drona tushar
TRANSCRIPT
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 1/95
Project Report
On
STUDY AND UPGRADATION OF DRONA
ARCHITECTURE AT DESIDOC
Guide: Submitted By:
Anranya Yadav Tushar
Scientist ‘C’
Defence Scientific Information and Documentation Center
Defence Research and Development Organization
Ministry of Defence, Government of India
Metcalfe House, Delhi-110054
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 2/95
CERTIFICATE
This is to certify that Mr.Tushar , student of B-Tech, from Galgotias university, did a five weeks
Training in Network Services Division (NSD) at Defence Scientif ic I nformation and Documentation Centr e
(DESIDOC), Defence Research and Development Organization (DRDO), M in istry of Defence, Metcalfe
House, Delh i-110054 from 14 jun, 2014 to 14 July, 2014 and has completed the project titled “ study and
upgradation of DRONA architecture ” to my entire satisfaction.
During the training, I found him to be very hardworking and sincere. He has the ability to learn new things
quickly and works well in a team. I wish him all the success in career and life.
(Anranya Yadav) (NISHANT KUMAR)
Project Head, NSD, Sc- ‘C’ Head NSD, Sc- ‘D’
(M. KARMAKAR)Head HRD
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 3/95
ACKNOWLEDGMENT
I would like to express my deep gratitude to Shri Suresh Kumar Jindal, Director,
Defence Scientific Information and Documentation Center (DESIDOC), DRDO, Metcalfe
House, New Delhi, for giving us the opportunity for five-weeks training in the esteemed
organization and providing all the necessary resources and expertise for this purpose.
I am highly grateful to Nishant Kumar, Sc ‘D’, Head, Network Services Division
(NSD) and our project guide Anranya Yadav, Scientist C, Network Services Division
(NSD),DESIDOC, DRDO for assigning us an innovative project and for their valuable
guidance. I would definitely like to place on record our thanks for their constant interest,
encouragement and support without which this venture would not have seen the dusk of the
day. As a project guide he also provided constant encouragement during our project for making
familiar with the intricacies of networking and guiding through the toughest time and leading
to the end of the tunnel.
(Tushar)
Roll .no.: 1101501027
Galgotias university
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 4/95
INTRODUCTION
This report f il e tell us about the DRONA archi tecture as well as its components in detail . Thi s report is
actually
based on the wide area network spread across whole DRDO network or we could say all the main as well as
the sub head quarters of DRDO
Also DRONA is the personal wide area network of DRDO and no other company nor any one else has ther igh t to use the services provided by DRONA wide area network.
Network facili ties avail able at DRDO are
Dnet is a 100 Mbps gigabit f iber optic local area network connecting all the bui ldings & Technology work
centr es. The facil ity i s available on 24 x 7 basis. DRDO Rapid Onl ine Network Access (DRONA) is also
accessed by all the off icers through th is network.
Wi th more than 40 in -house developed on-li ne applications and 50 knowledge portal . DRDL in tranet ha
become a very powerf ul tool for Communication and Knowledge Management for more than 1600 users
fr om DRDL and 300 users from RCI and ASL.
A separate ful ly secured in ternet connectivi ty is also avail able in DRDL on 24x7 basis. More than 100 nodes
are provided all across the lab thr ough a 2 Mbps leased l ine connection
Objective of Project
Study and upgradation of DRONA architecture at DRDO as well as knowledge of
servers
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 5/95
Table of Content
Certificate
Acknowledgement
Introduction and objective
Objective of Project1.Cables
2.connector
3.topology
4.diffrent types of network
5.bluetooth
6.FTP ,TELNET,SSH,RLOGIN
7.IP address,subnet8.Network devices
9.firewall
10.Network ports,web application server
11.OSI,TCP,IP model
12.TCP,IP,UDP
13.usb
14. vlan15.wifi wimax
16. proxy server
17.IDS,IPS
18.clb
19.WES,WAP
20. SCSI devices
21. RAID
22. UTM
23.DRONA architecture
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 6/95
Organization Profi le
The Defence Research and Development Organization (DRDO) is an agency of the Republic of India,
responsible for the development of technology for use by the military, headquartered in New Delhi, India. It
was formed in 1958 by the merger of the Technical Development Establishment and the Directorate of
Technical Development and Production with the Defence Science Organization. It is under the administrative
control of the Ministry of Defence, Government of India.
With a network of 52 laboratories, which are engaged in developing defence technologies covering various
fields, like aeronautics, armaments, electronics, land combat engineering, life sciences, materials, missiles, and
naval systems, DRDO is India's largest and most diverse research organization. The organization includes
around 5,000 scientists belonging to the Defence Research & Development Service (DRDS) and about 25,000
other scientific, technical and supporting personnel.
Defence Scientif ic I nformation & Documentation Centre (DESIDOC)
The Defence Scientific Information & Documentation Centre (DESIDOC) is a division of the Defence
Research and Development Organization (DRDO). Located in Delhi, its main function is the collection,
processing and dissemination of relevant technical information for DRDO scientists.
The Network Services Division (NSD) of DESIDOC is responsible for designing, hosting and maintenance of
DRDO website on Internet, DRDO Intranet administration and co-ordination, designing, hosting, maintenance
of DESIDOC website, Internet services through OFC based leased lines. The Division is also engaged in
software development, hardware maintenance, network management, and provides support for IT-based CEPcourses. It is also responsible for interaction with academia, project training of students, web casting of major
DRDO events from Dr. Bhagwantham Auditorium, DRDO Directors’ Conference, etc. to DRDO officials.
STUDY AND UPGRADATION OF DRONA
ARCHITECTURE AT DESIDOC
1. [CABLES]
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 7/95
The vast majority of networks today are connected by some sort of wiring or cabling that acts as a network
transmission medium that carries signals between computers. Many cable types are available to meet the varying
needs and sizes of networks, from small to large.
Cable types
Coaxial cable
Twisted-pair (unshielded and shielded) cable
Fiber-optic cable
Cable is the medium through which information usually moves from one network device to another. There are several
types of cable which are commonly used with LANs. In some cases, a network will utilize only one type of cable, other
networks will use a variety of cable types. The type of cable chosen for a network is related to the network's topology,
protocol, and size. Understanding the characteristics of different types of cable and how they relate to other aspects of
a network is necessary for the development of a successful network.
The following sections discuss the types of cables used in networks and other related topics.
Unshielded Twisted Pair (UTP) Cable
Shielded Twisted Pair (STP) Cable
Coaxial Cable
Fiber Optic Cable
Twisted pair cabling comes in two varieties: shielded and unshielded. Unshielded twisted pair (UTP) is the most popular
and is generally the best.The quality of UTP may vary from telephone-grade wire to extremely high-speed cable. The
cable has four pairs of wires inside the jacket. Each pair is twisted with a different number of twists per inch to help
eliminate interference from adjacent pairs and other electrical devices. The tighter the twisting, the higher the
supported transmission rate and the greater the cost per foot. The EIA/TIA (Electronic Industry
Association/Telecommunication Industry Association) has established standards of UTP and rated six categories of wire.
Twisted-pair cable is a type of cabling that is used for telephone communications and most modern Ethernet networks.
A pair of wires forms a circuit that can transmit data. The pairs are twisted to provide protection against crosstalk , the
noise generated by adjacent pairs. When electrical current flows through a wire, it creates a small, circular magnetic
field around the wire. When two wires in an electrical circuit are placed close together, their magnetic fields are the
exact opposite of each other. Thus, the two magnetic fields cancel each other out. They also cancel out any outside
magnetic fields. Twisting the wires can enhance this cancellation effect . Using cancellation together with twisting the
wires, cable designers can effectively provide self-shielding for wire pairs within the network media.
Two basic types of twisted-pair cable exist: unshielded twisted pair (UTP) and shielded twisted pair (STP). The following
sections discuss UTP and STP cable in more detail.
Twisted-Pair Cable
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 8/95
In its simplest form, twisted-pair cable consists of two insulated strands of copper wire twisted around each other.
Figure 2.12 shows the two types of twisted-pair cable: unshielded twisted-pair (UTP) and shielded twisted-pair (STP)
cable.
Figure 2.12 Unshielded twisted-pair and shielded
twisted-pair cables
A number of twisted-pair wires are often grouped together and enclosed in a protective sheath to form a cable. The
total number of pairs in a cable varies. The twisting cancels out electrical noise from adjacent pairs and from other
sources such as motors, relays, and transformers.
Unshielded Twisted-Pair (UTP) Cable
UTP, using the 10BaseT specification, is the most popular type of twisted-pair cable and is fast becoming the mostpopular LAN cabling. The maximum cable length segment is 100 meters, about 328 feet.
Traditional UTP cable, as shown in Figure 2.13, consists of two insulated copper wires. UTP specifications govern how
many twists are permitted per foot of cable; the number of twists allowed depends on the purpose to which the cable
will be put. In North America, UTP cable is the most commonly used cable for existing telephone systems and is already
installed in many office buildings.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 9/95
Error!
Shielded Twisted-Pair (STP) Cable Is more common in high-speed networks. The biggest difference you will see in the
UTP and STP is that the STP use's metallic shield wrapping to protect the wire from interference.Something else to note
about these cables is that they are defined in numbers also. The bigger the number the better the protection from
interference. Most networks should go with no less than a CAT 3 and CAT 5 is most recommended.Now you know
about cables we need to know about connectors. This is pretty important and you will most likely need the RJ-45
connector. This is the cousin of the phone jack connector and looks real similar with the exception that the RJ-45 is
bigger. Most commonly your connector are in two flavors and this is BNC (Bayonet Naur Connector) used in thicknets
and the RJ-45 used in smaller networks using UTP/STP. STP cable uses a woven copper-braid jacket that is more
protective and of a higher quality than the jacket used by UTP. Figure 2.15 shows a two-twisted-pair STP cable. STP also
uses a foil wrap around each of the wire pairs. This gives STP excellent shielding to protect the transmitted data from
outside interference, which in turn allows it to support higher transmission rates over longer distances than UTP.
STP cable
Twisted-Pair Cabling Components
While we have defined twisted-pair cabling by the number of twists and its ability to transmit data, additional
components are necessary to complete an installation. As it is with telephone cabling, a twisted-pair cable network
requires connectors and other hardware to ensure proper installation
Twisted-Pair Cabling Considerations
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 10/95
Use twisted-pair cable if:
Your LAN is under budget constraints.
You want a relatively easy installation in which computer connections are simple.
Do not use twisted-pair cable if:
Your LAN requires a high level of security and you must be absolutely sure of data integrity.
You must transmit data over long distances at high speeds.
twisted-Pair Cabling Considerations
Use twisted-pair cable if:
Your LAN is under budget constraints.
You want a relatively easy installation in which computer connections are simple.
Do not use twisted-pair cable if:
Your LAN requires a high level of security and you must be absolutely sure of data integrity.
You must transmit data over long distances at high speeds.
UTP Cable
Unshielded twisted-pair cable is separated into five categories designated by the TIA/EIA 568-A standard.
· Category 1 is telephone cable.
