COMPUTER NETWORKS AND NETWORK SECURITY

Network
A computer network is a collection of computers and terminal devices connected
together by a communication system.
The set of computers may include large-scale computers, medium scale computers,
mini computers and micro computers.
The set of terminals may include dumb terminals, intelligent terminals, workstations
and miscellaneous devices such as telephone lines, printers, etc.
There is no specific definition of a computer network. However, Computer networks
increase the reliability of computer resources, facilitate overall system development and
also satisfy the primary objective of resource sharing such as device sharing, file sharing,
program sharing and program segmentation.

Need and Scope of Networks:

File sharing
Print sharing
E- Mail
Fax- sharing
Remote access
Shared data base
Fault tolerance
Internet access and security
Communication & collaboration
Organization

Benefits of Network:
Improved Communication
Improved efficiency
Reduction in cost
Reduction in errors

Most commonly found networks:

_ Local Area Networks (LAN)
_ Metropolitan Area Networks (MAN)
_ Wide Area Networks (WAN)
_ Virtual Private Networks (VPN)
Types of Network based on area:
LAN: The local area network (LAN) evolved as a means to interconnect a variety of
computing platforms in a high-speed, reliable, and robust environment. First and foremost, a LAN
is a network. Furthermore, the network serves as a communications infrastructure for
computerized systems. This includes computers, printers, storage systems, and any other device
that has a processor, and an ability and need to communicate with another system.

64

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

The main attributes of present day LAN:1. Inexpensive transmission media

2. Inexpensive media (modems, repeaters and Trans- receiver) to interface to the media.
3. Easy physical connection of devices to the media.
4. High data transmission rates
5. A high degree of interconnection between devices
6. There is seldom central controlling processor which polls the attached devices on the
network.
A LAN should have the following requisite features:
a. Compatibility
b. Internetworking
c. Growth Path and Modularity
D.System Reliability and Maintenance
Few reasons for growth of LAN are mentioned as under:1. Security- Locking of servers by software and hardware means, security for programs and data
files can be achieved. Diskless nodes also offer security by not allowing users to download
important data on floppies or upload unwanted software of viruses.
2. Expanded PC usage through inexpensive workstation- In a LAN already set up; cost to
automate additional employees through diskless PCs is less.
3. Distributed processing- Many companies operate as if they had distributed system in place. If
numerous PCs are installed around the office, these machines represent the basic platform for
a LAN with inter user communication and information exchange.
4. Electronic mail and message broadcasting- Electronic mail allow users to communicate more
easily among themselves. This can be done by providing each user with a mailbox on the
server.
5. Organizational benefits- Benefits of LANs are numerous. These include reduced costs in
computer hardware, software and peripherals and a drastic reduction in the time and cost of
training and re-training manpower to use the benefits. Communication is easier and faster.
Information flow between departments also becomes smoother.
6. Data management benefits- Data located on the central server hence much easier to manage
and back it up. No file is transferred to user through floppies.
7. Software cost and up- gradation Since a single server is used hence the software is to be
purchased only once instead of buying multiple copies, hence, resulting in reduced cost of
software for every machine in organization. Also up gradation is much easier.
Components of LAN are as follows1. File servers
2. The Network Operating system
3. Workstations
4. Network Interface cards
5. Network cabling Twisted pair, Coaxial cables, Fiber optic cables.

65

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

Wireless LAN (WLANs)

Provides network connectivity over wireless media

An Access Point (AP) is installed to act as Bridge between Wireless and Wired Network
The AP is connected to wired network and is equipped with antennae to provide wireless
connectivity

WAN:
WAN is a digital communication system which interconnects different sites, computers and
user terminals that are spread over a wide area (a state, a country or even world wide). It also
helps LANs to communicate with each other.
It covers a wider geographical area with various communication facilities such as long distance
telephone lines, satellite transmission and even under sea cables.
This type of communication network may be developed to operate nationwide or worldwide.
It is a commercial data network that provides data communication services for business and
government agencies.
Using WAN, users can send electronic messages, data, graphics, programs, documents and
even video information rapidly and economically.
Examples of WANs are inter state banking networks, airline reservation systems, etc.
Characteristics of WAN:
The transmitting and receiving equipments are distributed over wider geographical area.
The basic components in a common WAN include a host computer which is linked through
various inter connected communication lines to sub-ordinate computers.
Communication channels between machines are usually furnished (= provided by) by a third
party (for e.g.Telephone Company, public data network, satellite carrier, etc.).
WAN typically operate at lower link speeds (about 1 MBPS)
Channels are of relatively low capacity.
Channels are relatively error prone (a bit error rate of 1 in 105 bits transmitted)

66

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

S.No
1

Basic
Coverage

Local Area Network

LAN
covers
limited
geographical area
Mostly privately owned or
owned by any organization.

Control

Communication
mode

Direct cabling is the commonly

used mode of communication
in LAN

4
5

Cost
Application

Transmitting data is cheaper

LAN can be set within the
department or division that
belongs to the organization.

