Beruflich Dokumente
Kultur Dokumente
1. STPI-Software Tech Parks of India 2. IT-Information Technology 3. VPN-Virtual Private Network 4. VSAT-Very Small Aperture Terminal 5. UTM-Unified Threat Management 6. ATM-Asynchronous Transfer Mode 7. ISP-Internet Service Provider 8. ISDN-Integrated Service Digital Network 9. DNS-Domain Name Server 10. DHCP-Dynamic Host Configuration Protocol 11. LAN-Local Area Network 12. WAN-Wide Area Network 13. MAN-Metropolitan Area Network 14. WWW-World Wide Web 15. FTP-File Transfer Protocol 16. OSI-Open Systems Interconnection 17. MAU-Media Attachment Unit 18. NIC-Network Interface Card 19. URL-Uniform Resource Locator 20. P2P-Peer to Peer 21. TCP/IP-Transmission Control Protocol/Internet Protocol 22. IANA-Internet Assigned Numbers Authority 23. ICANN-Internet Corporation for Assigned Names and Numbers 24. MAC-Media Access Control 25. NFS-Network File System 26. CIFS- Common Internet File System 27. QOS-Quality Of Service 28. NAT-Network Address Translation 29. NAS-Network Attached Storage/Server 30. CAT5-Category 5 31. CBR-Constant Bit Rate 32. ABR-Available Bit Rate 33. VBR-Variable Bit Rate 34. UBR-Unspecified Bit Rate 35. VOIP-Voice Over Internet Protocol 36. OFC-Optical Fibre cable 37. RFT-Receiver Frequency Transmitter
38. SSPA-Soli state Power Amplifier 39. EMR-Edge Media Router 40. LNB-Low Noise Block 41. LNA-Low Noise Amplifier 42. UDP-User Datagram Protocol 43. SNMP-Simple Network Management Protocol 44. SMTP-Simple Mail Transfer Protocol 45. RADIUS- Remote Authentication Dial In User Service 46. POP3-Post Office Protocol 3 47. RIP-Routing Information Protocol 48. BGP-Border Gateway Protocol 49. OSPF-Open Shortest Path First 50. HTTP-Hyper Text Transfer Protocol
Chapter 1: Introduction
II.
The availability of bandwidth through Satellite is not very high. DOT has recently announced the landing policy of submarine cable. It is felt that few submarine fibre cable are likely to land in Chennai, Mumbai, Cochin and Vizag. STPI is already providing the data communication through its satellite earth stations. Due to the growth of IT software export segment, the software companies also need bandwidth through fibre. Some of the companies, that are doing mission critical applications like call centre operation, security services, etc require fiber to avoid transition delay inherent in satellite link. STPI is planning to setup a landing station, in order to meet these requirements. Fig 1:STPIs Antenna III. Export Promotion: At present, the major share of software exports market is in Europe and US. The smaller companies are unable to garner market share due to lack of market knowledge and ability to leverage their abilities in spite of inherent skills in product development and management. Such a situation, if continued, could confine them to very low growth rates for future. Accordingly, STPI plans to increase its focus as business promotion through increased participation in Exhibitions, Trade Fairs and Delegations etc for the SME sector.
Bhilai : STPI centre has been providing the High Speed Data communication facilities to the IT industry through the international gateway with scalable configuration is setup in Bhilai. The location of the earth station is such that it is in the line of sight from most of the locations in Bhilai as from various other locations with a radius of 30 kms from the station. These gateways are integrated with the line of sight point-to-multipoint equipment for connecting the user premises located outside the complex by means of microwave links.
The customers premises in India will be connected to their client located abroad by gateway which will be located at Bhilai through a radio link using either point or point to multi point radio link. This will facilitate any company operating in India or abroad connected to Internet, and to access soft NET.
Availing access and setting up the connection to SOFT LINK How to access the SOFT LINK?
SOFT LINK will be managed through a wide area network plan and you will get connected to the network. You will get a port on the Ethernet Hub which will be located in the LAN. The LAN will be further connected to the International Gateway and managed from network Dehradun Control Centre which will be located at STPI- Dehradun. The LAN setup will be directly connected to the International Gateway through a UTP backbone, whereas the LANs in different locations will be connected to the International Gateway via a microwave link. You can locate your unit anywhere outside in the city. STPI- Dehradun will provide point-point or point-multipoint radio link up to the ROUTER at your premises. a) Leased Internet Access on Radio Local Loops: Microwave radio connection of the desired bandwidth is set up from customers premises to the International Gateways of STPI. These links are installed and maintained by STPI itself and the customer has to pay just one time installation charge. The data rate options for the Leased Internet Service on Radio are n x. b) Leased Internet Access on Dot Local Loop: A wired n x 64k is hired form DOT for the customers. The customer will need to hire a lease line, of the required data rate, from Dot and will pay for the installation and annual lease access for the local loop. STPI will provide port access on its router and will charge for the same. c) Leased Internet Access Using ISDN Lines: Those who wished to use their ISDN lines for Internet access can use this facility. Customer will have to pay for an additional ISDN line at STPI as the line has to be used in dedicated made. Service is presently available for ISDN BRI and leased connection is for 64kbps or 128 kbps.
1.7 INFRASTRUCTURE
INCUBATION
Business and Technology incubation catalyzes the process of starting and growing companies. It provides entrepreneurs with the expertise, networks & tools they need to make their ventures successful. As an incubator we will nurture young firms, helping them to survive & grow during the startup period when they are most vulnerable. We would provide to entrepreneurial firms a shared office services, access to equipment , flexible lease and expandable space; all under one roof. As an incubator, we plan to provide our services in the following areas: 1. Full service Office Facilities 2. Web hosting services 3. Business plan development
Strength of STPI to act as an Incubator:Technical Support: STPI has got in house expertise, most of the latest technologies details & machinery, most of the latest technological Fig 2: STPI providing technical details & machinery which would support support technical development. Software Policy and Legal Advice: STPI has been giving consultancy in Data Com, Software Export, facilities/ provisions, and setting up of STPI units and related services. Quality Certification: As STPI is an ISO9002 company, so undoubtedly quality will be maintained at all levels. Maintenance and Repairs: Our highly technical staff and 24 hr. helpdesk shows commitment to provide efficient services by which the entrepreneur will be benefited. Infrastructure Support (Back Bone) : STPI has got strong backup of all related facilities which are required for an upcoming organization in Software export such as LAN, ISP, Power back-ups etc.
10
1.8 OBJECTIVES
The purpose behind the research was to understand the basics of computer networking. To know the basic networking need of an organization The research was carried out to have understanding about the hardware used for network setup. The research was also conducted to learn designing a network setup.
11
12
2.2 Methodology
2.2.1 Research Type: This is descriptive research.
This type of research describes what exists and may help to uncover new facts and meaning. The purpose of descriptive research is to observe Describe and Document, aspects of a situation as it naturally occur. In this research what devices and techniques were used, and what is being used now are studied. Knowledge gained by this research is applied in finding the perfect network setup with modest gadgets.
2.2.2 Sources of Data: There are two sources of data used any
research. The first one is Primary source: and the second is Secondary source. . The primary source consists of questionnaires, personal interviews and observations. The secondary source consists of internet, magazines, and journals.