· Category 2 was used for token ring networks and is not recommended for Ethernet networks.
· Categories 3 and 4 can be used with Ethernet networks, but suffer more
from EMI than category 5. Category 3 cables typically have two twists per
foot
Category 4 cables have more twists per foot, but less than Category 5
Category 5 cable is primarily used in LANs. The most typical connector
used with UTP is a RJ-45, which resembles a large telephone connector
(RJ-11). This cable has a very high twist rate per foot.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 11/95
UTP cable is a medium that is composed of pairs of wires . UTP cable is used in a variety of networks. Each of the eight
individual copper wires in UTP cable is covered by an insulating material. In addition, the wires in each pair are twisted
around each other.UTP cable relies solely on the cancellation effect produced by the twisted wire pairs to limit signal
degradation caused by electromagnetic interference (EMI) and radio frequency interference (RFI). To further reduce
crosstalk between the pairs in UTP cable, the number of twists in the wire pairs varies. UTP cable must follow precise
specifications governing how many twists or braids are permitted per meter (3.28 feet) of cable.UTP cable often is
installed using a Registered Jack 45 (RJ-45) connector . The RJ-45 is an eight-wire connector used commonly to connect
computers onto a local-area network (LAN), especially Ethernets.When used as a networking medium, UTP cable has
four pairs of either 22- or 24-gauge copper wire. UTP used as a networking medium has an impedance of 100 ohms; thisdifferentiates it from other types of twisted-pair wiring such as that used for telephone wiring, which has impedance of
600 ohms.UTP cable offers many advantages. Because UTP has an external diameter of approximately 0.43 cm (0.17
inches), its small size can be advantageous during installation. Because it has such a small external diameter, UTP does
not fill up wiring ducts as rapidly as other types of cable. This can be an extremely important factor to consider,
particularly when installing a network in an older building. UTP cable is easy to install and is less expensive than other
types of networking media. In fact, UTP costs less per meter than any other type of LAN cabling. And because UTP can
be used with most of the major networking architectures, it continues to grow in popularity.Disadvantages also are
involved in using twisted-pair cabling, however. UTP cable is more prone to electrical noise and interference than other
types of networking media, and the distance between signal boosts is shorter for UTP than it is for coaxial and fiber-
optic cables.Although UTP was once considered to be slower at transmitting data than other types of cable, this is nolonger true. In fact, UTP is considered the fastest copper-based medium today. The following summarizes the features
of UTP cable:Speed and throughput—10 to 1000 MbpsAverage cost per node—Least expensiveMedia and connector
size—Small Maximum cable length—100 m (short) Commonly used types of UTP cabling are as follows:
Category 1—Used for telephone communications. Not suitable for transmitting data.
Category 2—Capable of transmitting data at speeds up to 4 megabits per second (Mbps).
Category 3—Used in 10BASE-T networks. Can transmit data at speeds up to 10 Mbps.
Category 4—Used in Token Ring networks. Can transmit data at speeds up to 16 Mbps.
Category 5—Can transmit data at speeds up to 100 Mbps.
Used in networks running at speeds up to 1000 Mbps (1 gigabit per second [Gbps]). Category 6—Typically, Category 6
cable consists of four pairs of 24 American Wire Gauge (AWG) copper wires. Category 6 cable is currently the fastest
standard for UTP. Within unshielded twisted-pair (UTP) cable there are typically 2 to 8 wires, 1 to 4 pairs. Each pair is
twisted around each other at a different rate, which reduces EMI (Electro-Magnetic Interference) between the pairs
and other electrical signals. Each pair is color-coded, according to standards, and the entire cable is inside a protective
plastic insulation sheath. In Category 5 UTP, there are usually 4 pairs of wires, with one wire of solid color and one ofwhite with the same color stripe in each pair: The TIA/EIA 568 standard has two wiring sequences, T568A and T568B.
The sequence of the wires dictates how the wires are terminated on the RJ-45 connector. Either sequence may be used
to set up a network. Once a wiring sequence has been chosen, using the same sequence throughout the entire network
is necessary. Data networks usually use the TIA/EIA 568B standard. The wires must be correctly paired together for the
entire length of the cable to ensure signal quality. TIA/EIA 568A Wiring Sequence In both the 568A and 568B sequences,
pair 1 is always designated as the blue wires and pair 4 is always the brown wires. Pair 1 is always assigned to pins 4 and
5 in the connector. The solid blue wire connects to pin 4, as a ring (R) wire,and the white wire of the blue pair connects
to pin 5, as a tip (T) wire. Pair 4 is always assigned to pins 7 and 8 on the connector. The white wire of the brown pair
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 12/95
connects to pin 7, as the tip wire, and the brown wire connects to pin 8, as the ring wire. The terms tip and ring are old
telephony terms used to designate the tip (Tipping the telephone handset off the cradle to transmit a signal that a
phone number is about to be dialed) and ring (The response heard on the receiving end of the handset once the
number is dialed and the phone is ringing on the other end). The blue and brown pairs may not be used if the network
system is set to use up to 10 Mbps bandwidth. In this instance, the blue pair may be used for voice transmission
(telephone) and the brown pair dedicated to other network functions. The orange and green pairs, pin positions #1, 2,
3, and 6, are used for Ethernet transmitting (pins 1 and 2) and receiving (pins 3 and 6).
In the T568A sequence, the green pair is assigned to pins 1 and 2, and the orange pair is split between pin 3 and 6. Inthe T568B sequence, it is the green pair that is split between pin 3 and 6, and the orange pair that is assigned to pins 1
and 2. Speed and throughput—10 to 100 MbpsAverage cost per node—Moderately expensiveMedia and connector
size—Medium to larg Maximum cable length—100 m (short)When comparing UTP and STP, keep the following points in
mind:The speed of both types of cable is usually satisfactory for local-area distances.These are the least-expensive
media for data communication. UTP is less expensive than STP.Because most buildings are already wired with UTP,
many transmission standards are adapted to use it, to avoid costly rewiring with an alternative cable type.
Categories of Unshielded Twisted Pair
CategorySpeed Use
1 1 Mbps Voice Only (Telephone Wire)
2 4 Mbps LocalTalk & Telephone (Rarely used)
3 16 Mbps 10BaseT Ethernet
4 20 Mbps Token Ring (Rarely used)
5
100 Mbps (2 pair) 100BaseT Ethernet
1000 Mbps (4 pair) Gigabit Ethernet
5e 1,000 Mbps Gigabit Ethernet
6 10,000 Mbps Gigabit Ethernet
A twisted pair consists of two conductors (normally copper), each with its own plastic
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 13/95
insulation, twisted together One of the wires is used to carry signals to the receiver, and the otheris used only as a
ground reference. The receiver uses the difference between the two.In addition to the signal sent by the sender on one
ofthe wires, interference (noise)
and crosstalk may affect both wires and create unwanted signals.Ifthe two wires are parallel, the effect ofthese
unwanted signals is not the same inboth wires because they are at different locationsrelative to the noise or crosstalk
sources(e,g., one is closer and the otheris farther). Thisresults in a difference at the receiver. By twist,ing the pairs, a
balance is maintained. For example, suppose in one twist, one wire is closer to the noise source and the other is farther;
in the next twist, the reverse is true.Twisting makes it probable that both wires are equally affected by external
influences (noise or crosstalk). This means that the receiver, which calculatesthe difference between the two, receives
no unwanted signals. The unwanted signals are mostly canceled out.From the above discussion, it is clear that the
number of twists per unit of length (e.g., inch) has some effect on the quality of the cable
Unshielded Versus Shielded Twisted-Pair Cable
The most common twisted-pair cable used in communications is referred to as unshielded twisted-pair (UTP). IBM has
also produced a version oftwisted-pair cable for its use called shielded twisted-pair (STP).
Categories
The Electronic Industries Association (EIA) has developed standards to classify
unshielded twisted-pair cable into seven categories. Categories are determined by cable quality, with 1 as the lowest
and 7 as the highest. Each EIA category is suitable for specific uses
Applications
Twisted-pair cables are used in telephone lines to provide voice and data channels. The local loop-the line that connectssubscribersto the central telephone office---commonly consists of unshielded twisted-pair cables. The DSL lines that
are used by the telephone companies to provide high-data-rate connections also use the high-bandwidth capability of
unshielded twisted-pair cables. Local-area networks, such as lOBase-T and lOOBase-T, also use twisted-pair cables.
Shielded Twisted Pair (STP) Cable
Although UTP cable is the least expensive cable, it may be susceptible to radio and electrical frequency interference (it
should not be too close to electric motors, fluorescent lights, etc.). If you must place cable in environments with lots of
potential interference, or if you must place cable in extremely sensitive environments that may be susceptible to the
electrical current in the UTP, shielded twisted pair may be the solution. Shielded cables can also help to extend the
maximum distance of the cables.
Shielded twisted pair cable is available in three different configurations:
Each pair of wires is individually shielded with foil.
There is a foil or braid shield inside the jacket covering all wires (as a group).
There is a shield around each individual pair, as well as around the entire group of wires (referred to as double
shield twisted pair).
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 14/95
Although UTP cable is the least expensive cable, it may be susceptible to radio and electrical frequency interference (it
should not be too close to electric motors, fluorescent lights, etc.). If you must place cable in environments with lots of
potential interference, or if you must place cable in extremely sensitive environments that may be susceptible to the
electrical current in the UTP, shielded twisted pair may be the solution. Shielded cables can also help to extend the
maximum distance of the cables.
Shielded twisted pair cable is available in three different configurations:
Each pair of wires is individually shielded with foil.
There is a foil or braid shield inside the jacket covering all wires (as a group).
There is a shield around each individual pair, as well as around the entire group of
wires (referred to as double shield twisted pair).cable combines the techniques of shielding, cancellation, and wire
twisting. Each pair of wires is wrapped in a metallic foil . The four pairs of wires then are wrapped in an overall metallic
braid or foil, usually 150-ohm cable. As specified for use in Ethernet network installations, STP reduces electrical noise
both within the cable (pair-to-pair coupling, or crosstalk) and from outside the cable (EMI and RFI). STP usually is
installed with STP data connector, which is created especially for the STP cable. However, STP cabling also can use the
same RJ connectors that UTP uses.Although STP prevents interference better than UTP, it is more expensive and
difficult to install. In addition, the metallic shielding must be grounded at both ends. If it is improperly grounded, the
shield acts like an antenna and picks up unwanted signals. Because of its cost and difficulty with termination, STP is
rarely used in Ethernet networks. STP is primarily used in Europe.
Unshielded Twisted Pair (UTP)
This is the most popular form of cables in the network and the cheapest form that you can go with. The UTP has four
pairs of wires and all inside plastic sheathing. The biggest reason that we call it Twisted Pair is to protect the wires from
interference from themselves. Each wire is only protected with a thin plastic sheath.