Transmission

Transmission of data generally

error free

Wide Area Network

WAN
covers
wide
geographical area
No single owner of the
WAN. Public authority
involved for using the
communication channel.
Communication mode of
WAN is telecommunication
cables,
satellites
or
microwaves.
Transmitting data is costlier
WAN can be set within the
departments or division
which are dispersed outside
the range of locations.
Transmission
of
data
generally error prone.

MAN
a. A Metropolitan Area Network (MAN) is somewhere between a LAN and a WAN.
b. Sometimes MAN refers to a network that connects systems or local area networks within a
metropolitan area (roughly 40 kms in length from one point to another).
c. MANs are based on fiber optic transmission technology and provide high speed interconnection
between sites (10 MBPS or so).
d. MAN can support both data and voice.
e. Cable television networks are best examples of MANs that distribute television signals.

67

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

Network Models
Anything that receives the data is called a client.
Anything that gives data is called a Host.
A Server is that from which work stations (clients) access date.
Client -Server Model

Organizations of individual computers on a network decides that how they will interact with
other computer on the network. One of the ways of organizing network of computers is the
Client server technology.

In this kind of technology one host computer handles the other connected computer (nodes)
on the network. This host computer serves the storage needs and sometimes the processing
needs of all the network nodes. This host computer is also called the server and the connected
nodes as clients.

The most common types of client server arrangement is a LAN composed of micro computers
connected to a network server which serves to all the clients of the LAN.

68

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

A Client program running on one of the micro computers can request specific data from
server. The server program retrieves data from its database and returns it to the client. This
way a LAN permits all the computers connected to it to share hardware, software and data.
Disk storage and printers are the most commonly shared devices.

Characteristics of Client server technology:

1. Client/ server architecture consists of a client process and a server process that can be
distinguished from each other.
2. The client portion and the server portions can operate on separate platforms.
3. Either the client platform or the server platform can be upgraded without having to upgrade
the other platform.
4. The server is able to service multiple clients concurrently.
5. In some client/ server systems clients can access multiple servers.
6. The client server system includes some sort of networking capability
7. A vital portion of the application logic resides at the client end.
8. The action is usually initiated at the client end, not the server end.
9. The database server should provide protection and security.
10. The GUI resides at the client end.
Implementation examples of Client /Server technology:
Online banking application
Internet call centre application
Applications for end- users those are stored in the server.
E- Commerce online shopping page
Intranet applications
Financial, Inventory applications based on the client server
Tele communication based on Internet technologies.
Benefits of Client/ Server Technology
People in the field of information systems can use client/ server computing to make their jobs
easier.
Reduce the total cost of ownership
Increased productivity
End user productivity
Developer productivity
Takes less people to maintain a client/ server application than a mainframe.
The expenses of hardware and network in the client/ server environment are less than those
in the mainframe environment.
Can implement vendor software tools for each application.
Long term cost benefits for development and support.
The management control over the organization would be increased.

69

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

Components of Client server architecture

1. Client: Generally clients are the personal computers. They are the users of the services
offered by the servers. Basically, there are 3 types of clients.
- Non-Graphical User Interface (GUI) clients: They require minimum amount of human interaction.
E.g. ATMs, cell phones, fax machines, robots, etc.
-GUI-Clients: They are human interaction models. They involve object/action models like pull-down
menus in Windows.
-Object-Oriented User Interface (OOUI) Clients: They have further expanded visual formats, multiple
workplaces and object interaction rather than application interaction.
2. Server: Servers are the systems which provide required data to the clients. Servers receive
requests from the client and regulate access to shared resources. Following are different types of
servers.
File servers help to share files across a network by maintaining a shared library of documents,
data, and images.
Database servers can execute Structured Query Language (SQL) requests from clients.
Transaction servers execute a series of SQL commands,
Web servers allow clients and servers to communicate with a universal language called HTTP.
3. Middleware: The network system implemented within the client/server technology is known as
middleware.
Middleware is the software needed to allow clients and servers to interact. Middleware allows for
Communication, directory services, queuing, distributed file sharing and printing. Generally,
middleware consists of four layers - Service, Back-end Processing, Network Operating System and
Transport Stacks.
4. Fat-client or Fat-server: Fat-client and fat-server are popular terms in computer literature. In a fatclient system, most of the processing takes place in the client. E.g. file server or database server. Fatservers place more emphasis on the server and try to minimize the processing done by clients.
Examples of fat servers are transaction, GroupWare, and web servers. Fat-clients are also known as
2-Tier systems and fat-servers are known as 3-Tier systems.
5. Network hardware: The network hardware is the communication cords and the devices that link
the server and the clients. The communication and data flow over the network is managed and
maintained by network software.
Two- tier Architecture

