Академический Документы
Профессиональный Документы
Культура Документы
Network
A computer network is a collection of computers and terminal devices connected
together by a communication system.
The set of computers may include large-scale computers, medium scale computers,
mini computers and micro computers.
The set of terminals may include dumb terminals, intelligent terminals, workstations
and miscellaneous devices such as telephone lines, printers, etc.
There is no specific definition of a computer network. However, Computer networks
increase the reliability of computer resources, facilitate overall system development and
also satisfy the primary objective of resource sharing such as device sharing, file sharing,
program sharing and program segmentation.
Benefits of Network:
Improved Communication
Improved efficiency
Reduction in cost
Reduction in errors
64
65
WAN:
WAN is a digital communication system which interconnects different sites, computers and
user terminals that are spread over a wide area (a state, a country or even world wide). It also
helps LANs to communicate with each other.
It covers a wider geographical area with various communication facilities such as long distance
telephone lines, satellite transmission and even under sea cables.
This type of communication network may be developed to operate nationwide or worldwide.
It is a commercial data network that provides data communication services for business and
government agencies.
Using WAN, users can send electronic messages, data, graphics, programs, documents and
even video information rapidly and economically.
Examples of WANs are inter state banking networks, airline reservation systems, etc.
Characteristics of WAN:
The transmitting and receiving equipments are distributed over wider geographical area.
The basic components in a common WAN include a host computer which is linked through
various inter connected communication lines to sub-ordinate computers.
Communication channels between machines are usually furnished (= provided by) by a third
party (for e.g.Telephone Company, public data network, satellite carrier, etc.).
WAN typically operate at lower link speeds (about 1 MBPS)
Channels are of relatively low capacity.
Channels are relatively error prone (a bit error rate of 1 in 105 bits transmitted)
66
S.No
1
Basic
Coverage
Control
Communication
mode
4
5
Cost
Application
Transmission
MAN
a. A Metropolitan Area Network (MAN) is somewhere between a LAN and a WAN.
b. Sometimes MAN refers to a network that connects systems or local area networks within a
metropolitan area (roughly 40 kms in length from one point to another).
c. MANs are based on fiber optic transmission technology and provide high speed interconnection
between sites (10 MBPS or so).
d. MAN can support both data and voice.
e. Cable television networks are best examples of MANs that distribute television signals.
67
Network Models
Anything that receives the data is called a client.
Anything that gives data is called a Host.
A Server is that from which work stations (clients) access date.
Client -Server Model
Organizations of individual computers on a network decides that how they will interact with
other computer on the network. One of the ways of organizing network of computers is the
Client server technology.
In this kind of technology one host computer handles the other connected computer (nodes)
on the network. This host computer serves the storage needs and sometimes the processing
needs of all the network nodes. This host computer is also called the server and the connected
nodes as clients.
The most common types of client server arrangement is a LAN composed of micro computers
connected to a network server which serves to all the clients of the LAN.
68
A Client program running on one of the micro computers can request specific data from
server. The server program retrieves data from its database and returns it to the client. This
way a LAN permits all the computers connected to it to share hardware, software and data.
Disk storage and printers are the most commonly shared devices.
69
70
a. With the appearance of LAN, PCs are being connected to servers also.
b. Servers are mainly database servers which offer data on the server.
c. Thus the application intelligence is implemented on the client.
d. Since there are only tiered data-server and client, this is called 2-tier architecture.
e. This model is still predominant today,
f. This is actually opposite to the terminal based system where the entire intelligence lies on the host
system.
Suitability: 2-tier architecture is suitable in the following situations
a. Tools and middleware implemented in client are
_ Relatively inexpensive and well integrated PC-tools and
_ Good Rapid Application Development (RAD) qualities i.e. simple applications can be produced in a
comparatively short time.
b. Server side uses relatively expensive tools.
Limitations:
a. Massive applications implemented on PC are expensive to maintain.
b. Windows 3.X and Mac systems have tough resource restrictions. For this reason application
programmers should be well trained in systems technology, so that they can optimize scarce
resources.
c. Since the application logic is executed on the PC, in case of a new software release, all personal
computers have to be updated. This is very costly, time consuming, complicated and error prone.
d. Once the software reaches users desktop it should be installed and then tested for correct
execution.
Due to distributed character of such a procedure, there is no guarantee that all clients work on the
correct copy of the program.
Three Tier Architecture
In 3-tier architecture, application logic is transferred from the client back to the server.
Tiers: It has the following tiers a. Client tier:
It is responsible for the presentation of data, receiving user events and controlling the user interface.
_ The actual business logic is moved to application server.