Ethernet Cabling
Now to familiarize you with more on the Ethernet and it's cabling we need to look at the 10's. 10Base2, is considered
the thin Ethernet, thinnet, and thinwire which uses light coaxial cable to create a 10 Mbps network. The cable segments
in this network can't be over 185 meters in length. These cables connect with the BNC connector. Also as a note these
unused connection must have a terminator, which will be a 50-ohm terminator. 10Base5, this is considered a thicknet
and is used with coaxial cable arrangement such as the BNC connector. The good side to the coaxial cable is the high-
speed transfer and cable segments can be up to 500 meters between nodes/workstations. You will typically see the
same speed as the 10Base2 but larger cable lengths for more versatility. 10BaseT, the “T” stands for twisted as in UTP
(Unshielded Twisted Pair) and uses this for 10Mbps of transfer. The down side to this is you can only have cable lengths
of 100 meters between nodes/workstations. The good side tothis network is they are easy to set up and cheap! This is
why they are so common an ideal for small offices or homes. 100BaseT, is considered Fast Ethernet uses STP (Shielded
Twisted Pair) reaching data transfer of 100Mbps. This system is a little more expensive but still remains popular as the
10BaseT and cheaper than most other type networks. This on of course would be the cheap fast version. 10BaseF, this
little guy has the advantage of fiber optics and the F stands for just that.This arrangement is a little more complicated
and uses special connectors and NIC's along with hubs to create its network. Pretty darn neat and not to cheap on the
wallet. An important part of designing and installing an Ethernet is selecting the appropriate Ethernet medium. There
are four major types of media in use today: Thickwire for 10BASE5 networks, thin coax for 10BASE2 networks,
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 15/95
unshielded wisted pair (UTP) for 10BASE-T networks and fiber optic for 10BASE-FL or Fiber-Optic Inter-Repeater Link
(FOIRL) networks. This wide variety of media reflects the evolution of Ethernet and also points to the technology's
flexibility. Thickwire was one of the first cabling systems used in Ethernet but was expensive and difficult to use. This
evolved to thin coax, which is easier to work with and less expensive.
Coaxial Cable
At one time, coaxial cable was the most widely used network cabling. There were a couple of reasons for coaxial cable's
wide usage: it was relatively inexpensive, and it was light, flexible, and easy to work with.In its simplest form, coaxialcable consists of a core of copper wire surrounded by insulation, a braided metal shielding, and an outer cover. Figure
2.1 shows the various components that make up a coaxial cable.The term shielding refers to the woven or stranded
metal mesh (or other material) that surrounds some types of cabling. Shielding protects transmitted data by absorbing
stray electronic signals, called noise, so that they do not get onto the cable and distort the data. Cable that contains one
layer of foil insulation and one layer of braided metal shielding is referred to as dual shielded . For environments that
are subject to higher interference, quad shielding is available. Quad shielding consists of two layers of foil insulation and
two layers of braided metal shielding.The stranded, protective sleeve absorbs stray electronic signals so that they do
not affect data being sent over the inner copper cable. For this reason, coaxial cabling is a good choice for longer
distances and for reliably supporting higher data rates with less sophisticated equipment.
Types of Coaxial Cable
There are two types of coaxial cable:
Thin (thinnet) cable
Thick (thicknet) cable
Which type of coaxial cable you select depends on the needs of your particular network.
Thinnet Cable Thinnet cable is a flexible coaxial cable about 0.64 centimeters (0.25 inches) thick. Because this type ofcoaxial cable is flexible and easy to work with, it can be used in almost any type of network installation. Figure below
shows thinnet cable connected directly to a computer's network interface card (NIC).
Close-up view of thinnet cable showing where it connects to a Thinnet
coaxial cable can carry a signal for a distance of up to approximately 185 meters (about 607 feet) before the signal
starts to suffer from attenuation.Cable manufacturers have agreed upon specific designations for different types of
cable. (Table 2.1 lists cable types and descriptions.) Thinnet is included in a group referred to as the RG-58 family and
has 50ohm impedance. (Impedance is the resistance, measured in ohms, to the alternating current that flows in a wire.)
The principal distinguishing feature of the RG-58 family is the center core of copper. Figure 2.4 shows two examples of
RG-58 cable, one with a stranded wire core and one with a solid copper core.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 16/95
Cable
Description
Thicknet Cable Thicknet cable is a relatively rigid coaxial cable about 1.27 centimeters (0.5 inches) in diameter. Figure
2.5 shows the difference between thinnet and thicknet cable. Thicknet cable is sometimes referred to as Standard
Ethernet because it was the first type of cable used with the popular network architecture Ethernet. Thicknet cable's
copper core is thicker than a thinnet cable core.The thicker the copper core, the farther the cable can carry signals. This
means that thicknet can carry signals farther than thinnet cable. Thicknet cable can carry a signal for 500 meters (about
1640 feet). Therefore, because of thicknet's ability to support data transfer over longer distances, it is sometimes used
as a backbone to connect several smaller thinnet-based networks.Figure 2.6 shows a device called a transceiver. A
transceiver connects the thinnet coaxial cable to the larger thicknet coaxial cable. A transceiver designed for thicknet
Ethernet includes a connector known as a vampire tap, or a piercing tap, to make the actual physical connection to the
thicknet core. This connector is pierced through the insulating layer and makes direct contact with the conducting core.
Connection from the transceiver to the NIC is made using a transceiver cable (drop cable) to connect to the attachment
unit interface (AUI) port connector on the card. An AUI port connector for thicknet is also known as a Digital Intel Xerox
(DIX)connector (named for the three companies that developed it and its related standards) or as a DB-15
connector.Thinnet vs. Thicknet Cable As a general rule, the thicker the cable, the more difficult it is to work with. Thin
cable is flexible, easy to install, and relatively inexpensive. Thick cable does not bend easily and is, therefore, harder to
install. This is a consideration when an installation calls for pulling cable through tight spaces such as conduits and
troughs. Thick cable is more expensive than thin cable, but will carry a signal farther.The stranded, protective sleeve
absorbs stray electronic signals so that they do not affect data being sent over the inner copper cable. For this reason,
coaxial cabling is a good choice for longer distances and for reliably supporting higher data rates with less sophisticated
equipment.
Coaxial Cable
At one time, coaxial cable was the most widely used network cabling. There were a couple of reasons for coaxial cable's
wide usage: it was relatively inexpensive, and it was light, flexible, and easy to work with.In its simplest form, coaxial
cable consists of a core of copper wire surrounded by insulation, a braided metal shielding, and an outer cover. Figure
2.1 shows the various components that make up a coaxial cable.
Coaxial-Cable Connection Hardware
Both thinnet and thicknet cable use a connection component, known as a BNC connector , to make the connections
between the cable and the computers. There are several important components in the BNC family.
Coaxial-Cable Grades and Fire CodesThe type of cable grade that you should use depends on where the cables will be
laid in your office. Coaxial cables come in two grades:
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 17/95
Polyvinyl chloride (PVC) grade
Plenum grade
Polyvinyl chloride (PVC) is a type of plastic used to construct the insulation and cable jacket for most types of coaxial
cable. PVC coaxial cable is flexible and can be easily routed through the exposed areas of an office. However, when it
burns, it gives off poisonous gases.
A plenum is the shallow space in many buildings between the false ceiling and the floor above; it is used to circulate
warm and cold air through the building. Figure 2.11 shows a typical office and where to use —or not use—PVC and
plenum-grade cables. Fire codes give very specific instructions about the type of wiring that can be routed through this
area, because any smoke or gas in the plenum will eventually blend with the air breathed by everyone in the building.
Plenum-grade cabling contains special materials in its insulation and cable jacket. These materials are certified to be fire
resistant and produce a minimum amount of smoke; this reduces poisonous chemical fumes. Plenum cable can be used
in the plenum area and in vertical runs (for example, in a wall) without conduit. However, plenum cabling is more
Coaxial-Cabling Considerations Consider the following coaxial capabilities when making a decision about which type of
cabling to use.
Use coaxial cable if you need a medium that can:
Transmit voice, video, and data.
Transmit data for greater distances than is possible with less expensive cabling.
Offer a familiar technology with reasonable data security.
Coaxial cable (or coax) carries signals ofhigherfrequency ranges than in twisted pair cable. in part because the two
media are constructed quite differently instead of having two wires, coax has a central core conductor ofsolid or
stranded wire (usually copper) enclosed in an insulating sheath, which is, in turn, encased in an outer conductorof
metal foil, braid, or a combination of the two. The outer metallic wrapping servesboth as a shield against noise and as
the second conductor, which completes the circuit.This outer conductor is also enclosed in an insulating sheath, and
the whole cable is protected by a plastic cover.
Coaxial Cable Connectors
To connect coaxial cable to devices, we need coaxial connectors. The most commontype of connector used today is the
Bayone-Neill-Concelman (BNe), connector.shows three popular types of these connectors: the BNC connector, the BNC
T connector, and the BNC terminator.
The BNC connector is used to connect the end of the cable to a device, such as a TV set. The BNC T connector is used in
Ethernet networks.out to a connection to a computer or other device. The BNC terminator is used at the end ofthe
cable to prevent the reflection ofthe signal.
Performance
As we did with twisted-pair cables, we can measure the performance of a coaxial cable. We notice in that the
attenuation is much higher in coaxial cables than in twisted-pair cable. In other words, although coaxial cable has a
much higher bandwidth,the signal weakens rapidly and requires the frequent use ofrepeaters.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 18/95
Applications
common application of coaxial cable is in traditional Ethernet LANs (see Chapter 13). Because of its high bandwidth,
and consequently high data rate, coaxial cable was chosen for digital transmission in early EthernetLANs. The 10Base-2,
orThin Ethernet, uses RG-58 coaxial cable with BNe connectors to transmit data at 10 Mbps with a range of 185 m. The
lOBase5, orThickEthernet, uses RG-11 (thick coaxial cable) to transmit 10 Mbps with a range of 5000 m. Thick Ethernet
has specialized connectors.Coaxial cabling has a single copper conductor at its center. A plastic layer provides insulation
between the center conductor and a braided metal shield (See fig. 3). The metal shield helps to block any outside
interference from fluorescent lights, motors, and other computers.
Fig. 3. Coaxial cable
Although coaxial cabling is difficult to install, it is highly resistant to signal interference. In addition, it can support
greater cable lengths between network devices than twisted pair cable. The two types of coaxial cabling are thick
coaxial and thin coaxial.
Thin coaxial cable is also referred to as thinnet. 10Base2 refers to the specifications for thin coaxial cable carrying
Ethernet signals. The 2 refers to the approximate maximum segment length being 200 meters. In actual fact themaximum segment length is 185 meters. Thin coaxial cable has been popular in school networks, especially linear bus
networks.
Thick coaxial cable is also referred to as thicknet. 10Base5 refers to the specifications for thick coaxial cable carrying
Ethernet signals. The 5 refers to the maximum segment length being 500 meters. Thick coaxial cable has an extra
protective plastic cover that helps keep moisture away from the center conductor. This makes thick coaxial a great
choice when running longer lengths in a linear bus network. One disadvantage of thick coaxial is that it does not bend
easily and is difficult to install.The most common type of connector used with coaxial cables is the Bayone-Neill-
Concelman (BNC) connector . Different types of adapters are available for BNC connectors, including a T-connector,
barrel connector, and terminator. Connectors on the cable are the weakest points in any network. To help avoidproblems with your network, always use the BNC connectors that crimp, rather screw, onto the cable.