70

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

a. With the appearance of LAN, PCs are being connected to servers also.
b. Servers are mainly database servers which offer data on the server.
c. Thus the application intelligence is implemented on the client.
d. Since there are only tiered data-server and client, this is called 2-tier architecture.
e. This model is still predominant today,
f. This is actually opposite to the terminal based system where the entire intelligence lies on the host
system.
Suitability: 2-tier architecture is suitable in the following situations
a. Tools and middleware implemented in client are
_ Relatively inexpensive and well integrated PC-tools and
_ Good Rapid Application Development (RAD) qualities i.e. simple applications can be produced in a
comparatively short time.
b. Server side uses relatively expensive tools.
Limitations:
a. Massive applications implemented on PC are expensive to maintain.
b. Windows 3.X and Mac systems have tough resource restrictions. For this reason application
programmers should be well trained in systems technology, so that they can optimize scarce
resources.
c. Since the application logic is executed on the PC, in case of a new software release, all personal
computers have to be updated. This is very costly, time consuming, complicated and error prone.
d. Once the software reaches users desktop it should be installed and then tested for correct
execution.
Due to distributed character of such a procedure, there is no guarantee that all clients work on the
correct copy of the program.
Three Tier Architecture

In 3-tier architecture, application logic is transferred from the client back to the server.
Tiers: It has the following tiers a. Client tier:
It is responsible for the presentation of data, receiving user events and controlling the user interface.
_ The actual business logic is moved to application server.
Today, Java applets offer an alternative to traditionally written PC applications.

71

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

b. Application Server tier:

This tier is new, i.e., it is not present in 2-tier architecture.
Business objects that implement the business rules live here, and are available to the client-tier.
This level is the central key to solve 2-tier problems.
It protects the data from direct access by the clients.
Furthermore, the term component is also found here. Today the term describes visual
Components on the client-side.
Components on the server-side can be defined as configurable objects, which can be put together
to form new application processes.
c. Data-server-tier:
This tier is responsible for data storage:
Besides the widespread relational database systems, existing legacy systems databases are also
used here.
Advantages: It solves number of problems that are inherent in 2-tier architecture.
a. Clear separation of user-interface-control and data presentation from application-logic: With this
separation more clients are able to have access to a wide variety of server applications. The two main
advantages for client-application are
_ Quicker development
_ Shorter test phase.
b. Dynamic load balancing: If bottlenecks occur in terms of performance then the server process can
be moved to other servers at runtime.
c. Change management:
_ It is easy and faster to exchange components on the server than to provide number of PCs with
new program versions. In addition such components require high standard of quality control.
Multi- tier Architecture
Meaning:
The client program has only UI code.
The UI code talks to the middle tier on which the business and database logic sits. In turn the
middle tier talks to the database.
If necessary the middle tier can be placed on the same machine as the database.
In either case the data traffic is highest between database logic and database.
So, the network infrastructure that connects the database logic with the database server needs have
Very high bandwidth i.e. expensive.
Advantages of Multi-tier architecture: The advantages of a multi-tier architecture are:
Forced separation of UI and business logic.
Low bandwidth network.
Business logic sits on a small number of centralized machines.

72

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

Comparison of Architectures
Architecture

Advantage

Disadvantage

One tier

Simple

No networking can't access remote

services

Very high performance

Potential for spaghetti code
Self-contained
Two tiers

Clean, modular design

Must design/implement protocol

Less network traffic

Must design/implement reliable data

storage

Secure algorithms
Can separate
business logic
Three tiers

UI

form

Can separate UI, logic, and

storage

Need to buy DB product

Need to hire DBA

Reliable, replicable data

Need to learn SQL
Concurrent data access via
transactions

N tiers

Efficient data access

Support multiple applications
more easily

Object-relational mapping is difficult

Less efficient
Must learn API (CORBA, RMI, etc.)

Common protocol/API
Expensive products
More complex, more faults
Load balancing is hard

73

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

Peer to Peer Model

P2P refers to point-to-point communication among computers. In a P2P network, each computer
acts as a peer, functions as both client and server to the other peers on the network. The P2P
model of network connection differs from the client-server model where data is transferred between
clients and a central server.
Examples of services that might be provided are file storage, printers, Internet access, etc
S.No
1

Basis
Meaning

Arrangement

Request of data

74

Client Server
The network has certain
machines and devices called
servers that are specially
dedicated to provide various
services to the other
computers called clients.
The most common type of
client server management is
LAN. It permits all the
computers connected to it to
share hardware, software
and data.

In this network, a client

program running on one of
the micro computers can
request specific data from
the server. The server
program
retrieves
the
requested data from its
database and returns it to
the client.

Peer- to- Peer

In this network, there
are
no
dedicated
servers. All computers
are equal, and therefore
termed as peer.
In peer- to- peer
network, there is no
central server to which
all the computers have
to be connected. Linking
computer
in
this
network is significantly
more straightforward.
Since there is no server,
all nodes are fully
employed. Each of these
machines functions both
as a client and as a
server.

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

Communication software
Management of flow of data across a network is done by communication software. This software is
written in a wide variety of protocols which are rules and procedures of exchanging data.
Functions of a communication SW:
Access Control

1. Linking and disconnecting a connection by

automatic dialing, answering telephones,
redialing, etc.
2. Also restricts access to authorized users only.
Network management
1. Determines system priorities, route messages,
queuing input and output.
Data and file Transmission Allows computers to send and receive messages,
control
commands, data, files, etc. Provides mechanism of
error checking.
Error detection and Control
Involves detection and correction of transmission
error caused by distortions in the communication
channel such as noise, power surge, etc
Data security
Protects from unauthorized access. Encryption is also
used.
Communication Interface Devices
NIC cards: A network interface card is needed for any type of network connection. This includes a
connection to the Internet. Even if a small network of two computers is created, the administrator is
required to install network interface cards onto the computers. The card then attaches to cabling that
is also connected to a router. This is the central point for network connectivity, and it allows the two
computers to share files and data.
MAC address: Media access control address is a HW that addresses that uniquely identifies each node
of a network.
Routers: A device that forwards data packets along a network. A Router is connected to at least two
networks. Routers are located at gateways, the places where two or more network connect.

