LIST OF ABBREVIATIONS USED

1. STPI-Software Tech Parks of India 2. IT-Information Technology 3. VPN-Virtual Private Network 4. VSAT-Very Small Aperture Terminal 5. UTM-Unified Threat Management 6. ATM-Asynchronous Transfer Mode 7. ISP-Internet Service Provider 8. ISDN-Integrated Service Digital Network 9. DNS-Domain Name Server 10. DHCP-Dynamic Host Configuration Protocol 11. LAN-Local Area Network 12. WAN-Wide Area Network 13. MAN-Metropolitan Area Network 14. WWW-World Wide Web 15. FTP-File Transfer Protocol 16. OSI-Open Systems Interconnection 17. MAU-Media Attachment Unit 18. NIC-Network Interface Card 19. URL-Uniform Resource Locator 20. P2P-Peer to Peer 21. TCP/IP-Transmission Control Protocol/Internet Protocol 22. IANA-Internet Assigned Numbers Authority 23. ICANN-Internet Corporation for Assigned Names and Numbers 24. MAC-Media Access Control 25. NFS-Network File System 26. CIFS- Common Internet File System 27. QOS-Quality Of Service 28. NAT-Network Address Translation 29. NAS-Network Attached Storage/Server 30. CAT5-Category 5 31. CBR-Constant Bit Rate 32. ABR-Available Bit Rate 33. VBR-Variable Bit Rate 34. UBR-Unspecified Bit Rate 35. VOIP-Voice Over Internet Protocol 36. OFC-Optical Fibre cable 37. RFT-Receiver Frequency Transmitter

38. SSPA-Soli state Power Amplifier 39. EMR-Edge Media Router 40. LNB-Low Noise Block 41. LNA-Low Noise Amplifier 42. UDP-User Datagram Protocol 43. SNMP-Simple Network Management Protocol 44. SMTP-Simple Mail Transfer Protocol 45. RADIUS- Remote Authentication Dial In User Service 46. POP3-Post Office Protocol 3 47. RIP-Routing Information Protocol 48. BGP-Border Gateway Protocol 49. OSPF-Open Shortest Path First 50. HTTP-Hyper Text Transfer Protocol

List Of Figures Used

Figure 1: STPIs Antenna Figure 2: STPI providing technical support Figure 3: showing earth connected by a cable Figure 4: Basic LAN Topology Figure 5: WAN Network Figure 6: Leased line to an organization Figure 7: OSI layer functions Figure 8: Layers of OSI model Figure 9: Working of web server Figure 10: A switch connecting server to terminals and printer Figure 11: Router connects LAN to Internet Figure 12: Router connecting two LANs Figure 13: D-Link Wireless Router Figure 14: Shows a firewall between a LAN and WAN Figure 15: Contents of UTM Figure 16: Previous view of security system Figure 17: Shows that UTM has replaced all security system by single device Figure 18: Network Printer Figure 19: Cisco PVC300 IP camera Figure 20: Diagram of total internal reflection in an optical fibre Figure 21: RJ45 cable and connector Figure 22: CAT5 cable and connector Figure 23: Satellite communication Figure 24: VPN network Figure 25: Full View of the network design for an organization Figure 26: Connection of devices to switch

List of Tables Used

Table 1: Properties of Copper Table 2: Comparison between TCP and UDP Table 3: Well known Port Numbers

Chapter 1: Introduction

1.1 About STPI

Software Technology Parks of India is a chain of Government of India owned Technology facilitator institutions. The entire India is divided into zones where a regional STPI takes control of the units, companies and export oriented IT institutions, providing them with High-speed data carrying circuits on lease, apart from other Info-Tech backbone services such as server co-location, VPN. Solutions , gateway, services, etc. Software Technology Parks of India has been set up by the Ministry of Information Technology, Government of India, in 1991, with the objective of encouraging, promoting and boosting software exports from India. Its services cover network design, system integration, installation, operations and maintenance of application networks and facilities in varied areas ranging from VSATs to ATM based networks. STPIs objective is to provide effective data communication facilities to software exporters and the society has established its own gateways at its nodal centers located in different parts of the country. These gateways are integrated with the line of sight point to multipoint digital equipment. STPIs soft Link is the TCP/IP based shared internet service that uses its own International gateways for the upstream connectivity. The TCP/IP service is called Shared Internet as the upstream bandwidth is shared among the users.

1.2 Future Plans of STPI

I. Setting Up New STPs: So far the larger cities have the benefit of better infrastructure and have a major role in software exports from the country. Off late, a large number of units in the IT enables services sector have been set up in India. Smaller cities, which have the advantage of lower costs, can play a major role in this sector. Most ISPs are not setting up communication infrastructure at secondary locations because of commercial considerations. STPI has plans to set up additional STP centres with centre/state Government support at secondary locations, which will contribute to the export of IT services.

II.

Fiber Landing Station By STPI:

The availability of bandwidth through Satellite is not very high. DOT has recently announced the landing policy of submarine cable. It is felt that few submarine fibre cable are likely to land in Chennai, Mumbai, Cochin and Vizag. STPI is already providing the data communication through its satellite earth stations. Due to the growth of IT software export segment, the software companies also need bandwidth through fibre. Some of the companies, that are doing mission critical applications like call centre operation, security services, etc require fiber to avoid transition delay inherent in satellite link. STPI is planning to setup a landing station, in order to meet these requirements. Fig 1:STPIs Antenna III. Export Promotion: At present, the major share of software exports market is in Europe and US. The smaller companies are unable to garner market share due to lack of market knowledge and ability to leverage their abilities in spite of inherent skills in product development and management. Such a situation, if continued, could confine them to very low growth rates for future. Accordingly, STPI plans to increase its focus as business promotion through increased participation in Exhibitions, Trade Fairs and Delegations etc for the SME sector.

1.3 Soft NET: (Data Communication Network)

One of the objective of Software Technology Parks Of India is to provide effective data communication facility to the esteemed software exporters and the IT enabled services specially true in emerging areas like software maintenance, application re-engineering, remote computing and executing off shore projects, etc which involve interactive applications recognizing the importance HSDC facilities providing global connectivity at all over India. In persuasion of this objective the STPI established its own gateways at its nodal centres located in different parts of the country. STPI names the Data Communication Network owned by it as soft NET.

Bhilai : STPI centre has been providing the High Speed Data communication facilities to the IT industry through the international gateway with scalable configuration is setup in Bhilai. The location of the earth station is such that it is in the line of sight from most of the locations in Bhilai as from various other locations with a radius of 30 kms from the station. These gateways are integrated with the line of sight point-to-multipoint equipment for connecting the user premises located outside the complex by means of microwave links.

The customers premises in India will be connected to their client located abroad by gateway which will be located at Bhilai through a radio link using either point or point to multi point radio link. This will facilitate any company operating in India or abroad connected to Internet, and to access soft NET.

1.4 STPI SCHEME

The Software Technology Park (STP) scheme is a 100% export oriented scheme for the development and export of computer software using data communication links or in the form of physical media including the export of professional services. The major attraction of this scheme is single point contact service to the STP units. HIGHLIGHTS
o Approvals are given under single window clearance scheme. o An STP project may be set up anywhere in India. o Director STP is empowered to approve projects with an investment of Rs.100 million ($ 2.5 million). o 100% foreign equity is permitted and is approved under the automatic route delegated powers to the Director STPI. o Simplified minimum exports performance norms i.e. US $0.25 million or 3 times CIF value of imported goods whichever is higher and positive Net Foreign Exchange Earning against Export Earnings. o Use of the Computer System for commercial training purpose is permissible subject to the condition that no computer terminals are installed outside the STP premises. o The sales in the Domestic Tariff Area (DTA) shall be permissible up to 50 % of the export value terms. o STP units are exempted from payment of corporate income tax up to 2010. o The capital goods purchased from the Domestic Tariff Area (DTA) are entitled for the benefits like levy of excise Duty and Reimbursement of Central Sales Tax (CST). o Domestic project will not attract any local levies. o Repartition of foreign currency for payment can be freely done.

1.5 Soft POINT: (International Leased Line)

Soft POINT (International Digital Private Leased Lines) offers POINT-TO POINT International Leased HIGH SPEED DATA Communication links of 64 KBPS up to 2 MBPS. The customer premises in India will be connected to their client located abroad by gateway which will be located at Dehradun through a radio link using either the point to point to multi point radio (TDMA) link. SoftPOINT services act as the lifeline for business applications in global enterprise networking and building virtual organization. Features: 64 Kbps to 45 Mbps or higher. One stop shop arrangements with many carriers for ordering or Billing. Resilient International routes and partners. Customers Interface: V.35, X.21, G.703. End to End management up to the customers using strong Network monitoring. The services will be available round the clock and charges will be fixed irrespective of the time and volume of data transferred by the user.

1.6 Soft Link: (Shared Internet Connection)

SOFT LINK is the TCP/IP based shared internet connection which uses its own International Gateway for the upstream connectivity. At present STPI backbone is connected through many service providers like Teleglobe, AT&T, Thaicom etc. to provide load balancing and fully redundant services. The TCP/IP service is called shared internet as the upstream bandwidth is shared among the users. The user connected on the service has access to the complete internet services available worldwide such as: E-Mail FTP-File Transfer Protocol Remote Login WWW(World Wide Web ) Usenet Database access

Availing access and setting up the connection to SOFT LINK How to access the SOFT LINK?
SOFT LINK will be managed through a wide area network plan and you will get connected to the network. You will get a port on the Ethernet Hub which will be located in the LAN. The LAN will be further connected to the International Gateway and managed from network Dehradun Control Centre which will be located at STPI- Dehradun. The LAN setup will be directly connected to the International Gateway through a UTP backbone, whereas the LANs in different locations will be connected to the International Gateway via a microwave link. You can locate your unit anywhere outside in the city. STPI- Dehradun will provide point-point or point-multipoint radio link up to the ROUTER at your premises. a) Leased Internet Access on Radio Local Loops: Microwave radio connection of the desired bandwidth is set up from customers premises to the International Gateways of STPI. These links are installed and maintained by STPI itself and the customer has to pay just one time installation charge. The data rate options for the Leased Internet Service on Radio are n x. b) Leased Internet Access on Dot Local Loop: A wired n x 64k is hired form DOT for the customers. The customer will need to hire a lease line, of the required data rate, from Dot and will pay for the installation and annual lease access for the local loop. STPI will provide port access on its router and will charge for the same. c) Leased Internet Access Using ISDN Lines: Those who wished to use their ISDN lines for Internet access can use this facility. Customer will have to pay for an additional ISDN line at STPI as the line has to be used in dedicated made. Service is presently available for ISDN BRI and leased connection is for 64kbps or 128 kbps.

Dial-up Internet Access

In dial-up access, a connection is established between the access and the STPI network on dialing the specific number(s) by the authorized subscribers. A dial up access is offered with the following options: Dial-up Internet Access Using ISDN lines: This is for those who wish to use a digital access for Internet and for limited access period. This service is run in shared mode. Dial-up Internet Access PSTN lines: This is the dial-up internet access on PSTN lines and is available in limited locations only.

1.7 INFRASTRUCTURE
INCUBATION
Business and Technology incubation catalyzes the process of starting and growing companies. It provides entrepreneurs with the expertise, networks & tools they need to make their ventures successful. As an incubator we will nurture young firms, helping them to survive & grow during the startup period when they are most vulnerable. We would provide to entrepreneurial firms a shared office services, access to equipment , flexible lease and expandable space; all under one roof. As an incubator, we plan to provide our services in the following areas: 1. Full service Office Facilities 2. Web hosting services 3. Business plan development

Strength of STPI to act as an Incubator:Technical Support: STPI has got in house expertise, most of the latest technologies details & machinery, most of the latest technological Fig 2: STPI providing technical details & machinery which would support support technical development. Software Policy and Legal Advice: STPI has been giving consultancy in Data Com, Software Export, facilities/ provisions, and setting up of STPI units and related services. Quality Certification: As STPI is an ISO9002 company, so undoubtedly quality will be maintained at all levels. Maintenance and Repairs: Our highly technical staff and 24 hr. helpdesk shows commitment to provide efficient services by which the entrepreneur will be benefited. Infrastructure Support (Back Bone) : STPI has got strong backup of all related facilities which are required for an upcoming organization in Software export such as LAN, ISP, Power back-ups etc.

10

1.8 OBJECTIVES
The purpose behind the research was to understand the basics of computer networking. To know the basic networking need of an organization The research was carried out to have understanding about the hardware used for network setup. The research was also conducted to learn designing a network setup.

11

Chapter 2: Scope of Work And Methodology

12

2.1 Scope of Work

The assessment covered the following aspects: 2.1.1 Basic Networking Concepts: Before starting the main topic
of Computer Networking in Organization, the basic concepts of networking as well as hardwares used was studied and their working was understood.

2.1.2 Connection: Learned how devices are connected and network is

setup.

2.1.3 Need of an Organization: Basic computer networking needs

of organization were studied.

2.2 Methodology
2.2.1 Research Type: This is descriptive research.
This type of research describes what exists and may help to uncover new facts and meaning. The purpose of descriptive research is to observe Describe and Document, aspects of a situation as it naturally occur. In this research what devices and techniques were used, and what is being used now are studied. Knowledge gained by this research is applied in finding the perfect network setup with modest gadgets.

2.2.2 Sources of Data: There are two sources of data used any
research. The first one is Primary source: and the second is Secondary source. . The primary source consists of questionnaires, personal interviews and observations. The secondary source consists of internet, magazines, and journals.

13

2.2.3 Sampling Design: Convenience sampling was adopted.

Organizations which were convenient to approach were included.

2.2.4 Data Collection tools/instruments: Personal Interview.

Internet and Study material.

2.2.5 Methods of data collection: For Primary data, Personal

interviews were conducted with the system administrator in 5 different organizations. And Secondary data was collected through internet and books.