Coaxial cable consists of a hollow outer cylindrical conductor that surrounds a single inner wire made of two conducting
elements. One of these elements, located in the center of the cable, is a copper conductor. Surrounding the copper
conductor is a layer of flexible insulation. Over this insulating material is a woven copper braid or metallic foil that acts
both as the second wire in the circuit and as a shield for the inner conductor. This second layer, or shield, can help
reduce the amount of outside interference. Covering this shield is the cable jacket. Coaxial cable supports 10 to 100
Mbps and is relatively inexpensive, although it is more costly than UTP on a per-unit length. However, coaxial cable can
be cheaper for a physical bus topology because less cable will be needed. Coaxial cable can be cabled over longer
distances than twisted-pair cable. For example, Ethernet can run approximately 100 meters (328 feet) using twisted-pair cabling. Using coaxial cable increases this distance to 500m (1640.4 feet).For LANs, coaxial cable offers several
advantages. It can be run with fewer boosts from repeaters for longer distances between network nodes than either
STP or UTP cable. Repeaters regenerate the signals in a network so that they can cover greater distances. Coaxial cable
is less expensive than fiber-optic cable, and the technology is well known; it has been used for many years for all types
of data communication.When working with cable, you need to consider its size. As the thickness, or diameter, of the
cable increases, so does the difficulty in working with it. Many times cable must be pulled through existing conduits and
troughs that are limited in size. Coaxial cable comes in a variety of sizes. The largest diameter (1 centimeter [cm]) was
specified for use as Ethernet backbone cable because historically it had greater transmission length and noise-rejection
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 19/95
characteristics. This type of coaxial cable is frequently referred to as Thicknet . As its nickname suggests, Thicknet cable
can be too rigid to install easily in some situations because of its thickness. The general rule is that the more difficult the
network medium is to install, the more expensive it is to install. Coaxial cable is more expensive to install than twisted-
pair cable. Thicknet cable is almost never used except for special-purpose installations.A connection device known as a
vampire tap was used to connect network devices to Thicknet. The vampire tap then was connected to the computers
via a more flexible cable called the attachment unit interface (AUI). Although this 15-pin cable was still thick and tricky
to terminate, it was much easier to work with than Thicknet.In the past, coaxial cable with an outside diameter of only
0.35 cm (sometimes referred to as Thinnet ) was used in Ethernet networks. Thinnet was especially useful for cable
installations that required the cable to make many twists and turns. Because it was easier to install, it was also cheaperto install. Thus, it was sometimes referred to asCheapernet . However, because the outer copper or metallic braid in
coaxial cable comprises half the electrical circuit, special care had to be taken to ensure that it was properly grounded.
Grounding was done by ensuring that a solid electrical connection existed at both ends of the cable. Frequently,
however, installers failed to properly ground the cable. As a result, poor shield connection was one of the biggest
sources of connection problems in the installation of coaxial cable. Connection problems resulted in electrical noise,
which interfered with signal transmittal on the networking medium. For this reason, despite its small diameter, Thinnet
no longer is commonly used in Ethernet networks.The most common connectors used with Thinnet are BNC, short for
British Naval Connector or Bayonet Neill Concelman, connectors . The basic BNC connector is a male type mounted at
each end of a cable. This connector has a center pin connected to the center cable conductor and a metal tube
connected to the outer cable shield. A rotating ring outside the tube locks the cable to any female connector. BNC T-connectors are female devices for connecting two cables to a network interface card (NIC). A BNC barrel connector
facilitates connecting two cables together.
The following summarizes the features of coaxial cables:
Speed and throughput—10 to 100 Mbps
Average cost per node—Inexpensive
Media and connector size—Medium
Maximum cable length—500 m (medium)
Fiber-OpticCable
Fiber-Optic Cable
In fiber-optic cable, optical fibers carry digital data signals in the form of modulated pulses of light. This is a relatively
safe way to send data because, unlike copper-based cables that carry data in the form of electronic signals, no electrical
impulses are carried over the fiber-optic cable. This means that fiberoptic cable cannot be tapped, and its data cannot
be stolen.Fiber-optic cable is good for very high-speed, high-capacity data transmission because of the purity of thesignal and lack of signal attenuation.
Fiber-Optic Cable Composition
An optical fiber consists of an extremely thin cylinder of glass, called the core, surrounded by a concentric layer of glass,
known as the cladding. The fibers are sometimes made of plastic. Plastic is easier to install, but cannot carry the light
pulses for as long a distance as glass.Because each glass strand passes signals in only one direction, a cable includes two
strands in separate jackets. One strand transmits and one receives. A reinforcing layer of plastic surrounds each glass
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 20/95
strand, and Kevlar fibers provide strength. See Figure 2.18 for an illustration of fiber-optic cable. The Kevlar fibers in the
fiber-optic connector are placed between the two cables. Just as their counterparts (twisted-pair and coaxial) are, fiber-
optic cables are encased in a plastic coating for protection.Fiber-optic cable transmissions are not subject to electrical
interference and are extremely fast, currently transmitting about 100 Mbps with demonstrated rates of up to 1 gigabit
per second (Gbps). They can carry a signal—the light pulse—for many miles.
Fiber-Optic Cabling Considerations
Use fiber-optic cable if you:
Need to transmit data at very high speeds over long distances in very secure media.
Do not use fiber-optic cable if you:
Are under a tight budget.
Do not have the expertise available to properly install it and connect devices to it.
Fiber optic cabling consists of a center glass core surrounded by several layers of protective materials . It transmits light
rather than electronic signals eliminating the problem of electrical interference. This makes it ideal for certainenvironments that contain a large amount of electrical interference. It has also made it the standard for connecting
networks between buildings, due to its immunity to the effects of moisture and lighting.Fiber optic cable has the ability
to transmit signals over much longer distances than coaxial and twisted pair. It also has the capability to carry
information at vastly greater speeds. This capacity broadens communication possibilities to include services such as
video conferencing and interactive services. The cost of fiber optic cabling is comparable to copper cabling; however, it
is more difficult to install and modify. 10BaseF refers to the specifications for fiber optic cable carrying Ethernet signals.
The center core of fiber cables is made from glass or plastic fibers (see fig 5). A plastic coating then cushions the fiber
center, and kevlar fibers help to strengthen the cables and prevent breakage. The outer insulating jacket made of teflon
or PVC.
There are two common types of fiber cables -- single mode and multimode. Multimode cable has a larger diameter;
expensive.
Specification Cable Type
10BaseT Unshielded Twisted Pair
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 21/95
10Base2 Thin Coaxial
10Base5 Thick Coaxial
100BaseT Unshielded Twisted Pair
100BaseFX Fiber Optic
100BaseBX Single mode Fiber
100BaseSX Multimode Fiber
1000BaseT Unshielded Twisted Pair
1000BaseFX Fiber Optic
1000BaseBX Single mode Fiber
1000BaseSX Multimode Fiber
Fiber optic cable uses light pulses rather than electrical signals to transmit information across a network. The cable
may be used over many miles because there is no electrical EMI (Electro-Magnetic Interference) and the bandwidth is
very high. Fiber optic cable is usually used for the backbone of a network. Since glass and plastic cores can be cracked
or broken, installation requires care. Special monitoring equipment is required to locate a break in the fiber optic cable.
The core of the cable may be made of glass or plastic, which is protected by a layer of gel or light reflecting plastic.
plastic insulation sheath then surrounds the entire cable. Fiber Optic transmission speeds of 10Gigabits per second,
currently, 1.6 Terabits per second is being tested Decision Factor Fiber
Types of Cables and Connecting a Networking Devices
Straight-Through Cable - Four-pair, eight-wire, straight-through cable, which means that the color of wire on Pin 1 on
one end of the cable is the same as that of Pin 1 on the other end. Pin 2 is the same as Pin 2, and so on. The cable is
wired to either EIA/TIA T568B or T568A standards for 10BASE-T Ethernet, which determines what color wire is on each
pin.
Crossover Cable - A crossover cable means that the second and third pairs on one end of the cable will be reversed on
the other end. The pin-outs are T568A on one end and T568B on the other end. All 8 conductors (wires) should be
terminated with RJ-45 modular connectors. Crossover cable conforms to the structured cabling standards. If the
crossover cable is used between switches, it's considered to be part of the "vertical" cabling. Vertical cabling is also
called backbone cabling. A crossover cable can be used as a backbone cable to connect two or more switches in a LAN,
or to connect two isolated hosts to create a mini-LAN. This will allow the connection of two hosts or a server and a host
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 22/95
without the need for a hub between them. This can be very helpful for testing and training. To connect more than two
hosts, a switch is needed.
Rollover Cable - A 4-pair "rollover" cable. This type of cable is typically 3.05 m long but can be as long as 7.62 m. A
rollover cable can be used to connect a host or dumb terminal to the console port on the back of a router or switch.
Both ends of the cable have RJ-45 connectors on them. One end plugs directly into the RJ-45 console management port
on the back of the router or switch. Plug the other end into an RJ-45-to-DB9 terminal adapter. This adapter converts the
RJ-45 to a 9-pin female D connector for attachment to the PC or dumb terminal serial (COM) port. A DB25 terminal
adapter is also available to connect with a PC or dumb terminal. This adapter uses a 25 pin connector. Figure 18 showsa rollover console cable kit.
Computer Network Cables
This article is simply designed to just explain what computer network cables are, and how you can identify the different
types and categories. There are basically two types of computer network cables. There are straight through cables, and
crossover cables. They look very similar, but it is possible to tell them apart. This article will help you do just that.There
are also different categories of Ethernet cables such as Cat 5, Cat 5e and Cat 6. This article also seeks to explain the
differences.
Types of Computer Network Cables - Different Categories
The following are the different "categories" of cabling. As time goes on these categories have improved, so that the Cat
7 cable is now the latest and newest type of cable. However, Cat5, Cat5e and Cat6 are typically the most used types.
Types of Computer Network Cables - Different Categories
The following are the different "categories" of cabling. As time goes on these categories have improved, so that the Cat
7 cable is now the latest and newest type of cable. However, Cat5, Cat5e and Cat6 are typically the most used types.
The list below, summarizes each of the different types of ethernet cabling.
Cat 5 - used for the 10/100Mb Ethernet networks and also used for voice cabling, token ring and ATM. Cat 5 cables
were superceded by the superior Cat 5e cabling.
Cat 5E - an improved version of Cat5 cabling that prevents cross-talk and is rated at a much higher 350Mhz. Cat5e
cables are also used for the 10/100Mb networks and the 1000Mb (or Gigabit Ethernet) networks.
Cat 6 - used for the 10/100/1000Mb networks. Similar to the Cat5e cables but with larger gauge wires. People
incorrectly assume that getting Cat 6 cables will automatically increase your network speeds to Gigabit (1000Mb)
speeds. However, this is only possible if everything in your network (cards, switch and cables are all Gigabit certified).
