to a printer and allows shared access of printer to its clients. It can be Dedicated or Non-dedicated. [3] Transaction Server :~ It provides centralized, on-line processing of transactions. Created By Manish Mathur

50 [4] Application Server :~ The central computer of a network which provides logic for processing of data of the database. It is found in the networks with 3-tier architecture. First tier-Front end-Client (UI) Second tier-Middle end-Application Server Third tier-Back end-Data Base Server Features ~ Component Management Fault Tolerance Load Balancing Transaction Management Operators Console High Security Types ~ Web information server : Server with web script of HTML Component server : Server with application software Active application server : Server with decision processing S/w Created By Manish Mathur

51 Internet Servers [1] File Server ~ It stores user files centrally and allows shared access. It also provides regular backup. [2] Mail Server ~ They are used to receive and store e-mails. It provides 24 * 365 hrs. access. [3] DNS Server ~ It is Internet wide distributed database system. It stores host name and associated IP address. [4] Gopher Server ~ They are search engines used to locate information on the NET. It prompts user for the site address that interests them. [5] Web Server ~ The provides cyber space to host users site. HTML is used to prepare web document and browser program is used to view them. Created By Manish Mathur

52 [ 6 ] FTP Server ~ They are used to send and receive files from the users. They are of 2 types – (i) Anonymous server(ii) Named server [ 7 ] News Server ~ They provides world wide discussion system. Users may read and post their articles. [ 8 ] Chat Server ~ They provide communication facility to users. They are of 2 types – (i) Moderated(ii) Un-moderated [ 9 ] Caching Server ~ They maintain a library of web pages and there by reducing no. of NET accesses. [ 10 ] Proxy Server ~ They restrict access to information on the NET, by refusing or passing the request to the server. It operates on a list of rules given by system administrator. Created By Manish Mathur

53 Tier system Single tier system Two tier system Three tier system N-tier system Created By Manish Mathur

54 A single computer containing database to store the data and applications to process the data is called Single tier system. In other words, when all the three component viz. User Interface, Database and Application logic resides in one computer, this is called Single Tier Architecture. Advantages ~ It requires only one stand alone computer. It requires only one installation for licensed software. Disadvantage ~ It can be used by only one user at a time. It is impractical for an organization which requires many users to access data concurrently. Created By Manish Mathur

55 Definition ~ A 2TA consists of two computers : Client and Server. DB is stored on the server and UI resides on the client. PL can be either on the client or on server. Purpose ~ To improve usability by supporting user friendly interface. To improve scalability by supporting upto 100 users. To support simple, non-time critical system by minimizing operators intervention. Technical details ~ If processing load is on the client, such client is called Fat Client and if it is on the server then such server is called Fat Server. Created By Manish Mathur

56 Advantages ~ More users can interact with the system concurrently. Disadvantage ~ Performance deteriorates if number of users > 100. Limited flexibility due to shifting processing capability to server. Not cost-effective in terms of software if processing capability is shifted to client. Created By Manish Mathur

57 Definition ~ Emerged in 1990s, 3-TA is designed by adding a third tier (middle tier server) to 2-TA. The middle tier provides process management and can accommodate hundreds of users. Purpose ~ To provide increased performance, flexibility, maintainability and scalability, while holding complexity away from the user. Client 1 Application Server Data Base Server Created By Manish Mathur

58 Advantages ~ Clear separation of User Interface, Database, Process logic. Dynamic load balancing Change management Disadvantages ~ Increased need for traffic management, load balancing and fault tolerance. Costly tools. Server library maintenance tools are inadequate to promote code sharing. Created By Manish Mathur

59 Data Centre It is a on-line, centralized, highly secured and fault resistant repository for the storage and management of database. The primary goal of DC is to deploy redundant infrastructure to maximize availability and prevent down time. Types ~ - Public Data centre- Private Data centre Tiers ~ - Tier 1 - Tier 2 - Tier 3 - Tier 4 Created By Manish Mathur

60 Services of Data Centre Database Monitoring Web Monitoring Backup & Restore ID system Storage On Demand Created By Manish Mathur

61 Features of Data Centre Size (Land, server, people) Data Security (IDS, DRP) Data Availability (B&R) Security (Physical & logical) Electrical system (UPS) Backup System Continuous monitoring Environment control (cool, dust free) Created By Manish Mathur

62 DC infrastructure need to be exploited to maximize ROI. Client of the public DC prefer to choose that DC which provides them benefits of cost saving as well as one-stop provider of value added services. Therefore, DC need to ready with additional infrastructure for the customers who wish to increase their requirement without advance notice. DC must ensure that bloated inventories of technical infrastructure lead to large amount of sunken capital and when not used in time can become obsolete. Created By Manish Mathur

63 Challenges faced by Management Challenges High data growth Performa nce and scalability Congestion & Connectivity IT Administrat ion Inadequate DRP Data protection Technology Resource balancing Created By Manish Mathur

64 1) Controlling high data growth ~ It is the biggest h/w infrastructure challenge. Data de-duplication techniques(DDT) are used to face it. DDT replaces redundant data with a pointer to unique data copy. 2) System performance and scalability ~ It is relate to technology obsolescence. Obsolete systems consumes more space, power, cooling and require more maintenance. To avoid this IT managers must do heavy initial planning(3-5 yrs) to accommodate performance and capacity need without adding new systems. 3) Network Congestion and Connectivity ~ The new generation servers support high I/O operation but the tradition LAN switches are not able to meet this increase network demand. This creates a big network challenge. Created By Manish Mathur

