Common Hardware Requirements for Computer Networking

Network Interface Card : Also known as network adapter, interfaces a computer board with the network medium. Repeater : two-ports electronic device that just repeats what it receives from one port to the other. Bridge : a more sophisticated repeater with logic capabilities that filters packets Hub : multi-port repeater. Switch : multi-port bridge

Common Hardware Requirements for Computer Networking Router : links two or more networks (different types too), passing messages with appropriate routing information. Gateway : Similar to routers, links two networks. Modem :Converts digital data originating from a terminal or computer, to analog signals used by voice communication networks such as the telephone system Firewalls : Firewalls are systems that establish access control policies among networks.

Network Interface Card(nic) An expansion board you insert into a computer so the computer can be connected to a network. Most NICs are designed for a particular type of network, protocol, and media, although some can serve multiple networks

Network Interface Card

Repeaters A communications device that amplifies or regenerates the data signal in order to extend the transmission distance. Available for both analog and digital signals, it is used extensively in long distance transmission.

Bridges A Bridge is an electrical device which connects and passes packets between two network segments. In general, a bridge will forward or discard an incoming frame based on the MAC address of that frame.

Hubs Hub's major function is to replicate data it receives from one device attached to it to all others. Hubs differ in the amount of devices that can connect to them, the length of wire that can transmit on, and the type of media they support.

Switches Switch is a device used to link several separate LANs and provide packet filtering between them. Packets are filtered by the switch based on the destination address. Switches can also support numerous transmissions simultaneously.

Routers A device that forwards data packets from one local area network (LAN) or wide area network (WAN) to another. Routers read the network address in each transmitted frame and make a decision on how to send it based on the most expedient route (traffic load, line costs, speed,bad lines, etc.).

Gateways A computer that performs protocol conversion between different types of networks or applications. Gateways function at layer 4 and above in the OSI model.

Gateways (contd..) Examples of gateways found on today's markets are: VocalTec Gateway: A gateway that converts human speech traveling on analog phone lines into local area network protocol data, and visa-versa. RadVision Gateway: Converts video from digital phone lines into local area network protocol data, and visa-versa.

Modems "Modem" (MOdulator-DEModulator). A modem is a device that converts digital data originating from a terminal or computer, to analog signals used by voice communication networks such as the telephone system. At one end, modems convert the digital pulses to audible tones and convert audio tones back to digital pulses at the other.

Modems (contd..) Characteristics : Transmission speed Internal/External Error detection and correction Compression

Firewall Firewalls are systems that establish access control policies among networks. They can block information from entering a network or from getting out of that network, they can permit different users to perform different kinds of operations, according to the user's authorizations.

Firewall (contd..) There are two general types of firewalls: Packet Level Firewalls, which examine packets and decide according to filtering rules whether to pass them to the network. Application Level Firewalls, which monitor specific applications protocols.

Networking Software Networking support is typically provided by two software components: High-Level Networking Software. Network Driver Software.

High-Level Networking Software. Provides end-user-oriented functions that are associated with the Application layer through the Network layer of the OSI model. This is the software that the end user perceives.

Network Driver Software Provides an interface between the high-level networking software and the particular Network Interface Card (NIC) that is being used for physical LAN communication

Commonly Used High Level Networking Software Systems PPP SLIP FTP TELNET SMTP SNMP UDP TCP/IP

PPP Short for Point-to-Point Protocol, a method of connecting a computer to the Internet Developed by the Internet Engineering Task Force in 1991, it has become popular for Internet access as well as a method for carrying higher level protocols.

SLIP (Serial Line IP) A data link protocol for dial-up access to TCP/IP networks. It is commonly used to gain access to the Internet as well as to provide dial-up access between two LANs. SLIP transmits IP packets over any serial link (dial up or private lines)

FTP (File Transfer Protocol) A protocol used to transfer files over a TCP/IP network (Internet,UNIX, etc.). It includes functions to log onto the network, list directories and copy files. It can also convert between the ASCII and EBCDIC character codes.

TELNET A terminal emulation protocol commonly used on the Internet and TCP/IP-based networks. It allows a user at a terminal or computer to log onto a remote device and run a program. Telnet was originally developed for ARPAnet and is an inherent part of the TCP/IP communications protocol.