13
14
15
16
Because of the importance of this technology, decisions of purchase, structure, and operation of computer networks cannot be left to technical staff. Management as well has a critical need for understanding the technology of computer networks. Businesses use their computer networks to organize their assets, inventory, finances, communications, customer records, and operations. The network, and the systems attached to it are important, and like any business, keeping costs under control is crucial. Business class networks are a step up in complexity over residential networks. The requirements of any business network are more or less as follows: Reliable Maintainable Performance Feature Complete Affordable Since all the requirements in some way impact the bottom line of the business, it is worth taking some time on how these requirements impact the design and what they mean. 1. A Reliable Network A simple rule of thumb for reliability is, the more reliable, the more expensive. Also, there is no such thing as a 100% reliable design. What's left is a trade-off between reliability and costs. From an office perspective, hardware decisions should look at characteristics like warranty, peer review, environmental durability and mean time to failure. Complex features such as redundancy and remote administration is also important and very much needed. If there is a power outage then system must be able to recover itself. 2. A Maintainable Network Since 100% reliability is impossible, eventually maintenance will be necessary. Either a technician will be called in to handle maintenance when it is required, or office staff will handle the situation. Situations that resolve without the necessity for a technician are less expensive; therefore network designs where the majority of the network faults can be handled by the people onsite are preferable. Although maintainability is difficult to quantify, there are some characteristics of maintainable networks to take into consideration: Minimized failure points Failure Indicators Network Maps Clean Wiring
17
Consider the following circumstance with a maintainable network. A single computer on a wired network is unable to connect since the cable from the patch panel to the Ethernet switch has come loose. From glancing at a network map and looking at the connectivity lights at a centralized switch it becomes apparent that the physical connection between the switch and the computer has been broken. Reconnecting the loose patch cable will fix the problem, and was easy to spot. The same situation with an unmaintainable network might involve tracking down the series of connections tying the computer to the network and identifying which one has become loose. This could take hours in the worst case and require disconnecting other machines in the process of trying to find the right one. Designing for maintainability is important if avoiding disruption during service calls is important. Designing for maintainability is critical to the long term costs of having a network. 3. Network Performance Most offices favor functionality over performance when it comes to their computer networks. However that doesn't mean that the topic should be ignored when considering the design for the network. The highest level of performance and reliability is available through the use of wired network technologies. This will remain the case for the foreseeable future, however wireless technology has experienced a marked boost in performance and reliability with the advent of the 802.11n amendment to the wifi standard. Small offices which are interested in maximizing the performance of their network should look to use gigabit wired network technologies, routed through a single gigabit Ethernet switch. Additional performance can be achieved by switching the MTU (Maximum Transmission Size) of data on the network to 9k bytes up from the old standard of 1500 bytes. This is achieved by reducing the effective overhead of transmitting data on the network. Check for jumbo frame compatibility on any connected wired hardware before deploying this strategy. 4. A Feature Complete Network Unless office networks are well designed, they can be difficult to upgrade. For instance, a business network which has most of its routing configuration stored in the router with no way to export the configuration to a different machine will be harder to take down and replace than a device which can export its configuration. Sometimes a new feature is required after the network has already been built, only to discover that the current system cannot handle the new feature. One example may be DHCP static allocation, which is a feature that is not uniformly available
18
across commodity routers. Another example is VPN support; a feature highly in demand for those on the road or with a home office trying to tie into work. Designing a network that can accommodate future necessities can be challenging, especially when dealing with commodity hardware, however there are variety of router appliances which can make these challenges much less cumbersome. Examples of these appliances are pfSense, m0n0wall, freenas, smoothwall and others. Determining whether router appliances are necessary is a useful exercise since it helps specify the networks feature requirements. 5. An Affordable Network The cost to build, maintain, and extend a computer network is the true deciding factor for most if not all business. Commodity components may be affordable from an upfront perspective, undesirable from a reliability perspective and completely pointless from a maintenance, or feature perspective. The costs that comprise working on a new network design are as follows: Design Installation Maintenance Designing a network takes into account the logical and physical topology, the performance requirements, hardware, cable requirements (outdoor, indoor). Installation examines how long, and what will be necessary to implement the design. The maintenance cost deals with what will be involved in ensuring the network continues to function over time. Upfront design costs can seem fairly intimidating; however it is important to consider the long term benefit of having a well designed office network. Downtime is minimized, maintenance is straightforward when necessary, the network generally performs well.
19
20
21
General information about the Internet: The Internet is explored, aka surfed, using a computer browser. Finding information on the Internet is achieved by using a search engine. Users browse web pages by following hyperlinks. Besides browsing web pages, the Internet is also a popular method of communicating with others through online web forums, chat rooms, emails, and instant messages. In addition to communicating, users also use the Internet to share files, pictures, songs, and video over the Internet.
2) Intranet:
A basic definition of Intranet an Intranet can be viewed as a small Internet which resides on company or private LANs or local area networks. Intranets can be designed and built to suit the needs of all companies or home users, big or small, basic or complex, as in many large corporations which are used to encompass everything from Human Resources information, to Payroll, to service desks to projects.
22
What's the difference between intranet and internet? The Internet is quite literally open to everyone with an internet connection, an Intranet usually resides on a LAN or local area network, and as such is totally separate from the Internet. Intranets operate in a secure area and their content can only be seen by people within the this LAN or secure area.The purpose of an Intranet is to store any information which can be shared amongst. Security on the internet is primarily on the web server itself, as opposed to security on Intranets which can be both web server security or integrated into domain security. Corporate networks generally force you to use proxy servers to connect to the Internet, but not to the Intranet. Generally an Intranet will be faster than the Intranet, due to local servers and less users. Similarities between Intranet and Internet: Both the Intranet and Internet operate on the same technologies, primarily HTML (Hyper Text Markup Language) and TCP/IP (Transmission Control Protocol / Internet Protocol).Both are there to collectively share information.
3) LAN:
A local area network (LAN) supplies networking capability to a group of computers in close proximity to each other such as in an office building, a school, or a home. A LAN is useful for sharing resources like files, printers, games or other applications. A LAN in turn often connects to other LANs, and to the Internet or other WAN. Most local area networks are built with relatively inexpensive hardware such as Ethernet cables, network adapters, and hubs. Wireless LAN and other more advanced LAN hardware options also exist. Specialized operating system software may be used to configure a local area network. For example, most flavors of Microsoft Windows provide a software package called Internet Connection Sharing (ICS) that supports controlled access to LAN resources. Fig 4: Basic LAN Topology Also Known As: local area network
23
Examples:The most common type of local area network is an Ethernet LAN. The smallest home LAN can have exactly two computers; a large LAN can accommodate many thousands of computers. Many LANs are divided into logical groups called subnets.
4) WAN:
WAN stands for Wide Area Network. As its name suggests, it is a computer network that covers a far wider area than a LAN (Local Area Network). WANs cover cities, countries, continents and the whole world. A WAN is formed by linking LANs together. For example, several major LANs in a city can connect together forming a WAN. When networks connect to form a bigger network (a bigger WAN), the resulting network is called Fig 5: WAN Network an internetwork, which is generically abbreviated to an internet. Now when all WANs in the world connect forming a global internet, we call it The Internet, which everyone knows! Thats why the Internet is always written with a capital I. It is the biggest WAN we have.
5)
Broadband:
Broadband is a term referred to some technologies that offers high speed internet connectivity depending on framework and environment. In general terms broadband referred to communication technology that can employ different channels of data or data streams by using any medium (air or Physical). Broadband is a term for wide band. It defines the speed of data transfer rate. Often this question arises in the minds of common folks that what is broadband? The literal meaning of broadband is a wide band capturing the signals and delivering it as an independent bandwidth channels. As term broad tells that it is related to something bigger something vast still it limits are undefined. Roughly for about 7-10 years, you are seeing advertisements regarding the publicity of broadband. They are boasting about so many things like, speed, phone calls accessibility, cheaper, download acceleration etc.
24
Broadband basically works through its bandwidth. As you increase the width of the band, so you get the speedy access to the internet. Broadband it-self usually refer to services that offer high bandwidth over the medium of fiber optic, DSL, cellular services or broadcasting services.
Broadband Features:
Some of the broadband features are described here. Broadband Connectivity: As the whole world become a global village, one reason of it being so is the broadband connectivity. Signals are sent through fiber optic glass cable in the shape of light. This light source has the ability to carry a huge amount of information (data) in a very short time period. It supports multiple signals after distributing the whole into multiple independent bandwidth channels. Broadband Availability: Another very unique feature of this broadband connection is that it remains connected 24/7 hrs and still does not disrupt the telephone line. You can access the broadband through cable operators or direct through satellite. It depends on the type of broadband you are using. The important characteristic is that it only uses the ISP number of phone line without interrupting its own exercise. Broadband Desired Bandwidth: We can increase and decrease the broadband bandwidth according to our need. For this you need to ask to your internet service provider. There are different packages on different rates you go for the one which suits you the most. Benefits of Broadband: No doubt internet is facilitating since many years yet broadband is like seasoning it with freed condiment. Thats why if you really want to enjoy the internet facility in its true sense then go for broadband. Using positively, it will help to prosper your business by leaps and bound. If you are doing research work, it will surely be a quality output. You can design your website at best with graphics oriented and animated; broadband will facilitate to upload it and surely broadband user
6) Leased Line:
A leased line connects two locations for private voice and/or data telecommunication service. Not a dedicated cable, a leased line is actually a reserved circuit between two points. Leased lines can span short or long distances. They maintain a single open circuit at all times, as opposed to traditional telephone services that reuse the same lines for many different conversations through a process called "switching."
25
Leased lines most commonly are rented by businesses to connect branch offices, because these lines guarantee bandwidth for network traffic. Leased lines are dedicated circuits provided by Basic Service Providers (BSPs), which provide permanent connectivity to the Internet. Leased lines provide the last mile access from the user premises to the ISP. They provide permanent connection as compared to the temporary connectivity through dialup access. The quality of the connection is far superior to what is normally available through dialup, thanks to digital signaling, less noise, fewer exchanges etc. Since the access is "always on", it is possible to associate a pool of permanent IP addresses with a particular leased line. Normally, the ISP would provide 16/32 IP addresses for each 64 Kbps chunk of bandwidth. Using these IP addresses it becomes possible to deploy a variety of services such as mail, FTP, WWW, DNS, and proxy, to name the most common requirements of organizations. In other words, leased lines enable hosting of services of all types, and provide a platform for enterprise intranets and extranets, apart from what we may term as "entry level" services such as messaging, which still account for over 70 percent of all Internet access.
26
7)
Open Systems Interconnection ( OSI ) is a standard reference model for communication between two end users in a network. The OSI Model is a model that illustrates how data communications should take place. The model is used in developing products and understanding networks. It segregates the process into seven groups, called layers. Into these layers are integrated the protocol standards developed by the ISO and other standards organization, including the Institute of Electrical and Electronic Engineers (IEEE), American National Standards Institute (ANSI), and the International Telecommunications Union (ITU), formerly Layer Functions Fig 7: known as the CCITT (Comite Consultatif Internationale de Telegraphique et Telephone). The OSI Model tells us what protocols and standards should be used at each layer. It is modular, each layer of the OSI Model functions with the one above and below it. OSI Model Layers: LAYER 7 The APPLICATION Layer: The top layer of the OSI model provides a set of interfaces for sending and receiving applications to gain access to and use network services, such as: networked file transfer, message handling and database query processing. The application layer is responsible for providing services to the user. LAYER 6 The PRESENTATION Layer: Manages data-format information for networked communications (the networks translator). For outgoing messages, it converts data into a generic format for network transmission; for incoming messages, it converts data from the generic network format to a format that the receiving application can understand. This layer is also responsible for certain protocol conversions, data encryption or decryption, or data compression/decompression.