65 4) IT administration and staff time ~ Security administrator have to protect more data and meet high security standard while staying limited budget. They have to invest in the following ~ Automatic load balancing and tuning Automatic monitoring and proactive identification of h/w problem. Provide centralized dashboard to monitor and report on the status of B&R, Duplication and de-duplication. 5) Inadequate DRP ~ DC that uses tapes for backup and dissimilar disk based system for on- line storage are vulnerable to data loss in the event of disaster. IT managers should consider the use of consistent storage platform. 6) Adopting new data protection technology ~ With limited budget and resources DC managers are challenged to protect their investment. The cost and risk of migration to new technology poses a great challenge. 7) Resource balancing ~ Created By Manish Mathur

66 Disaster Recovery Site COLD site WARM site HOT site Created By Manish Mathur

67 Business Continuity Planning Components ~ 1 : Requirement Definition 2 : Identification of Critical Resources 3 : Planning of use of resources 4 : Definition of Role & Responsibility 5 : Testing 6 : Maintenance Created By Manish Mathur

68 Life cycle of BCP~ Analysis Solution design Implemen tation Testing Mainte nance Created By Manish Mathur

69 Phase-I : Analysis Impact Analysis Threat AnalysisImpact ScenarioRecovery Requirement Created By Manish Mathur

70 Impact Analysis Identification of critical and non-critical business functions. For each critical function assign two values ~ RPO (Recovery point objective) – to ensure MTDL (Maximum tolerable data loss) RTO (Recovery time objective) – to ensure MTPD (Maximum tolerable period of disruption) Threat Analysis Identification of Threat What can occur in general What is likely to occur Created By Manish Mathur

71 Impact Scenario Assessment of loss/exposure due to materialization of threat. Such as – Antenna damage, cable burn, database crash, building loss etc. Recovery Requirement Hardware, Software, Data/Database, Furniture, Peripheral equipments, personnel etc. Created By Manish Mathur

72 Phase-II : Design The activities involved here are ~ Team Building and assignment of Role and Responsibility Selection of Recovery site Telecommunication architecture Backup and Recovery methodology for Data Backup and Recovery methodology for Application Phase-III : Implementation Putting plan into action is called implementation. This phase involve signing contract/agreements with external parties to support in recovery. Created By Manish Mathur

73 Phase-IV : Acceptance testing Testing is conducted to ensure that BCP satisfy all business requirements. Test is conducted annually or bi-annually Problem identified are rolled out to maintenance phase. Testing include ~ Swing test (primary to secondary to primary) Application test Business process test Created By Manish Mathur

74 Phase-V : Maintenance Three activities involved ~ Information update and testing Staffing change, changes in client and their contract, changes in vendors and their contract, changes in the companys investment portfolio etc. Testing and verification of technical solution Virus definition, Application security, Hardware operability, software operability data verification etc. Testing & verification of organization procedure Have the system procedure changed ? Are all the procedures are documented ? Are all the procedures allow staff to recover the system ? Created By Manish Mathur

75 Network Security To protect network communication from intruder and to safeguard the assets. Types ~ –Physical Security –Logical Security Security Administrator prepares a security program to ensure safeguarding of assets. There are 8 steps of security program development. Created By Manish Mathur

76 Step 1 : Preparing Project Plan Step 2 : Assets Classification Step 3 : Assets Valuation Step 4 : Threat Identification Step 5 : Threat Probability Step 6 : Exposure Analysis Step 7 : Control Adjustment Step 8 : Reporting to management Created By Manish Mathur

77 Intrusion Detection System (IDS) IDS NIDHID Hybrid IDS Network- Node IDS Created By Manish Mathur

78 Threats Un- Structured Structured ExternalInternal Created By Manish Mathur

79 1) Unstructured Threats This originate from inexperienced individuals using easily available hacking tools from the internet. E.g. Port scanning tool, Address- swapping tools etc. These kind of actions are done more out of curiosity rather then bad intention. 2) Structured Threat These originate from highly motivated and technically competent individuals. They take advantage of system vulnerability and penetrate the security. They target specific business and hired by organized crime, competitors etc. 3) External Threat These originate from individuals not member of the organization and does not have legitimate access to system. 4) Internal Threat These originate from employees or individuals who have authorized access to the network and system. Created By Manish Mathur

80 Vulnera bility Software bugs Timing Window Insecure default configurat ion Bad Protocol Trusting unworthy Info. End User Created By Manish Mathur

81 Software bugs Buffer overflow, failure to handle exception, input validation error etc. These are so common that users have developed ways to work with them. Timing window System failure to protect the temporary files created on the hard disk. Insecure default configuration It occurs when user use vender supplied password. Bad Protocol Protocol with poor security control are likely to be exploited by hackers. Trusting untrustworthy information It occurs when computers are not programmed to verify that they are receiving information from a unique host and they allow system access to any body. Non-professional end users Unawareness of password protection, backup and recovery operation etc. Created By Manish Mathur

82 Virus Attack A man-made program developed to perform destructive activities. Depending on the intension of its developer it can do any thing. 3 Controls ~ –Preventive control –Detective control –Corrective control Created By Manish Mathur

83 Abuse of software Ways ~ –Unauthorized copy of proprietary S/W & Database. –Threat to the privacy of individuals data stored in the server. –Use of server for personal gain by employee. –Hackers gaining unauthorized entry in the system. –Intruders destructing the communication. Controls ~ –Logical access controls –General and application controls –Backup & Recovery plan –Insurance coverage Created By Manish Mathur

84 Fire Wall A device acting as a barrier between company server and outside world. Types ~ –Network level firewall –Application level firewall Created By Manish Mathur


Download ppt "Chapter [3] Computer Network and Network Security Created By Manish Mathur."

Similar presentations


Ads by Google