Switches: A Device that filters and forwards packets between LAN segments.

75

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

Hubs: A common connection point for devices in a network. Hubs are used to connect segments of a
LAN. A hub contains multiple ports. When a packet arrives at one port it is copied to other ports so
that all the other segments of LAN can see all packets.
Bridges: Bridges determine the physical (MAC) address of the destination of a packet and will then
rebroadcast the signal only if it resides on the other segment, there by reducing overall network
traffic.

Repeaters: A repeater connects two segments of your network cable. It retimes and regenerates the
signals to proper amplitudes and sends them to the other segments. Repeaters require a small
amount of time to regenerate the signal. This can cause a propagation delay which can affect
network communication when there are several repeaters in a row. Many network architectures limit
the number of repeaters that can be used in a row.

76

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

Repeater

Weak
inbound
digital signal

Strong
outbound
digital signal

Gateways: A node on the network that serves as an entrance to another network. In enterprises the
gateway is the computer that routes the traffic from a work station to the outside network that is
serving the web pages. In home, the gateway is the ISP (Internet service provides say, BSNL, Airtel,
etc)
MODEM: The word "modem" is a contraction of the words modulator-demodulator. A modem is
typically used to send digital data over a phone line.
The sending modem modulates the data into a signal that is compatible with the phone line, and the
receiving modem demodulates the signal back into digital data. Wireless modems convert digital
data into radio signals and back.

Multiplexing: is the sharing of bandwidth between multiple users.

Front end communication processor: These are programmable devices which control the functions of
communication system. They support the operations of a mainframe computer by performing
functions, which it would otherwise be required to perform itself. These functions include code
conversion, editing and verification of data, terminal recognition and control of transmission lines.
Protocol converters: Dissimilar devices cannot communicate with each other unless a strict set of
communication standards is followed. Such standards are commonly referred to as protocols. A
protocol is a set of rules required to initiate and maintain communication between a sender and
receiver device.
Remote access devices: Are modem banks that serve as gateways to the internet or to private
corporate networks. Their function is to properly route all incoming and outgoing connections.

77

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

Communication channels
Guided media:
Fiber optic cables

Fiber optics (optical fibers) are long, thin strands of very pure glass about the diameter of a human
hair. They are arranged in bundles called optical cables and used to transmit light signals over long
distances.
If you look closely at a single optical fiber, you will see that it has the following parts:

Core - Thin glass center of the fiber where the light travels
Cladding - Outer optical material surrounding the core that reflects the light back into the
core

Buffer coating - Plastic coating that protects the fiber from damage and moisture
Hundreds or thousands of these optical fibers are arranged in bundles in optical cables. The bundles
are protected by the cable's outer covering, called a jacket.
Twisted pair
It consists of pairs of cables that transmit data. The pairs of cables are twisted so as to prevent the
cross talk (noise generated by other pairs of cables). Each pair of copper wire is twisted together and
is encased in a unique color-coded plastic jacket for insulation. An outer jacket is put encasing all the
twisted pair into one single bundle that consists of all the pairs for effective transmission of data.

Coaxial cables
A coaxial cable is one that consists of two conductors that share a common axis. The inner conductor
is typically a straight wire, either solid or stranded and the outer conductor is typically a shield that
might be braided or a foil.

78

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

Media
Twisted
pair
Coaxial
Fiber
Optics

Network
type
LAN

Cost

LAN
Any

Moderate
High

Low

Transmission Security
distance
Short
Good

Error
rates
Low

Speed

Short
Moderatelong

Low
Very low

Low- High
High- very
high

Good
Very good

Low- high

Network structure or topology

Network topology is the geometrical arrangement of computer resources, remote devices and
communication facilities. It comprises of nodes and links.
A node is the end point of any branch in a computer, a terminal device, a workstation or an inter
connected equipment facility.
A Link is a communication path between two nodes.
Basic network topologies are discussed as under:

1. Star Network: In this network the communication channel emanates from a central computer
system. It means the processing nodes are directly connected with a central system. To
transmit information from one node to another, it should be necessarily routed through the
central computer.
Appropriate for: Banking companies.