Today, Java applets offer an alternative to traditionally written PC applications.
71
72
Comparison of Architectures
Architecture
Advantage
Disadvantage
One tier
Simple
Secure algorithms
Can separate
business logic
Three tiers
UI
form
N tiers
Less efficient
Must learn API (CORBA, RMI, etc.)
Common protocol/API
Expensive products
More complex, more faults
Load balancing is hard
73
P2P refers to point-to-point communication among computers. In a P2P network, each computer
acts as a peer, functions as both client and server to the other peers on the network. The P2P
model of network connection differs from the client-server model where data is transferred between
clients and a central server.
Examples of services that might be provided are file storage, printers, Internet access, etc
S.No
1
Basis
Meaning
Arrangement
Request of data
74
Client Server
The network has certain
machines and devices called
servers that are specially
dedicated to provide various
services to the other
computers called clients.
The most common type of
client server management is
LAN. It permits all the
computers connected to it to
share hardware, software
and data.
Communication software
Management of flow of data across a network is done by communication software. This software is
written in a wide variety of protocols which are rules and procedures of exchanging data.
Functions of a communication SW:
Access Control
Switches: A Device that filters and forwards packets between LAN segments.
75
Hubs: A common connection point for devices in a network. Hubs are used to connect segments of a
LAN. A hub contains multiple ports. When a packet arrives at one port it is copied to other ports so
that all the other segments of LAN can see all packets.
Bridges: Bridges determine the physical (MAC) address of the destination of a packet and will then
rebroadcast the signal only if it resides on the other segment, there by reducing overall network
traffic.
Repeaters: A repeater connects two segments of your network cable. It retimes and regenerates the
signals to proper amplitudes and sends them to the other segments. Repeaters require a small
amount of time to regenerate the signal. This can cause a propagation delay which can affect
network communication when there are several repeaters in a row. Many network architectures limit
the number of repeaters that can be used in a row.
76
Repeater
Weak
inbound
digital signal
Strong
outbound
digital signal
Gateways: A node on the network that serves as an entrance to another network. In enterprises the
gateway is the computer that routes the traffic from a work station to the outside network that is
serving the web pages. In home, the gateway is the ISP (Internet service provides say, BSNL, Airtel,
etc)
MODEM: The word "modem" is a contraction of the words modulator-demodulator. A modem is
typically used to send digital data over a phone line.
The sending modem modulates the data into a signal that is compatible with the phone line, and the
receiving modem demodulates the signal back into digital data. Wireless modems convert digital
data into radio signals and back.
77
Communication channels
Guided media:
Fiber optic cables
Fiber optics (optical fibers) are long, thin strands of very pure glass about the diameter of a human
hair. They are arranged in bundles called optical cables and used to transmit light signals over long
distances.
If you look closely at a single optical fiber, you will see that it has the following parts:
Core - Thin glass center of the fiber where the light travels
Cladding - Outer optical material surrounding the core that reflects the light back into the
core
Buffer coating - Plastic coating that protects the fiber from damage and moisture
Hundreds or thousands of these optical fibers are arranged in bundles in optical cables. The bundles
are protected by the cable's outer covering, called a jacket.
Twisted pair
It consists of pairs of cables that transmit data. The pairs of cables are twisted so as to prevent the
cross talk (noise generated by other pairs of cables). Each pair of copper wire is twisted together and
is encased in a unique color-coded plastic jacket for insulation. An outer jacket is put encasing all the
twisted pair into one single bundle that consists of all the pairs for effective transmission of data.
Coaxial cables
A coaxial cable is one that consists of two conductors that share a common axis. The inner conductor
is typically a straight wire, either solid or stranded and the outer conductor is typically a shield that
might be braided or a foil.
78
Media
Twisted
pair
Coaxial
Fiber
Optics
Network
type
LAN
Cost
LAN
Any
Moderate
High
Low
Transmission Security
distance
Short
Good
Error
rates
Low
Speed
Short
Moderatelong
Low
Very low
Low- High
High- very
high
Good
Very good
Low- high
1. Star Network: In this network the communication channel emanates from a central computer
system. It means the processing nodes are directly connected with a central system. To
transmit information from one node to another, it should be necessarily routed through the
central computer.
Appropriate for: Banking companies.
79
Advantages:
Easily expandable and shortened as it is easy to add or remove devices.
Any single node failure does not bring down the entire network.
Connection of additional computers does not increase the communication time between any
computers.
It is easier to diagnose network problems through a central hub.
Disadvantages:
Processing problem in the central computer (o r hub) can paralyze the entire system.
It costs more to cable a star configuration than other topologies.