Cat 7 - also known as class F, this fully-shielded cable is relatively new and isn't used as much at the moment. Cat 7
cables support frequencies of up to 600Mhz. Read more on Cat 7 cables.
Crossover Network Cables vs Straight Through Cables
However not only is it important to be aware of the different categories of network cabling, it is also beneficial to be
aware of the "ends" and "plugs" at each end of the cable.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 23/95
There are basically two types of Ethernet cables. There are the normal regular straight through cables and the other
type is crossover cables. I will explain both of these separately below.
Straight Through Cables
When you buy "regular" computer network cables, you are really just buying a straight through Ethernet cable. This
means that both ends of the cables will be identical. The colours of the smaller cables inside the ethernet cable, will be
in the same order, from left to right.
This type of cable is used for connecting a PC to a hub/switch or for connecting a router to a switch. The hub/switchperforms the crossover for you, that is why you need a crossover cable, for when you connect a PC directly with
another PC.
Crossover Cables
A crossover Ethernet cable have a different look on either side of the cable. The purpose of the crossover cable, is to
connect one device directly to another device, without a switch or hub being present.So if you were connecting one PC
directly with another PC, you would then use a crossover network cable.The image below, shows you the differences
between a crossover cable and a straight through computer network cable.
Ethernet Cables Summary
Straight through cables have identical ends and are used for connecting computers through a hub/switch
Crossover cables have different ends and are used for connecting devices directly with eachother (eg. PC to PC)
Category 5e cables are the most popular and common computer network cables used today. To gain a fast Gigabit network, you don't just require Cat6 cables, but you are also in need of compatible gigabit
components, such as Gigabit network cards and a Gigabit Router.
Conclusion
Well I hope that through this article you have managed to learn some different things about computer network cables.
Hopefully you can now identify the different types of network cabling and also be aware of the different categories of
network.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 24/95
2.CONNECTORS
Most of us know that a connector is best known for providing the physical link betwe en two components. Some
example of the use of a connector might be a connector linking a cable and a network interface card or NIC card, a
connector linking a transceiver and a cable or even a connector linking two cable segments.
When using an electrical cable, a connection is established when the conducting wires are joined by way of connectors
in order to make and maintain continuous contact, allowing the signal to simply move along the cable across thecontact.
When using fiber-optic cable, it takes much more work to manage and maintain good connections due to the degree of
fit between the two fiber cores. The fit determines the quality of the connection between the fiber cores. To complicate
matters, the diameters involved in this fit are smaller than a human hair.
Connections differ in various ways, which help in determining where that type of connector can be used. These features
include:
Shape
Size
Gender
Connection mechanism
Function
In some cases, it is necessary to use a special adapter in order to use different types of connector combinations. An
example of this is when using an N-series connector and a BNC adapter in order to connect thick to thin coaxial
cable.
Another difference between connectors is their sturdiness, the ease of attaching and detaching the connector, andthe amount of signal loss that may occur at the connection point.
When determining the type of connector that is used, it is important to take into consideration the components
being used, and, as far as networks, the type of cable and architecture being used. An Ethernet network that is
using a coaxial cable would use different connectors between the cable and the NIC, as opposed to an IBM Token
Ring network that is using a shielded twisted-pair cable.
When about a half a dozen types of connectors available for electrical cable, there are also about a dozen more
types of connectors available for use when using a fiber-optic cable.
In information science, connectors, normally called "input-output connectors" (or I/O for short), are interfaces forlinking devices by using cables. They generally have a male end with pins protruding from it. This plug is meant to
be inserted into a female part (also called a socket),which includes holes for accommodating the pins. However,
there are "hermaphroditic" plugs which can act as either male or female plugs, and can be inserted into either
one.Pin layout The pins and holes in connectors are usually linked to the electric wires which form the cable.The pin
layout describes which pins couple with which wires.Each numbered pin generally corresponds to a wire within the
cable, but sometimes one of the pins is left unused. Additionally, in some cases, two pins may be linked to one
another; this is called a "bridge."Input/output connectors.The computer's motherboard has a certain number of
input-ouput connectors located on the "rear panel."
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 25/95
Most motherboards have the following connectors: Serial port, which uses a DB9 connector, for connecting older
devices Serial port, which uses a DB9 connector, for connecting older devices Parallel port, which uses a DB25
connector, mainly for connecting old printers USB ports (1.1, low-speed, or 2.0, high-speed), for connecting more
recent peripherals RJ45 connector (called the LAN port or Ethernet port), for connecting the computer to a
network. It interfaces with a network card built into the motheboardVGA connector (called SUB-D15), used for
hooking up a monitor. This connector interfaces with the built-in graphics card;
3.TOPOLOGY
Think of a topology as a network's virtual shape or structure. This shape does not necessarily correspond to the actual
physical layout of the devices on the network. For example, the computers on a home LAN may be arranged in a circle
in a family room, but it would be highly unlikely to find a ring topology there.
Network topologies are categorized into the following basic types:
bus
ring
star
tree
mesh
More complex networks can be built as hybrids of two or more of the above basic topologies.
Bus Topology
Bus networks (not to be confused with the system bus of a computer) use a common backbone to connect all devices. A
single cable, the backbone functions as a shared communication medium that devices attach or tap into with aninterface connector. A device wanting to communicate with another device on the network sends a broadcast message
onto the wire that all other devices see, but only the intended recipient actually accepts and processes the message.
Ethernet bus topologies are relatively easy to install and don't require much cabling compared to the alternatives.
10Base-2 ("ThinNet") and 10Base-5 ("ThickNet") both were popular Ethernet cabling options many years ago for bus
topologies. However, bus networks work best with a limited number of devices. If more than a few dozen computers
are added to a network bus,
performance problems will likely result. In addition, if the backbone cable fails, the entire network effectively becomes
unusable.
Ring Topology
In a ring network, every device has exactly two neighbors for communication purposes. All messages travel through a
ring in the same direction (either "clockwise" or "counterclockwise"). A failure in any cable or device breaks the loop
and can take down the entire network.
To implement a ring network, one typically uses FDDI, SONET, or Token Ring technology. Ring topologies are found in
some office buildings or school campuses.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 26/95
Star Topology
Many home networks use the star topology. A star network features a central connection point called a "hub node"
that may be a network hub, switch orrouter. Devices typically connect to the hub with Unshielded Twisted Pair (UTP)
Ethernet.Compared to the bus topology, a star network generally requires more cable, but a failure in any star network
cable will only take down one computer's network access and not the entire LAN. (If the hub fails, however, the entire
network also fails.)
Tree Topology
Tree topologies integrate multiple star topologies together onto a bus. In its simplest form, only hub devices
connect directly to the tree bus, and each hub functions as the root of a tree of devices. This bus/star hybrid
approach supports future expandability of the network much better than a bus (limited in the number of devices
due to the broadcast traffic it generates) or a star (limited by the number of hub connection points) alone.
Mesh Topology
Mesh topologies involve the concept of routes. Unlike each of the previous topologies, messages sent on a mesh
network can take any of several possible paths from source to destination. (Recall that even in a ring, although two
cable paths exist, messages can only travel in one direction.) Some WANs, most notably the Internet, employ mesh
routing.A mesh network in which every device connects to every other is called a full mesh. As shown in the illustration
below, partial mesh networks also exist in which some devices connect only indirectly to others.
4.DIFFERENT TYPES OF NETWORKS
Types of Networks:
LAN(Local Area Networking)
WLAN(Wireless Local Area Networks)
WAN(Wide Area Networks)
MAN(Metropolitan Area Networks)
CAN(Campus Area Networks)
SAN(Storage or Sytem Area Network)
PAN(Personal Area Network)
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 27/95
Dan(Desk Area Network)
Let’s talk about these types of networking in detail:
LAN(Local Area Networking)
Local Area Networking
Local Area Networking is used primarily in small areas such as schools, hospitals and office buildings. Local Area
Networking, is one of the older types of networks. TCP/IP is used as the method of communication between computersin Local Area Networking. Due to its small size, it is possible for one person to administrate a Local Area Network. Local
Area Networks are viable to quick change, using a bus network topology that allows for easy access to the Local Area
Network.
WLAN(Wireless Local Area Networks)
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 28/95
Wireless Local Area Networks
Wireless Local Area Networks are much like LAN networks, except they do not require network cables to connect each
other. Radio and infrared signals are used to communicate between machines whilst using a wireless local area
network. Wireless Local Area Networks allow for small amounts of mobility whilst being connected to the internet.
Wireless Local Area Networks work according to the IEEE 802.11 standards. Wireless Area Networks are commonly
seen being used by a WiFi internet connection. Wireless LAN connections offer a surprising amount of mobility for users
with laptops and smart phones while being able to stay connected to the internet by different networking topology.
WAN(Wide Area Networks)
Wide Area Networks
Wide Area Networks are used to connect server machines and computers across continents are countries for constant
information updates. Wide Area Networks, are used across the globe, many networks connect with one another across
continents to create one giant Wide Area Network. Wide Area Networks use optic fibre as their communication
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 29/95
medium. The largest example of a Wide Area Network is the internet itself, which connects all users to the information
and data that is available on the the internet.
MAN(Metropolitan Area Networks)
Metropolitan Area Networks
Metropolitan Area Networks are not commonly used these days, they are used to create communication between
systems in an entire city. Hence a Metropolitan Area Network area falls between the sizes Local Area Networks, and
Wide Area Networks. Metropolitan Area Networks are used by city specific businesses such as the New York Times in
the state of New York.
CAN(Campus Area Networks)
Campus Area Networks
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 30/95
Campus Area Networks are usually a connection of many small LAN networks which are often used on university
campuses and office buildings. Campus Area Networks allow for easy file sharing between different departments as all
the files are usually shared on the server machines of each LAN network. This type of network offers a lot of simplicity
in the transfer and downloading of files.
SAN(Storage Area Network)
Storage Area Network
Storage Area Networks are primarily used as information databases. They are not usually used by large organizations
or similar entities. They are specifically used for the storage of information, and easy retrieval of specific pieces of data
whenever required. Storage Area Networks are usually used by websites which offer downloading services.
SAN (System Area Network)
System Area Network
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 31/95
System Area Networks are speed oriented networks which provide high speed internet connections to a cluster of
computers. These are primarily used for server purposes, and allow other computers to connect to these System Area
Networks. Permission to different access points are given according to what status a system is on the System Area
Network, such as administrators.
5.BLUETOOTH
Bluetooth is a wireless technology standard for exchanging data over short distances (using short-wavelength UHF radio
waves in the ISM band from 2.4 to 2.485 GHz[2]) from fixed and mobile devices, and building personal area networks
(PANs). Invented by telecom vendor Ericsson in 1994, it was originally conceived as a wireless alternative to RS-232 data
cables. It can connect several devices, overcoming problems of synchronization.