79

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

Advantages:
Easily expandable and shortened as it is easy to add or remove devices.
Any single node failure does not bring down the entire network.
Connection of additional computers does not increase the communication time between any
computers.
It is easier to diagnose network problems through a central hub.
Disadvantages:
Processing problem in the central computer (o r hub) can paralyze the entire system.
It costs more to cable a star configuration than other topologies.
Maximum number of nodes expected depends upon the limits of expansion permitted by the
hub.
2. Bus Network: In this structure a single cable runs in the building or campus and all nodes are
linked along with this communication line with two end points called the bus.
Most appropriate for: LAN
Advantages:
Reliable in very small networks as well as easy to use and understand.
Highly reliable since any line break down does not affect the communication between
two computers.
Requires least amount of cable to connect and therefore less expensive.
Easy to extend by joining cable with connector or repeater.
Disadvantages:
Heavy network traffic slows down the transmission rate.
only a single message can travel at a time
Each connection between two cables weakens the electrical signal.
Troubleshooting is very difficult in bus configuration.
3. Ring Network: In this network cable passes from one node to another node until all nodes are
connected in the form of loop or ring.
Suitable for: LAN
Advantages:
Offers high performance for small number of work stations or for longer networks where
each station has a similar workload.
Can span longer distance than other type of networks.
Reliable since communication between two computers is not dependent on a single
computer like the host computer.
Ring networks are easily extendable.
Disadvantages:
Relatively expensive and difficult to install
Failure of one computer on the network can affect the entire network.
Difficult to troubleshoot a ring network
Adding or removing computer can disrupt the entire network.

80

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

4. Mesh Network: Nodes under this network are randomly connected using communication
lines. Mesh network can be fully connected or partially connected. In fully connected
topology, each node is connected by a dedicated point to point link to every node. In a
partially connected topology , the computers are widely scattered.
Advantages:
Reliability is very high since there exist an alternative path if the direct link between
two nodes is down.
It is easier to diagnose the network problems
Yields greater amount of redundancy in the event that one of the nodes fails where
network traffic can be redirected to another node.
Disadvantages:
The cost of installation and maintenance is high
If there are few cables in the network, the loss of even one cable or device may
damage the network seriously.
Transmission technologies
I.

Serial and Parallel transmission

S.No
1

Serial
In this, the data bits are transmitted
serially one after another.
Data is transmitted over a single wire.

Parallel
In this, the data bits are transmitted
simultaneously.
Data is transmitted over 8 different
wires.
It is cheaper mode of transferring Relatively expensive
data.
Applicable for long distance data Not practical for long distance
transmissions.
communications as it uses parallel
path, so cross talk may occur.
Relatively slower
Relatively faster.

2
3
4

81

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

II.

Asynchronous transmission and Synchronous transmission

S.No

Basis

Transmission
bits

Character
transmission

Transfer rate

Smart devices

Synchronization
bit

Word block

82

Synchronous transmission

Asynchronous transmission

of In this transmission bits are In this, transmission takes

transferred at fixed rate
place in form of words
accompanied by stop and
start bits
It allows characters to be sent In this words are send with a
down the line without start/ start bit and a stop bit
stop bits
Rate of transfer is high or faster Rate of transfer is slower

Smart devices are required to

differentiate between the actual
date and special synchronous
characters
Uses a group of synchronization
bits

It does not require special

smart
devices
for
differentiation of actual data
and start/ stop bits.
No special synchronization
bits required.

It allows data to be sent as multi Data transfer takes place in

word block
the form of words.

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

Transmission modes
a) Simplex
b) Half duplex
c) Full duplex

Data Transmission Techniques

Circuit Switching: In a communication using circuit switching, there is a dedicated
communication path between two stations. The path is a connected sequence of links
between nodes. On each physical link, a channel is dedicated to the connection. Message in
text is not transferable. Example: Telephone network for continuous flow of data.
Message Switching: It is a system which uses computer techniques to transmit and receive
path, and store retrieve textual information. No need to establish a dedicated path between
two stations. Under this type of switching the computer receives data, stores it and when
communication channel is available transfers the information to the destination. Example:
Used in companies with huge volume of data transmission as telegrams, electronic mails,
computer files and transaction queries and responses.
Packet switching: In this type of switching the message to be transmitted is broken into
chunks called packets. Each packet is has the source address and destination place available.
Each packet has synchronizing error correction and control bits. Packet switching maximizes
transmission capacity of networks. Transmission cost is by packet and not by message, route
of distance.

83

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

Communication protocols
Communication protocols are a set of rules for inter- computer communication that have been
agreed upon and implemented by many vendors, user and standard bodies. Ideally, a protocol,
standard allows heterogeneous computer to talk to each other.
Protocols are software that performs a variety of actions necessary for data transmission between
computers. At the most basic level, protocols define the physical aspects of communication, such as
how the system components will be interfaced and at what voltage levels will be transmitted.
In data transmission establishment and termination of sessions between computers and the
synchronization of those transmission takes place. A protocol defines the following three aspects of
digital communication.
1. syntax: The format of data being exchanged, character set used, types of error
correction used, type of encoding schema used.
2. Semantics: For reliable and error free transmission, type and order of messages used.
3. Timing: Defines data rate selection and correct timing for various events during data
transfer.
A number of different protocols are sued commonly. E.g.,X.12, X.75, TCP/IP, etc
OSI: Open System Interconnection Model
All People Seem To Need Data Processing
Please Do Not Throw Sweet Pongal Away