Maximum number of nodes expected depends upon the limits of expansion permitted by the
hub.
2. Bus Network: In this structure a single cable runs in the building or campus and all nodes are
linked along with this communication line with two end points called the bus.
Most appropriate for: LAN
Advantages:
Reliable in very small networks as well as easy to use and understand.
Highly reliable since any line break down does not affect the communication between
two computers.
Requires least amount of cable to connect and therefore less expensive.
Easy to extend by joining cable with connector or repeater.
Disadvantages:
Heavy network traffic slows down the transmission rate.
only a single message can travel at a time
Each connection between two cables weakens the electrical signal.
Troubleshooting is very difficult in bus configuration.
3. Ring Network: In this network cable passes from one node to another node until all nodes are
connected in the form of loop or ring.
Suitable for: LAN
Advantages:
Offers high performance for small number of work stations or for longer networks where
each station has a similar workload.
Can span longer distance than other type of networks.
Reliable since communication between two computers is not dependent on a single
computer like the host computer.
Ring networks are easily extendable.
Disadvantages:
Relatively expensive and difficult to install
Failure of one computer on the network can affect the entire network.
Difficult to troubleshoot a ring network
Adding or removing computer can disrupt the entire network.
80
4. Mesh Network: Nodes under this network are randomly connected using communication
lines. Mesh network can be fully connected or partially connected. In fully connected
topology, each node is connected by a dedicated point to point link to every node. In a
partially connected topology , the computers are widely scattered.
Advantages:
Reliability is very high since there exist an alternative path if the direct link between
two nodes is down.
It is easier to diagnose the network problems
Yields greater amount of redundancy in the event that one of the nodes fails where
network traffic can be redirected to another node.
Disadvantages:
The cost of installation and maintenance is high
If there are few cables in the network, the loss of even one cable or device may
damage the network seriously.
Transmission technologies
I.
S.No
1
Serial
In this, the data bits are transmitted
serially one after another.
Data is transmitted over a single wire.
Parallel
In this, the data bits are transmitted
simultaneously.
Data is transmitted over 8 different
wires.
It is cheaper mode of transferring Relatively expensive
data.
Applicable for long distance data Not practical for long distance
transmissions.
communications as it uses parallel
path, so cross talk may occur.
Relatively slower
Relatively faster.
2
3
4
81
II.
S.No
Basis
Transmission
bits
Character
transmission
Transfer rate
Smart devices
Synchronization
bit
Word block
82
Synchronous transmission
Asynchronous transmission
Transmission modes
a) Simplex
b) Half duplex
c) Full duplex
83
Communication protocols
Communication protocols are a set of rules for inter- computer communication that have been
agreed upon and implemented by many vendors, user and standard bodies. Ideally, a protocol,
standard allows heterogeneous computer to talk to each other.
Protocols are software that performs a variety of actions necessary for data transmission between
computers. At the most basic level, protocols define the physical aspects of communication, such as
how the system components will be interfaced and at what voltage levels will be transmitted.
In data transmission establishment and termination of sessions between computers and the
synchronization of those transmission takes place. A protocol defines the following three aspects of
digital communication.
1. syntax: The format of data being exchanged, character set used, types of error
correction used, type of encoding schema used.
2. Semantics: For reliable and error free transmission, type and order of messages used.
3. Timing: Defines data rate selection and correct timing for various events during data
transfer.
A number of different protocols are sued commonly. E.g.,X.12, X.75, TCP/IP, etc
OSI: Open System Interconnection Model
All People Seem To Need Data Processing
Please Do Not Throw Sweet Pongal Away
84
Physical Layer: The physical layer is at the bottom of this data networking model. It deals with crude
data that is in the form of electrical signals. The data bits are sent as 0's and 1's. 0's correspond to low
voltage signals and 1's correspond to high voltage signals. The mechanical aspects of communication,
such as wires or connectors come under this layer. The physical layer also deals with how these wires,
connectors, and voltage electrical signals work. Also, the process that is required for these physical
aspects are taken into account in this layer itself. Read more on Ethernet cable wiring.
The Data Link Layer: The transmission of the data over the communication medium is the
responsibility of this layer. The 0's and 1's that are used in the communication are grouped into
logical encapsulation. This encapsulation is called frames. The data is transported in frames. The
responsibility of these frames is that of the data link layer.
Network Layer: All over the world, there are many different types of Ethernets. These networks are
connected to each other through various media. When a data packet wants to reach a particular
destination, it has to traverse through these networks. Essentially, there are lot of operations that are
taking place between the connected networks. Also, the packet data which is traversing has to
choose an optimum route, and the addressing of these packets has to be proper. The various
operations between the networks, packet data issues, addressing and routing are handled by this
network layer.