27
LAYER 5 The SESSION Layer: Enables two networked resources to hold ongoing communications (called a session) across a network . Applications on either end of the session are able to exchange data for the duration of the session. This layer is responsible for initiating, maintaining and terminating Sessions. Responsible for security and access control to session information (via session participant identification). Responsible for synchronization services, and for checkpoint services. The session layer is responsible for dialog control and synchronization. LAYER 4 The TRANSPORT Layer: Manages the transmission of data across a network. Manages the flow of data between parties by segmenting long data streams into smaller data chunks (based on allowed packet size for a given transmission medium). Reassembles chunks into their original sequence at the receiving end. Provides acknowledgements of successful transmissions and requests resends for packets which arrive with errors. The transport layer is responsible for the delivery of a message from one process to another. LAYER 3 The NETWORK Layer: Handles addressing messages for delivery, as well as translating logical network addresses and names into their physical counterparts. Responsible for deciding how to route transmissions between computers. This layer also handles the decisions needed to get data from one point to the next point along a network path. This layer also handles packet switching and network congestion control. The network layer is responsible for the delivery of individual packets from the source host to the destination host. LAYER 2 The DATA LINK Layer: Handles special data frames (packets) between the Network layer and the Physical layer. At the receiving end, this layer packages raw data from the physical layer into data frames for delivery to the Network layer.
28
At the sending end this layer handles conversion of data into raw formats that can be handled by the Physical Layer. The data link layer is responsible for moving frames from one hop (node) to the next. LAYER 1 The PHYSICAL Layer: Converts bits into electronic signals for outgoing messages Converts electronic signals into bits for incoming messages This layer manages the interface between the computer and the network medium (coax, twisted pair, etc.) This layer tells the driver software for the MAU (media attachment unit, ex. network interface cards (NICs, modems, etc.)) what needs to be sent across the medium The bottom layer of the OSI model is responsible for movements of individual bits from one hop (node) to the next.
8) Client-Server Model:
A client/server system: consists of a client and a server that are linked through a network. Client: requests the server for a given service through a special software Server: provides the requested service to the client under a set of conditions. Examples:- Internet, intranet, and extranet Another example of a popular C/S system is financial software that allows bank clients that can access their accounts from their home or office.
29
30
a) b)
c) d)
Data Are Readily Accessible to Decision Makers a) Accessibility to reliable, up-to-date information when needed b) Timely information can often translate into tangible benefits, such as increased profits or reduced operating costs; and intangible benefits, such as greater customer satisfaction. c) Server can be accessed remotely and across multiple platforms. Reduced Operating Costs: In the long run, the cost of information processing may be cheaper for client/server systems than for mainframe systems, thereby lowering overall operating costs. Reduced System Development and Maintenance Time In general C/S systems tend to be easier to develop than mainframe system. With proper planning and the necessary expertise, developers can create client/server systems more quickly and efficiently than mainframe applications. C/S system maintenance time is reduced as compared with systems that must be shut down to make upgrades or perform maintenance Changes or additions to an existing S/S system without much disruption because server applications are independent of client applications Increased Organizational Responsiveness: Designing a client/server system often compels managers and employees to search for more efficient, more effective business practices.
31
Extensive Planning Required a) Businesses tend to grow fast and in unexpected places, so a business must plan carefully and develop a strategic plan for a client/server system. Without a plan, the system becomes an ad hoc collection of systems that dont integrate information and streamline business processes. b) Company plan should identify the role of client/server system to achieve the company goals. The plan identifies hardware issues. (ex. Nature & type of network) operating system, system security, user training and access method. Inadequate Standards a) Like any other new and evolving technology, client/server systems lack standardization in terms of system management, maintenance, and security, resulting in some reinventing of the wheel. b) Developers become burdened with a host of issues that other environment would be a standard part of the hardware & software packages. Susceptible to Security Violations: The security concerns associated with client/server systems are greater than those associated with other information systems because client/server systems are prone to security violations. The same features that make the client/server flexible, modular, open, and responsive also make it risky and vulnerable.
9) Peer to peer
It is an approach to computer networking where all computers share equivalent responsibility for processing data. Peer-to-peer networking (also known simply as peer networking) differs from client-server networking, where certain devices have responsibility for providing or "serving" data and other devices consume or otherwise act as "clients" of those servers. Characteristics of a Peer Network: Peer to peer networking is common on
small local area networks (LANs), particularly home networks. Both wired and wireless home networks can be configured as peer to peer environments.
Computers in a peer to peer network run the same networking protocols and software. Peer networks are also often situated physically near to each other, typically in homes, small businesses or schools. Some peer networks, however, utilize the Internet and are geographically dispersed worldwide. Home networks that utilize broadband routers are hybrid peer to peer and clientserver environments. The router provides centralized Internet connection sharing, but file, printer and other resource sharing is managed directly between the local computers involved.
32
Benefits of a Peer to Peer Network You can configure computers in peer to peer workgroups to allow sharing of files, printers and other resources across all of the devices. Peer networks allow data to be shared easily in both directions, whether for downloads to your computer or uploads from your computer.On the Internet, peer to peer networks handle a very high volume of file sharing traffic by distributing the load across many computers. Because they do not rely exclusively on central servers, P2P networks both scale better and are more resilient than client-server networks in case of failures or traffic bottlenecks.
10) Servers:
A server is primarily a program that runs on a machine, providing a particular and specific service to other machines connected to the machine on which it is found. Nowadays, server functionality has become so rich, complex and varied in nature that there are whole very powerful computers dedicated to being exclusively servers. This has led many non-technical people to denote servers as being machines that run services. Generally speaking, a server is a machine with a specific set of programs that offer different types of service, which other machines (then called clients) request to do certain tasks. For example, a file server is a machine which keeps files, and allows clients to upload and download them from it. A web server is a machine that hosts web sites and allows Internet users (clients) to access these web sites. The page you are reading now comes from the about.com web server. A mail server is a machine which, along with the storage and management of email messages, provides service to email users who can read, retrieve, and manage these emails messages. How Web Servers Work? The Basic Process Let's say that you are sitting at your computer, surfing the Web, and you get a call from a friend who says, "I just read a great article! Type in this URL and check it out. It's at http://www.abcdef.com/web-server.htm." So you type that URL into your browser and press return. And magically, no matter where in the world that URL lives, the page pops up on your screen. At the most basic level possible, the following diagram shows the steps that brought that page to your screen:
33
Fig 9: Working of Web Server Your browser formed a connection to a Web server, requested a page and received it. Behind the Scenes If you want to get into a bit more detail on the process of getting a Web page onto your computer screen, here are the basic steps that occurred behind the scenes: The browser broke the URL into three parts: 1. The protocol ("http") 2. The server name ("www.abcdef.com") 3. The file name ("web-server.htm") The browser communicated with a name server to translate the server name "www.abcdef.com" into an IP Address, which it uses to connect to the server machine. The browser then formed a connection to the server at that IP address on port 80. (We'll discuss ports later in this article.) Following the HTTP protocol, the browser sent a GET request to the server, asking for the file "http://www.abcdef.com/web-server.htm." (Note that cookies may be sent from browser to server with the GET request -see How Internet Cookies Work for details.) The server then sent the HTML text for the Web page to the browser. (Cookies may also be sent from server to browser in the header for the page.) The browser read the HTML tags and formatted the page onto your screen. If you've never explored this process before, that's a lot of new vocabulary. To understand this whole process in detail, you need to learn about IP addresses, ports, protocols... The following sections will lead you through a complete explanation
34
DNS
If you've ever used the Internet, it's a good bet that you've used the Domain Name System, or DNS, even without realizing it. DNS is a protocol within the set of standards for how computers exchange data on the Internet and on many private networks, known as the TCP/IP protocol suite. Its basic job is to turn a user-friendly domain name like "abcdef.com" into an Internet Protocol (IP) address like 70.42.251.42 that computers use to identify each other on the network. It's like your computer's GPS for the Internet. Computers and other network devices on the Internet use an IP address to route your request to the site you're trying to reach. This is similar to dialing a phone number to connect to the person you're trying to call. Thanks to DNS, though, you don't have to keep your own address book of IP addresses. Instead, you just connect through a domain name server, also called a DNS server or name server, which manages a massive database that maps domain names to IP addresses. Whether you're accessing a Web site or sending e-mail, your computer uses a DNS server to look up the domain name you're trying to access. The proper term for this process is DNS name resolution, and you would say that the DNS server resolves the domain name to the IP address. For example, when you enter "http://www.abcdef.com" in your browser, part of the network connection includes resolving the domain name "abcdef.com" into an IP address, like 70.42.251.42, for Abcdef' Web servers. You can always bypass a DNS lookup by entering 70.42.251.42 directly in your browser (give it a try). However, you're probably more likely to remember "abcdef.com" when you want to return later. In addition, a Web site's IP address can change over time, and some sites associate multiple IP addresses with a single domain name. Without DNS servers, the Internet would shut down very quickly. But how does your computer know what DNS server to use? Typically, when you connect to your home network, Internet service provider (ISP) or WiFi network, the modem or router that assigns your computer's network address also sends some important network configuration information to your computer or mobile device. That configuration includes one or more DNS servers that the device should use when translating DNS names to IP address. So far, you've read about some important DNS basics. The rest of this article dives deeper into domain name servers and name resolution. It even includes an introduction to managing your own DNS server. Let's start by looking at how IP addresses are structured and how that's important to the name resolution process.