84

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

Physical Layer: The physical layer is at the bottom of this data networking model. It deals with crude
data that is in the form of electrical signals. The data bits are sent as 0's and 1's. 0's correspond to low
voltage signals and 1's correspond to high voltage signals. The mechanical aspects of communication,
such as wires or connectors come under this layer. The physical layer also deals with how these wires,
connectors, and voltage electrical signals work. Also, the process that is required for these physical
aspects are taken into account in this layer itself. Read more on Ethernet cable wiring.
The Data Link Layer: The transmission of the data over the communication medium is the
responsibility of this layer. The 0's and 1's that are used in the communication are grouped into
logical encapsulation. This encapsulation is called frames. The data is transported in frames. The
responsibility of these frames is that of the data link layer.
Network Layer: All over the world, there are many different types of Ethernets. These networks are
connected to each other through various media. When a data packet wants to reach a particular
destination, it has to traverse through these networks. Essentially, there are lot of operations that are
taking place between the connected networks. Also, the packet data which is traversing has to
choose an optimum route, and the addressing of these packets has to be proper. The various
operations between the networks, packet data issues, addressing and routing are handled by this
network layer.
Transport Layer: The transport layer ensures quality and reliability of the communication. The data
packet switching is entirely handled by the transport layer. There are basically two types of packet
switching. They are connectionless packet switching and connection oriented packet switching. In
connectionless packet switching, the packet data is allowed to choose the route in which it is going to
reach the destination. Obviously, the packet in itself cant do this. Physical devices like routers are
mainly responsible for the behavior of packets, but the packets formed from the same datum can
reach their destination in different ways. Whereas, in connection oriented packet switching, once the
route is decided, then all the packets have to follow the same route. Examples of connectionless
packet switching are text messages in mobile phones, and the example of connection oriented
switching is a direct voice call.
The Sessions Layer: The sessions layer is mainly responsible for creating, maintaining and destroying
the communication link. PDU (Protocol Data Unit), in which various protocols are defined, that have
to be followed during communication, are the responsibility of the sessions layer. The applications
that use RPC's (remote procedure calls) are taken care of by the sessions layer.
Presentation Layer: There are various techniques of data compression which are used to send and
receive the optimized data. For example, if certain data is repeating itself for a number of times, then
it is logical to send the data only once, and specify the number of times it is repeated. This bundling
of the repeated data is one of the techniques of compressions. The compression and decompression
of the data is handled by the presentation layer. Also, encryption and decryption techniques used to
thwart malicious attacks on data are handled by the presentation layer.
Application Layer: This is the topmost layer of the OSI reference model. This layer comes into picture
when there is a process to process communication. Whenever a user invokes any application, all the

85

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

associated processes are run. Many a times, when an application wants to communicate with another
application, then there has to be communication between these associated processes. The
application layer is responsible for this inter process communication.

Sr. No.

2
3
4

OSI
Reference
Model
Model was first
defined
before
implementation
takes place

TCP/IP Reference Model

Model was defined after

protocols
were
implemented
Service interface and
protocols
were
not
Reliable delivery of clearly
distinguished
packet data
before
Internet working not TCP/IP supports Internet
supported
working
Strict Layered
Loosely layered

Working of the OSI

The layers are in two groups. The upper four layers are used whenever a message passes from or to a
user. The lower three layers are used when any message passes through the host computer.
Messages intended for this computer pass to the upper layers. Messages destined for some other
host are not passed up to the upper layers but are forwarded to another host.
The sending process passes data to the application layer. The application layer attaches an
application header and then passes the frame to the presentation layer.
The presentation layer can transform data in various ways, if necessary, such as by translating it and
adding a header. It gives the result to the session layer. The presentation layer is not aware of which

86

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

portion (if any) of the data received from the application layer is the application header and which
portion is actually user data, because that information is irrelevant to the presentation layers role.
The process of adding headers is repeated from layer to layer until the frame reaches the data link
layer. There, in addition to a data-link header, a data-link trailer is added. The data-link trailer
contains a checksum and padding if needed. This aids in frame synchronization. The frame is passed
down to the physical layer, where it is transmitted to the receiving host. On the receiving host, the
various headers and the data trailer are stripped off one by one as the frame ascends the layers and
finally reaches the receiving process.

Virtual Private Network

87

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

A VPN is a private network that uses a public network (usually Internet) to connect remote sites or
users together. It will not use a dedicated, real-world connection such as leased line. It uses "virtual"
connections routed through the Internet from the company's private network to the remote site or
employee.
Types of VPN: Following are the 2 most common types of VPN
1. Remote-access:
Meaning:
This is a user-to-LAN connection used by a company that needs to connect to the private network
from various remote locations.
It is also called as Virtual Private Dial-Up Network (VPDN).
Working:
Generally, a company that wishes to set up a large remote-access VPN will outsource it to an
Enterprise Service Provider (ESP).
The ESP sets up a Network Access Server (NAS) and provides desktop client software to all the
computers of remote users.
Employees can dial a toll-free number to reach the NAS and use their VPN client software to access
the corporate network.
They provide secure, encrypted connections between a company's private network and remote users
through a third-party service provider.
Suitability: It is suitable for a company with large number of employees spread over wide area. For
example a company with hundreds of sales people in the field needs a remote-access VPN.
2. Site-to-Site VPN: Through the use of dedicated equipment and large-scale encryption, a company
can connect multiple fixed sites over a public network such as Internet. Site-to-site VPNs can be one
of the following two types:
a. Intranet based: If a company has one or more remote locations that they wish to join in a single
private
network, they can create an intranet VPN to connect LAN to LAN.
b. Extranet based: When a company has a close relationship with another company (for example, a
partner, supplier or customer), they can build an extranet VPN that connects LAN to LAN. With this,
various companies can work in a shared environment.