14

Chapter 3: Overview of the Project

15

3.1 Networking In Organization

. Information and communication are two of the most important strategic issues for the success of every enterprise. While today nearly every organization uses a substantial number of computers and communication tools (telephones, fax, personal handheld devices), but they are still isolated. While managers today are able to use the newest applications, many departments still do not communicate and much needed information cannot be readily accessed. To overcome these obstacles an effective usage of information technology is required, thus, computer networks are necessary. They are a new kind (one might call it paradigm) of organization of computer systems produced by the need to merge computers and communications. At the same time they are the means to converge the two areas; the unnecessary distinction between tools to process and store information and tools to collect and transport information can disappear. Computer networks can manage to put down the barriers between information held on several (not only computer) systems. Only with the help of computer networks a borderless communication (Borderless Networks deliver the new workspace experience, connecting anyone, anywhere, using any device, to any resource securely, reliably, seamlessly) and information environment can be built. Computer networks allow the user to access remote programs and remote databases either of the same organization or from other enterprises or public sources. Computer networks provide communication possibilities faster than other facilities. Because of these optimal information and communication possibilities, computer networks may increase the organizational learning rate, which many authors declare as the only fundamental advantage in competition. Besides this major reason why any organization should not fail to have a computer network, there are other reasons as well: cost reduction by sharing hard- and software resources high reliability by having multiple sources of supply cost reduction by downsizing to microcomputer-based networks instead of using mainframes greater flexibility because of possibility to connect devices from various vendors

16

Because of the importance of this technology, decisions of purchase, structure, and operation of computer networks cannot be left to technical staff. Management as well has a critical need for understanding the technology of computer networks. Businesses use their computer networks to organize their assets, inventory, finances, communications, customer records, and operations. The network, and the systems attached to it are important, and like any business, keeping costs under control is crucial. Business class networks are a step up in complexity over residential networks. The requirements of any business network are more or less as follows: Reliable Maintainable Performance Feature Complete Affordable Since all the requirements in some way impact the bottom line of the business, it is worth taking some time on how these requirements impact the design and what they mean. 1. A Reliable Network A simple rule of thumb for reliability is, the more reliable, the more expensive. Also, there is no such thing as a 100% reliable design. What's left is a trade-off between reliability and costs. From an office perspective, hardware decisions should look at characteristics like warranty, peer review, environmental durability and mean time to failure. Complex features such as redundancy and remote administration is also important and very much needed. If there is a power outage then system must be able to recover itself. 2. A Maintainable Network Since 100% reliability is impossible, eventually maintenance will be necessary. Either a technician will be called in to handle maintenance when it is required, or office staff will handle the situation. Situations that resolve without the necessity for a technician are less expensive; therefore network designs where the majority of the network faults can be handled by the people onsite are preferable. Although maintainability is difficult to quantify, there are some characteristics of maintainable networks to take into consideration: Minimized failure points Failure Indicators Network Maps Clean Wiring

17

Consider the following circumstance with a maintainable network. A single computer on a wired network is unable to connect since the cable from the patch panel to the Ethernet switch has come loose. From glancing at a network map and looking at the connectivity lights at a centralized switch it becomes apparent that the physical connection between the switch and the computer has been broken. Reconnecting the loose patch cable will fix the problem, and was easy to spot. The same situation with an unmaintainable network might involve tracking down the series of connections tying the computer to the network and identifying which one has become loose. This could take hours in the worst case and require disconnecting other machines in the process of trying to find the right one. Designing for maintainability is important if avoiding disruption during service calls is important. Designing for maintainability is critical to the long term costs of having a network. 3. Network Performance Most offices favor functionality over performance when it comes to their computer networks. However that doesn't mean that the topic should be ignored when considering the design for the network. The highest level of performance and reliability is available through the use of wired network technologies. This will remain the case for the foreseeable future, however wireless technology has experienced a marked boost in performance and reliability with the advent of the 802.11n amendment to the wifi standard. Small offices which are interested in maximizing the performance of their network should look to use gigabit wired network technologies, routed through a single gigabit Ethernet switch. Additional performance can be achieved by switching the MTU (Maximum Transmission Size) of data on the network to 9k bytes up from the old standard of 1500 bytes. This is achieved by reducing the effective overhead of transmitting data on the network. Check for jumbo frame compatibility on any connected wired hardware before deploying this strategy. 4. A Feature Complete Network Unless office networks are well designed, they can be difficult to upgrade. For instance, a business network which has most of its routing configuration stored in the router with no way to export the configuration to a different machine will be harder to take down and replace than a device which can export its configuration. Sometimes a new feature is required after the network has already been built, only to discover that the current system cannot handle the new feature. One example may be DHCP static allocation, which is a feature that is not uniformly available

18

across commodity routers. Another example is VPN support; a feature highly in demand for those on the road or with a home office trying to tie into work. Designing a network that can accommodate future necessities can be challenging, especially when dealing with commodity hardware, however there are variety of router appliances which can make these challenges much less cumbersome. Examples of these appliances are pfSense, m0n0wall, freenas, smoothwall and others. Determining whether router appliances are necessary is a useful exercise since it helps specify the networks feature requirements. 5. An Affordable Network The cost to build, maintain, and extend a computer network is the true deciding factor for most if not all business. Commodity components may be affordable from an upfront perspective, undesirable from a reliability perspective and completely pointless from a maintenance, or feature perspective. The costs that comprise working on a new network design are as follows: Design Installation Maintenance Designing a network takes into account the logical and physical topology, the performance requirements, hardware, cable requirements (outdoor, indoor). Installation examines how long, and what will be necessary to implement the design. The maintenance cost deals with what will be involved in ensuring the network continues to function over time. Upfront design costs can seem fairly intimidating; however it is important to consider the long term benefit of having a well designed office network. Downtime is minimized, maintenance is straightforward when necessary, the network generally performs well.

19

3.2 Office Network Design Strategies

Keeping costs in check is an important consideration when developing business networks. Small businesses by their nature do not have large amounts of resources to devote to business infrastructure. To balance this with the necessity to actually implement a network which will meet the current and foreseeable needs is the role of the network designer. Hardware Some hardware components are straightforward to replace such as switches, patch cables and to a lesser extent, routers. This contrasts to in-wall cabling, keystone jacks, cable tracks and any other fixed device or installation. It is a good practice to use high-quality components for any hard to reach parts that will need to remain functional and compatible. Using Cat6 over Cat5e cable for inwall cable drops is a good example of this; another example is using shielded keystones rather than the unshielded alternatives. Even though a business may not initially require high-speed components, it is a useful strategy to future-proof the implementation by using materials capable handling future technologies. Services Keep services centralized as much as possible. Relying on user desktops to provide services to the network will eventually result in business downtime during reboots or other maintenance. Setting up a small business server which runs filesharing, backups, CRM, financial and other business applications makes managing a network simpler. Network related services such as local DNS, DHCP and routing can generally be provided by a single machine such as a commodity router Topology Small network planning does not require much effort on the logical topology, beyond some basic analysis of which services need to be available and how they will be controlled. On the other hand, a well executed physical topology plan is very useful since it gives a clear map of how the network works. Plan on creating a port map which shows where each component is connected and how the connections map out to locations on the network. At the end of the day, the challenge of designing an organizations network is finding that balance point between reliability, maintainability and cost. The limiting factor, as always, is the projects budget.

20

3.3 Networking Concepts

3.3.1 What is Computer Networking?
Computer Networking is basically the process of connecting two or more computers or devices, using hardware and software, so that data can be transferred and shared between them. There are different types of networking, for instance there are LANs (local area networks) and WANs (wide area networks). The difference between these two lies in their spans. LANs are restricted to small areas, typically homes, whereas WANs are widely spread and can reach across cities, countries or even continents. Networks may also be different in their design and layout. There are client/server networks and peer-to-peer networks. Client/server networks tend to be centralized with most functions being supported by the central/main system. Peer-to-peer networks consist of computers which all support the same functions and can interact with each other. This being understood, client/server networks work well within businesses whereas peer-to-peer is better suited to home use. Layouts can be the different ways in which a network is arranged to share data. Bus, ring, star, mesh is all different layouts. It all depends on how information is to travel through the network, if the data is expected to go through all the systems then bus network is suitable but if data is to be sent to single units separately then star networks or mesh networks might be better suited. Networks are all about communication, as such there is a communication standard which is implemented by protocols, which are like rules for the operation of the network. There may be many protocols used by a network at one time, for instance, TCP/IP, the most common protocol found on the Internet and in home networks. Networks can be wired or wireless. Most protocols for wired networks are also supported by wireless networks. Wired networks have been around for a long time as compared to wireless ones. But with advancements in technology wireless networks are fast becoming more reliable and common.

21

3.3.2 Networking basics and Hardwares used

1) Internet:
The Internet is a global system of interconnected computer that use the standard Internet Protocol Suite (TCP/IP) to serve billions of users worldwide. It is a network of networks that consists of millions of private, public, academic, business, and government networks, of local to global scope, that are linked by a broad array of electronic, wireless and optical networking technologies. The Internet can also be defined as a worldwide interconnection of computers and computer networks that facilitate the sharing or exchange of information among users. The Internet carries a vast range of information resources and services, such as the inter-linked hypertext documents of the World Wide Web (WWW) and the infrastructure to support electronic mail.

Fig 3: showing earth connected by a cable

General information about the Internet: The Internet is explored, aka surfed, using a computer browser. Finding information on the Internet is achieved by using a search engine. Users browse web pages by following hyperlinks. Besides browsing web pages, the Internet is also a popular method of communicating with others through online web forums, chat rooms, emails, and instant messages. In addition to communicating, users also use the Internet to share files, pictures, songs, and video over the Internet.

2) Intranet:
A basic definition of Intranet an Intranet can be viewed as a small Internet which resides on company or private LANs or local area networks. Intranets can be designed and built to suit the needs of all companies or home users, big or small, basic or complex, as in many large corporations which are used to encompass everything from Human Resources information, to Payroll, to service desks to projects.

22

What's the difference between intranet and internet? The Internet is quite literally open to everyone with an internet connection, an Intranet usually resides on a LAN or local area network, and as such is totally separate from the Internet. Intranets operate in a secure area and their content can only be seen by people within the this LAN or secure area.The purpose of an Intranet is to store any information which can be shared amongst. Security on the internet is primarily on the web server itself, as opposed to security on Intranets which can be both web server security or integrated into domain security. Corporate networks generally force you to use proxy servers to connect to the Internet, but not to the Intranet. Generally an Intranet will be faster than the Intranet, due to local servers and less users. Similarities between Intranet and Internet: Both the Intranet and Internet operate on the same technologies, primarily HTML (Hyper Text Markup Language) and TCP/IP (Transmission Control Protocol / Internet Protocol).Both are there to collectively share information.

3) LAN:
A local area network (LAN) supplies networking capability to a group of computers in close proximity to each other such as in an office building, a school, or a home. A LAN is useful for sharing resources like files, printers, games or other applications. A LAN in turn often connects to other LANs, and to the Internet or other WAN. Most local area networks are built with relatively inexpensive hardware such as Ethernet cables, network adapters, and hubs. Wireless LAN and other more advanced LAN hardware options also exist. Specialized operating system software may be used to configure a local area network. For example, most flavors of Microsoft Windows provide a software package called Internet Connection Sharing (ICS) that supports controlled access to LAN resources. Fig 4: Basic LAN Topology Also Known As: local area network

23

Examples:The most common type of local area network is an Ethernet LAN. The smallest home LAN can have exactly two computers; a large LAN can accommodate many thousands of computers. Many LANs are divided into logical groups called subnets.

4) WAN:
WAN stands for Wide Area Network. As its name suggests, it is a computer network that covers a far wider area than a LAN (Local Area Network). WANs cover cities, countries, continents and the whole world. A WAN is formed by linking LANs together. For example, several major LANs in a city can connect together forming a WAN. When networks connect to form a bigger network (a bigger WAN), the resulting network is called Fig 5: WAN Network an internetwork, which is generically abbreviated to an internet. Now when all WANs in the world connect forming a global internet, we call it The Internet, which everyone knows! Thats why the Internet is always written with a capital I. It is the biggest WAN we have.

5)

Broadband:

Broadband is a term referred to some technologies that offers high speed internet connectivity depending on framework and environment. In general terms broadband referred to communication technology that can employ different channels of data or data streams by using any medium (air or Physical). Broadband is a term for wide band. It defines the speed of data transfer rate. Often this question arises in the minds of common folks that what is broadband? The literal meaning of broadband is a wide band capturing the signals and delivering it as an independent bandwidth channels. As term broad tells that it is related to something bigger something vast still it limits are undefined. Roughly for about 7-10 years, you are seeing advertisements regarding the publicity of broadband. They are boasting about so many things like, speed, phone calls accessibility, cheaper, download acceleration etc.

24

Broadband basically works through its bandwidth. As you increase the width of the band, so you get the speedy access to the internet. Broadband it-self usually refer to services that offer high bandwidth over the medium of fiber optic, DSL, cellular services or broadcasting services.

Broadband Features:
Some of the broadband features are described here. Broadband Connectivity: As the whole world become a global village, one reason of it being so is the broadband connectivity. Signals are sent through fiber optic glass cable in the shape of light. This light source has the ability to carry a huge amount of information (data) in a very short time period. It supports multiple signals after distributing the whole into multiple independent bandwidth channels. Broadband Availability: Another very unique feature of this broadband connection is that it remains connected 24/7 hrs and still does not disrupt the telephone line. You can access the broadband through cable operators or direct through satellite. It depends on the type of broadband you are using. The important characteristic is that it only uses the ISP number of phone line without interrupting its own exercise. Broadband Desired Bandwidth: We can increase and decrease the broadband bandwidth according to our need. For this you need to ask to your internet service provider. There are different packages on different rates you go for the one which suits you the most. Benefits of Broadband: No doubt internet is facilitating since many years yet broadband is like seasoning it with freed condiment. Thats why if you really want to enjoy the internet facility in its true sense then go for broadband. Using positively, it will help to prosper your business by leaps and bound. If you are doing research work, it will surely be a quality output. You can design your website at best with graphics oriented and animated; broadband will facilitate to upload it and surely broadband user

6) Leased Line:
A leased line connects two locations for private voice and/or data telecommunication service. Not a dedicated cable, a leased line is actually a reserved circuit between two points. Leased lines can span short or long distances. They maintain a single open circuit at all times, as opposed to traditional telephone services that reuse the same lines for many different conversations through a process called "switching."

25

Leased lines most commonly are rented by businesses to connect branch offices, because these lines guarantee bandwidth for network traffic. Leased lines are dedicated circuits provided by Basic Service Providers (BSPs), which provide permanent connectivity to the Internet. Leased lines provide the last mile access from the user premises to the ISP. They provide permanent connection as compared to the temporary connectivity through dialup access. The quality of the connection is far superior to what is normally available through dialup, thanks to digital signaling, less noise, fewer exchanges etc. Since the access is "always on", it is possible to associate a pool of permanent IP addresses with a particular leased line. Normally, the ISP would provide 16/32 IP addresses for each 64 Kbps chunk of bandwidth. Using these IP addresses it becomes possible to deploy a variety of services such as mail, FTP, WWW, DNS, and proxy, to name the most common requirements of organizations. In other words, leased lines enable hosting of services of all types, and provide a platform for enterprise intranets and extranets, apart from what we may term as "entry level" services such as messaging, which still account for over 70 percent of all Internet access.