35
36
A NAS can store any data that appears in the form of files, such as email boxes, Web content, remote system backups, and so on. Overall, the uses of a NAS parallel those of traditional file servers. NAS systems strive for reliable operation and easy administration. They often include built-in features such as disk space quotas, secure authentication, or the automatic sending of email alerts should an error be detected.
37
Disadvantage: Because they repeat all traffic they receive on all attached ports each connected NIC will have a more difficult time getting its traffic onto the network. Whenever one NIC sends a message, all others must wait for it to pass before they get their own message onto the network.
13) Switch:
A network switch is a small hardware device that joins multiple computers together within one local area network (LAN). Technically, network switches operate at layer two (Data Link Layer) of the OSI model. Network switches appear nearly identical to network hubs, but a switch generally contains more intelligence (and a slightly higher price tag) than a hub. Unlike hubs, network switches are capable of inspecting data packets as they are received, determining the source and destination device of each packet, and forwarding them appropriately. By delivering messages only to the connected device intended, a network switch conserves Fig 10: A switch connecting server network bandwidth and offers generally better to terminals and printer. performance than a hub. Different models of network switches support differing numbers of connected devices. Most consumer-grade network switches provide either four or eight connections for Ethernet devices. With some ISPs and other networking environments where there is a need for much analysis of network performance and security, switches may be connected between WAN routers as places for analytic modules. Some switches provide inbuilt firewall, network intrusion detection and performance analysis modules that can plug into switch ports. Functions of a Switch: A switch is a device that is used at the Access or OSI Layer 2; a switch can be used to connect multiple hosts (PCs) to the network. Unlike a hub, a switch forwards a message to a specific host. When any host on the network or a switch sends a message to another host on the same network or same switch, the switch receives and decodes the frames to read the physical MAC (Media access Control) address portion of the message.
38
Collision Prevention:
A switch prevents collisions by providing a circuit between the source and destination ports. This circuit provides a dedicated channel over which the hosts connected to the various ports on the switch can communicate. Each port is allocated with a separate bandwidth; these separate circuits allow many conversations to take place at the same time, without collisions occurring.
39
ii.
Unmanaged switch:
Unmanaged switches are ideal for the small to medium office and for data applications where no switch management is necessary. They are truly plug and play and have no configuration interface or options. In scenarios where the network traffic is light, all that is required is a way for the data to pass from one device to another. In this case there is no need for prioritizing the packets as all the traffic will flow unimpeded. An unmanaged switch will fill this need without issues. It is important to note that a switch is not a hub. Unmanaged switch allows devices to talk to each other. Difference between unmanaged and managed switches: Managed switches provide all the features of an unmanaged switch and provide ability to configure, manage, and monitor your LAN. And this gives you greater control over how data travels over the network and who has access to it. Also, managed switches use protocols such as the Simple Network Management Protocol, or what we call SNMP, for monitoring the devices on the network. SNMP is a protocol that facilitates the exchange of management information between network devices. SNMP queries can determine the health of the network or the status of a particular device. By displaying this data in an easily understood format, IT managers located at a central site can monitor the performance of the network and quickly detect and repair network problems without having to physically interact with the switch. SNMP allows to remotely monitoring our network devices, and one doesnt have to go to the site to make changes or troubleshoot the switch.
Managed switches are more expensive than unmanaged switches, then why should one pay more for a managed switch?
There are many additional features we get with a managed switch, such as quality of service, virtual LANs, redundancy, and port mirroring. These features help provide control over the traffic traveling over the switch. Quality of service allows you to prioritize network traffic by assigning a higher priority to critical traffic. This helps ensure consistent network performance and can support delay-sensitive data such as real-time voice. For instance, if voice packets are traveling over a network, then it should be made sure they have the highest priority so that these voice packets dont get dropped or delayed and mangle the phone conversation.
40
VLANs allow a switch to logically group devices together to isolate traffic between these groups even when the traffic is passing over the same physical switch. This segmentation and isolation of network traffic help reduce unnecessary traffic. For instance, traffic between your finance and marketing groups can be segmented, so that mission-critical finance information can flow without delay to the finance users and get bogged down by marketing traffic. This allows better network performance and in many cases provides an additional level of security. Another important feature of a managed switch is redundancy. Redundancy provides the ability to safeguard a network in case a connection or cable fails by providing an alternate data path for traffic. Managed switches incorporate what is called Spanning Tree Protocol standard, or STP, to provide path redundancy in the network. Using the spanning-tree algorithm, STP provides redundant paths while preventing loops that are created by multiple active paths between switches. STP allows for one active path at a time between two network devices, preventing loops and establishing the redundant links as a backup to keep integrated systems available and preventing expensive downtime, which network admins can appreciate. And, finally, there is port mirroring. In conjunction with a network analyzer, this feature is useful to diagnose problems. It copies the switch network traffic and forwards it to a single port on the same switch for analysis by a network analyzer. You can use the analyzer on a monitor port to troubleshoot network problems by examining traffic on other ports or segments. The benefit of this is you can troubleshoot problems without taking the network out of service.
Why consider using a managed switch? Each business needs to evaluate the needs of their network. When their network requirements have evolved to the point where they would like to have some input and control over the behavior of traffic on their LAN, then it is a good time to consider a managed switch. Also, if one is planning to deploy advanced services such as wireless LANs or IP telephony in the near future, managed switches can lay the foundation for these technologies.
41
42
14)
Bridge:
A network bridge connects multiple network segments at the data link layer (Layer 2) of the OSI model. A bridge device filters data traffic at a network boundary. Bridges reduce the amount of traffic on a LAN by dividing it into two segments. A LAN segment is a single section of network media that connects computers. Bridging is a forwarding technique used in packet-switched computer networks. Unlike routing, bridging makes no assumptions about where in a network a particular address is located. Instead, it depends on flooding and examination of source addresses in received packet headers to locate unknown devices. Once a device has been located, its location is recorded in a table where the MAC address is stored so as to facilitate the need for further broadcasting. A bridge uses a forwarding database to send frames across network segments.
43
15) Routers:
Routers are physical devices that Fig 11: Router Connects LAN to Internet join multiple wired or wireless networks together. A hardware device designed to take incoming packets, analyzing the packets and then directing them to the appropriate locations, moving the packets to another network, converting the packets to be moved across a different network interface, dropping the packets, or performing any other number of other actions. Most routers use Network Address Translation (NAT) to determine the smartest path of a data packet to its destination. Routers are located at gateways, the places where two or more networks connect, and are the critical device that keeps data flowing between networks and keeps the networks connected to the Internet. When data is sent between locations on one network or from one network to a second network the data is always seen and directed to the correct location by the router. The router accomplishes this by using headers and forwarding tables to determine the best path for forwarding the data packets, and they also use protocols to communicate with each other and configure the best route between any two hosts. A network router will typically utilize one or more routing protocols, such as RIP, OSPF, or BGP. Routers also accept routes which are configured manually by a network administrator. Those routes are called static routes. The router will use this information to create a routing table.The network router will then use its routing table to make intelligent decisions about which packets to copy to which of its interfaces. This process is known as routing.
44
The routers determine where to send information from one computer to another. Routers are specialized computers that send your messages and those of every other Internet user speeding to their destinations along thousands of pathways. A router has two separate, but related, jobs: It ensures that information doesn't go where it's not needed. This is crucial for keeping large volumes of data from clogging the connections. It makes sure that information does make it to the intended destination. Advantages of a Router: In addition to packet forwarding, a router provides other services as well. To meet the demands on today's networks, routers are also used : To ensure steady, reliance availability of network connectivity. Routers use alternative parts in the case the primary part fails to the delivery of packets. To provide integrated services of data, video, and voice over wired and wireless networks. For security, router helps in mitigating the impact of worms, viruses, and other attacks on the network by permitting or denying the forwarding of packets. Configuring of various devices.
45
introducing cables into a building, or as a connection between various equipment locations. Wireless telecommunications networks are generally implemented and administered using a transmission system called radio waves. This implementation takes place at the physical level (layer) of the network structure.