Bluetooth is managed by the Bluetooth Special Interest Group (SIG), which has more than 20,000 member companies in
the areas of telecommunication, computing, networking, and consumer electronics.Bluetooth was standardized as IEEE
802.15.1, but the standard is no longer maintained. The SIG oversees the development of the specification, manages
the qualification program, and protects the trademarks. To be marketed as a Bluetooth device, it must be qualified to
standards defined by the SIG.A network of patents is required to implement the technology, which is licensed only for
that qualifying device.
Bluetooth operates in the range of 2400 –2483.5 MHz (including guard bands). This is in the globally unlicensed (but not
unregulated) Industrial, Scientific and Medical (ISM) 2.4 GHz short-range radio frequency band. Bluetooth uses a radio
technology called frequency-hopping spread spectrum. The transmitted data are divided into packets and each packet
is transmitted on one of the 79 designated Bluetooth channels. Each channel has a bandwidth of 1 MHz. Bluetooth 4.0
uses 2 MHz spacing which allows for 40 channels. The first channel starts at 2402 MHz and continues up to 2480 MHz in
1 MHz steps. It usually performs 1600 hops per second, withAdaptive Frequency-Hopping (AFH) enabled.[12]
Originally, Gaussian frequency-shift keying (GFSK) modulation was the only modulation scheme available; subsequently,
since the introduction of Bluetooth 2.0+EDR, π/4-DQPSK and 8DPSK modulation may also be used between compatible
devices. Devices functioning with GFSK are said to be operating in basic rate (BR) mode where an instantaneous data
rate of 1 Mbit/s is possible. The term Enhanced Data Rate (EDR) is used to describe π/4-DPSK and 8DPSK schemes, each
giving 2 and 3 Mbit/s respectively. The combination of these (BR and EDR) modes in Bluetooth radio technology is
classified as a "BR/EDR radio".
Bluetooth is a packet-based protocol with a master-slave structure. One master may communicate with up to seven
slaves in a piconet; all devices share the master's clock. Packet exchange is based on the basic clock, defined by the
master, which ticks at 312.5 µs intervals. Two clock ticks make up a slot of 625 µs; two slots make up a slot pair of 1250
µs. In the simple case of single-slot packets the master transmits in even slots and receives in odd slots; the slave,
conversely, receives in even slots and transmits in odd slots. Packets may be 1, 3 or 5 slots long, but in all cases the
master transmit will begin in even slots and the slave transmit in odd slots.
A master Bluetooth device can communicate with a maximum of seven devices in a piconet (an ad-hoc computer
network using Bluetooth technology), though not all devices reach this maximum. The devices can switch roles, by
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 32/95
agreement, and the slave can become the master (for example, a headset initiating a connection to a phone will
necessarily begin as master, as initiator of the connection; but may subsequently prefer to be slave).
The Bluetooth Core Specification provides for the connection of two or more piconets to form a scatternet, in which
certain devices simultaneously play the master role in one piconet and the slave role in another.
At any given time, data can be transferred between the master and one other device (except for the little-used
broadcast mode. The master chooses which slave device to address; typically, it switches rapidly from one device to
another in a round-robin fashion. Since it is the master that chooses which slave to address, whereas a slave is (in
theory) supposed to listen in each receive slot, being a master is a lighter burden than being a slave. Being a master of
seven slaves is possible; being a slave of more than one master is difficult. The specification is vague as to required
behavior in scatternets.
The Bluetooth specification was developed as a cable replacement in 1994 by Jaap Haartsen and Sven Mattisson, who
were working for Ericsson in Lund, Sweden. The specification is based onfrequency-hopping spread spectrum
technology.
The specifications were formalized by the Bluetooth Special Interest Group (SIG). The SIG was formally announced on
20 May 1998. Today it has a membership of over 20,000 companies worldwide.It was established by Ericsson, IBM,
Intel, Toshiba and Nokia, and later joined by many other companies.
All versions of the Bluetooth standards are designed for downward compatibility. That lets the latest standard cover all
older versions.
Bluetooth v1.0 and v1.0B
Versions 1.0 and 1.0B had many problems, and manufacturers had difficulty making their products interoperable.
Versions 1.0 and 1.0B also included mandatory Bluetooth hardware device address (BD_ADDR) transmission in the
Connecting process (rendering anonymity impossible at the protocol level), which was a major setback for certain
services planned for use in Bluetooth environments.
Bluetooth v1.1
Ratified as IEEE Standard 802.15.1 –2002
Many errors found in the 1.0B specifications were fixed.
Added possibility of non-encrypted channels.
Received Signal Strength Indicator (RSSI).
Bluetooth v1.2
Major enhancements include the following:
Faster Connection and Discovery
Adaptive frequency-hopping spread spectrum (AFH), which improves resistance to radio frequency interference
by avoiding the use of crowded frequencies in the hopping sequence.
Higher transmission speeds in practice, up to 721 kbit/s, than in v1.1.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 33/95
Extended Synchronous Connections (eSCO), which improve voice quality of audio links by allowing
retransmissions of corrupted packets, and may optionally increase audio latency to provide better concurrent data
transfer.
Host Controller Interface (HCI) operation with three-wire UART.
Ratified as IEEE Standard 802.15.1 –2005[38]
Introduced Flow Control and Retransmission Modes for L2CAP.
Bluetooth v2.0 + EDR
This version of the Bluetooth Core Specification was released in 2004. The main difference is the introduction of an
Enhanced Data Rate (EDR) for faster data transfer. The nominal rate of EDR is about 3 Mbit/s, although the practical
data transfer rate is 2.1 Mbit/s. EDR uses a combination of GFSK and Phase Shift Keying modulation (PSK) with two
variants, π/4-DQPSK and 8DPSK.EDR can provide a lower power consumption through a reduced duty cycle.
The specification is published as "Bluetooth v2.0 + EDR" which implies that EDR is an optional feature. Aside from EDR,
there are other minor improvements to the 2.0 specification, and products may claim compliance to "Bluetooth v2.0"
without supporting the higher data rate. At least one commercial device states "Bluetooth v2.0 without EDR" on its
data sheet.
Bluetooth v2.1 + EDR
Bluetooth Core Specification Version 2.1 + EDR was adopted by the Bluetooth SIG on 26 July 2007.
The headline feature of 2.1 is secure simple pairing (SSP): this improves the pairing experience for Bluetooth devices,
while increasing the use and strength of security. See the section on Pairingbelow for more details.
2.1 allows various other improvements, including "Extended inquiry response" (EIR), which provides more information
during the inquiry procedure to allow better filtering of devices before connection; and sniff subrating, which reduces
the power consumption in low-power mode.
Bluetooth v3.0 + HS
Version 3.0 + HS of the Bluetooth Core Specification was adopted by the Bluetooth SIG on 21 April 2009. Bluetooth
3.0+HS provides theoretical data transfer speeds of up to 24 Mbit/s, though not over the Bluetooth link itself. Instead,
the Bluetooth link is used for negotiation and establishment, and the high data rate traffic is carried over a collocated
802.11 link.
The main new feature is AMP (Alternative MAC/PHY), the addition of 802.11 as a high speed transport. The High-Speed
part of the specification is not mandatory, and hence only devices sporting the "+HS" will actually support theBluetooth over 802.11 high-speed data transfer. A Bluetooth 3.0 device without the "+HS" suffix will not support High
Speed, and needs to only support a feature introduced in Core Specification Version 3.0 or earlier Core Specification
Addendum 1.[43]
L2CAP Enhanced modes
Enhanced Retransmission Mode (ERTM) implements reliable L2CAP channel, while Streaming Mode (SM)
implements unreliable channel with no retransmission or flow control. Introduced in Core Specification Addendum
1.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 34/95
Alternative MAC/PHY
Enables the use of alternative MAC and PHYs for transporting Bluetooth profile data. The Bluetooth radio is still
used for device discovery, initial connection and profile configuration, however when large quantities of data need
to be sent, the high speed alternative MAC PHY 802.11 (typically associated with Wi-Fi) will be used to transport the
data. This means that the proven low power connection models of Bluetooth are used when the system is idle, and
the faster radio is used when large quantities of data need to be sent. AMP links require enhanced L2CAP modes.
Unicast Connectionless Data
Permits service data to be sent without establishing an explicit L2CAP channel. It is intended for use by applications
that require low latency between user action and reconnection/transmission of data. This is only appropriate forsmall amounts of data.
Enhanced Power Control
Updates the power control feature to remove the open loop power control, and also to clarify ambiguities in power
control introduced by the new modulation schemes added for EDR. Enhanced power control removes the
ambiguities by specifying the behaviour that is expected. The feature also adds closed loop power control, meaning
RSSI filtering can start as the response is received. Additionally, a "go straight to maximum power" request has
been introduced. This is expected to deal with the headset link loss issue typically observed when a user puts their
phone into a pocket on the opposite side to the headset.
Ultra-wideband
The high speed (AMP) feature of Bluetooth v3.0 was originally intended for UWB, but the WiMedia Alliance, the body
responsible for the flavor of UWB intended for Bluetooth, announced in March 2009 that it was disbanding, and
ultimately UWB was omitted from the Core v3.0 specification.
On 16 March 2009, the WiMedia Alliance announced it was entering into technology transfer agreements for the
WiMedia Ultra-wideband (UWB) specifications. WiMedia has transferred all current and future specifications, including
work on future high speed and power optimized implementations, to the Bluetooth Special Interest Group (SIG),
Wireless USB Promoter Group and the USB Implementers Forum. After the successful completion of the technology
transfer, marketing and related administrative items, the WiMedia Alliance will cease operations.
In October 2009 the Bluetooth Special Interest Group suspended development of UWB as part of the alternative
MAC/PHY, Bluetooth v3.0 + HS solution. A small, but significant, number of formerWiMedia members had not and
would not sign up to the necessary agreements for the IP transfer. The Bluetooth SIG is now in the process of
evaluating other options for its longer term roadmap.
Bluetooth v4.0
See also: Bluetooth low energy
The Bluetooth SIG completed the Bluetooth Core Specification version 4.0 (called Bluetooth Smart) and has beenadopted as of 30 June 2010. It includes Classic Bluetooth, Bluetooth high speed andBluetooth low energy protocols.
Bluetooth high speed is based on Wi-Fi, and Classic Bluetooth consists of legacy Bluetooth protocols.
Bluetooth low energy, previously known as Wibree,[52] is a subset of Bluetooth v4.0 with an entirely new protocol stack
for rapid build-up of simple links. As an alternative to the Bluetooth standard protocols that were introduced in
Bluetooth v1.0 to v3.0, it is aimed at very low power applications running off a coin cell. Chip designs allow for two
types of implementation, dual-mode, single-mode and enhanced past versions.[53] The provisional names Wibree and
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 35/95
Bluetooth ULP (Ultra Low Power) were abandoned and the BLE name was used for a while. In late 2011, new logos
“Bluetooth Smart Ready” for hosts and “Bluetooth Smart” for sensors were introduced as the general -public face of
BLE.
In a single-mode implementation, only the low energy protocol stack is implemented. AMICCOM, CSR, Nordic
Semiconductor and Texas Instruments have released single mode Bluetooth low energy solutions.