Applications of leased lines Point-to-point:

For Data only one of the widely used applications of leased lines is having a secure dedicated data circuit between two locations via a private line, used to transmit data at a constant speed equal to the bandwidth of the circuit. Fig 6: Leased line to an organization.

Point-to-point: For Voice and Data

This kind of application allows transmission of voice and data over the same connection. Here also two separate locations are joined together. This type of configuration is commonly provided on a higher bandwidth circuit. The bandwidth of the circuit is divided into individual voice channels and data channels.

Multiplexing: Multiplexing basically connects multiple remote sites to a single

Centralized location. Typically a connection originating at the host location is connected into a multiplexer at a service provider's end. At the multiplexer, the host circuit is split into smaller individual circuits, and those are then delivered to the remote sites.

26

Advantages: It provides permanent, reliable, high-speed connectivity as

compared to the temporary connectivity of dial up access. The quality of the connection is far superior to what is normally available through dialup, because of the digital signaling, less noise, fewer exchanges etc.

7)

What is OSI Model?

Open Systems Interconnection ( OSI ) is a standard reference model for communication between two end users in a network. The OSI Model is a model that illustrates how data communications should take place. The model is used in developing products and understanding networks. It segregates the process into seven groups, called layers. Into these layers are integrated the protocol standards developed by the ISO and other standards organization, including the Institute of Electrical and Electronic Engineers (IEEE), American National Standards Institute (ANSI), and the International Telecommunications Union (ITU), formerly Layer Functions Fig 7: known as the CCITT (Comite Consultatif Internationale de Telegraphique et Telephone). The OSI Model tells us what protocols and standards should be used at each layer. It is modular, each layer of the OSI Model functions with the one above and below it. OSI Model Layers: LAYER 7 The APPLICATION Layer: The top layer of the OSI model provides a set of interfaces for sending and receiving applications to gain access to and use network services, such as: networked file transfer, message handling and database query processing. The application layer is responsible for providing services to the user. LAYER 6 The PRESENTATION Layer: Manages data-format information for networked communications (the networks translator). For outgoing messages, it converts data into a generic format for network transmission; for incoming messages, it converts data from the generic network format to a format that the receiving application can understand. This layer is also responsible for certain protocol conversions, data encryption or decryption, or data compression/decompression.

27

The presentation layer is responsible for translation, compression, and encryption.

LAYER 5 The SESSION Layer: Enables two networked resources to hold ongoing communications (called a session) across a network . Applications on either end of the session are able to exchange data for the duration of the session. This layer is responsible for initiating, maintaining and terminating Sessions. Responsible for security and access control to session information (via session participant identification). Responsible for synchronization services, and for checkpoint services. The session layer is responsible for dialog control and synchronization. LAYER 4 The TRANSPORT Layer: Manages the transmission of data across a network. Manages the flow of data between parties by segmenting long data streams into smaller data chunks (based on allowed packet size for a given transmission medium). Reassembles chunks into their original sequence at the receiving end. Provides acknowledgements of successful transmissions and requests resends for packets which arrive with errors. The transport layer is responsible for the delivery of a message from one process to another. LAYER 3 The NETWORK Layer: Handles addressing messages for delivery, as well as translating logical network addresses and names into their physical counterparts. Responsible for deciding how to route transmissions between computers. This layer also handles the decisions needed to get data from one point to the next point along a network path. This layer also handles packet switching and network congestion control. The network layer is responsible for the delivery of individual packets from the source host to the destination host. LAYER 2 The DATA LINK Layer: Handles special data frames (packets) between the Network layer and the Physical layer. At the receiving end, this layer packages raw data from the physical layer into data frames for delivery to the Network layer.

28

At the sending end this layer handles conversion of data into raw formats that can be handled by the Physical Layer. The data link layer is responsible for moving frames from one hop (node) to the next. LAYER 1 The PHYSICAL Layer: Converts bits into electronic signals for outgoing messages Converts electronic signals into bits for incoming messages This layer manages the interface between the computer and the network medium (coax, twisted pair, etc.) This layer tells the driver software for the MAU (media attachment unit, ex. network interface cards (NICs, modems, etc.)) what needs to be sent across the medium The bottom layer of the OSI model is responsible for movements of individual bits from one hop (node) to the next.

Fig 8: Function of different layers

Fig: 8 layers of OSI model

8) Client-Server Model:
A client/server system: consists of a client and a server that are linked through a network. Client: requests the server for a given service through a special software Server: provides the requested service to the client under a set of conditions. Examples:- Internet, intranet, and extranet Another example of a popular C/S system is financial software that allows bank clients that can access their accounts from their home or office.

29

Interactions between Client and Server

A number of rules guide the interactions between a client and a server When a server receives a request from a client, it checks to see if the client is authorized A server can serve multiple clients at the same time and, conversely, a client may request services from multiple servers Client processes are independent of server processes. This independence maximizes the computing power of both client and server. It allows clients to be added to or deleted from the network without effecting either the server or other clients System administrator can make changes without effecting clients on the network.

Characteristics of Client-Server Architecture:

Application components are distributed between the server and client software. In addition to part of the application software, the server also stores the data, and all data accesses are through the server. The presentation is handled strictly by the client software. The PC clients assume the bulk of the responsibility for the application logic. The server assumes the bulk of the responsibility for data integrity checks, query capabilities, data extraction and most of the data intensive tasks, including sending the appropriate data to the appropriate clients. SQL is a standard used on the clients to request appropriate subsets of data from the server. Data returned from the server to the clients is manipulated the client software for reporting, business analysis and what if analysis.

Advantages of Client Server Application:

Centralization: Access, resource and data security are controlled through the server. Scalability: Any element can be upgraded when needed. Flexibility: New technology can be easily integrated into the system. Interoperability: All components (Clients, Network, and Servers) work together. Ease of application development. Lower total costs than Mainframe legacy systems User friendly: Familiar point and click interface

30

a) b)

c) d)

Data Are Readily Accessible to Decision Makers a) Accessibility to reliable, up-to-date information when needed b) Timely information can often translate into tangible benefits, such as increased profits or reduced operating costs; and intangible benefits, such as greater customer satisfaction. c) Server can be accessed remotely and across multiple platforms. Reduced Operating Costs: In the long run, the cost of information processing may be cheaper for client/server systems than for mainframe systems, thereby lowering overall operating costs. Reduced System Development and Maintenance Time In general C/S systems tend to be easier to develop than mainframe system. With proper planning and the necessary expertise, developers can create client/server systems more quickly and efficiently than mainframe applications. C/S system maintenance time is reduced as compared with systems that must be shut down to make upgrades or perform maintenance Changes or additions to an existing S/S system without much disruption because server applications are independent of client applications Increased Organizational Responsiveness: Designing a client/server system often compels managers and employees to search for more efficient, more effective business practices.

Disadvantages of Client Server Application:

Resistance to Change a) The transition from a mainframe environment to a client/server environment is fraught with obstacles. It is clear that the knowledge, experience, and expertise guiding these mainframe and client/server technologies are quite different. b) The challenge is how to encourage professionals to move from mainframe to client/server environment (they should be flexible & open-minded). High Training Costs a) Users need extensive training to successfully use and manage client/server environments. Because these systems often change the dynamics of the business environment, training must be comprehensive and include both the business and the technology side. b) Workers need training in using the technology to improve the way business operates. c) This training usually expensive and long term.

31

 Extensive Planning Required a) Businesses tend to grow fast and in unexpected places, so a business must plan carefully and develop a strategic plan for a client/server system. Without a plan, the system becomes an ad hoc collection of systems that dont integrate information and streamline business processes. b) Company plan should identify the role of client/server system to achieve the company goals. The plan identifies hardware issues. (ex. Nature & type of network) operating system, system security, user training and access method. Inadequate Standards a) Like any other new and evolving technology, client/server systems lack standardization in terms of system management, maintenance, and security, resulting in some reinventing of the wheel. b) Developers become burdened with a host of issues that other environment would be a standard part of the hardware & software packages. Susceptible to Security Violations: The security concerns associated with client/server systems are greater than those associated with other information systems because client/server systems are prone to security violations. The same features that make the client/server flexible, modular, open, and responsive also make it risky and vulnerable.

9) Peer to peer
It is an approach to computer networking where all computers share equivalent responsibility for processing data. Peer-to-peer networking (also known simply as peer networking) differs from client-server networking, where certain devices have responsibility for providing or "serving" data and other devices consume or otherwise act as "clients" of those servers. Characteristics of a Peer Network: Peer to peer networking is common on

small local area networks (LANs), particularly home networks. Both wired and wireless home networks can be configured as peer to peer environments.
Computers in a peer to peer network run the same networking protocols and software. Peer networks are also often situated physically near to each other, typically in homes, small businesses or schools. Some peer networks, however, utilize the Internet and are geographically dispersed worldwide. Home networks that utilize broadband routers are hybrid peer to peer and clientserver environments. The router provides centralized Internet connection sharing, but file, printer and other resource sharing is managed directly between the local computers involved.

32

Benefits of a Peer to Peer Network You can configure computers in peer to peer workgroups to allow sharing of files, printers and other resources across all of the devices. Peer networks allow data to be shared easily in both directions, whether for downloads to your computer or uploads from your computer.On the Internet, peer to peer networks handle a very high volume of file sharing traffic by distributing the load across many computers. Because they do not rely exclusively on central servers, P2P networks both scale better and are more resilient than client-server networks in case of failures or traffic bottlenecks.

10) Servers:
A server is primarily a program that runs on a machine, providing a particular and specific service to other machines connected to the machine on which it is found. Nowadays, server functionality has become so rich, complex and varied in nature that there are whole very powerful computers dedicated to being exclusively servers. This has led many non-technical people to denote servers as being machines that run services. Generally speaking, a server is a machine with a specific set of programs that offer different types of service, which other machines (then called clients) request to do certain tasks. For example, a file server is a machine which keeps files, and allows clients to upload and download them from it. A web server is a machine that hosts web sites and allows Internet users (clients) to access these web sites. The page you are reading now comes from the about.com web server. A mail server is a machine which, along with the storage and management of email messages, provides service to email users who can read, retrieve, and manage these emails messages. How Web Servers Work? The Basic Process Let's say that you are sitting at your computer, surfing the Web, and you get a call from a friend who says, "I just read a great article! Type in this URL and check it out. It's at http://www.abcdef.com/web-server.htm." So you type that URL into your browser and press return. And magically, no matter where in the world that URL lives, the page pops up on your screen. At the most basic level possible, the following diagram shows the steps that brought that page to your screen:

33

Fig 9: Working of Web Server Your browser formed a connection to a Web server, requested a page and received it. Behind the Scenes If you want to get into a bit more detail on the process of getting a Web page onto your computer screen, here are the basic steps that occurred behind the scenes: The browser broke the URL into three parts: 1. The protocol ("http") 2. The server name ("www.abcdef.com") 3. The file name ("web-server.htm") The browser communicated with a name server to translate the server name "www.abcdef.com" into an IP Address, which it uses to connect to the server machine. The browser then formed a connection to the server at that IP address on port 80. (We'll discuss ports later in this article.) Following the HTTP protocol, the browser sent a GET request to the server, asking for the file "http://www.abcdef.com/web-server.htm." (Note that cookies may be sent from browser to server with the GET request -see How Internet Cookies Work for details.) The server then sent the HTML text for the Web page to the browser. (Cookies may also be sent from server to browser in the header for the page.) The browser read the HTML tags and formatted the page onto your screen. If you've never explored this process before, that's a lot of new vocabulary. To understand this whole process in detail, you need to learn about IP addresses, ports, protocols... The following sections will lead you through a complete explanation

34

DNS
If you've ever used the Internet, it's a good bet that you've used the Domain Name System, or DNS, even without realizing it. DNS is a protocol within the set of standards for how computers exchange data on the Internet and on many private networks, known as the TCP/IP protocol suite. Its basic job is to turn a user-friendly domain name like "abcdef.com" into an Internet Protocol (IP) address like 70.42.251.42 that computers use to identify each other on the network. It's like your computer's GPS for the Internet. Computers and other network devices on the Internet use an IP address to route your request to the site you're trying to reach. This is similar to dialing a phone number to connect to the person you're trying to call. Thanks to DNS, though, you don't have to keep your own address book of IP addresses. Instead, you just connect through a domain name server, also called a DNS server or name server, which manages a massive database that maps domain names to IP addresses. Whether you're accessing a Web site or sending e-mail, your computer uses a DNS server to look up the domain name you're trying to access. The proper term for this process is DNS name resolution, and you would say that the DNS server resolves the domain name to the IP address. For example, when you enter "http://www.abcdef.com" in your browser, part of the network connection includes resolving the domain name "abcdef.com" into an IP address, like 70.42.251.42, for Abcdef' Web servers. You can always bypass a DNS lookup by entering 70.42.251.42 directly in your browser (give it a try). However, you're probably more likely to remember "abcdef.com" when you want to return later. In addition, a Web site's IP address can change over time, and some sites associate multiple IP addresses with a single domain name. Without DNS servers, the Internet would shut down very quickly. But how does your computer know what DNS server to use? Typically, when you connect to your home network, Internet service provider (ISP) or WiFi network, the modem or router that assigns your computer's network address also sends some important network configuration information to your computer or mobile device. That configuration includes one or more DNS servers that the device should use when translating DNS names to IP address. So far, you've read about some important DNS basics. The rest of this article dives deeper into domain name servers and name resolution. It even includes an introduction to managing your own DNS server. Let's start by looking at how IP addresses are structured and how that's important to the name resolution process.