46
47
Advantages:
1. Make changes once and in one place Software installation, updating and removal is kept easier because its in one place. Keeping an eye on disk space, memory and processor usages is a lot easier on one machine than keeping an eye on 50 or more. Backing up is also a lot quicker and all important recovery is faster. Changes can be made quickly and rolled out across a wide distributed user base with no intervention from end users. 2. Take advantage of the unused load on your server Many servers and client PCs are often highly under-loaded. Virtual computing technology is taking huge advantage of this and thin clients can too. Take advantage of that unused load and save money from unnecessary equipment and make the most of the money you have spent. Savings can always be put back into the network by securing and enhancing the infrastructure making it even more reliable. 3. Make support and management easier See at a glance what user processes are running. There are tools out there that will do this across a traditional distributed network of workstations but it is much easier to see whats installed on just one machine making it easier to protect against software that shouldnt be installed. 4. Bring down the costs Bring down the cost of the equipment, the cost of repairs and the cost of support and other ongoing costs. New users can be quickly and easily added even if they are remotely based. 5. Security . Keeps data where it should be in a central location instead of it being dispersed around the network on different computers. Remote works can also benefit from rapid deployment of remote thin clients and the IT team can be safe in the knowledge that very little can happen to the home based workers.
Disadvantages:
1. The Server One of the main disadvantages of a thin client computer is the server itself. Since thin clients do not process anything or store any data on their own, they require a connection to a server to handle these tasks for them. Unlike a standard desktop computer, or thick client, should the server go down or suffer from hardware failure, all connected thin clients are affected, and they will not
48
work. Desktops, on the other hand, can still work in a local computing capacity without network resources should connected servers fail. 2. Network Bandwidth Issues Since thin clients require a connection to a server, they are also dependent on the networking infrastructure. Should the network suffer from bottlenecks, lags or outages, the thin clients work at a minimal capacity, if they can function at all. As with issues associated with the server going down, if thin clients lose their connection to the server due to a network outage, they will not work. 3. Lack of Multimedia Support Media-rich applications like audio and video require a great deal of network resources as well as computing power to play. With thin clients, computing power is shared among all the clients connected to the computer. Bandwidth used to deliver packets between the server and thin client is also shared between all connections. Due to these resources being at a premium in a thin-client setting, resource-rich multimedia applications do not run effectively on these machines.
a) IP Address:
. An Internet Protocol Address is the address of a device connected to a network. An IP Address can either be static or dynamic. (Server computers static addresses, Personal computer either static or dynamic IP address. Every machine on the network has a unique identifying number, called an IP Address. A typical IP address looks like this: 216.27.61.137The four numbers in an IP address are called octets. So each octet can contain any value between 0 and 255. The octets are used to create classes of IP addresses that can be assigned to a particular business, government or other entity based on size and need.
49
The octets are split into two sections: Net- The Net section always contains the first octet. It is used to identify the network that a computer belongs to. Host (Node)-identifies the actual computer on the network. The Host section always contains the last octet. There are five IP classes plus certain special addresses: 1. Class A - This class is for very large networks, such as a major international company might have. IP addresses with a first octet from 1 to 126 are part of this class. The other three octets are used to identify each host. 2. Class B - Class B is used for medium-sized networks. A good example is a large college campus. IP addresses with a first octet from 128 to 191 are part of this class. Class B addresses also include the second octet as part of the Net identifier. The other two octets are used to identify each host. 3. Class C - Class C addresses are commonly used for small to mid-size businesses. IP addresses with a first octet from 192 to 223 are part of this class. Class C addresses also include the second and third octets as part of the Net identifier. The last octet is used to identify each host. 4. Class D - Used for multicasts, Class D is slightly different from the first three classes. It has a first bit value of 1, second bit value of 1, third bit value of 1 and fourth bit value of 0. The other 28 bits are used to identify the group of computers the multicast message is intended for. 5. Class E - Class E is used for experimental purposes only. Like Class D, it is different from the first three classes. It has a first bit value of 1, second bit value of 1, third bit value of 1 and fourth bit value of 1. The other 28 bits are used to identify the group of computers the multicast message is intended for. b) MAC Address: The MAC address is a unique value associated with a network adapter. MAC addresses are also known as hardware addresses or physical addresses. They uniquely identify an adapter on a LAN. MAC addresses are 12-digit hexadecimal numbers (48 bits in length). By convention, MAC addresses are usually written in one of the following two formats: MM:MM:MM:SS:SS:SS OR MM-MM-MM-SS-SS-SS The first half of a MAC address contains the ID number of the adapter manufacturer. These IDs are regulated by an Internet standards body (see
50
sidebar). The second half of a MAC address represents the serial number assigned to the adapter by the manufacturer. In the example, 00:A0:C9:14:C8:29 The prefix 00A0C9 indicates the manufacturer is Intel Corporation and the rest is the serial number of the adapter. Why MAC Addresses? TCP/IP and other mainstream networking architectures generally adopt the OSI model. In this model, network functionality is subdivided into layers. MAC addresses function at the data link layer (layer 2 in the OSI model). They allow computers to uniquely identify themselves on a network at this relatively low level. MAC vs. IP Addressing MAC addressing works at the data link layer, IP addressing functions at the network layer (layer 3). It's a slight oversimplification, but one can think of IP addressing as supporting the software implementation and MAC addresses as supporting the hardware implementation of the network stack. The MAC address generally remains fixed and follows the network device, but the IP address changes as the network device moves from one network to another.
51
calls on your PC. There are many computer-based VoIP services out there, so many that you will have a difficult choice. You can also make free calls using traditional phones and mobile phones. See the different flavors of VoIP service that allow you to do this.
23) Firewall:
Firewall is essentially a filter. It is either a software program or hardware device used in computer systems to prohibit forbidden information for passing though, while allowing approved information. The communication which the firewall prevents from passing though could be hackers trying to gain access to your personal information stored on your computer. Fig 14: Shows a firewall between LAN and WAN
52
a system. Systems can use a Hardware Firewall, a Software Firewall, or a combination of both.
What is a proxy?
A proxy is either a router or a computer system that creates a break in the link from the sender and receiver. All requests which are sent between the client and the server are processed through the proxy. There is no longer a direct connection between the client and internet as all requests are fielded by the proxy and the proxy can refuse access to any unauthorized communications.
53
24) Antivirus:
A computer virus is a computer program that can copy itself and infect a computer without the knowledge or permission of the owner. A virus can only be spread from one computer to another through some form of executable codes. Viruses can be sent over a network, the Internet, floppy disk, CD, or USB drive. Viruses can increase changes of spreading to other computers by infecting files on a network system that is accessed by other computers. The term computer virus is used to include all types or malware such as computer viruses, trojan horses, most rootkits, spyware, dishonest adware, crimeware, and other malicious unwanted software. Since most computers are now connected to the Internet and local networks it is increasing the chance for spreading malicious virus codes. Computer viruses cause a number of symptoms such as: Computer programs taking longer to load than normal. The computer is slower than normal. Computer stops responding or freezes frequently. Computer crashes and restarts every few minutes. The computer does not run as usual. Applications on the computer do not work correctly. Disks or disk drives are inaccessible. Printing items is difficult. Error messages appear rapidly. Distorted menus and dialog boxes. Double extensions on attachments that you have already opened (jpg,vbs,gif, exe, and etc). Antivirus programs get disabled for no reason, and cannot be restarted. Antivirus programs will not start, and new programs cannot be installed. Strange sounds plays from the speakers unexpectedly. Programs disappear from the computer. These symptoms are common signs of computer virus infection, and they are also warning signs that you may be getting a computer virus. When you suspect that you are getting a computer virus there are many ways to take care of it. Before you can get a virus it is best to prevent them from getting into your computer by having a antivirus software.
54
Antivirus Software Antivirus software is used to prevent, detect, and remove malware and other computer viruses. Antivirus software systems detections involve searching for known malicious patterns in executable code. it is possible for a user to be infected with new viruses that have no sign or symptoms or existence. To counter this problem of zero day threats, antivirus systems can be used to detect these viruses when you don't even know that they are there. There are many different types of antivirus software that have been developed over the years. Original products were just scanners that would search through the hard disk looking for viruses. As viruses have become more common and difficult, the more antivirus software is being made to keep up with current virus issues. There are many different types of general virus scanners that are used on PCs today: Conventional Disk Scanner This is the stand virus check program. It can be ran upon the users request, and it scans the contents of the disks, directories or files that the users wants, for any boot sectors or files that contain viruses that it recognizes. These are usually ran manually by the user as a preventive maintenance activity or when they thing a virus is suspected. The user can schedule automatic scanning through the use of a program scheduler. Memory Resident Scanners An antivirus software that now come with a special program that sits in the background while youre using your computer and it automatically scans for viruses based on different triggers. These programs can automatically scan as they run or scan floppy disks when you command a shutdown of your system. This scanner offers increased protection and more chances of catching a virus before it does damage to your computer. Behavior Based Detection Some products offer an option where they will sit in memory and look for virus like behavior and suspicious activity. Behavior based detection is looking for the types of actions taken on files or boot sectors that might be performed by viruses trying to spread. This type of antivirus software will look for a trap, and will generically catch viruses red handed. Start up Scanners This type of antivirus scanner is designed to be run every time the PC is booted up. It performs a quick scan of the disks boot sectors and critical system files. the idea is to catch these viruses before the PC boots up reducing the chance of it to spread. Inoculation Instead of scanning for viruses this type of antivirus software looks for changes that the viruses make to files and boot sectors. With a clean system the software will get a snap shot of information in each boot sector about its content and size. Periodically it will re examine these files to see if anything has changed.