ISDN: Integrated Services Digital Network

1. Meaning:
a. Integrated Services Digital Network (ISDN) is a circuit switched telephone network system,
designed to allow digital transmission of voice and data over ordinary telephone copper wires,
resulting in better quality and higher speeds.
b. ISDN is a set of protocols for establishing and breaking circuit switched connections and for
advanced call features for the user.
2. Types of channel:
a. Bearer channels (B channels): Data and voice are carried by these channels having a bandwidth of

88

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

64 kilobits per second.

b. Delta channels (D channels): It carries signals and controls. But it can also be used for carrying
data.
3. Types of ISDN services:
a. Basic Rate Interface (BRI):
It consists of two 64 kbps B channels and one 16 kbps D channel to form a total of 144 kbps.
It is suitable for individual users.
b. Primary Rate Interface (PRI):
It consists of 23 B channels and one 64 kbps D channel to form a total of 1536 kbps.
It is suitable for users with higher capacity requirements.
4. Advantages:
a. Multiple channel operation in same cable: ISDN allows multiple digital channels to be operated
simultaneously through the same regular phone cable which is meant for analog signals. However,
this is possible only if the telephone companys switches can support digital connections.
b. Combines different digital sources: With ISDN, it is possible to combine several digital data sources
and send the information to the proper destination. In a digital line it is easy to reduce noise and
interference even after combining these signals.
Data Centre
A data centre is a centralized repository for the storage, management and dissemination of data
and information. Data centres can be defined as highly secure fault- resistant facilities, hosting
customer equipment that connects to telecommunication network. The other names are Internet
hotel, server farm, data warehouse, corporate data centre, Internet service provider (ISP), or
wireless application server provider (WASP).
The purpose of data centre is to provide space and bandwidth connectivity for servers in reliable,
secure and scalable environment. These data centres are also referred to as public data centres,
because they are open to customers. These facilities can accommodate thousands of servers,
switches, routers and racks storage array and other telecom equipment.
Types of data centres
1. Private data centre and Public data centre
Private data centre: Also called as enterprise data centre, this is managed by organizations own IT
department and it provides applications, storages, web- hosting, e-business functions, etc.
Public data centre: also called Internet data centre, provides services ranging from equipment
managing to managed web- hosting.
2. Tier 1 and Tier 4 -Tier 1 is the most basic and inexpensive and Tier 4 is costly
with more facilities.
Features of Data Centres
Size
Data security
Availability of data

89

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

 Electrical and power systems

System monitoring and support and storage.
Data Centres can also provide VALUE- ADDED services such as:

Database monitoring

Web monitoring

Backup and restore

Intrusion detection system

Storage on demand.
Disaster Recovery Plan
Data centres need to be equipped with appropriate disaster recovery systems, this is a plan made by
the organization before purchasing the computer. This plan ensures the management that, in case of
disasters, the recovery is possible through certain procedures and plans. When disaster occurs, the IT
organizations cannot stop their processors for a long time, and cannot tolerate too much downtime.
Hence every organization goes for its own disaster recovery sites.
There are three types of sites available:
Hot site- all the facilities, like key sites are available, very expensive, hardware, software, equipment
are available.
Warm site- Partially equipped, with some more facilities the processing can be resumed.
Cold site- only the space is available with air- conditioning, hardware, software, equipments are not
available, making the required facilities, and the processing can be resumed.
Disaster Events
1. There is a potential for significantly interrupting normal business processing.
2. Business is associated with natural disasters like earthquake, flood, tornadoes,
thunderstorm, fire, etc.
3. Disasters are disruptions causing the entire facility to be inoperative for a lengthy
period of time.
4. Catastrophes are disruptions resulting from disruption of processing facility.
Business continuity Plan (BCP) is documented description of action, resources and procedures to be
followed, before during and after the disaster occurs.
Components of BCPs
1.
Define the requirements based on business needs.
2.
Statements of critical resources needed and detailed planning on use of critical resources.
3.
Defined responsibilities of trained personnel and written documentation and procedures to
cover all operations.
4.
Commitment to maintain plan to keep up with changes.