35

11) Network Attached Storage (NAS)

Several new methods of utilizing computer networks for data storage have emerged in recent years. One popular approach, Network Attached Storage (NAS), allows homes and businesses to store and retrieve large amounts of data more affordable than ever before. Background: Historically, floppy drives have been widely used to share data files, but today the storage needs of the average person far exceed the capacity of floppies. Businesses now maintain an increasingly large number of electronic documents and presentation sets including video clips. Home computer users, with the advent of MP3 music files and JPEG images scanned from photographs, likewise require greater and more convenient storage. Central file servers use basic client/server networking technologies to solve these data storage problems. In its simplest form, a file server consists of PC or workstation hardware running a network operating system (NOS) that supports controlled file sharing (such as Novell NetWare, UNIX or Microsoft Windows). Hard drives installed in the server provide gigabytes of space per disk, and tape drives attached to these servers can extend this capacity even further. File servers boast a long track record of success, but many homes, workgroups and small businesses cannot justify dedicating a fully general-purpose computer to relatively simple data storage tasks. Enter NAS. What Is NAS? NAS challenges the traditional file server approach by creating systems designed specifically for data storage. Instead of starting with a general-purpose computer and configuring or removing features from that base, NAS designs begin with the bare-bones components necessary to support file transfers and add features "from the bottom up." Like traditional file servers, NAS follows a client/server design. A single hardware device, often called the NAS box or NAS head, acts as the interface between the NAS and network clients. These NAS devices require no monitor, keyboard or mouse. They generally run an embedded operating system rather than a fullfeatured NOS. One or more disk (and possibly tape) drives can be attached to many NAS systems to increase total capacity. Clients always connect to the NAS head, however, rather than to the individual storage devices. Clients generally access a NAS over an Ethernet connection. The NAS appears on the network as a single "node" that is the IP address of the head device.

36

A NAS can store any data that appears in the form of files, such as email boxes, Web content, remote system backups, and so on. Overall, the uses of a NAS parallel those of traditional file servers. NAS systems strive for reliable operation and easy administration. They often include built-in features such as disk space quotas, secure authentication, or the automatic sending of email alerts should an error be detected.

12) Layer 1 Switches/HUB:

In the OSI model, at Physical Layer ,Hub is classified as a layer 1 device. Or in other words we should say it as a Layer 1 switch.. Hub is a physical device used to connect two or more devices to form a single network. it includes a series of ports which accepts cable. A hub facilitates direct communication of computers. Hub is no intelligent. It does not looks after the sender and receivers address. Whenever any data is sent from one port, hub copies it to all the ports including the senders port as well. Computer/device for whom the message is intended for, receives it, and the others deny. There are basically three types of hubs: Passive hubs do not amplify the electrical signals of incoming packets before broadcasting them out to the network Active hubs provide with this amplification with the help of a repeater. An active hub takes a larger role in Ethernet communications with the help of technology called store & forward. An intelligent hub however, adds extra features to an active hub that is crucial to the success of businesses. It includes remote management capabilities via SNMP. it provides with the ability to manage the network from one central location. With the help of an intelligent hub, one can easily identify, diagnose problems and even come up with remedial solutions Hubs, sometimes even called repeaters, just replicate every packets they receive to all network ports connected. Every packet is treated as though it were sent to the Broadcast Address. Advantages: When the data is needed to be sent to all the computers then hubs are very useful. Costs very less Less complicated, and easy to understand the working.

37

Disadvantage: Because they repeat all traffic they receive on all attached ports each connected NIC will have a more difficult time getting its traffic onto the network. Whenever one NIC sends a message, all others must wait for it to pass before they get their own message onto the network.

13) Switch:
A network switch is a small hardware device that joins multiple computers together within one local area network (LAN). Technically, network switches operate at layer two (Data Link Layer) of the OSI model. Network switches appear nearly identical to network hubs, but a switch generally contains more intelligence (and a slightly higher price tag) than a hub. Unlike hubs, network switches are capable of inspecting data packets as they are received, determining the source and destination device of each packet, and forwarding them appropriately. By delivering messages only to the connected device intended, a network switch conserves Fig 10: A switch connecting server network bandwidth and offers generally better to terminals and printer. performance than a hub. Different models of network switches support differing numbers of connected devices. Most consumer-grade network switches provide either four or eight connections for Ethernet devices. With some ISPs and other networking environments where there is a need for much analysis of network performance and security, switches may be connected between WAN routers as places for analytic modules. Some switches provide inbuilt firewall, network intrusion detection and performance analysis modules that can plug into switch ports. Functions of a Switch: A switch is a device that is used at the Access or OSI Layer 2; a switch can be used to connect multiple hosts (PCs) to the network. Unlike a hub, a switch forwards a message to a specific host. When any host on the network or a switch sends a message to another host on the same network or same switch, the switch receives and decodes the frames to read the physical MAC (Media access Control) address portion of the message.

38

Forwards Frames with MAC address:

When a message is sent between hosts on a network or the same switch, the switch checks its MAC address table for the destination address. A switch MAC address table contains a list of all active ports, host or PCs MAC addresses that are attached to it. If the destination MAC address is not found in the table, the switch will not have the necessary information to forward the message. When the switch cannot determine where the destination host is located, it will flood or forward the message out to all attached hosts. Each host compares the destination MAC address in the message to its own MAC address, but only the host with the correct destination address processes the message and responds to it.

Collision Prevention:
A switch prevents collisions by providing a circuit between the source and destination ports. This circuit provides a dedicated channel over which the hosts connected to the various ports on the switch can communicate. Each port is allocated with a separate bandwidth; these separate circuits allow many conversations to take place at the same time, without collisions occurring.

Types of switches: i. Managed Switch:

These switches have one or more methods to modify the operation of the switch. Common management methods include: a command-line interface (CLI) accessed via serial console, telnet or Secure Shell, an embedded Simple Network Management Protocol (SNMP) agent allowing management from a remote console or management station, or a web interface for management from a web browser. As the number of devices increases, the ability to ensure that the timesensitive packets are prioritized becomes increasingly difficult as more concurrent streams of data hit the network. Another issue that may need to be dealt with is which devices have access to what portion of the network. An example of this might be where the accounting department needs to be walled off from the rest of the network for security purposes or where the production floor should be blocked from having Internet access. In both those cases a managed switch can fulfill that need. In addition, managed switches provide the ability to monitor each device on the network as well as limit the amount of bandwidth any device can use.

39

ii.

Unmanaged switch:

Unmanaged switches are ideal for the small to medium office and for data applications where no switch management is necessary. They are truly plug and play and have no configuration interface or options. In scenarios where the network traffic is light, all that is required is a way for the data to pass from one device to another. In this case there is no need for prioritizing the packets as all the traffic will flow unimpeded. An unmanaged switch will fill this need without issues. It is important to note that a switch is not a hub. Unmanaged switch allows devices to talk to each other. Difference between unmanaged and managed switches: Managed switches provide all the features of an unmanaged switch and provide ability to configure, manage, and monitor your LAN. And this gives you greater control over how data travels over the network and who has access to it. Also, managed switches use protocols such as the Simple Network Management Protocol, or what we call SNMP, for monitoring the devices on the network. SNMP is a protocol that facilitates the exchange of management information between network devices. SNMP queries can determine the health of the network or the status of a particular device. By displaying this data in an easily understood format, IT managers located at a central site can monitor the performance of the network and quickly detect and repair network problems without having to physically interact with the switch. SNMP allows to remotely monitoring our network devices, and one doesnt have to go to the site to make changes or troubleshoot the switch.

Managed switches are more expensive than unmanaged switches, then why should one pay more for a managed switch?
There are many additional features we get with a managed switch, such as quality of service, virtual LANs, redundancy, and port mirroring. These features help provide control over the traffic traveling over the switch. Quality of service allows you to prioritize network traffic by assigning a higher priority to critical traffic. This helps ensure consistent network performance and can support delay-sensitive data such as real-time voice. For instance, if voice packets are traveling over a network, then it should be made sure they have the highest priority so that these voice packets dont get dropped or delayed and mangle the phone conversation.

40

VLANs allow a switch to logically group devices together to isolate traffic between these groups even when the traffic is passing over the same physical switch. This segmentation and isolation of network traffic help reduce unnecessary traffic. For instance, traffic between your finance and marketing groups can be segmented, so that mission-critical finance information can flow without delay to the finance users and get bogged down by marketing traffic. This allows better network performance and in many cases provides an additional level of security. Another important feature of a managed switch is redundancy. Redundancy provides the ability to safeguard a network in case a connection or cable fails by providing an alternate data path for traffic. Managed switches incorporate what is called Spanning Tree Protocol standard, or STP, to provide path redundancy in the network. Using the spanning-tree algorithm, STP provides redundant paths while preventing loops that are created by multiple active paths between switches. STP allows for one active path at a time between two network devices, preventing loops and establishing the redundant links as a backup to keep integrated systems available and preventing expensive downtime, which network admins can appreciate. And, finally, there is port mirroring. In conjunction with a network analyzer, this feature is useful to diagnose problems. It copies the switch network traffic and forwards it to a single port on the same switch for analysis by a network analyzer. You can use the analyzer on a monitor port to troubleshoot network problems by examining traffic on other ports or segments. The benefit of this is you can troubleshoot problems without taking the network out of service.

Why consider using a managed switch? Each business needs to evaluate the needs of their network. When their network requirements have evolved to the point where they would like to have some input and control over the behavior of traffic on their LAN, then it is a good time to consider a managed switch. Also, if one is planning to deploy advanced services such as wireless LANs or IP telephony in the near future, managed switches can lay the foundation for these technologies.

41

Difference Between a Hub & a Switch

Hubs and switches are two of the more common networking devices that people see today. While both devices will repeat data that is received, the switch will only send the information out to specific devices while the hub may send it out to many devices. a) The Network Hub Definition: A hub is often referred to as a multiport repeater. That is because whatever data comes into the hub gets repeated out on all ports. For example, if you have two computers connected to a hub and the user on one computer goes to a website that data will go through the hub. When the hub gets the data it cleans up the signal to remove any noise and then sends the data out on all ports. The user that went to the web page will get the information that he requested but the computer that did not request the information will get the data also. The computer that did not request the information will just ignore it. b) Networks and IP Addresses: Every device connected to a network is assigned a number called an IP Address. Whenever this device makes a request over a network, including the internet, the IP Address is sent as part of the information request. When the computer that receives the request sends back the requested data, the IP Address is part of the data. That is how it knows which computer to send the information to. c) The Network Switch: A switch works on the same concept. When it receives that data back, it looks at the IP Address; the switch has a table of which IP Address is connected to which port. The switch checks the IP Address against this table and sends the information to the computer that requested it and no other computer will get the information. o The most practical difference between hubs and switches is that hubs can greatly slow down a busy network since they are sending the data to all computers that are connected to it. Switches on the other hand can speed up networks by only sending data to the computer that requested it.

42

14)

Bridge:

A network bridge connects multiple network segments at the data link layer (Layer 2) of the OSI model. A bridge device filters data traffic at a network boundary. Bridges reduce the amount of traffic on a LAN by dividing it into two segments. A LAN segment is a single section of network media that connects computers. Bridging is a forwarding technique used in packet-switched computer networks. Unlike routing, bridging makes no assumptions about where in a network a particular address is located. Instead, it depends on flooding and examination of source addresses in received packet headers to locate unknown devices. Once a device has been located, its location is recorded in a table where the MAC address is stored so as to facilitate the need for further broadcasting. A bridge uses a forwarding database to send frames across network segments.

Network Bridge Characteristic

Bridges have the following characteristic: Bridges Connect two media segments that use the same protocol Bridges examine the source address to determine the media segment of network devices Bridges operate at the data link layer of the OSI model Bridges maintain a table of devices address and their corresponding segments Each segment connected by a bridge can have the same network addressMessages within a media segment are prevented from crossing over to another segment

The Advantages of Network Bridge

Switches (which use the Network Bridge concept) in today industry replace the legacy Hubs devices to increase the performance of the LAN. Bridges prevent wasted bandwidth by eliminating unnecessary traffic between segments Bridges increase the maximum network length Bridges forward packets for multiple upper-layer protocols Bridges can link segments with dissimilar transmission media and media access methods

43

The Limitation Architecture of the Network Bridge

Besides the advantages, Network Bridges have the architecture limitation. Bridges cannot link multiple architecture because different frame types are used Bridges cannot translate upper-layer protocols Bridges cannot forward packets to different networks based on the network address. Networking routers are used for internetworking communications. Bridges do not filter broadcast packets

15) Routers:
Routers are physical devices that Fig 11: Router Connects LAN to Internet join multiple wired or wireless networks together. A hardware device designed to take incoming packets, analyzing the packets and then directing them to the appropriate locations, moving the packets to another network, converting the packets to be moved across a different network interface, dropping the packets, or performing any other number of other actions. Most routers use Network Address Translation (NAT) to determine the smartest path of a data packet to its destination. Routers are located at gateways, the places where two or more networks connect, and are the critical device that keeps data flowing between networks and keeps the networks connected to the Internet. When data is sent between locations on one network or from one network to a second network the data is always seen and directed to the correct location by the router. The router accomplishes this by using headers and forwarding tables to determine the best path for forwarding the data packets, and they also use protocols to communicate with each other and configure the best route between any two hosts. A network router will typically utilize one or more routing protocols, such as RIP, OSPF, or BGP. Routers also accept routes which are configured manually by a network administrator. Those routes are called static routes. The router will use this information to create a routing table.The network router will then use its routing table to make intelligent decisions about which packets to copy to which of its interfaces. This process is known as routing.

44

The routers determine where to send information from one computer to another. Routers are specialized computers that send your messages and those of every other Internet user speeding to their destinations along thousands of pathways. A router has two separate, but related, jobs: It ensures that information doesn't go where it's not needed. This is crucial for keeping large volumes of data from clogging the connections. It makes sure that information does make it to the intended destination. Advantages of a Router: In addition to packet forwarding, a router provides other services as well. To meet the demands on today's networks, routers are also used : To ensure steady, reliance availability of network connectivity. Routers use alternative parts in the case the primary part fails to the delivery of packets. To provide integrated services of data, video, and voice over wired and wireless networks. For security, router helps in mitigating the impact of worms, viruses, and other attacks on the network by permitting or denying the forwarding of packets. Configuring of various devices.

Fig 12: Router Connecting Two LANs:

16) Wireless network:

Over the past decade, WiFi / wireless networking has significantly grown in popularity. It is so widely used that it can be found in many homes, airports, cities, and schools world-wide. The popularity of WiFi is due to its low-cost and how easy it is to setup the network. This allows average consumers to setup networks anywhere that they have a internet connection. Also, the fact that it is almost impossible to buy a laptop that doesnt have a wireless card built into the screen will ensure that WiFis popularity continues to grow.. Wireless network refers to any type of computer network that is not connected by cables of any kind. It is a method by which telecommunications networks and enterprise (business), installations avoid the costly process of

45

introducing cables into a building, or as a connection between various equipment locations. Wireless telecommunications networks are generally implemented and administered using a transmission system called radio waves. This implementation takes place at the physical level (layer) of the network structure.

How Does a Wireless Network Work?