55
56
very high throughput. The UTM can prove highly effective because its strength lies in the bundle of solutions which are integrated and designed to work together without treading on each others toes. For enterprises with remote networks or distantly located offices, UTMs are the only means to provide centralized security with complete control over their globally distributed networks. Enterprises, thus get zero-hour protection at branch offices against security attacks despite the lack of technical resources at these locations. Earlier, the enterprise security scenario was divided into traditional firewalls & targeted applications like Antivirus, Anti spam & Intrusion Detection Systems. . Fig 16: Previous view of security system However in 2004, a new trend emerged which combined multiple security features into one single hardware platforms thereby eliminating the need of machine to machine protection Since its inception, UTMs are one of the fastest growing segment in the security appliance sector.
Fig 17: Shows that UTM has replaced all security systems by one device
57
Why UTM? i. Reduced complexity: Single security solution. Single Vendor. Single AMC. ii. Simplicity: Avoidance of multiple software installation and maintenance, The integrated approach allows the administrator to worry about only one device, not the whole flurry of firewalls, antivirus & IDS/IPS. iii. Easy Management: Plug & Play Architecture, Web-based GUI for easy management. iv. Performance: Zero-hour protection without degrading the network performance v. Troubleshooting: Single point of contact 24 7 vendor support. vi. Reduced technical training requirements, one product to learn. vii. Cost effective.
58
27) IP Camera:
An Internet protocol camera, or IP camera, is a type of digital video camera commonly employed for surveillance, and which unlike analog closed circuit television (CCTV) cameras can send and receive data via a computer network and the Internet. Although most cameras that do this are webcams, the term "IP camera" is usually applied only to those used for surveillance. There are two kinds of IP cameras: Centralized IP cameras, which require a Fig 19:Cisco central Network Video Recorder (NVR) to PVC300 IP camera handle the recording, video and alarm management. Decentralized IP cameras, do not require a central Network Video Recorder (NVR), as the cameras have recording functionality built-in and can thus record directly to digital storage media, such as flash drives, hard disk drives or network attached storage.
Potential advantages:
Two-way audio via a single network cable allows users to communicate with what they are seeing (e.g. gas station clerk assisting a customer on how to use the prepay pumps) Higher image resolution: IP cameras have a resolution of at least 640x480 and can provide multi-megapixel resolution and HDTV image quality at 30 frames per second. Flexibility: IP cameras can be moved around anywhere on an IP network (including wireless). Distributed intelligence: with IP cameras, video analytics can be placed in the camera itself allowing scalability in analytics solutions. Transmission of commands for PTZ (pan, tilt, zoom) cameras via a single network cable. Encryption & authentication: IP cameras offer secure data transmission through encryption and authentication methods . Remote accessibility: live video from selected cameras can be viewed from any computer, anywhere, and also from many mobile smart phones and other devices. Cost-advantage for larger systems. Studies show that for systems with fewer than 16 cameras, analog technology is cheaper, between 16 and 32 they are equal, and beyond 32 cameras, IP-based systems are more costeffective.
59
IP cameras are able to function on a wireless network. Initial configuration has to be done through a router; after the IP camera is installed it can then be used on the wireless network. These cameras are used in navigation purpose in defense forces. PoE - Power over Ethernet. Modern IP cameras have the ability to operate without an additional power supply. They can work with the PoE-protocol which gives power via the Ethernet-cable.
Potential disadvantages: Higher initial cost per camera, except where cheap webcams are used. (Note - IP cameras are becoming cheaper as demand increases and are already available below 50usd and compete favorably with analogue cameras). High network bandwidth requirements: a typical CCTV camera with resolution of 640x480 pixels and 10 frames per second (10 frame/s) in MJPEG mode requires about 3 Mb/s. Technical barrier. Most security systems including both CCTV and IP camera systems may require a professional technician to install the system, although a competent person can install an IP camera very easily, depending on make. As with a CCTV/DVR system, if the video is transmitted over the public Internet rather than a private IP LAN, the system becomes open to hacking and hoaxing via internet. Criminals can hack into a CCTV system to observe security measures and personnel, thereby facilitating criminal acts and rendering the IP technology counterproductive.
60
3. Buffer coating - Plastic coating that protects the fiber from damage and moisture Hundreds or thousands of these optical fibers are arranged in bundles in optical cables. The bundles are protected by the cable's outer covering, called a jacket. Optical fibers come in two types: 1. Single-mode fibres 2. Multi-mode fibres
The light in a fiber-optic cable travels through the core (hallway) by constantly bouncing from the cladding (mirror-lined walls), a principle called total internal reflection. Because the cladding does not absorb any light from the core, the light wave can travel great distances. However, some of the light signal degrades within the fiber, mostly due to impurities in the glass. The extent that the signal degrades depends on the purity of the glass and the wavelength of the transmitted light (for example, 850 nm = 60 to 75 percent/km; 1,300 nm = 50 to 60 percent/km; 1,550 nm is greater than 50 percent/km). Some premium optical fibers show much less signal degradation -- less than 10 percent/km at 1,550 nm.
61
5. Light signals - Unlike electrical signals in copper wires, light signals from one fiber do not interfere with those of other fibers in the same cable. This means clearer phone conversations or TV reception. 6. Low power - Because signals in optical fibers degrade less, lower-power transmitters can be used instead of the high-voltage electrical transmitters needed for copper wires. Again, this saves your provider and you money. 7. Digital signals - Optical fibers are ideally suited for carrying digital information, which is especially useful in computer networks. 8. Non-flammable - Because no electricity is passed through optical fibers, there is no fire hazard. 9. Lightweight - An optical cable weighs less than a comparable copper wire cable. Fiber-optic cables take up less space in the ground. 10. Flexible - Because fiber optics are so flexible and can transmit and receive light, they are used in many flexible digital cameras for the following purposes: 11. Medical imaging - in bronchoscopes, endoscopes, laparoscopes 12. Mechanical imaging - inspecting mechanical welds in pipes and engines (in airplanes, rockets, space shuttles, cars) 13. Plumbing - to inspect sewer line.
62
So, RJ45 and CAT5 are two parts of wired networking that are non-competing. RJ45 dictates how the cables are wired while CAT5 dictates the maximum speed you can attain with the cables used. CAT5 is easily replaceable and that is whats basically happening in certain parts of the world. RJ45 is more difficult to replace as that is whats being used by hardware manufacturers around the world; and, there is really no reason to replace RJ45. 1. RJ45 is the electrical interconnection standard while CAT5 is the cable standard. 2. RJ45 dictates with what you can use the cable for while CAT5 determines how large a bandwidth you have.
CAT5e, cables are currently the ones that are being used in most networks nowadays. It provides adequate bandwidth for the 100mbps connections of LAN cards. Due to ever increasing network speeds and the need to be prepared for future technologies, it is slowly being replaced by CAT6 cables though as CAT5 is inadequate for gigabit speeds. Maximum length of cat 5 cable 328 feets(100 metres) and 2800 m with four repeaters
63
Electrical conductivity
Copper has the best electrical conductivity of any metal, except silver. A good electrical conductivity is the same as a small electrical resistance.
64
65
amplification. In a transmitter, a power amplifier is used to drive the antenna. LNA: Low-noise amplifier (LNA) is an electronic amplifier used to amplify very weak signals. Feed Horn: The feedhorn is the part of a satellite dish system which gathers the reflected signal from the dish and focuses it towards the LNB.
66
32) Antenna:
An antenna (or aerial) is an electrical device which couples radio waves in free space to an electrical current used by a radio receiver or transmitter. In reception, the antenna intercepts some of the power of an electromagnetic wave in order to produce a tiny voltage that the radio receiver can amplify. Alternatively, a radio transmitter will produce a large radio frequency current that may be applied to the terminals of the same antenna in order to convert it into an electromagnetic wave (radio wave) radiated into free space. Antennas are thus essential to the operation of all radio equipment, both transmitters and receivers. They are used in systems such as radio and television broadcasting, two-way radio, wireless LAN, mobile telephony, radar, and satellite communications.
67
carrier, the carrier in turn immediately brokers a VPN connection between that client and a VPN server. From the client point of view, VPN connections are set up in just one step compared to the two-step procedure required for voluntary tunnels. VPN offers two main advantages over alternative technologies: cost savings, and network scalability. To the clients accessing these networks, VPNs also bring some benefits of ease of use.