Transport Layer: The transport layer ensures quality and reliability of the communication. The data
packet switching is entirely handled by the transport layer. There are basically two types of packet
switching. They are connectionless packet switching and connection oriented packet switching. In
connectionless packet switching, the packet data is allowed to choose the route in which it is going to
reach the destination. Obviously, the packet in itself cant do this. Physical devices like routers are
mainly responsible for the behavior of packets, but the packets formed from the same datum can
reach their destination in different ways. Whereas, in connection oriented packet switching, once the
route is decided, then all the packets have to follow the same route. Examples of connectionless
packet switching are text messages in mobile phones, and the example of connection oriented
switching is a direct voice call.
The Sessions Layer: The sessions layer is mainly responsible for creating, maintaining and destroying
the communication link. PDU (Protocol Data Unit), in which various protocols are defined, that have
to be followed during communication, are the responsibility of the sessions layer. The applications
that use RPC's (remote procedure calls) are taken care of by the sessions layer.
Presentation Layer: There are various techniques of data compression which are used to send and
receive the optimized data. For example, if certain data is repeating itself for a number of times, then
it is logical to send the data only once, and specify the number of times it is repeated. This bundling
of the repeated data is one of the techniques of compressions. The compression and decompression
of the data is handled by the presentation layer. Also, encryption and decryption techniques used to
thwart malicious attacks on data are handled by the presentation layer.
Application Layer: This is the topmost layer of the OSI reference model. This layer comes into picture
when there is a process to process communication. Whenever a user invokes any application, all the
85
associated processes are run. Many a times, when an application wants to communicate with another
application, then there has to be communication between these associated processes. The
application layer is responsible for this inter process communication.
Sr. No.
2
3
4
OSI
Reference
Model
Model was first
defined
before
implementation
takes place
86
portion (if any) of the data received from the application layer is the application header and which
portion is actually user data, because that information is irrelevant to the presentation layers role.
The process of adding headers is repeated from layer to layer until the frame reaches the data link
layer. There, in addition to a data-link header, a data-link trailer is added. The data-link trailer
contains a checksum and padding if needed. This aids in frame synchronization. The frame is passed
down to the physical layer, where it is transmitted to the receiving host. On the receiving host, the
various headers and the data trailer are stripped off one by one as the frame ascends the layers and
finally reaches the receiving process.
87
A VPN is a private network that uses a public network (usually Internet) to connect remote sites or
users together. It will not use a dedicated, real-world connection such as leased line. It uses "virtual"
connections routed through the Internet from the company's private network to the remote site or
employee.
Types of VPN: Following are the 2 most common types of VPN
1. Remote-access:
Meaning:
This is a user-to-LAN connection used by a company that needs to connect to the private network
from various remote locations.
It is also called as Virtual Private Dial-Up Network (VPDN).
Working:
Generally, a company that wishes to set up a large remote-access VPN will outsource it to an
Enterprise Service Provider (ESP).
The ESP sets up a Network Access Server (NAS) and provides desktop client software to all the
computers of remote users.
Employees can dial a toll-free number to reach the NAS and use their VPN client software to access
the corporate network.
They provide secure, encrypted connections between a company's private network and remote users
through a third-party service provider.
Suitability: It is suitable for a company with large number of employees spread over wide area. For
example a company with hundreds of sales people in the field needs a remote-access VPN.
2. Site-to-Site VPN: Through the use of dedicated equipment and large-scale encryption, a company
can connect multiple fixed sites over a public network such as Internet. Site-to-site VPNs can be one
of the following two types:
a. Intranet based: If a company has one or more remote locations that they wish to join in a single
private
network, they can create an intranet VPN to connect LAN to LAN.
b. Extranet based: When a company has a close relationship with another company (for example, a
partner, supplier or customer), they can build an extranet VPN that connects LAN to LAN. With this,
various companies can work in a shared environment.
88
89
Database monitoring
Web monitoring
Storage on demand.
Disaster Recovery Plan
Data centres need to be equipped with appropriate disaster recovery systems, this is a plan made by
the organization before purchasing the computer. This plan ensures the management that, in case of
disasters, the recovery is possible through certain procedures and plans. When disaster occurs, the IT
organizations cannot stop their processors for a long time, and cannot tolerate too much downtime.
Hence every organization goes for its own disaster recovery sites.
There are three types of sites available:
Hot site- all the facilities, like key sites are available, very expensive, hardware, software, equipment
are available.
Warm site- Partially equipped, with some more facilities the processing can be resumed.