Wireless networks use radio frequency waves that are transmitted in the 2.4 GHz to 5 GHz spectrum that are very similar to television or cell phone signal transmissions. When your computer is connected to a wireless network, its wireless adapter will encode information into a radio signal and then transmit it using the wireless antenna that is normally built into the screen of new laptops. Wireless signals can also be received via an external antenna plugged into theUSB slot of a computer. The WiFi router for the network then receives this information, decodes it, and sends to the Internet through a wired, high-speed connection.

17) Wireless routers:

A wireless router is a device that performs the functions of arouter but also includes the functions of a wireless access point and a network switch. They are commonly used to allow access to the Internet or a computer network without the need for a cabled connection. It can function in a wired LAN (local Fig 13: D-Link Wireless area network), a wireless only LAN (WLAN), or a Router mixed wired/wireless network. Most current wireless routers have the following characteristics: LAN ports which function in the same manner as the ports of a network switchA WAN port to connect to a wide area network, typically one with Internet access. External destinations are accessed using this port. If it is not used, many functions of the router will be bypassed. Wireless antennae These allow connections from other wireless devices (NICs (network interface cards), wireless repeaters, wireless access points, and wireless bridges, for example), usually using the Wi-Fi standard.

46

18) Wireless Modem:

A wireless modem is a network device which connects to a wireless network. Modems are frequently associated with telephone systems, but wireless modems are used with computers to connect to the Internet. Connecting a wireless modem to the computer will directly connect to your wireless ISP (Internet Service Provider). Wireless modems operate at speeds comparable to dialup modems, not anywhere near the speed of broadband Internet connections.

19) NAT-Network Address Translation:

NAT allows an Internet Protocol (IP) network to maintain public IP addresses separately from private IP addresses. NAT is a popular technology for Internet connection sharing. In it's most common configuration, NAT maps all of the private IP addresses on a home network to the single IP address supplied by an Internet Service Provider (ISP). This allows computers on the home LAN to share a single Internet connection. Additionally, it enhances home network security by limiting the access of external computers into the home IP network space. NAT functionality is usually found on routers and other gateway devices at the network boundary.

20) Thin client:

Thin client is a general term used for the devices that rely on a server to proceed its operations. It offers a display device, keyboard and mouse and basic processing power for interacting with the web server. No storage devices are involved in it and have very thin features and roles; therefore it is termed as thin clients. No local storage is involved in case of a thin client therefore needs very less resources for processing. Users can even make use of their old personal computers that were left unused since decades, or a dedicated thin client device or even a cheap personal computer with an installation of thin client Operating system. Your expenditure can be significantly reduced as very limited processing power is required in turn offering an increased hardware life. Moreover, the recurring expenditure over administration, hardware/software maintenance, technical support, and hardware as well as data security can be greatly reduced in comparison to the old methods.

47

Advantages:
1. Make changes once and in one place Software installation, updating and removal is kept easier because its in one place. Keeping an eye on disk space, memory and processor usages is a lot easier on one machine than keeping an eye on 50 or more. Backing up is also a lot quicker and all important recovery is faster. Changes can be made quickly and rolled out across a wide distributed user base with no intervention from end users. 2. Take advantage of the unused load on your server Many servers and client PCs are often highly under-loaded. Virtual computing technology is taking huge advantage of this and thin clients can too. Take advantage of that unused load and save money from unnecessary equipment and make the most of the money you have spent. Savings can always be put back into the network by securing and enhancing the infrastructure making it even more reliable. 3. Make support and management easier See at a glance what user processes are running. There are tools out there that will do this across a traditional distributed network of workstations but it is much easier to see whats installed on just one machine making it easier to protect against software that shouldnt be installed. 4. Bring down the costs Bring down the cost of the equipment, the cost of repairs and the cost of support and other ongoing costs. New users can be quickly and easily added even if they are remotely based. 5. Security . Keeps data where it should be in a central location instead of it being dispersed around the network on different computers. Remote works can also benefit from rapid deployment of remote thin clients and the IT team can be safe in the knowledge that very little can happen to the home based workers.

Disadvantages:
1. The Server One of the main disadvantages of a thin client computer is the server itself. Since thin clients do not process anything or store any data on their own, they require a connection to a server to handle these tasks for them. Unlike a standard desktop computer, or thick client, should the server go down or suffer from hardware failure, all connected thin clients are affected, and they will not

48

work. Desktops, on the other hand, can still work in a local computing capacity without network resources should connected servers fail. 2. Network Bandwidth Issues Since thin clients require a connection to a server, they are also dependent on the networking infrastructure. Should the network suffer from bottlenecks, lags or outages, the thin clients work at a minimal capacity, if they can function at all. As with issues associated with the server going down, if thin clients lose their connection to the server due to a network outage, they will not work. 3. Lack of Multimedia Support Media-rich applications like audio and video require a great deal of network resources as well as computing power to play. With thin clients, computing power is shared among all the clients connected to the computer. Bandwidth used to deliver packets between the server and thin client is also shared between all connections. Due to these resources being at a premium in a thin-client setting, resource-rich multimedia applications do not run effectively on these machines.

21) Network Address:

A network address serves as a unique identifier for a computer on a network. When set up correctly, computers can determine the addresses of other computers on the network and use these addresses to send messages to each other. One of the best known form of network addressing is the Internet Protocol (IP) address. Another popular form of address is the Media Access Control (MAC) address.

a) IP Address:
. An Internet Protocol Address is the address of a device connected to a network. An IP Address can either be static or dynamic. (Server computers static addresses, Personal computer either static or dynamic IP address. Every machine on the network has a unique identifying number, called an IP Address. A typical IP address looks like this: 216.27.61.137The four numbers in an IP address are called octets. So each octet can contain any value between 0 and 255. The octets are used to create classes of IP addresses that can be assigned to a particular business, government or other entity based on size and need.

49

The octets are split into two sections: Net- The Net section always contains the first octet. It is used to identify the network that a computer belongs to. Host (Node)-identifies the actual computer on the network. The Host section always contains the last octet. There are five IP classes plus certain special addresses: 1. Class A - This class is for very large networks, such as a major international company might have. IP addresses with a first octet from 1 to 126 are part of this class. The other three octets are used to identify each host. 2. Class B - Class B is used for medium-sized networks. A good example is a large college campus. IP addresses with a first octet from 128 to 191 are part of this class. Class B addresses also include the second octet as part of the Net identifier. The other two octets are used to identify each host. 3. Class C - Class C addresses are commonly used for small to mid-size businesses. IP addresses with a first octet from 192 to 223 are part of this class. Class C addresses also include the second and third octets as part of the Net identifier. The last octet is used to identify each host. 4. Class D - Used for multicasts, Class D is slightly different from the first three classes. It has a first bit value of 1, second bit value of 1, third bit value of 1 and fourth bit value of 0. The other 28 bits are used to identify the group of computers the multicast message is intended for. 5. Class E - Class E is used for experimental purposes only. Like Class D, it is different from the first three classes. It has a first bit value of 1, second bit value of 1, third bit value of 1 and fourth bit value of 1. The other 28 bits are used to identify the group of computers the multicast message is intended for. b) MAC Address: The MAC address is a unique value associated with a network adapter. MAC addresses are also known as hardware addresses or physical addresses. They uniquely identify an adapter on a LAN. MAC addresses are 12-digit hexadecimal numbers (48 bits in length). By convention, MAC addresses are usually written in one of the following two formats: MM:MM:MM:SS:SS:SS OR MM-MM-MM-SS-SS-SS The first half of a MAC address contains the ID number of the adapter manufacturer. These IDs are regulated by an Internet standards body (see

50

sidebar). The second half of a MAC address represents the serial number assigned to the adapter by the manufacturer. In the example, 00:A0:C9:14:C8:29 The prefix 00A0C9 indicates the manufacturer is Intel Corporation and the rest is the serial number of the adapter. Why MAC Addresses? TCP/IP and other mainstream networking architectures generally adopt the OSI model. In this model, network functionality is subdivided into layers. MAC addresses function at the data link layer (layer 2 in the OSI model). They allow computers to uniquely identify themselves on a network at this relatively low level. MAC vs. IP Addressing MAC addressing works at the data link layer, IP addressing functions at the network layer (layer 3). It's a slight oversimplification, but one can think of IP addressing as supporting the software implementation and MAC addresses as supporting the hardware implementation of the network stack. The MAC address generally remains fixed and follows the network device, but the IP address changes as the network device moves from one network to another.

22) VOIP- Voice over Internet Protocol:

VoIP stands for Voice over Internet Protocol. It is also referred to as IP Telephony or Internet Telephony. It is another way of making phone calls, with the difference of making the calls cheaper or completely free. The phone part is not always present anymore, as you can communicate without a telephone set. VoIP has a lot of advantages over the traditional phone system. The main reason for which people are so massively turning to VoIP technology is the cost. VoIP is said to be cheap, but most people use it for free. Yes, if you have a computer with a microphone and speakers, and a good Internet connection, you can communicate using VoIP for free. This can also be possible with your mobile and home phone. There are many ways of using VoIP technology. It all depends on where and how you will be making the calls. It could be at home, at work, in your corporate network, during a travel and even on the beach. The way you make calls varies with the VoIP service you use.VoIP is Often Free The great thing about VoIP is that it taps additional value from the already existing infrastructure without additional costs. VoIP transmits the sounds you make over the standard Internet infrastructure, using the IP Protocol. This is how you can communicate without paying for more than your monthly Internet bill. Skype is the most popular example of services that allow you to make free

51

calls on your PC. There are many computer-based VoIP services out there, so many that you will have a difficult choice. You can also make free calls using traditional phones and mobile phones. See the different flavors of VoIP service that allow you to do this.

23) Firewall:
Firewall is essentially a filter. It is either a software program or hardware device used in computer systems to prohibit forbidden information for passing though, while allowing approved information. The communication which the firewall prevents from passing though could be hackers trying to gain access to your personal information stored on your computer. Fig 14: Shows a firewall between LAN and WAN

How do firewalls work?

The firewall inspects all the information which is passed over the system and determines if it is a threat or not based upon a variety of factors. It then stops all potential threats from passing through. The criteria which a firewall uses to determine whether or not information in a threat or not is carefully determined.

Need of a firewall on personal computer?

Firewalls are important for anyone with online security concerns. Firewalls can be used for businesses, known as a corporate firewall or by individuals, known as a personal firewall. It has long been known the firewalls are a necessity for businesses to protect their networks; however, the demand for personal firewalls has increased dramatically. The internet is full of individuals that are waiting for any signs vulnerability, looking to take advantage of holes in our computer's security. Whether they are looking to steal our private information, or damage our computer system, it is the firewall's job to make sure they are denied access. The firewall acts as our system's bouncer, making sure anyone you want to let in can pass without delay while stopping all the other creeps at the door or in this case port.

Hardware & Software Firewall:

There are two types of firewalls the Hardware Firewall and the Software Firewall. A Software Firewall is a software program and a Hardware Firewall is a piece of hardware. Both have the same objective of filtering communications over

52

a system. Systems can use a Hardware Firewall, a Software Firewall, or a combination of both.

What is a proxy?
A proxy is either a router or a computer system that creates a break in the link from the sender and receiver. All requests which are sent between the client and the server are processed through the proxy. There is no longer a direct connection between the client and internet as all requests are fielded by the proxy and the proxy can refuse access to any unauthorized communications.

What should your firewall be doing?

What are the most important points to focus on when choosing a firewall? A good firewall will ensure the security of ports that can be used to access your system. Your system should not just be protected from incoming communications; your firewall should also make sure personal information is not leaving your system unauthorized. Your firewall should be monitoring your system for any suspicious behavior. A firewall should not be slowing you down. It should not send you any unnecessary notices. Some of the things firewall cant prevent: E-mail viruses E-mail viruses are attached to e-mail messages. A firewall can't determine the contents of e-mail, so it can't protect you from these types of viruses. You should use an antivirus program to scan and delete suspicious attachments from an e-mail before you open it. Even when you have an antivirus program, you should not open an e-mail attachment if you're not positive it's safe. Phishing scams Phishing is a technique used to trick computer users into revealing personal or financial information, such as a bank account password. A common online phishing scam starts with an e-mail message that appears to come from a trusted source but actually directs recipients to provide information to a fraudulent website. Firewalls can't determine the contents of e-mail, so they can't protect you from this type of attack.

53

24) Antivirus:
A computer virus is a computer program that can copy itself and infect a computer without the knowledge or permission of the owner. A virus can only be spread from one computer to another through some form of executable codes. Viruses can be sent over a network, the Internet, floppy disk, CD, or USB drive. Viruses can increase changes of spreading to other computers by infecting files on a network system that is accessed by other computers. The term computer virus is used to include all types or malware such as computer viruses, trojan horses, most rootkits, spyware, dishonest adware, crimeware, and other malicious unwanted software. Since most computers are now connected to the Internet and local networks it is increasing the chance for spreading malicious virus codes. Computer viruses cause a number of symptoms such as: Computer programs taking longer to load than normal. The computer is slower than normal. Computer stops responding or freezes frequently. Computer crashes and restarts every few minutes. The computer does not run as usual. Applications on the computer do not work correctly. Disks or disk drives are inaccessible. Printing items is difficult. Error messages appear rapidly. Distorted menus and dialog boxes. Double extensions on attachments that you have already opened (jpg,vbs,gif, exe, and etc). Antivirus programs get disabled for no reason, and cannot be restarted. Antivirus programs will not start, and new programs cannot be installed. Strange sounds plays from the speakers unexpectedly. Programs disappear from the computer. These symptoms are common signs of computer virus infection, and they are also warning signs that you may be getting a computer virus. When you suspect that you are getting a computer virus there are many ways to take care of it. Before you can get a virus it is best to prevent them from getting into your computer by having a antivirus software.