In a dual-mode implementation, Bluetooth Smart functionality is integrated into an existing Classic Bluetooth
controller. As of March 2011, the following semiconductor companies have announced the availability of chips
meeting the standard: Qualcomm-Atheros, CSR, Broadcom and Texas Instruments. The compliant architecture
shares all of Classic Bluetooth’s existing radio and functionality resulting in a negligible cost increase compared to
Classic Bluetooth.
Cost-reduced single-mode chips, which enable highly integrated and compact devices, feature a lightweight Link Layer
providing ultra-low power idle mode operation, simple device discovery, and reliable point-to-multipoint data transfer
with advanced power-save and secure encrypted connections at the lowest possible cost.
General improvements in version 4.0 include the changes necessary to facilitate BLE modes, as well the GenericAttribute Profile (GATT) and Security Manager (SM) services with AES Encryption.
Core Specification Addendum 2 was unveiled in December 2011; it contains improvements to the audio Host Controller
Interface and to the High Speed (802.11) Protocol Adaptation Layer.
Core Specification Addendum 3 revision 2 has an adoption date of 24 July 2012.
Core Specification Addendum 4 has an adoption date of 12 February 2013.
Bluetooth v4.1
The Bluetooth SIG announced formal adoption of the Bluetooth 4.1 specification on 4 December 2013. This
specification is an incremental update to Bluetooth Specification v4.0. The update incorporates Bluetooth Core
Specification Addenda (CSA 1, 2, 3 & 4) and adds new features which improve consumer usability with increased co-
existence support for LTE, bulk data exchange rates, and aid developer innovation by allowing devices to support
multiple roles simultaneously.
New features of this specification include:
Mobile Wireless Service Coexistence Signaling
Train Nudging and Generalized Interlaced Scanning
Low Duty Cycle Directed Advertising
L2CAP Connection Oriented and Dedicated Channels
Dual Mode and Link Layer Topology
802.11n PAL
Audio Architecture Updates for Wide Band SPEED
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 36/95
6.FTP
The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files from one host to
another host over a TCP-based network, such as the Internet.
FTP is built on a client-server architecture and uses separate control and data connections between the client and the
server.[1] FTP users may authenticate themselves using a clear-text sign-in protocol, normally in the form of a username
and password, but can connect anonymously if the server is configured to allow it. For secure transmission that
protects the username and password, and encrypts the content, FTP is often secured with SSL/TLS (FTPS). SSH File
Transfer Protocol (SFTP) is sometimes also used instead, but is technologically different.
The first FTP client applications were command-line applications developed before operating systems had graphical
user interfaces, and are still shipped with most Windows, Unix, and Linuxoperating systems.
Communication and data transfer
Illustration of starting a passive connection using port 21
FTP may run in active or passive mode, which determines how the data connection is established. In both cases, the
client creates a TCP control connection from a random unprivileged port N to the FTP server command port 21. In
active modes, the client starts listening for incoming data connections on port N+1 from the server (the client sends the
FTP command PORT N+1 to inform the server on which port it is listening). In situations where the client is behind
afirewall and unable to accept incoming TCP connections, passive mode may be used. In this mode, the client uses thecontrol connection to send a PASVcommand to the server and then receives a server IP address and server port number
from the server,[5][6] which the client then uses to open a data connection from an arbitrary client port to the server IP
address and server port number received. Both modes were updated in September 1998 to support IPv6. Further
changes were introduced to the passive mode at that time, updating it to extended passive mode.
The server responds over the control connection with three-digit status codes in ASCII with an optional text message.
For example "200" (or "200 OK") means that the last command was successful. The numbers represent the code for the
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 37/95
response and the optional text represents a human-readable explanation or request (e.g. <Need account for storing
file>). An ongoing transfer of file data over the data connection can be aborted using an interrupt message sent over
the control connection.
While transferring data over the network, four data representations can be used:
ASCII mode: used for text. Data is converted, if needed, from the sending host's character representation to "8-
bit ASCII" before transmission, and (again, if necessary) to the receiving host's character representation. As a
consequence, this mode is inappropriate for files that contain data other than plain text.
Image mode (commonly called Binary mode): the sending machine sends each file byte for byte, and the
recipient stores the bytestream as it receives it. (Image mode support has been recommended for all
implementations of FTP).
EBCDIC mode: use for plain text between hosts using the EBCDIC character set.
Local mode: Allows two computers with identical setups to send data in a proprietary format without the need
to convert it to ASCII
For text files, different format control and record structure options are provided.
Data transfer can be done in any of three modes
Stream mode: Data is sent as a continuous stream, relieving FTP from doing any processing. Rather, all
processing is left up to TCP. No End-of-file indicator is needed, unless the data is divided into records.
Block mode: FTP breaks the data into several blocks (block header, byte count, and data field) and then passes
it on to TCP.
Compressed mode: Data is compressed using a single algorithm (usually run-length encoding).
RLogin
FTP login utilizes a normal username and password scheme for granting access.[2] The username is sent to the server
using the USER command, and the password is sent using the PASS command. If the information provided by the client
is accepted by the server, the server will send a greeting to the client and the session will commence.[2] If the server
supports it, users may log in without providing login credentials, but the same server may authorize only limited access
for such sessions.
Anonymous FTP
A host that provides an FTP service may provide anonymous FTP access. Users typically log into the service with an
'anonymous' (lower-case and case-sensitive in some FTP servers) account when prompted for user name. Although
users are commonly asked to send their email address instead of a password, no verification is actually performed on
the supplied data. Many FTP hosts whose purpose is to provide software updates will allow anonymous logins.
NAT and firewall traversal
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 38/95
FTP normally transfers data by having the server connect back to the client, after the PORT command is sent by the
client. This is problematic for both NATs and firewalls, which do not allow connections from the Internet towards
internal hosts. For NATs, an additional complication is that the representation of the IP addresses and port number in
the PORT command refer to the internal host's IP address and port, rather than the public IP address and port of the
NAT.
There are two approaches to this problem. One is that the FTP client and FTP server use the PASV command, which
causes the data connection to be established from the FTP client to the server. This is widely used by modern FTPclients.
SECURITY
Brute force attacks
Bounce attacks
Packet capture (sniffing)
Port stealing
Spoof attacks
Username protection
FTP does not encrypt its traffic; all transmissions are in clear text, and usernames, passwords, commands and data can
be read by anyone able to perform packet capture (sniffing) on the network.[2][16] This problem is common to many of
the Internet Protocol specifications (such as SMTP, Telnet, POP and IMAP) that were designed prior to the creation of
encryption mechanisms such as TLS or SSL. A common solution to this problem is to use the "secure", TLS-protected
versions of the insecure protocols (e.g. FTPS for FTP, TelnetS for Telnet, etc.) or a different, more secure protocol that
can handle the job, such as the SFTP/SCP tools included with most implementations of the Secure Shell protocol.
Secure FTP
Securing FTP transfers may be accomplished by several methods.
FTPS
Explicit FTPS is an extension to the FTP standard that allows clients to request that the FTP session be encrypted. This is
done by sending the "AUTH TLS" command. The server has the option of allowing or denying connections that do not
request TLS. This protocol extension is defined in the proposed standard: RFC 4217. Implicit FTPS is a deprecated
standard for FTP that required the use of a SSL or TLS connection. It was specified to use different ports than plain FTP.
SFTP
The SSH file transfer protocol or secure FTP (SFTP), also transfers files and has a similar command set for users, but is
built on different software technology. SFTP uses the Secure Shell protocol (SSH) to transfer files. Unlike FTP, it encrypts
both commands and data, preventing passwords and sensitive information from being transmitted openly over the
network. It cannot interoperate with FTP software.
FTP over SSH (not SFTP)
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 39/95
FTP over SSH is the practice of tunneling a normal FTP session over a Secure Shell connection. Because FTP uses
multiple TCP connections (unusual for a TCP/IP protocol that is still in use), it is particularly difficult to tunnel over SSH.
With many SSH clients, attempting to set up a tunnel for the control channel (the initial client-to-server connection on
port 21) will protect only that channel; when data is transferred, the FTP software at either end sets up new TCP
connectionsAn SSH server is a software program which uses the secure shell protocol to accept connections from
remote computers. SFTP/SCP file transfers and remote terminal connections are popular use cases for an SSH server.
This article compares a selection of popular servers.
SSH
Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote command-line login,
remote command execution, and other secure network services between two networked computers. It connects, via a
secure channel over an insecure network, a server and a client runningSSH server and SSH client programs, respectively.
The protocol specification distinguishes between two major versions that are referred to as SSH-1 and SSH-2.
The best-known application of the protocol is for access to shell accounts on Unix-like operating systems, but it can also
be used in a similar fashion for accounts on Windows. It was designed as a replacement for Telnet and other insecure
remote shell protocols such as the Berkeley rsh and rexecprotocols, which send information, notably passwords, in
plaintext, rendering them susceptible to interception and disclosure using packet analysis. Theencryption used by SSH is
intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet.
SSH is typically used to log into a remote machine and execute commands, but it also supports tunneling, forwarding
TCP ports and X11 connections; it can transfer files using the associated SSH file transfer (SFTP) or secure copy (SCP)
protocols. SSH uses the client-server model.
The standard TCP port 22 has been assigned for contacting SSH servers.
An SSH client program is typically used for establishing connections to an SSH daemon accepting remote connections.Both are commonly present on most modern operating systems, includingMac OS X, most distributions of GNU/Linux,
OpenBSD, FreeBSD, NetBSD, Solaris and OpenVMS. Notably, Windows is one of the few modern desktop/server OSs
that does not include SSH by default. Proprietary, freeware and open source (e.g. PuTTY, and the version of openSSH
which is part of Cygwin[6]) versions of various levels of complexity and completeness exist. Native Linux file managers
(e.g. Konqueror) can use the FISH protocol to provide a split-pane GUI with drag-and-drop. The open source Windows
program WinSCP provides similar file management (synchronization, copy, remote delete) capability using PuTTY as a
back-end. Both WinSCP[8] and PuTTY are available packaged to run directly off of a USB drive, without requiring
installation on the client machine. Setting up a SSH server in Windows typically involves installation (e.g. via installingCygwin, or by installing a stripped down version of Cygwin with the SSH server[11]).
SSH is important in cloud computing to solve connectivity problems, avoiding the security issues of exposing a cloud-
based virtual machine directly on the Internet. An SSH tunnel can provide a secure path over the Internet, through a
firewall to a virtual machine.
Rlogin
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 40/95
rlogin is a software utility for Unix-like computer operating systems that allows users to log in on another host via a
network, communicating via TCP port513.
It was first distributed as part of the 4.2BSD release..
rlogin is also the name of the application layer protocol used by the software, part of the TCP/IP protocol suite.
Authenticated users can act as if they were physically present at the computer. RFC 1282, in which it was defined,
states that: "The rlogin facility provides a remote-echoed, locally flow-controlled virtual terminal with proper flushing of
output." rlogin communicates with a daemon, rlogind, on the remote host. rlogin is similar to the Telnet command, but
has the disadvantage of not being as customizable and being able to connect only to Unix hosts.