Cold site- only the space is available with air- conditioning, hardware, software, equipments are not
available, making the required facilities, and the processing can be resumed.
Disaster Events
1. There is a potential for significantly interrupting normal business processing.
2. Business is associated with natural disasters like earthquake, flood, tornadoes,
thunderstorm, fire, etc.
3. Disasters are disruptions causing the entire facility to be inoperative for a lengthy
period of time.
4. Catastrophes are disruptions resulting from disruption of processing facility.
Business continuity Plan (BCP) is documented description of action, resources and procedures to be
followed, before during and after the disaster occurs.
Components of BCPs
1.
Define the requirements based on business needs.
2.
Statements of critical resources needed and detailed planning on use of critical resources.
3.
Defined responsibilities of trained personnel and written documentation and procedures to
cover all operations.
4.
Commitment to maintain plan to keep up with changes.
90
91
Worms
_ A computer worm is a self-replicating computer program.
_ Worms are similar to viruses but they exist as separate and independent programs.
_ It uses a network to send copies of itself to other nodes (computer terminals on the network) and it
may do so without any user intervention.
_ Unlike a virus, worms do not need to attach itself to an existing program.
_ Worms may cause harm to the network. For e.g. they may consume bandwidth.
_ They exploit security weaknesses / bugs in the operating system to penetrate into other systems.
_ Exposures that arise from worms are more difficult to control than that arise from virus.
_ Generally anti virus / anti spyware software can prevent the attacks from Worms.
Hackers
_ Hackers attempt to gain unauthorized entry into a system by circumventing the access control
mechanism of the system. They can do this either with good or bad intention.
_ Some hackers may just trespass and read the files without making any changes to them.
_ Some hackers may cause destruction by deleting critical files, disrupting / suspending operations,
stealing sensitive data and / or programs.
_ They can be avoided only through robust logical access controls and / or Cyber Laws of the Land.
Intrusion Detection Systems (IDS)
Meaning: The goal of intrusion detection system is to monitor the network assets, to detect
anomalous behavior and misuse. This concept is there for nearly twenty years. But in recent years
there is a dramatic rise in its popularity and it is being incorporated into the overall information
security infrastructure. Following are different components of IDS:
Components of IDS:
1. Network Intrusion Detection (NID): _
_ Network intrusion detection deals with information passing in the wire between hosts.
_ Typically referred to as "packet-sniffers,"
_ Network intrusion detection devices intercept packets traveling in different communication
channels. Once captured, the packets are analyzed in a number of different ways.
_ Some NID devices will simply compare the packet with a database consisting of known attacks and
malicious packet "fingerprints",
_ While others will look for anomalous (= abnormal) packet activity that might indicate malicious
behavior.
_ In either case, network intrusion detection should be treated as a perimeter defense.
2. Host-based Intrusion Detection (HID): _
_ Host-based intrusion detection systems are designed to monitor, detect and respond to user and
system activity and attacks on a given host.
_ Some more robust tools also offer audit policy management and centralization, supply data
forensics, statistical analysis and evidentiary support, and in some cases provide some measure of
access control.
_ The difference between host-based and network-based intrusion detection is that NID deals with
data transmitted from host to host while HID is concerned with what occurs on the hosts themselves.
92
_ Host-based intrusion detection is best suited to combat (= fight against) internal threats.
_ Majority of computer threats come from within organization. For example, disgruntled employees,
corporate spies, etc.
3. Hybrid Intrusion Detection:
_ Hybrid intrusion detection systems offer management of and alert notification from both network
and host-based intrusion detection devices.
_ Hybrid solutions provide the logical complement to NID and HID i.e. Central Intrusion Detection
Management.
4. Network-Node Intrusion Detection (NNID): _
_ Network-node intrusion detection was developed to work around the inherent flaws in traditional
NID.
_ Network-node pulls the packet-intercepting technology from the wire and puts it on the host.
_ With NNID, the "packet-sniffer" is positioned in such a way that it captures packets after they reach
their final destination i.e. host.
_ The packet is then analyzed just as if it were traveling along the network through a conventional
"packet-sniffer."
_ In this approach, network-node is simply another module that can attach to the HID agent. The
major disadvantage is that it only evaluates packets addressed to the host on which it resides.
_ On the other hand, traditional network intrusion detection can monitor packets on an entire
subnet.
_ "packet-sniffers" are also incapable of viewing a complete subnet when the network uses highspeed communications, encryption or switches since they are essentially "without a sense of smell".
_ But NNID can defend the specific hosts against packet-based attacks in these complex
environments where conventional NID is ineffective.
93