54

Antivirus Software Antivirus software is used to prevent, detect, and remove malware and other computer viruses. Antivirus software systems detections involve searching for known malicious patterns in executable code. it is possible for a user to be infected with new viruses that have no sign or symptoms or existence. To counter this problem of zero day threats, antivirus systems can be used to detect these viruses when you don't even know that they are there. There are many different types of antivirus software that have been developed over the years. Original products were just scanners that would search through the hard disk looking for viruses. As viruses have become more common and difficult, the more antivirus software is being made to keep up with current virus issues. There are many different types of general virus scanners that are used on PCs today: Conventional Disk Scanner This is the stand virus check program. It can be ran upon the users request, and it scans the contents of the disks, directories or files that the users wants, for any boot sectors or files that contain viruses that it recognizes. These are usually ran manually by the user as a preventive maintenance activity or when they thing a virus is suspected. The user can schedule automatic scanning through the use of a program scheduler. Memory Resident Scanners An antivirus software that now come with a special program that sits in the background while youre using your computer and it automatically scans for viruses based on different triggers. These programs can automatically scan as they run or scan floppy disks when you command a shutdown of your system. This scanner offers increased protection and more chances of catching a virus before it does damage to your computer. Behavior Based Detection Some products offer an option where they will sit in memory and look for virus like behavior and suspicious activity. Behavior based detection is looking for the types of actions taken on files or boot sectors that might be performed by viruses trying to spread. This type of antivirus software will look for a trap, and will generically catch viruses red handed. Start up Scanners This type of antivirus scanner is designed to be run every time the PC is booted up. It performs a quick scan of the disks boot sectors and critical system files. the idea is to catch these viruses before the PC boots up reducing the chance of it to spread. Inoculation Instead of scanning for viruses this type of antivirus software looks for changes that the viruses make to files and boot sectors. With a clean system the software will get a snap shot of information in each boot sector about its content and size. Periodically it will re examine these files to see if anything has changed.

55

25) UTM-Unified Threat Management:

UTM solutions emerged out of the need to stem the increasing number of attacks on corporate information systems a hacking / cracking, viruses, worms - mostly an outcome of blended threats and insider threats. Data security and unauthorized employee access have become major business concerns for enterprises today. This is because malicious intent and the resultant loss of confidential data can lead to huge financial losses as well as corresponding legal liabilities.

Fig 15: Contents of UTM

How UTM secures the network?

A single UTM appliance makes it very easy to manage a company's security strategy, with just one device to worry about, one source of support and a single way to maintain every aspect of your security solution. The UTM can prove to be more effective a solution as its strength lies in the bundle of solutions which are integrated and designed to work together. Also from one single centralized console, all the security solutions can be monitored and configured. Thus it tweaks the solutions to perfection. In this context, UTMs represent all-in-one security appliances that carry a variety of security capabilities including firewall, VPN, gateway anti-virus, gateway antispam, intrusion prevention, content filtering, bandwidth management, application control and centralized reporting as basic features. The UTM is thus, a highly integrated quiver of security solutions, working in tandem that systematically provides network security to organizations. As there is a customized OS holding all these security features at one place, they tend to work in unison, providing a

56

very high throughput. The UTM can prove highly effective because its strength lies in the bundle of solutions which are integrated and designed to work together without treading on each others toes. For enterprises with remote networks or distantly located offices, UTMs are the only means to provide centralized security with complete control over their globally distributed networks. Enterprises, thus get zero-hour protection at branch offices against security attacks despite the lack of technical resources at these locations. Earlier, the enterprise security scenario was divided into traditional firewalls & targeted applications like Antivirus, Anti spam & Intrusion Detection Systems. . Fig 16: Previous view of security system However in 2004, a new trend emerged which combined multiple security features into one single hardware platforms thereby eliminating the need of machine to machine protection Since its inception, UTMs are one of the fastest growing segment in the security appliance sector.

Fig 17: Shows that UTM has replaced all security systems by one device

57

Why UTM? i. Reduced complexity: Single security solution. Single Vendor. Single AMC. ii. Simplicity: Avoidance of multiple software installation and maintenance, The integrated approach allows the administrator to worry about only one device, not the whole flurry of firewalls, antivirus & IDS/IPS. iii. Easy Management: Plug & Play Architecture, Web-based GUI for easy management. iv. Performance: Zero-hour protection without degrading the network performance v. Troubleshooting: Single point of contact 24 7 vendor support. vi. Reduced technical training requirements, one product to learn. vii. Cost effective.

26) IP Based Printer/ Network Printer:

Some printers, commonly known as network printers, have built-in network interfaces, typically wireless and/or Ethernet based, and can serve as a hard copy device for any user on the network. A network printer is shared by more than one computer. Network printing is having the ability to print over the network. In other words, you dont need to have the printer directly connected to your computer. For example, if you have your computer and youre sitting in your office and need to print to the printer at the front desk, you Fig 18: Network Printer dont need to send the document to the front desk computer or take your computer over to the printer and plug it in. Instead, because the front desk printer is on the network, you can simply click print, choose that printer, and print whatever it is you need to print over the network. A networked printer is a printer that is hooked up to your computer network with a network cable or with a wireless networking adapter. Networked printers have what is called a print server attached to them. The print server can be external to the printer, a plug-in JetDirect card, or built-in to the formatter of the printer.

58

27) IP Camera:
An Internet protocol camera, or IP camera, is a type of digital video camera commonly employed for surveillance, and which unlike analog closed circuit television (CCTV) cameras can send and receive data via a computer network and the Internet. Although most cameras that do this are webcams, the term "IP camera" is usually applied only to those used for surveillance. There are two kinds of IP cameras: Centralized IP cameras, which require a Fig 19:Cisco central Network Video Recorder (NVR) to PVC300 IP camera handle the recording, video and alarm management. Decentralized IP cameras, do not require a central Network Video Recorder (NVR), as the cameras have recording functionality built-in and can thus record directly to digital storage media, such as flash drives, hard disk drives or network attached storage.

Potential advantages:
Two-way audio via a single network cable allows users to communicate with what they are seeing (e.g. gas station clerk assisting a customer on how to use the prepay pumps) Higher image resolution: IP cameras have a resolution of at least 640x480 and can provide multi-megapixel resolution and HDTV image quality at 30 frames per second. Flexibility: IP cameras can be moved around anywhere on an IP network (including wireless). Distributed intelligence: with IP cameras, video analytics can be placed in the camera itself allowing scalability in analytics solutions. Transmission of commands for PTZ (pan, tilt, zoom) cameras via a single network cable. Encryption & authentication: IP cameras offer secure data transmission through encryption and authentication methods . Remote accessibility: live video from selected cameras can be viewed from any computer, anywhere, and also from many mobile smart phones and other devices. Cost-advantage for larger systems. Studies show that for systems with fewer than 16 cameras, analog technology is cheaper, between 16 and 32 they are equal, and beyond 32 cameras, IP-based systems are more costeffective.

59

IP cameras are able to function on a wireless network. Initial configuration has to be done through a router; after the IP camera is installed it can then be used on the wireless network. These cameras are used in navigation purpose in defense forces. PoE - Power over Ethernet. Modern IP cameras have the ability to operate without an additional power supply. They can work with the PoE-protocol which gives power via the Ethernet-cable.

Potential disadvantages: Higher initial cost per camera, except where cheap webcams are used. (Note - IP cameras are becoming cheaper as demand increases and are already available below 50usd and compete favorably with analogue cameras). High network bandwidth requirements: a typical CCTV camera with resolution of 640x480 pixels and 10 frames per second (10 frame/s) in MJPEG mode requires about 3 Mb/s. Technical barrier. Most security systems including both CCTV and IP camera systems may require a professional technician to install the system, although a competent person can install an IP camera very easily, depending on make. As with a CCTV/DVR system, if the video is transmitted over the public Internet rather than a private IP LAN, the system becomes open to hacking and hoaxing via internet. Criminals can hack into a CCTV system to observe security measures and personnel, thereby facilitating criminal acts and rendering the IP technology counterproductive.

28) Optic Fibre Cable

Fiber-optic lines are strands of optically pure glass as thin as a human hair that carry digital information over long distances. They are also used in medical imaging and mechanical engineering inspection. Fiber optics (optical fibers) are long, thin strands of very pure glass about the diameter of a human hair. They are arranged in bundles called optical cables and used to transmit light signals over long distances. It consists of the following parts: 1. Core - Thin glass center of the fiber where the light travels 2. Cladding - Outer optical material surrounding the core that reflects the light back into the core

60

3. Buffer coating - Plastic coating that protects the fiber from damage and moisture Hundreds or thousands of these optical fibers are arranged in bundles in optical cables. The bundles are protected by the cable's outer covering, called a jacket. Optical fibers come in two types: 1. Single-mode fibres 2. Multi-mode fibres

Transmission Of Light In Optic Fiber:

Fig 20: Diagram of total internal reflection in an optical fiber

The light in a fiber-optic cable travels through the core (hallway) by constantly bouncing from the cladding (mirror-lined walls), a principle called total internal reflection. Because the cladding does not absorb any light from the core, the light wave can travel great distances. However, some of the light signal degrades within the fiber, mostly due to impurities in the glass. The extent that the signal degrades depends on the purity of the glass and the wavelength of the transmitted light (for example, 850 nm = 60 to 75 percent/km; 1,300 nm = 50 to 60 percent/km; 1,550 nm is greater than 50 percent/km). Some premium optical fibers show much less signal degradation -- less than 10 percent/km at 1,550 nm.

Advantages of Fiber Optics

Some advantages of optical fibers are: 1. Less expensive - Several miles of optical cable can be made cheaper than equivalent lengths of copper wire. This saves your provider (cable TV, Internet) and you money. 2. Thinner - Optical fibres can be drawn to smaller diameters than copper wire. 3. Higher carrying capacity - Because optical fibres are thinner than copper wires, more fibres can be bundled into a given-diameter cable than copper wires. This allows more phone lines to go over the same cable or more channels to come through the cable into your cable TV box. 4. Less signal degradation - The loss of signal in optical fibre is less than in copper wire.

61

5. Light signals - Unlike electrical signals in copper wires, light signals from one fiber do not interfere with those of other fibers in the same cable. This means clearer phone conversations or TV reception. 6. Low power - Because signals in optical fibers degrade less, lower-power transmitters can be used instead of the high-voltage electrical transmitters needed for copper wires. Again, this saves your provider and you money. 7. Digital signals - Optical fibers are ideally suited for carrying digital information, which is especially useful in computer networks. 8. Non-flammable - Because no electricity is passed through optical fibers, there is no fire hazard. 9. Lightweight - An optical cable weighs less than a comparable copper wire cable. Fiber-optic cables take up less space in the ground. 10. Flexible - Because fiber optics are so flexible and can transmit and receive light, they are used in many flexible digital cameras for the following purposes: 11. Medical imaging - in bronchoscopes, endoscopes, laparoscopes 12. Mechanical imaging - inspecting mechanical welds in pipes and engines (in airplanes, rockets, space shuttles, cars) 13. Plumbing - to inspect sewer line.

29) RJ45 vs. CAT5 :.

RJ45 is the electrical interconnection standard that defines the connector and how the wires are arranged at the end of the cable while CAT5 is a standard regarding Ethernet cables. RJ45, with the acronym RJ standing for registered jack, started out as an interconnection standard intended for telephones and looks pretty much like a bigger version of the RJ11 used in our landlines. It never saw widespread use in telephony but has flourished Fig 21: Rj45 Cable and in computer networking where it became the standard connector for wired networking. Some homes do have RJ45 wall outlets but these are often used to connect VoIP phones rather than for connecting a laptop. CAT5, a common contraction for category 5, is a classification of cables that are used for Ethernet networks. A single CAT5 cable contains four twisted pairs of color coded cables. The twisting of the wires reduces the amount of crosstalk and cancels out EMI. CAT5 cables rely on the twisting for noise reduction and are not shielded. This can be problematic in some areas where electrical noise is great. CAT5, or to be more accurate

62

So, RJ45 and CAT5 are two parts of wired networking that are non-competing. RJ45 dictates how the cables are wired while CAT5 dictates the maximum speed you can attain with the cables used. CAT5 is easily replaceable and that is whats basically happening in certain parts of the world. RJ45 is more difficult to replace as that is whats being used by hardware manufacturers around the world; and, there is really no reason to replace RJ45. 1. RJ45 is the electrical interconnection standard while CAT5 is the cable standard. 2. RJ45 dictates with what you can use the cable for while CAT5 determines how large a bandwidth you have.

Fig 22: cat 5 cable and connector

CAT5e, cables are currently the ones that are being used in most networks nowadays. It provides adequate bandwidth for the 100mbps connections of LAN cards. Due to ever increasing network speeds and the need to be prepared for future technologies, it is slowly being replaced by CAT6 cables though as CAT5 is inadequate for gigabit speeds. Maximum length of cat 5 cable 328 feets(100 metres) and 2800 m with four repeaters

30) Copper Wire:

The attractive properties which made copper so useful then - good corrosion resistance, attractive colour, excellent workability and good mechanical properties - are relevant today and, in addition, copper has the best electrical and thermal conductivity of any commercial metal. Today, over half of the copper produced is used in electrical and electronic applications and this leads to a convenient classification of the types of copper into: electrical (high conductivity) Non-electrical (engineering). The low hardness of copper partly explains its high electrical 6 (59.610 S/m) and thus also high thermal conductivity, which are the second highest among pure metals at room temperature Properties of Copper An excellent electrical conductor tough

63

 An excellent thermal conductor corrosion resistant anti-bacterial easily joined ductile

non-magnetic an attractive colour easy to alloy recyclable catalytic

Table 1: Properties of Copper

Electrical conductivity
Copper has the best electrical conductivity of any metal, except silver. A good electrical conductivity is the same as a small electrical resistance.

30) Satellite Communication:

A Satellite is a solid object which revolves around some heavenly body due to the effect of gravitational forces which are mutual in nature. . A satellite communications system uses satellites to relay radio transmissions between earth terminals. The two types of communications satellites are ACTIVE and PASSIVE. . A passive satellite only reflects received radio signals back to earth. An active satellite acts as a REPEATER; it amplifies signals received and then retransmits them back to earth .This increases signal strength at the receiving terminal to a higher level than would be available from a passive satellite.

Fig 23: Satellite Communication

64

How do satellites work?

Two Stations on Earth want to communicate through radio broadcast but are too far away to use conventional means. The two stations can use a satellite as a relay station for their communication. A typical operational link involves an active satellite and two or more earth terminals. One station transmits to the satellite on a frequency called the UPLINK frequency. The satellite then amplifies the signal, converts it to the DOWNLINK frequency, and transmits it back to earth. The signal is next picked up by the receiving terminal. One Earth Station sends a transmission to the satellite. This is called a Uplink. The satellite Transponder converts the signal and sends it down to the second earth station. This is called a Downlink. The advantages of satellite communication over terrestrial communication are: The coverage area of a satellite greatly exceeds that of a terrestrial system. Transmission cost of a satellite is independent of the distance from the center of the coverage area. Satellite to Satellite communication is very precise. Higher Bandwidths are available for use. Very good for file and data transfer. The disadvantages of satellite communication: Launching satellites into orbit is costly. Satellite bandwidth is gradually becoming used up. There is a larger propagation delay in satellite communication than in terrestrial communication. Time consuming. Not fit for voice transfer. Equipments used in SATELLITE communication: Satellite modem EMR: The Edge Media Router (EMR) series of satellite receivers and routers are versatile and powerful networking platforms that receive and manage content at the network edge for small office/home office (SOHO), enterprise, government agency and service provider deployments. The EMR series provides a complete satellite Internet solution. RFT: Frequency transmitter and Receiver SSPA: A solid state power amplifier (SSPA) is a transmitter power amplifier that uses semiconductor devices (transistors) for all

65

amplification. In a transmitter, a power amplifier is used to drive the antenna. LNA: Low-noise amplifier (LNA) is an electronic amplifier used to amplify very weak signals. Feed Horn: The feedhorn is the part of a satellite dish system which gathers the reflected signal from the dish and focuses it towards the LNB.