68
34)
TCP
Reliability: TCP is connection-oriented Reliability: UDP is connectionless protocol. protocol. When a file or message send it will When you a send a data or message, you don't get delivered unless connections fails. If know if it'll get there, it could get lost on the way. connection lost, the server will request the lost There may be corruption while transferring a part. There is no corruption while transferring a message. message. Ordered: If you send two messages along a Ordered: If you send two messages out, you connection, one after the other, you know the don't know what order they'll arrive in i.e. no first message will get there first. You don't have ordered to worry about data arriving in the wrong order. Heavyweight: - when the low level parts of the Lightweight: No ordering of messages, no TCP "stream" arrive in the wrong order, resend tracking connections, etc. It's just fire and forget! requests have to be sent, and all the out of This means it's a lot quicker, and the network sequence parts have to be put back together, card / OS have to do very little work to translate so requires a bit of work to piece together. the data back from the packets. Streaming: Data is read as a "stream," with Datagrams: Packets are sent individually and nothing distinguishing where one packet ends are guaranteed to be whole if they arrive. One and another begins. There may be multiple packet per one read call. packets per read call. Examples: World Wide Web (Apache TCP port Examples: Domain Name System (DNS UDP 80), e-mail (SMTP TCP port 25 Postfix MTA), port 53), streaming media applications such as File Transfer Protocol (FTP port 21) and IPTV or movies, Voice over IP (VoIP), Trivial File Secure Shell (OpenSSH port 22) etc. Transfer Protocol (TFTP) and online multiplayer games etc Speed of transfer: The speed for TCP in Speed of transfer :UDP is faster because there comparison with UDP is slower. is no error-checking for packets.
Function: As a message makes its way across Function: UDP is also a protocol used in the internet from one computer to another. This message transport or transfer. This is not is connection based. connection based which means that one program can send a load of packets to another and that would be the end of the relationship.
69
35) Ports:
In TCP/IP and UDP networks, a port is an endpoint to a logical connection and the way a client program specifies a specific server program on a computer in a network. Some ports have numbers that are preassigned to them by the IANA (Internet Assigned Numbers Authority). Port numbers range from 0 to 65536, but only ports numbers 0 to 1024 are reserved for privileged services and designated as well-known ports. Any server machine makes its services available to the Internet using numbered ports, one for each service that is available on the server. For example, if a server machine is running a Web server and an FTP server, the Web server would typically be available on port 80, and the FTP server would be available on port 21. Clients connect to a service at a specific IP address and on a specific port. Each of the most well-known services is available at a well-known port number. Here are some common port numbers: If the server machine accepts connections on a port from the outside world, and if a firewall is not protecting the port, you can connect to the port from anywhere on the Internet and use the service
S.No 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
NAME FTP SSH Telnet SMTP DNS BOOTP TFTP HTTP POP3 NNTP NTP SNMP LDAP RIP DHCP WINS L2TP PPTP RADIUS
Port Number 20/21 22 23 25 53 67/68 69 80 110 119 123 161 389 520 546/547 1512 1701 1723 1812/13
70
71
38)
The Border Gateway Protocol (BGP) is the routing protocol used to exchange routing information across the Internet. It makes it possible for ISPs to connect to each other and for end-users to connect to more than one ISP. BGP is the only protocol that is designed to deal with a network of the Internet's size, and the only protocol that can deal well with having multiple connections to unrelated routing domains. BGP4 provides a set of mechanisms for supporting Classless Inter-Domain Routing (CIDR) defined in RFC 4632. These mechanisms include support for advertising a set of destinations as an IP prefix and eliminating the concept of network "class" within BGP. BGP version 4 also introduces mechanisms which allow aggregation of routes, including aggregation of AS paths. Routing information exchanged via BGP supports only the destination-based forwarding paradigm, which assumes that a router forwards a packet based solely on the destination address carried in the IP header of the packet. This, in turn, reflects the set of policy decisions that can (and cannot) be enforced using BGP.BGP can support only the policies conforming to the destinationbased forwarding paradigm. A unique AS number (ASN) is allocated to each AS for use in BGP routing. The numbers are assigned by IANA and the Regional Internet Registries (RIR), the same authorities that allocate IP addresses. There are public numbers, which may be used on the Internet and range from 1 to 64511, and private numbers from 64512 to 65535, which can be used within an organization.
39)
Telnet:
Telnet is an old computer protocol (set of programmatic rules). Telnet is famous for being the original Internet when the Net first launched in 1969. Telnet stands for 'telecommunications network', and was built to be form of remote control to manage mainframe computers from distant terminals. In those original days of large mainframe computers, telnet enabled research students and professors to 'log in' to the university mainframe from any terminal in the building. This remote login saved researchers hours of walking each semester. While telnet pales in comparison to modern networking technology, it was revolutionary in 1969, and telnet helped pave the way for the eventual World Wide Web in 1989. While telnet technology is very old, it is still in some use today by purists.Telnet has evolved into a new modern version of remote control called 'SSH', something that many modern network administrators use today to manage linux and unix computers from a distance. Telnet is a text-based computer protocol. Unlike Firefox or Google Chrome
72
screens, telnet screens are very dull to look at. Very different from Web pages that sport fancy images, animation, and hyperlinks, telnet is about typing on a keyboard. Telnet commands can be rather cryptic commands, with example commands being 'z' and 'prompt% fg'. Most modern users would find telnet screens to be very archaic and slow. A terminal emulation that enables a user to connect to a remote host or device using a telnet client, usually over over port 23. For example, typing telnet hostname would connect a user to a host named hostname. Telnet enables a user to manage an account or device remotely. For example, a user may telnet into a computer that hosts their website to manage his or her filesremotely. The image to the right is an example of what a telnet session may look like. As can be seen from the example to the right a telnet session is a command line interface. Telnet is considered insecure because it transfers all data in clear text. Which means if a user was sniffing a network, it's very possible they could easily grab your username andpassword as they were being transmitted. Users who are concerned about the data being transmitted should consider SSH as opposed to telnet.
40) HTTP
HTTP (Hypertext Transfer Protocol) is the set of rules for transferring files (text, graphic images, sound, video, and other multimedia files) on the World Wide Web. As soon as a Web user opens their Web browser, the user is indirectly making use of HTTP. HTTP is an application protocol that runs on top of the TCP/IP
suite of protocols (the foundation protocols for the Internet). HTTP concepts include (as the Hypertext part of the name implies) the idea that files can contain references to other files whose selection will elicit additional transfer requests. Any Web server machine contains, in addition to the Web page files it can serve, an HTTP daemon, a program that is designed to wait for HTTP requests and handle them when they arrive. Your Web browser is an HTTP client, sending requests to server machines. When the browser user enters file requests by either "opening" a Web file (typing in a Uniform Resource Locator or URL) or clicking on a hypertext link, the browser builds an HTTP request and sends it to the Internet Protocol address (IP address) indicated by the URL. The HTTP daemon in the destination server machine receives the request and sends back the requested file or files associated with the
request. (A Web page often consists of more than one file). The latest version of HTTP is HTTP 1.1.
73
74
From this research I came to know some things which are as follows:
4.1 Need of networking in Organization: i. Organization needs intercommunication between departments, units and between other organizations. ii. Provide Internet connection throughout the premises. iii. Maintain common data storage for all. 4.2 Advantage of VPN: A VPN can save organizations money by eliminating the need for expensive long-distance leased lines and reducing long-distance telephone charges, improved security through encryption. 4.3 Latest technology like UTM and NAS are very useful and cost effective in setting up of an effective network system. 4.4 Hubs have become obsolete because of its disadvantages and switches have taken its place. 4.5 Layer 3 switches or Managed switches have the capability of routing. So in the same network, routers are not necessary, but for connecting two different networks routers are must. 4.6 Layer 3 switches are of great use for an organization, it enables us to create virtual LANs in a network, also traffic control and control over access of network. 4.7 Almost every home, organization prefers wireless access points for connecting devices over network. 4.8 Cisco routers although having great features, are avoided, due to no service centers and engineers available when needed. 4.9 For using VOIP layer 3 switches are must.
75
head office also wants to maintain a continuous check on the branch offices.
76
Therefore a VPN (mechanism for providing secure, reliable transport over Internet) is established between any two branches, head office and branch office or all the royal Enfield offices are connected to each other. This way they maintain their own private network through public network. Thus VPN is helpful: 1. To support remote access to an intranet 2. To support connections between multiple intranets within the same organization, 3. To join networks between two organizations, forming an extranet. VPN is established by the ISP, but maintenance can be done by the company itself or it can give this task to sum third party. Company contacts to its ISP to create a VPN connection between various offices, then ISP creates VPN connection through world wide web. As we can see in the diagram, OFC (optical fiber cable) comes to the ISP exchange. Here OFC converts to copper cable which reaches to the branch offices premises. Cable reaches to NOC-Network Operation centre. It is the room which is maintained at very cool temperature because this room consists of all important gadgets like router, switch, modems, server computers etc. Copper cable is attached to a small device known as OFC to Fiber Media converter. This device converts the copper cable to fast Ethernet cable-cat5 cable/cat6 (whichever is required) and vice-versa. Then cable goes to routers
LAN port (here we have taken Cisco 1721 router).Then router is connected to a device Unified Threat management, which represents all-in-one security appliances that carry a variety of security capabilities including firewall, VPN, gateway anti-virus, gateway anti-
spam, intrusion prevention, content filtering, bandwidth management, application control and centralized reporting as basic features.
From the UTM (a device which is a combination of applications like Antivirus, Anti spam & Intrusion Detection Systems) cables goes to the uplink port of switch (here, we are using Cisco 2950 catalyst series Managed switch).Switch connects different network devices and terminals. All the terminals are now in Virtual Private Network.
This was VPN connection (private network), an organization also needs an internet connection (public network).For this purpose we have taken an internet connection through an ISP. Internet can be taken through a telephone connection. Telephone line is connected to DSL Cable Modem Router (a device which has function of both a modem and a router).Then Ethernet cable goes to the UTM device and then to the servers LANcard .Server is connected to one of the switchs port. Since we need both VPN as well as public Internet connection work simultaneously, we attach two LAN cards to server.LANcard2 is connected to modem (which gives public internet connection) and LANcard1 connects with the switch for VPN connection.
