A Local Area Network (LAN) supplies networking capability to a group of computers in close proximity to each other such as in an office

building, a school, or a home. A LAN is useful for sharing resources like files, printers, games or other applications. A Metropolitan Area Network (MAN) is a computer network that usually spans a city or a large campus. A MAN usually interconnects a number of (LANs) using a high-capacity backbone technology, such as fiber-optical links. A Wide Area Network (WAN) is a network that covers a broad area (i.e., any telecommunications network that links across metropolitan, regional, or national boundaries) using private or public network transports. Business and government entities utilize WANs to relay data among employees, clients, buyers, and suppliers from various geographical locations. In essence, this mode of telecommunication allows a business to effectively carry out its daily function regardless of location. The Internet can be considered a WAN as well, and is used by businesses, governments, organizations, and individuals for almost any purpose imaginable. In storage networking terminology, a Storage Area Network (SAN) is a high-speed subnetwork of shared storage devices. A storage device is a machine that contains nothing but a disk or disks for storing data. The Virtual Private Network (VPN) technology included in Windows Server 2003 helps enable cost-effective, secure remote access to private networks. VPN allows administrators to take advantage of the Internet to help provide the functionality and security of private WAN connections at a lower cost. In Windows Server 2003, VPN is enabled using the Routing and Remote Access service. VPN is part of a comprehensive network access solution that includes support for authentication and authorization services, and advanced network security technologies. VPN connections VPN connections use either Point-to-Point Tunneling Protocol (PPTP) or Layer Two Tunneling Protocol/Internet Protocol security (L2TP/IPSec) over an intermediate network, such as the Internet. By using the Internet as a connection medium, VPN saves the cost of long-distance phone service and hardware costs associated with using dial-up or leased line connections. A VPN solution includes advanced security technologies such as data encryption, authentication, authorization, and Network Access Quarantine Control. Using VPN, administrators can connect remote or mobile workers (VPN clients) to private networks. Remote users can work as if their computers are physically connected to the network. To accomplish this, VPN clients can use a Connection Manager profile to initiate a connection to a VPN server. The VPN server can communicate with an Internet Authentication Service (IAS) server to authenticate and authorize a user session and maintain the connection until it is terminated by the VPN client or by the VPN server. All services typically available to a LAN-connected client (including file and print sharing, Web server access, and messaging) are enabled by VPN. VPN clients can use standard tools to access resources. For example, clients can use Windows Explorer to make drive connections and to connect to printers. Connections are persistent: Users do not need to reconnect to network resources during their VPN sessions. Because drive letters and universal naming convention (UNC) names are fully supported by VPN, most commercial and custom applications work without modification. Advantages Allows you to be at home and access your company's computers in the same way as if you were sitting at work. Almost impossible for someone to tap or interfer with data in the VPN tunnel.

If you have VPN client software on a laptop, you can connect to your company from anywhere in the world. Disadvantages Setup is more complicated than less secure methods. VPN works across different manufacturers' equipment, but connecting to a non-NETGEAR product will add to difficulty, since there may not documentation specific to your situation. The company whose network you connect to may require you to follow the company's own policies on your home computers ( ! )

Remote Access VPN Remote access VPN connections enable users working at home or on the road to access a server on a private network using the infrastructure provided by a public network, such as the Internet. From the users perspective, the VPN is a point-to-point connection between the computer (the VPN client) and an organizations server. The exact infrastructure of the shared or public network is irrelevant because it appears logically as if the data is sent over a dedicated private link. Site-to-Site VPN Site-to-site VPN connections (also known as router-to-router VPN connections) enable organizations to have routed connections between separate offices or with other organizations over a public network while helping to maintain secure communications. A routed VPN connection across the Internet logically operates as a dedicated WAN link. When networks are connected over the Internet, as shown in the following figure, a router forwards packets to another router across a VPN connection. To the routers, the VPN connection operates as a data-link layer link. A site-to-site VPN connection connects two portions of a private network. The VPN server provides a routed connection to the network to which the VPN server is attached. The calling router (the VPN client) authenticates itself to the answering router (the VPN server), and, for mutual authentication, the answering router authenticates itself to the calling router. In a site-to site VPN connection, the packets sent from either router across the VPN connection typically do not originate at the routers.

Internet, Intranet, and Extranet

Internet, intranet, and extranet are three terms that describe Internet-type applications that are used by an organization, but how do you know if a web application is part of your intranet or part of the Internet?
Internet If you wish to expose information to everyone in the world, then you would build an Internet-type application. An Internet-type application uses Internet protocols such as HTTP, FTP, or SMTP (Simple Mail Transfer Protocol) and is available to persons anywhere on the Internet. We use the Internet and web applications as ways to extend who the application can reach. For example, I no longer need to go to the bank to transfer funds. Because the bank has built a web site on the Internet, I can do that from the comfort of my own home. Intranet An application is considered to be on the companys intranet if it is using Internet -type protocols such as HTTP or FTP but the application is available only within the company. The information on a companys intranet would not be accessible to persons on the Internet becau se it is not for public use. For example, a few years ago I was sitting with my banking officer going over my account and noticed that the bank had moved all of its customer account information to a web site and that the banking officer was using a web browser to retrieve my account details. Although the application was being used by a web browser, it was still an internal application meant only for banking officers. Extranet From time to time, an application that has been built for the companys intranet and used by internal employees will need to be extended to select business partners or customers. If you extend your intranet out to select business partners or customers, you have created an extranet. An extranet cannot be used by anyone else external to the company except for those selected individuals. Figure 1-3 displays the basic configurations of Internet, intranet, and extranet. This section has introduced you to some terms such as peer-to-peer versus server-based networking, Internet, intranet, and extranet; now lets look at how the network is laid out with the different network topologies!