31) Protecting the Receiver:

Receiver is the receiving end of a communications channel. If you experience erratic behavior that seems like a radio glitch, it could be from receiver damage. Fuel, oil, water, snow, mud, and even a spilled soda can seep into the receiver and create malfunctions that cause erratic behavior or permanent damage. Vibration from normal operation or, especially, a sudden jolt (such as from a crash, a hard landing after a jump, or being dropped) can dislodge the crystal or knock antenna wires loose causing erratic behavior or make the RC stop working entirely. One specific way to protect your receiver from both moisture and the effects of vibration is using a receiver cover or balloon. Use a Receiver Cover or Balloon A fitted receiver cover helps protect the receiver from moisture and may provide a small amount of vibration protection. If your RC didn't come with a cover you can purchase one, or just use a balloon. A simple balloon (yes, like you blow up for parties or use as water balloons) over the receiver is an inexpensive way to protect the receiver from damage. Use a zip tie to seal the open end of the balloon. Many types of wireless devices make use of RF fields. Cordless and cellular telephone, radio and television broadcast stations, satellite communications systems, and two-way radio services all operate in the RF spectrum. Some wireless devices operate at IR or visible-light frequencies, whose electromagnetic wavelengths are shorter than those of RFfields. Examples include most television-set remote-control boxes, some cordless computer keyboards and mice, and a few wireless hi-fi stereo headsets. The RF spectrum is divided into several ranges, orbands. With the exception of the lowest-frequency segment, each band represents an increase of frequency corresponding to an order of magnitude (power of 10). The table depicts the eight bands in the RF spectrum, showing frequency and bandwidth ranges. TheSHF and EHFbands are often referred to as the microwave spectrum.

66

32) Antenna:
An antenna (or aerial) is an electrical device which couples radio waves in free space to an electrical current used by a radio receiver or transmitter. In reception, the antenna intercepts some of the power of an electromagnetic wave in order to produce a tiny voltage that the radio receiver can amplify. Alternatively, a radio transmitter will produce a large radio frequency current that may be applied to the terminals of the same antenna in order to convert it into an electromagnetic wave (radio wave) radiated into free space. Antennas are thus essential to the operation of all radio equipment, both transmitters and receivers. They are used in systems such as radio and television broadcasting, two-way radio, wireless LAN, mobile telephony, radar, and satellite communications.

33) VPN-Virtual Private Networks:

A VPN utilizes public telecommunications networks to conduct private data communications. Most VPN implementations use the Internet as the public infrastructure and a variety of specialized protocols to support private communications through the Internet. VPN follows a client and server approach. VPN clients authenticate users, encrypt data, and otherwise manage sessions with VPN servers utilizing a technique called tunneling. VPN clients and VPN servers are typically used in these three scenarios: 1. To support remote access to an intranet, 2. To support connections between multiple intranets within the same organization, and 3. To join networks between two organizations, forming an extranet. VPN servers can also connect directly to other VPN servers. A VPN server-toserver connection extends the intranet or extranet to span multiple networks.

Types of VPN Tunneling:

VPN supports two types of tunneling - voluntary and compulsory. Both types of tunneling are commonly used. In voluntary tunneling, the VPN client manages connection setup. The client first makes a connection to the carrier network provider (an ISP in the case of Internet VPNs). Then, the VPN client application creates the tunnel to a VPN server over this live connection. In compulsory tunneling, the carrier network provider manages VPN connection setup. When the client first makes an ordinary connection to the

67

carrier, the carrier in turn immediately brokers a VPN connection between that client and a VPN server. From the client point of view, VPN connections are set up in just one step compared to the two-step procedure required for voluntary tunnels. VPN offers two main advantages over alternative technologies: cost savings, and network scalability. To the clients accessing these networks, VPNs also bring some benefits of ease of use.

Cost Savings with a VPN: A VPN can save an organization money in

several situations: eliminating the need for expensive long-distance leased lines reducing long-distance telephone charges offloading support costs

VPN Network Scalability:

The cost to an organization of building a dedicated private network may be reasonable at first but increases exponentially as the organization grows. nternet based VPNs avoid this scalability problem by simply tapping into the the public lines and network capability readily available. Particularly for remote and international locations, an Internet VPN offers superior reach and quality of service.

Fig 24 : VPN Network

68

34)
TCP

Comparison between TCP and UDP:

UDP

Reliability: TCP is connection-oriented Reliability: UDP is connectionless protocol. protocol. When a file or message send it will When you a send a data or message, you don't get delivered unless connections fails. If know if it'll get there, it could get lost on the way. connection lost, the server will request the lost There may be corruption while transferring a part. There is no corruption while transferring a message. message. Ordered: If you send two messages along a Ordered: If you send two messages out, you connection, one after the other, you know the don't know what order they'll arrive in i.e. no first message will get there first. You don't have ordered to worry about data arriving in the wrong order. Heavyweight: - when the low level parts of the Lightweight: No ordering of messages, no TCP "stream" arrive in the wrong order, resend tracking connections, etc. It's just fire and forget! requests have to be sent, and all the out of This means it's a lot quicker, and the network sequence parts have to be put back together, card / OS have to do very little work to translate so requires a bit of work to piece together. the data back from the packets. Streaming: Data is read as a "stream," with Datagrams: Packets are sent individually and nothing distinguishing where one packet ends are guaranteed to be whole if they arrive. One and another begins. There may be multiple packet per one read call. packets per read call. Examples: World Wide Web (Apache TCP port Examples: Domain Name System (DNS UDP 80), e-mail (SMTP TCP port 25 Postfix MTA), port 53), streaming media applications such as File Transfer Protocol (FTP port 21) and IPTV or movies, Voice over IP (VoIP), Trivial File Secure Shell (OpenSSH port 22) etc. Transfer Protocol (TFTP) and online multiplayer games etc Speed of transfer: The speed for TCP in Speed of transfer :UDP is faster because there comparison with UDP is slower. is no error-checking for packets.

Header Size: TCP header size is 20 bytes.

Header Size: UDP Header size is 8 bytes.

Function: As a message makes its way across Function: UDP is also a protocol used in the internet from one computer to another. This message transport or transfer. This is not is connection based. connection based which means that one program can send a load of packets to another and that would be the end of the relationship.

Table 2: Comparison between TCP and UDP

69

35) Ports:
In TCP/IP and UDP networks, a port is an endpoint to a logical connection and the way a client program specifies a specific server program on a computer in a network. Some ports have numbers that are preassigned to them by the IANA (Internet Assigned Numbers Authority). Port numbers range from 0 to 65536, but only ports numbers 0 to 1024 are reserved for privileged services and designated as well-known ports. Any server machine makes its services available to the Internet using numbered ports, one for each service that is available on the server. For example, if a server machine is running a Web server and an FTP server, the Web server would typically be available on port 80, and the FTP server would be available on port 21. Clients connect to a service at a specific IP address and on a specific port. Each of the most well-known services is available at a well-known port number. Here are some common port numbers: If the server machine accepts connections on a port from the outside world, and if a firewall is not protecting the port, you can connect to the port from anywhere on the Internet and use the service

S.No 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

NAME FTP SSH Telnet SMTP DNS BOOTP TFTP HTTP POP3 NNTP NTP SNMP LDAP RIP DHCP WINS L2TP PPTP RADIUS

Port Number 20/21 22 23 25 53 67/68 69 80 110 119 123 161 389 520 546/547 1512 1701 1723 1812/13

Table 3: Well Known Port Numbers

70

36) Routing Information Protocol (RIP):

The Routing Information Protocol (RIP) provides the standard IGP protocol for local area networks, and provides great network stability, guaranteeing that if one network connection goes down the network can quickly adapt to send packets through another connection. What makes RIP work is a routing database that stores information on the fastest route from computer to computer, an update process that enables each router to tell other routers which route is the fastest from its point of view, and an update algorithm that enables each router to update its database with the fastest route communicated from neighboring routers: Database. Each RIP router on a given network keeps a database that stores the following information for every computer in that network: o IP Address. The Internet Protocol address of the computer. o Gateway. The best gateway to send a message addressed to that IP address. o Distance: The number of routers between this router and the router that can send the message directly to that IP address. o Route change flag. A flag that indicates that this information has changed, used by other routers to update their own databases. o Timers. Various timers.

37) OSPF-Open Shortest Path First:

OSPF is an interior gateway protocol that routes Internet Protocol (IP) packets solely within a single routing domain (autonomous system). It gathers link state information from available routers and constructs a topology map of the network. The topology determines the routing table presented to the Internet Layer which makes routing decisions based solely on the destination IP address found in IP packets. OSPF detects changes in the topology, such as link failures, very quickly and converges on a new loop-free routing structure within seconds. It computes the shortest path tree for each route The link-state information is maintained on each router as a link-state database (LSDB) which is a tree-image of the entire network topology. Identical copies of the LSDB are periodically updated through flooding on all OSPF routers.

71

38)

Border Gateway Protocol:

The Border Gateway Protocol (BGP) is the routing protocol used to exchange routing information across the Internet. It makes it possible for ISPs to connect to each other and for end-users to connect to more than one ISP. BGP is the only protocol that is designed to deal with a network of the Internet's size, and the only protocol that can deal well with having multiple connections to unrelated routing domains. BGP4 provides a set of mechanisms for supporting Classless Inter-Domain Routing (CIDR) defined in RFC 4632. These mechanisms include support for advertising a set of destinations as an IP prefix and eliminating the concept of network "class" within BGP. BGP version 4 also introduces mechanisms which allow aggregation of routes, including aggregation of AS paths. Routing information exchanged via BGP supports only the destination-based forwarding paradigm, which assumes that a router forwards a packet based solely on the destination address carried in the IP header of the packet. This, in turn, reflects the set of policy decisions that can (and cannot) be enforced using BGP.BGP can support only the policies conforming to the destinationbased forwarding paradigm. A unique AS number (ASN) is allocated to each AS for use in BGP routing. The numbers are assigned by IANA and the Regional Internet Registries (RIR), the same authorities that allocate IP addresses. There are public numbers, which may be used on the Internet and range from 1 to 64511, and private numbers from 64512 to 65535, which can be used within an organization.

39)

Telnet:

Telnet is an old computer protocol (set of programmatic rules). Telnet is famous for being the original Internet when the Net first launched in 1969. Telnet stands for 'telecommunications network', and was built to be form of remote control to manage mainframe computers from distant terminals. In those original days of large mainframe computers, telnet enabled research students and professors to 'log in' to the university mainframe from any terminal in the building. This remote login saved researchers hours of walking each semester. While telnet pales in comparison to modern networking technology, it was revolutionary in 1969, and telnet helped pave the way for the eventual World Wide Web in 1989. While telnet technology is very old, it is still in some use today by purists.Telnet has evolved into a new modern version of remote control called 'SSH', something that many modern network administrators use today to manage linux and unix computers from a distance. Telnet is a text-based computer protocol. Unlike Firefox or Google Chrome

72

screens, telnet screens are very dull to look at. Very different from Web pages that sport fancy images, animation, and hyperlinks, telnet is about typing on a keyboard. Telnet commands can be rather cryptic commands, with example commands being 'z' and 'prompt% fg'. Most modern users would find telnet screens to be very archaic and slow. A terminal emulation that enables a user to connect to a remote host or device using a telnet client, usually over over port 23. For example, typing telnet hostname would connect a user to a host named hostname. Telnet enables a user to manage an account or device remotely. For example, a user may telnet into a computer that hosts their website to manage his or her filesremotely. The image to the right is an example of what a telnet session may look like. As can be seen from the example to the right a telnet session is a command line interface. Telnet is considered insecure because it transfers all data in clear text. Which means if a user was sniffing a network, it's very possible they could easily grab your username andpassword as they were being transmitted. Users who are concerned about the data being transmitted should consider SSH as opposed to telnet.

40) HTTP
HTTP (Hypertext Transfer Protocol) is the set of rules for transferring files (text, graphic images, sound, video, and other multimedia files) on the World Wide Web. As soon as a Web user opens their Web browser, the user is indirectly making use of HTTP. HTTP is an application protocol that runs on top of the TCP/IP
suite of protocols (the foundation protocols for the Internet). HTTP concepts include (as the Hypertext part of the name implies) the idea that files can contain references to other files whose selection will elicit additional transfer requests. Any Web server machine contains, in addition to the Web page files it can serve, an HTTP daemon, a program that is designed to wait for HTTP requests and handle them when they arrive. Your Web browser is an HTTP client, sending requests to server machines. When the browser user enters file requests by either "opening" a Web file (typing in a Uniform Resource Locator or URL) or clicking on a hypertext link, the browser builds an HTTP request and sends it to the Internet Protocol address (IP address) indicated by the URL. The HTTP daemon in the destination server machine receives the request and sends back the requested file or files associated with the

request. (A Web page often consists of more than one file). The latest version of HTTP is HTTP 1.1.

73

Chapter 4: Observation and Findings

74

From this research I came to know some things which are as follows:
4.1 Need of networking in Organization: i. Organization needs intercommunication between departments, units and between other organizations. ii. Provide Internet connection throughout the premises. iii. Maintain common data storage for all. 4.2 Advantage of VPN: A VPN can save organizations money by eliminating the need for expensive long-distance leased lines and reducing long-distance telephone charges, improved security through encryption. 4.3 Latest technology like UTM and NAS are very useful and cost effective in setting up of an effective network system. 4.4 Hubs have become obsolete because of its disadvantages and switches have taken its place. 4.5 Layer 3 switches or Managed switches have the capability of routing. So in the same network, routers are not necessary, but for connecting two different networks routers are must. 4.6 Layer 3 switches are of great use for an organization, it enables us to create virtual LANs in a network, also traffic control and control over access of network. 4.7 Almost every home, organization prefers wireless access points for connecting devices over network. 4.8 Cisco routers although having great features, are avoided, due to no service centers and engineers available when needed. 4.9 For using VOIP layer 3 switches are must.