90

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

There are different phases in BCP:

Phase I: Risk analysis, identifying the critical and non critical areas, determining the critical time
period, coverage of insurance.
Phase II: Determination of minimum resources necessary, reviewing the operations between current
policies and back up procedures. Review of the entire system like file backups, operation and
documentations.
Phase III: Identifying the alternative sites, reciprocal arrangements, preparing a list of alternatives,
visits and reviews.
Phase IV: Plan preparation, provision for manual processes, plan development, team building,
developing a general plan.
Phase V: Testing the plans, structured walk- through (paper test), localized test, fully operational test,
test review procedures, etc.
Virus:
A virus is a malicious program that attaches itself to a legitimate program and penetrates into the
operating system.
A virus is a program that instructs the operating system to append it to other programs and thus
propagates to other programs via files containing macros.
A virus can replicate itself over and over and the replicated modules can grow independent of the
initial virus.
Sometimes a virus can be benevolent and it may cause minor disruptions by printing laughing
message and sometimes a virus can be malignant and it may delete files or corrupt other programs.
Following are the controls to safeguard against the viruses:
a. Preventive controls like:
_ using only clean and licensed copies of software,
_ cutting the use of pubic domain software / shareware,
_ downloading files or software only from reliable websites,
_ implementing read-only access to software.
_ checking new files / software with anti-virus software before installation,
_ imparting education and training programs to end users
b. Detective controls like:
_ regularly running antivirus software,
_ file size comparison to observe whether the size of programs has changed,
_ date / time comparisons to detect any unauthorized modifications.
c. Corrective controls like:
_ maintaining a clean backup,
_ having a recovery plan from virus infections,
_ regularly running antivirus software (which is useful for both detection & removal of virus)

91

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

Worms
_ A computer worm is a self-replicating computer program.
_ Worms are similar to viruses but they exist as separate and independent programs.
_ It uses a network to send copies of itself to other nodes (computer terminals on the network) and it
may do so without any user intervention.
_ Unlike a virus, worms do not need to attach itself to an existing program.
_ Worms may cause harm to the network. For e.g. they may consume bandwidth.
_ They exploit security weaknesses / bugs in the operating system to penetrate into other systems.
_ Exposures that arise from worms are more difficult to control than that arise from virus.
_ Generally anti virus / anti spyware software can prevent the attacks from Worms.
Hackers
_ Hackers attempt to gain unauthorized entry into a system by circumventing the access control
mechanism of the system. They can do this either with good or bad intention.
_ Some hackers may just trespass and read the files without making any changes to them.
_ Some hackers may cause destruction by deleting critical files, disrupting / suspending operations,
stealing sensitive data and / or programs.
_ They can be avoided only through robust logical access controls and / or Cyber Laws of the Land.
Intrusion Detection Systems (IDS)
Meaning: The goal of intrusion detection system is to monitor the network assets, to detect
anomalous behavior and misuse. This concept is there for nearly twenty years. But in recent years
there is a dramatic rise in its popularity and it is being incorporated into the overall information
security infrastructure. Following are different components of IDS:
Components of IDS:
1. Network Intrusion Detection (NID): _
_ Network intrusion detection deals with information passing in the wire between hosts.
_ Typically referred to as "packet-sniffers,"
_ Network intrusion detection devices intercept packets traveling in different communication
channels. Once captured, the packets are analyzed in a number of different ways.
_ Some NID devices will simply compare the packet with a database consisting of known attacks and
malicious packet "fingerprints",
_ While others will look for anomalous (= abnormal) packet activity that might indicate malicious
behavior.
_ In either case, network intrusion detection should be treated as a perimeter defense.
2. Host-based Intrusion Detection (HID): _
_ Host-based intrusion detection systems are designed to monitor, detect and respond to user and
system activity and attacks on a given host.
_ Some more robust tools also offer audit policy management and centralization, supply data
forensics, statistical analysis and evidentiary support, and in some cases provide some measure of
access control.
_ The difference between host-based and network-based intrusion detection is that NID deals with
data transmitted from host to host while HID is concerned with what occurs on the hosts themselves.

92

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)

_ Host-based intrusion detection is best suited to combat (= fight against) internal threats.
_ Majority of computer threats come from within organization. For example, disgruntled employees,
corporate spies, etc.
3. Hybrid Intrusion Detection:
_ Hybrid intrusion detection systems offer management of and alert notification from both network
and host-based intrusion detection devices.
_ Hybrid solutions provide the logical complement to NID and HID i.e. Central Intrusion Detection
Management.
4. Network-Node Intrusion Detection (NNID): _
_ Network-node intrusion detection was developed to work around the inherent flaws in traditional
NID.
_ Network-node pulls the packet-intercepting technology from the wire and puts it on the host.
_ With NNID, the "packet-sniffer" is positioned in such a way that it captures packets after they reach
their final destination i.e. host.
_ The packet is then analyzed just as if it were traveling along the network through a conventional
"packet-sniffer."
_ In this approach, network-node is simply another module that can attach to the HID agent. The
major disadvantage is that it only evaluates packets addressed to the host on which it resides.
_ On the other hand, traditional network intrusion detection can monitor packets on an entire
subnet.
_ "packet-sniffers" are also incapable of viewing a complete subnet when the network uses highspeed communications, encryption or switches since they are essentially "without a sense of smell".
_ But NNID can defend the specific hosts against packet-based attacks in these complex
environments where conventional NID is ineffective.

93

SREERAM ACADEMY (FORMERLY SREERAM COACHING POINT)