77
But DNS gateway is to be set for both the connections, for this purpose. Suppose IP address of DSL modem Router is 172.16.3.1, LANcard1: 192.16.3.1, LANcard: 172.16.3.2. So IP address of the devices attached to the switch, must be set to 192.16.3.2, 192.16.3.3, 192.16.3.4 and so on. This will enable the VPN connection throughout the network. In order to set internet settings we need to add one more IP address in DNS tab for every device, but gateway will be same for everyone. Lets say as LANcard2 :172.16.3.2,so other devices (in DNS tab) add more and IP address can be set to:172.16.3.3, 172.16.3.4, 172.16.3.5 and so on, but gateway will be set to same as LANcard2s IP address. (In Windows, to configure TCP/IP settings) 1. Control panel --> open Network Connections. 2. Right-click the connection that you want to change, and then click Properties. If you are prompted for an administrator password or confirmation, type the password or provide confirmation. 3. Click the Networking tab. Under This connection uses the following items, click either Internet Protocol Version 4 (TCP/IPv4) or Internet Protocol Version 6 (TCP/IPv6), and then click Properties. 4. To specify IPv4 IP address settings, do one of the following: o To obtain IP settings automatically, click Obtain an IP address automatically, and then click OK. o To specify an IP address, click Use the following IP address, and then, in the IP address, Subnet mask, and Default gateway boxes, type the IP address settings. 5. To specify IPv6 IP address settings, do one of the following: o To obtain IP settings automatically, click Obtain an IPv6 address automatically, and then click OK. o To specify an IP address, click Use the following IPv6 address, and then, in the IPv6 address, Subnet prefix length, and Default gateway boxes, type the IP address settings. 6. To specify DNS server address settings, do one of the following: o To obtain a DNS server address automatically, click Obtain DNS server address automatically, and then click OK. o To specify a DNS server address, click Use the following DNS server addresses, and then, in the Preferred DNS server and Alternate DNS server boxes, type the addresses of the primary and secondary DNS servers. 7. To change DNS, WINS, and IP settings, click Advanced.
78
Switch connection
79
through the Web-based interface, without having to directly connect to the switch itself. Managed switches also provide redundancy and VLAN (virtual LAN) capabilities to help improve our networks performance. Redundancy allows the switch to keep network traffic flowing even if a network connection fails. In other words, our network wont go down. VLANs let us create groups within our company to isolate different kinds of traffic on the network. For example, we can segment traffic between finance and sales groups so that mission-critical financial information has priority over sales data. VLANs also provide an additional layer of security by letting us hide sensitive company information from guests we have allowed accessing our network. Finally, a managed switch can support us as our business and technology needs grow. For example, if we decide to adopt an IP-based phone system(VOIP), having a managed switch with QOS (Quality of Service) support allows us to assign a higher priority to voice traffic so that call quality isnt affected by other traffic on our network. Additionally, a managed switch that includes secure wireless connectivity lets you add usersemployees and gueststo your network at any time and allow them to access your network and the Internet from any office or conference room in the building. After uplink port is connected, rest of the ports can be connected to the devices that are required. In this setup, we are using WIFI Modem(for wireless devices, mobile phones .and guests who come to our premises), Network Attached Storage(new method of utilizing computer networks for data storage),an IP based Telephone (VOIP-through this calls can be made to other office free of cost), a network Printer(Network printing is having the ability to print over the network), IP based camera(for surveillance ), unmanaged switch(which is used for connecting number of network devices) and computers. For wireless communication terminals need to install a network adapter and their driver in the same terminals while today almost all the computers have an inbuilt network adapter. Here we have divided the devices in 4 parts- finance, sales, inventory & workshop and owner & billing section. We havent created any VLANs; we can create it by configuring the switch. Every section needs different types of devices. And according to the need, devices are attached. An unmanaged switch has fewer features than its managed counterpart, so it requires little technical know-how to add to network. Theres no software to install and nothing to configure, making an unmanaged switch ideal for small
80
businesses that are just getting their network started or that have no in-house IT support. Unmanaged switches have a fixed configuration and are ready to communicate with PCs, network printers, and other devices right out of the box. All we have to do is plug in the switch, connect computers and other devices to it, and connect the switch to the Internet. Thats all there is to it. Therefore we have used two unmanaged switches to connect two groups of devices. More unmanaged switch can be added as and when required.
81
Chapter 5: Analysis
82
83
Chapter 6: Recommendations
84
After carrying out the whole research process following things are recommended for an organizations network setup:
6.1 As we have found that hubs have been an obsolete technology ,so use of switches are much effective and efficient. 6.2 For large organizations UTM devices must be used as its advantages lies in the fact that rather than administering multiple systems that individually handle antivirus, content filtering, intrusion prevention and spam filtering functions, organizations now have the flexibility to deploy a single UTM appliance that takes over all their functionality into a single rack mountable network appliance. 6.3 IP based telephones (VOIP) should be used for making calls between two branches or two offices, as it is very cost effective.
6.4 Network Attached Storage is the new terminology which proves to be very helpful for data storage over network.
6.5 IP based camera must be used for surveillance, it has a great advantage that monitoring can be done from any part of the world.
prioritize the traffic traveling across our network so that the most important information gets through first. In addition, we can control who has access to our network .Also we can create virtual LANs in our network.
85
86
7.1 Conclusion
For any business to grow and succeed it is very necessary that they communicate in and around effectively. This creates the need of perfect networking setup in organizations. This research was carried out to understand the need of networking, techniques and devices used in an organization. Through the research knowledge was gained about the networking concepts and network designing. A network setup is designed for a virtual organization to show the usage of modest gadgets available in the market, which would cater the very basic need of communication and sharing of information within the organization.
87
8. Appendices
QUESTIONS ON NETWORK SET UP
1) 2) 3) 4) 5) 6) 7) 8) 9) 10) For what purpose do you need networking? Are there any wireless connections? Why do you use router? Which brand and why? Which switch do you prefer-managed or unmanaged and why? Which brand do you own right now? What are the other equipments used in network setup and why? Do you have any NETWORK ATTACHED STORAGE? Which network do you prefer- cabled or wireless? Does your organization own an enhanced firewall that scans inbound internet traffic for viruses, spyware, and other vulnerabilities? Do you have any private network like VPN, intranet? Who manages it? Who manages it? Are you satisfied with your setup and devices? Above questions were asked to the system administrator of the organizations like CG Broadband Network Pvt Ltd Bhilai, Simplex Castings Pvt ltd Bhilai, STPI Bhilai, BEC Bhilai. A personal interview was conducted.
88
9. BIBLIOGRAPHY
1. C.R Kothari, Research Methodology, New Age International Publishers, New Delhi, Second Revised Edition, 2008, Chapter No-1, Page no- 1-3. 2. Andrew Tannenbaum, Computer Networks, Prentice Hall of India, New Delhi , 4th revised edition, 2008, Chapter No-1, Page no-3-5,14-25,37-43. 3. Behrouz A Forouzan,Data Communications and Networking, Tata McGraw Hill Publishing Company Ltd,4th edition.
10. WEBLIOGRAPHY
1. http://www.computer-network.net/network-bridge 2. http://www.ictglobal.com/network_tech.html 3. http://compnetworking.about.com/cs/basicnetworking/f/whatsnetworking.ht m 4. http://compnetworking.about.com/cs/routers/g/bldef_router.htm 5. http://en.wikipedia.org/wiki/Network_switch 6. http://en.wikipedia.org/wiki/Network-attached_storage 7. http://en.wikipedia.org/wiki/Unified_Threat_Management 8. http://compnetworking.about.com/od/homenetworkhardware/f/routervsswit ch.htm 9. http://www.cyberoam.com/networksecurity.html 10. http://en.wikipedia.org/wiki/Virtual_private_network 11. http://www.howstuffworks.com/vpn.htm 12. http://www.ehow.com/about_5348701_managed-switch-vs-unmanagedswitch.html 13. http://en.wikipedia.org/wiki/Broadband 14. http://compnetworking.about.com/od/networkcables/g/bldef_leasedlin.htm 15. http://en.wikipedia.org/wiki/IP_camera 16. http://www.cups.org/documentation.php/network.html 17. http://wiki.answers.com/Q/What_is_Network_printer_and_local_printer 18. http://tunnel.mrq3.com/explain/node2.html 19. http://www.gatewayforindia.com/technology/satellite.htm 20. http://communication.howstuffworks.com/fiber-optic-communications/fiberoptic.htm 21. http://communication.howstuffworks.com/convergence/router.htm
89
22. http://compnetworking.about.com/od/hardwarenetworkgear/f/layer3switche s.htm 23. http://www.dslreports.com/faq/8347 24. http://computer.howstuffworks.com/internet/basics/question549.htm 25. http://www.howstuffworks.com/nat.htm 26. http://www.home-network-help.com/wireless-network.html 27. http://en.wikipedia.org/wiki/Wireless_network 28. http://www.tech-faq.com/wireless-modems.html
90