75

4.10 Network design:

Fig 25: Full View of the network design for an organization

This network setup satisfies a very basic need of communication and information sharing of any big or small organization. As we have already seen the requirements of an organization, so to fulfill that need, this setup is designed with the latest gadgets available. Specific purpose gadgets are not included in the diagram, it just show the most common needs that any enterprise would want to have in their setup in order to communicate and share the information in and around. Setup consists of two network connections-Virtual Private Network, especially for direct communication with the company server, and other internet connection through an ISP.
Lets say, in our setup, head office is the main office of Royal Enfield Bullets, and the branch is OM Sai Automobiles, in Raipur. Branch deals with the workshop, 5 bullets showroom and spare parts shop. So Om Sai Automobiles wants itself always connected with the main office, so that it can be updated 24x7 with whats happening in the Royal Enfield, What are new offers, new technology, any other information, etc. Also

head office also wants to maintain a continuous check on the branch offices.

76

Therefore a VPN (mechanism for providing secure, reliable transport over Internet) is established between any two branches, head office and branch office or all the royal Enfield offices are connected to each other. This way they maintain their own private network through public network. Thus VPN is helpful: 1. To support remote access to an intranet 2. To support connections between multiple intranets within the same organization, 3. To join networks between two organizations, forming an extranet. VPN is established by the ISP, but maintenance can be done by the company itself or it can give this task to sum third party. Company contacts to its ISP to create a VPN connection between various offices, then ISP creates VPN connection through world wide web. As we can see in the diagram, OFC (optical fiber cable) comes to the ISP exchange. Here OFC converts to copper cable which reaches to the branch offices premises. Cable reaches to NOC-Network Operation centre. It is the room which is maintained at very cool temperature because this room consists of all important gadgets like router, switch, modems, server computers etc. Copper cable is attached to a small device known as OFC to Fiber Media converter. This device converts the copper cable to fast Ethernet cable-cat5 cable/cat6 (whichever is required) and vice-versa. Then cable goes to routers
LAN port (here we have taken Cisco 1721 router).Then router is connected to a device Unified Threat management, which represents all-in-one security appliances that carry a variety of security capabilities including firewall, VPN, gateway anti-virus, gateway anti-

spam, intrusion prevention, content filtering, bandwidth management, application control and centralized reporting as basic features.
From the UTM (a device which is a combination of applications like Antivirus, Anti spam & Intrusion Detection Systems) cables goes to the uplink port of switch (here, we are using Cisco 2950 catalyst series Managed switch).Switch connects different network devices and terminals. All the terminals are now in Virtual Private Network.

This was VPN connection (private network), an organization also needs an internet connection (public network).For this purpose we have taken an internet connection through an ISP. Internet can be taken through a telephone connection. Telephone line is connected to DSL Cable Modem Router (a device which has function of both a modem and a router).Then Ethernet cable goes to the UTM device and then to the servers LANcard .Server is connected to one of the switchs port. Since we need both VPN as well as public Internet connection work simultaneously, we attach two LAN cards to server.LANcard2 is connected to modem (which gives public internet connection) and LANcard1 connects with the switch for VPN connection.

77

But DNS gateway is to be set for both the connections, for this purpose. Suppose IP address of DSL modem Router is 172.16.3.1, LANcard1: 192.16.3.1, LANcard: 172.16.3.2. So IP address of the devices attached to the switch, must be set to 192.16.3.2, 192.16.3.3, 192.16.3.4 and so on. This will enable the VPN connection throughout the network. In order to set internet settings we need to add one more IP address in DNS tab for every device, but gateway will be same for everyone. Lets say as LANcard2 :172.16.3.2,so other devices (in DNS tab) add more and IP address can be set to:172.16.3.3, 172.16.3.4, 172.16.3.5 and so on, but gateway will be set to same as LANcard2s IP address. (In Windows, to configure TCP/IP settings) 1. Control panel --> open Network Connections. 2. Right-click the connection that you want to change, and then click Properties. If you are prompted for an administrator password or confirmation, type the password or provide confirmation. 3. Click the Networking tab. Under This connection uses the following items, click either Internet Protocol Version 4 (TCP/IPv4) or Internet Protocol Version 6 (TCP/IPv6), and then click Properties. 4. To specify IPv4 IP address settings, do one of the following: o To obtain IP settings automatically, click Obtain an IP address automatically, and then click OK. o To specify an IP address, click Use the following IP address, and then, in the IP address, Subnet mask, and Default gateway boxes, type the IP address settings. 5. To specify IPv6 IP address settings, do one of the following: o To obtain IP settings automatically, click Obtain an IPv6 address automatically, and then click OK. o To specify an IP address, click Use the following IPv6 address, and then, in the IPv6 address, Subnet prefix length, and Default gateway boxes, type the IP address settings. 6. To specify DNS server address settings, do one of the following: o To obtain a DNS server address automatically, click Obtain DNS server address automatically, and then click OK. o To specify a DNS server address, click Use the following DNS server addresses, and then, in the Preferred DNS server and Alternate DNS server boxes, type the addresses of the primary and secondary DNS servers. 7. To change DNS, WINS, and IP settings, click Advanced.

78

Switch connection

Fig 26: Connection of devices to switch

Now lets us see, how devices are connected to the switch. Generally first and last ports of switch are uplink port, and in some cases it is given separately. So the cable which comes from UTM is attached to the uplink port of the switch. This will enable the switch to use VPN. Cisco 2950 Managed switch has 24 ports. It is divided into 3 blocks each consists of 8 ports. Managed switch is used because it lets us prioritize the traffic traveling across our network so that the most important information gets through first. In addition, we can control who has access to our network. With a managed switch, we can configure, manage, and monitor our network. Managed switches use SNMP (Simple Network Management Protocol) to show how well our network is running and if any of the devices on our network are broken or failing. SNMP also provides remote management capabilities, enabling us to make changes to the devices on our network and repair any problems

79

through the Web-based interface, without having to directly connect to the switch itself. Managed switches also provide redundancy and VLAN (virtual LAN) capabilities to help improve our networks performance. Redundancy allows the switch to keep network traffic flowing even if a network connection fails. In other words, our network wont go down. VLANs let us create groups within our company to isolate different kinds of traffic on the network. For example, we can segment traffic between finance and sales groups so that mission-critical financial information has priority over sales data. VLANs also provide an additional layer of security by letting us hide sensitive company information from guests we have allowed accessing our network. Finally, a managed switch can support us as our business and technology needs grow. For example, if we decide to adopt an IP-based phone system(VOIP), having a managed switch with QOS (Quality of Service) support allows us to assign a higher priority to voice traffic so that call quality isnt affected by other traffic on our network. Additionally, a managed switch that includes secure wireless connectivity lets you add usersemployees and gueststo your network at any time and allow them to access your network and the Internet from any office or conference room in the building. After uplink port is connected, rest of the ports can be connected to the devices that are required. In this setup, we are using WIFI Modem(for wireless devices, mobile phones .and guests who come to our premises), Network Attached Storage(new method of utilizing computer networks for data storage),an IP based Telephone (VOIP-through this calls can be made to other office free of cost), a network Printer(Network printing is having the ability to print over the network), IP based camera(for surveillance ), unmanaged switch(which is used for connecting number of network devices) and computers. For wireless communication terminals need to install a network adapter and their driver in the same terminals while today almost all the computers have an inbuilt network adapter. Here we have divided the devices in 4 parts- finance, sales, inventory & workshop and owner & billing section. We havent created any VLANs; we can create it by configuring the switch. Every section needs different types of devices. And according to the need, devices are attached. An unmanaged switch has fewer features than its managed counterpart, so it requires little technical know-how to add to network. Theres no software to install and nothing to configure, making an unmanaged switch ideal for small

80

businesses that are just getting their network started or that have no in-house IT support. Unmanaged switches have a fixed configuration and are ready to communicate with PCs, network printers, and other devices right out of the box. All we have to do is plug in the switch, connect computers and other devices to it, and connect the switch to the Internet. Thats all there is to it. Therefore we have used two unmanaged switches to connect two groups of devices. More unmanaged switch can be added as and when required.

81

Chapter 5: Analysis

82

Analysis based on the interview conducted

1. The basic purpose of networking is intercommunication between departments, units. It helps in sharing information within the organization. Also a great way to have centralized data storage. 2. Wireless connections are used as today almost everybody use and prefer mobile devices. 3. Routers are used for connecting two different networks. Different organization use different brands routers as per their requirement and ease if availability. 4. Managed switches are preferred over unmanaged switches or hub because of their great features like ease of control over traffic and access. It has also been found that, in spite of Ciscos great features they are avoided, as there are no service centers available easily. 5. Equipments like IP based Camera, Network Printer, Printer + Scanner, IP based Telephones, UTM devices, Wireless Routers. Wireless Modems, DSL cable modem router, Centralized server are most common in use. 6. NAS is still in proposed state. Organizations have started planning for NAS. 7. Wireless networks are preferred over cabled network. Since wireless networks need a very little of cable work thereby making a clean and tidy network. 8. Firewalls are used for protecting the network against viruses and unauthorized access. Both hardware and software are in use.UTM are also used in some organizations. 9. Some companies have VPN connection, in order to maintain communication with their head offices. Almost every organization have intranet for internal communication. 10. System administrators are in search of more capable devices which should be easier to configure and manage. And it should also cost less.

83

Chapter 6: Recommendations

84

After carrying out the whole research process following things are recommended for an organizations network setup:
6.1 As we have found that hubs have been an obsolete technology ,so use of switches are much effective and efficient. 6.2 For large organizations UTM devices must be used as its advantages lies in the fact that rather than administering multiple systems that individually handle antivirus, content filtering, intrusion prevention and spam filtering functions, organizations now have the flexibility to deploy a single UTM appliance that takes over all their functionality into a single rack mountable network appliance. 6.3 IP based telephones (VOIP) should be used for making calls between two branches or two offices, as it is very cost effective.

6.4 Network Attached Storage is the new terminology which proves to be very helpful for data storage over network.

6.5 IP based camera must be used for surveillance, it has a great advantage that monitoring can be done from any part of the world.

6.6 Layer 3 Managed switches must be used because it lets us

prioritize the traffic traveling across our network so that the most important information gets through first. In addition, we can control who has access to our network .Also we can create virtual LANs in our network.

85

Chapter 7: Conclusion and Future Scope of Work

86

7.1 Conclusion
For any business to grow and succeed it is very necessary that they communicate in and around effectively. This creates the need of perfect networking setup in organizations. This research was carried out to understand the need of networking, techniques and devices used in an organization. Through the research knowledge was gained about the networking concepts and network designing. A network setup is designed for a virtual organization to show the usage of modest gadgets available in the market, which would cater the very basic need of communication and sharing of information within the organization.

7.2 Future Scope of Work:

While conducting this research budget or price was not the constraint. And as we know budget plays a very important constraint while deciding the which devices to be used. So this particular research can be extended in the way that: Price of each device required can be compared with the other devices available in the market which serve the same purpose and then the best, cheapest network can be designed. Getting a more deep knowledge about the modest gadgets available to make the setup cost effective and best featured.

87

8. Appendices
QUESTIONS ON NETWORK SET UP
1) 2) 3) 4) 5) 6) 7) 8) 9) 10) For what purpose do you need networking? Are there any wireless connections? Why do you use router? Which brand and why? Which switch do you prefer-managed or unmanaged and why? Which brand do you own right now? What are the other equipments used in network setup and why? Do you have any NETWORK ATTACHED STORAGE? Which network do you prefer- cabled or wireless? Does your organization own an enhanced firewall that scans inbound internet traffic for viruses, spyware, and other vulnerabilities? Do you have any private network like VPN, intranet? Who manages it? Who manages it? Are you satisfied with your setup and devices? Above questions were asked to the system administrator of the organizations like CG Broadband Network Pvt Ltd Bhilai, Simplex Castings Pvt ltd Bhilai, STPI Bhilai, BEC Bhilai. A personal interview was conducted.

88

9. BIBLIOGRAPHY
1. C.R Kothari, Research Methodology, New Age International Publishers, New Delhi, Second Revised Edition, 2008, Chapter No-1, Page no- 1-3. 2. Andrew Tannenbaum, Computer Networks, Prentice Hall of India, New Delhi , 4th revised edition, 2008, Chapter No-1, Page no-3-5,14-25,37-43. 3. Behrouz A Forouzan,Data Communications and Networking, Tata McGraw Hill Publishing Company Ltd,4th edition.

10. WEBLIOGRAPHY
1. http://www.computer-network.net/network-bridge 2. http://www.ictglobal.com/network_tech.html 3. http://compnetworking.about.com/cs/basicnetworking/f/whatsnetworking.ht m 4. http://compnetworking.about.com/cs/routers/g/bldef_router.htm 5. http://en.wikipedia.org/wiki/Network_switch 6. http://en.wikipedia.org/wiki/Network-attached_storage 7. http://en.wikipedia.org/wiki/Unified_Threat_Management 8. http://compnetworking.about.com/od/homenetworkhardware/f/routervsswit ch.htm 9. http://www.cyberoam.com/networksecurity.html 10. http://en.wikipedia.org/wiki/Virtual_private_network 11. http://www.howstuffworks.com/vpn.htm 12. http://www.ehow.com/about_5348701_managed-switch-vs-unmanagedswitch.html 13. http://en.wikipedia.org/wiki/Broadband 14. http://compnetworking.about.com/od/networkcables/g/bldef_leasedlin.htm 15. http://en.wikipedia.org/wiki/IP_camera 16. http://www.cups.org/documentation.php/network.html 17. http://wiki.answers.com/Q/What_is_Network_printer_and_local_printer 18. http://tunnel.mrq3.com/explain/node2.html 19. http://www.gatewayforindia.com/technology/satellite.htm 20. http://communication.howstuffworks.com/fiber-optic-communications/fiberoptic.htm 21. http://communication.howstuffworks.com/convergence/router.htm

89

22. http://compnetworking.about.com/od/hardwarenetworkgear/f/layer3switche s.htm 23. http://www.dslreports.com/faq/8347 24. http://computer.howstuffworks.com/internet/basics/question549.htm 25. http://www.howstuffworks.com/nat.htm 26. http://www.home-network-help.com/wireless-network.html 27. http://en.wikipedia.org/wiki/Wireless_network 28. http://www.tech-faq.com/wireless-modems.html

90