SMTP (Simple Mail Transfer Protocol) The standard e- mail protocol on the Internet. It is a TCP/IP protocol that defines the message format and the message transfer agent (MTA), which stores and forwards the mail. SMTP was originally designed for only ASCII text, but MIME and other encoding methods enable program and multimedia files to be attached to messages.

SNMP (Simple Network Management Protocol) A widely-used network monitoring and control protocol

UDP (User Datagram Protocol) A protocol within the TCP/IP protocol suite that is used in place of TCP when a reliable delivery is not required. For example, UDP is used for realtime audio and video traffic where lost packets are simply ignored, because there is no time to retransmit. If UDP is used and a reliable delivery is required, packet sequence checking and error notification must be written into the applications.

TCP/IP Transmission Control Protocol/Internet Protocol, the suite of communications protocols used to connect hosts on the Internet. TCP/IP uses several protocols, the two main ones being TCP and IP. TCP/IP is built into the UNIX operating system and is used by the Internet, making it the de facto standard for transmitting data over networks.

Network Operating System Also called as NOS. It is an Operating System that manages network resources. It manages multiple requests concurrently & provides security necessary in a multi-user environment. Ex. : NetWare, UNIX and Windows NT

NetWare A popular local-area network (LAN) operating system developed by Novell Corporation. NetWare is a software product that runs on a variety of different types of LANs, from Ethernets to IBM token-ring networks. It provides users and programmers with a consistent interface that is independent of the actual hardware used to transmit messages.

UNIX A multiuser, multitasking operating system that is widely used as the master control program in workstations and especially servers. Due to its portability, flexibility, and power, UNIX has become the leading operating system for workstations

Windows NT (Windows New Technology) An advanced 32-bit operating system from Microsoft for Intel x86 and Alpha CPUs. it is a self-contained operating system that runs 16-bit and 32-bit Windows applications as well as DOS applications

Facilities Of A Network Operating System Redirection Server software File service

Redirection Redirection is taking something headed in one direction and making it go in a different direction. With redirection, an operating program does not know or care where its output is going.

Server Software Software that resides in a server and provides services to multiple users on the network. A NOS is made of a redirector and a server. Not all machines need to run the server software, because not all computers need to share their resources.

File Service A file server’s primary task is to make files available to users, although it also makes other resources available, including printers and plotters. File service allows users to share the files on a server. The server PC can make its whole disk, certain directories, or certain files available. The file server’s hard disk becomes an extension of each user’s PC.

Network Security Refers to techniques for ensuring that data stored in a computer cannot be read or compromised by unauthorized persons Most security measures involve data encryption and passwords. Data encryption is the translation of data into a form that is unintelligible without a deciphering mechanism. A password is a secret word or phrase that gives a user access to a particular program or system.

Network Security The authorization of access to files and directories in a network. Users are assigned an ID number and password that allows them access to information and programs within their authority. Network security is controlled by the network administrator.

Types Of Network Security Share level security. User level security.

Share Level Security In Share-level security access control to a file, printer or other network resource based on knowing the password of that resource. Share-level security provides less protection than user-level security, which identifies each person in the organization.

User Level Security In User-level security access control to a file, printer or other network resource based on username. It provides greater protection than share-level security, because users are identified individually or within a group. User-level permissions are stored in a central server and managed by the network administrator.

Purpose Of Security To Prevent unauthorized individuals form examining sensitive information. To Prevent unauthorized individuals form modifying important information. To Prevent malicious individuals form disrupting the normal operation of a system.

Outline Of The Process Of Securing The Network Risk Assessment Vulnerability Security Policy

Risk Assessment Risk assessment is the process of finding out what data you have and how important is it to you. In addition to the importance of the data is the amount of damage you will incur if it is lost or compromised Risk assessment also means hardware and software analysis

Vulnerability There are dozens and dozens of ways your network can be compromised, and the first step in finding them is by taking a look around. Looking around is literally the first step in assessing your vulnerability

Security Policy Security policy is a written document that outlines the rules by which all users of the network must abide by. These rules can encompass many different aspects of network use and misuse.

Security Policy (contd..) Security policy should address certain issues like: Acceptable use Access User privacy Passwords Enforcement Purchasing Support and maintenance

Default Security Policies The following is an example of a default security policy: Passwords System Level Network Level File and Directory Level Owned By An Individual User Shared Resources Administrative Privileges