All information, including passwords, is transmitted unencrypted (making it vulnerable to interception).
The .rlogin (or .rhosts) file is easy to misuse (potentially allowing anyone to log in without a password) - for this
reason many corporate system administrators prohibit .rlogin files and actively search their networks for offenders.
The protocol partly relies on the remote party's rlogin client providing information honestly (including source
port and source host name). A corrupt client is thus able to forge this and gain access, as the rlogin protocol has no
means of authenticating other machines' identities, or ensuring that the rlogin client on a trusted machine is thereal rlogin client.
The common practice of mounting users' home directories via NFS exposes rlogin to attack by means of fake
.rhosts files - this means that any of NFS's security faults automatically plague rlogin.
Due to these serious problems rlogin was rarely used across untrusted networks (like the public internet) and even in
closed deployments it has fallen into relative disuse (with many Unix and Linuxdistributions no longer including it by
default). Many networks which formerly relied on rlogin and telnet have replaced it with SSH and its rlogin-equivalent
slogin.
7.IP ADDRESS and Subnet
An Internet Protocol address (also known as an IP address) is a numerical label assigned to each device (e.g., computer,
printer) participating in a computer network that uses the Internet Protocolf or communication. An IP address serves
two principal functions: host or network interface identification and location addressing. Its role has been characterized
as follows: "A name indicates what we seek. An address indicates where it is. A route indicates how to get there.
The designers of the Internet Protocol defined an IP address as a 32-bit number consisting of 4 octets[1] and this system,
known as Internet Protocol Version 4 (IPv4), is still in use today. However, due to the enormous growth of the Internet
and the predicted depletion of available addresses, a new version of IP (IPv6), using 128 bits for the address, was
developed in 1995. IPv6 was standardized as RFC 2460 in 1998, and its deployment has been ongoing since the mid-
2000s.
IP addresses are binary numbers, but they are usually stored in text files and displayed in human-readable notations,
such as 172.16.254.1 (for IPv4), and 2001:db8:0:1234:0:567:8:1 (for IPv6).
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 41/95
The Internet Assigned Numbers Authority (IANA) manages the IP address space allocations globally and delegates five
regional Internet registries (RIRs) to allocate IP address blocks to local Internet registries (Internet service providers)
and other entities.
Two versions of the Internet Protocol (IP) are in use: IP Version 4 and IP Version 6. Each version defines an IP address
differently. Because of its prevalence, the generic term IP address typically still refers to the addresses defined by IPv4.
The gap in version sequence between IPv4 and IPv6 resulted from the assignment of number 5 to the experimental
Internet Stream Protocol in 1979, which however was never referred to as IPv5.IPv4 addresses
Main article: IPv4 § Addressing
Decomposition of an IPv4 address from dot-decimal notation to its binary value.
In IPv4 an address consists of 32 bits which limits the address space to(232) possible unique addresses. IPv4 reserves
some addresses for special purposes such as private networks (~18 million addresses) or multicast addresses (~270
million addresses).IPv4 addresses are canonically represented in dot-decimal notation, which consists of four decimal
numbers, each ranging from 0 to 255, separated by dots, e.g., 172.16.254.1. Each part represents a group of 8 bits
(octet) of the address. In some cases of technical writing, IPv4 addresses may be presented in various hexadecimal,
octal, or binary representations.
IPv4 subnetting
In the early stages of development of the Internet Protocol,[1] network administrators interpreted an IP address in two
parts: network number portion and host number portion. The highest order octet (most significant eight bits) in an
address was designated as the network number and the remaining bits were called the rest field or host identifier and
were used for host numbering within a network.
This early method soon proved inadequate as additional networks developed that were independent of the existing
networks already designated by a network number. In 1981, the Internet addressing specification was revised with the
introduction of classful network architecture.[2]
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 42/95
Classful network design allowed for a larger number of individual network assignments and fine-grained subnetwork
design. The first three bits of the most significant octet of an IP address were defined as the class of the address. Three
classes ( A, B, and C ) were defined for universal unicast addressing. Depending on the class derived, the network
identification was based on octet boundary segments of the entire address. Each class used successively additional
octets in the network identifier, thus reducing the possible number of hosts in the higher order classes (B and C ). The
following table gives an overview of this now obsolete system.
13.NETWORK DEVICESHUBS
Networks using a Star topology require a central point for the devices to connect. Originally this device was called a
concentrator since it consolidated the cable runs from all network devices. The basic form of concentrator is the hub.As
the hub is a hardware device that contains multiple, independent ports that match the cable type of the network. Most
common hubs interconnect Category 3 or 5 twisted-pair cable with RJ-45 ends, although Coax BNC and Fiber Optic BNC
hubs also exist. The hub is considered the least common denominator in device concentrators. Hubs offer an
inexpensive option for transporting data between devices, but hubs don't offer any form of intelligence. Hubs can be
active or passive.An active hub strengthens and regenerates the incoming signals before sending the data on to its
destination.Passive hubs do nothing with the signal.
ETHERNET HUBS
An Ethernet hub is also called a multiport repeater. A repeater is a device that amplifies a signal as it passes through it,
to counteract the effects of attenuation. If, for example, you have a thin Ethernet network with a cable segment longer
than the prescribed maximum of 185 meters, you can install a repeater at some point in the segment to strengthen the
signals and increase the maximum segment length. This type of repeater only has two BNC connectors, and is rarely
seen these days.The hubs used on UTP Ethernet networks are repeaters as well, but they can have many RJ45 ports
instead of just two BNC connectors. When data enters the hub through any of its ports, the hub amplifies the signal and
transmits it out through all of the other ports. This enables a star network to have a shared medium, even though each
computer has its own separate cable. The hub relays every packet transmitted by any computer on the network to all of
the other computers, and also amplifies the signals.The maximum segment length for a UTP cable on an Ethernet
network is 100 meters. A segment is defined as the distance between two communicating computers. However,
because the hub also functions as a repeater, each of the cables connecting a computer to a hub port can be up to 100
meters long, allowing a segment length of up to 200 meters when one hub is inserted in the network.
MAU
A Multistation Access Unit (MAU) is a special type of hub used for token ring networks. The word "hub" is used most
often in relation to Ethernet networks, and MAU only refers to token ring networks. On the outside, the MAU looks like
a hub. It connects to multiple network devices, each with a separate cable.Unlike a hub that uses a logical bus topology
over a physical star, the MAU uses a logical ring topology over a physical star.When the MAU detects a problem with a
connection, the ring will beacon. Because it uses a physical star topology, the MAU can easily detect which port the
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 43/95
problem exists on and close the port, or "wrap" it. The MAU does actively regenerate signals as it transmits data around
the ring.
SWITCHES
Switches are a special type of hub that offers an additional layer of intelligence to basic, physical-layer repeater hubs. A
switch must be able to read the MAC address of each frame it receives. This information allows switches to repeat
incoming data frames only to the computer or computers to which a frame is addressed. This speeds up the network
and reduces congestion.Switches operate at both the physical layer and the data link layer of the OSI Model.
BRIDGE
A bridge is used to join two network segments together, it allows computers on either segment to access resources on
the other. They can also be used to divide large networks into smaller segments. Bridges have all the features of
repeaters, but can have more nodes, and since the network is divided, there is fewer computers competing for
resources on each segment thus improving network performance.
Bridges can also connect networks that run at different speeds, different topologies, or different protocols. But they
cannot, join an Ethernet segment with a Token Ring segment, because these use different networking standards.
Bridges operate at both the Physical Layer and the MAC sublayer of the Data Link layer. Bridges read the MAC header of
each frame to determine on which side of the bridge the destination device is located, the bridge then repeats the
transmission to the segment where the device is located.Routers
ROUTERS
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 44/95
Routers Are networking devices used to extend or segment networks by forwarding packets from one logical network
to another. Routers are most often used in large internetworks that use the TCP/IP protocol suite and for connecting
TCP/IP hosts and local area networks (LANs) to the Internet using dedicated leased lines.
Routers work at the network layer (layer 3) of the Open Systems Interconnection (OSI) reference model for networking
to move packets between networks using their logical addresses (which, in the case of TCP/IP, are the IP addresses of
destination hosts on the network). Because routers operate at a higher OSI level than bridges do, they have better
packet-routing and filtering capabilities and greater processing power, which results in routers costing more than
bridges.
ROUTING TABLES
Routers contain internal tables of information callerouting tables that keep track of all known network addresses and
possible paths throughout the internetwork, along with cost of reaching each network. Routers route packets based on
the available paths and their costs, thus taking advantage of redundant paths that can exist in a mesh topology
network.Because routers use destination network addresses of packets, they work only if the configured network
protocol is a routable protocol such as TCP/IP or IPX/SPX. This is different from bridges, which are protocol
independent. The routing tables are the heart of a router; without them, there's no way for the router to know where
to send the packets it receives.Unlike bridges and switches, routers cannot compile routing tables from the information
in the data packets they process. This is because the routing table contains more detailed information than is found in a
data packet, and also because the router needs the information in the table to process the first packets it receives after
being activated. A router can't forward a packet to all possible destinations in the way that a bridge can.
Static routers: These must have their routing tables configured manually with all network addresses and paths
in the internetwork.
Dynamic routers: These automatically create their routing tables by listening to network traffic.
Routing tables are the means by which a router selects the fastest or nearest path to the next "hop" on the way
to a data packet's final destination. This process is done through the use of routing metrics.
Routing metrics which are the means of determining how much distance or time a packet will require to reach
the final destination. Routing metrics are provided in different forms.
hop is simply a router that the packet must travel through.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 45/95
Ticks measure the time it takes to traverse a link. Each tick is 1/18 of a second. When the router selects a route
based on tick and hop metrics, it chooses the one with the lowest number of ticks first.You can use routers, to
segment a large network, and to connect local area segments to a single network backbone that uses a different
physical layer and data link layer standard. They can also be used to connect LAN's to a WAN's.
BROUTERS
Brouters are a combination of router and bridge. This is a special type of equipment used for networks that can be
either bridged or routed, based on the protocols being forwarded. Brouters are complex, fairly expensive pieces of
equipment and as such are rarely used.
BROUTERS
A Brouter transmits two types of traffic at the exact same time: bridged traffic and routed traffic. For bridged traffic,
the Brouter handles the traffic the same way a bridge or switch would, forwarding data based on the physical address
of the packet. This makes the bridged traffic fairly fast, but slower than if it were sent directly through a bridge because
the Brouter has to determine whether the data packet should be bridged or routed.
GATEWAYS
A gateway is a device used to connect networks using different protocols. Gateways operate at the network layer of the
OSI model. In order to communicate with a host on another network, an IP host must be configured with a route to the
destination network. If a configuration route is not found, the host uses the gateway (default IP router) to transmit thetraffic to the destination host. The default t gateway is where the IP sends packets that are destined for remote
networks. If no default gateway is specified, communication is limited to the local network. Gateways receive data from
a network using one type of protocol stack, removes that protocol stack and repackages it with the protocol stack that
the other network can use.
Examples
E-mail gateways-for example, a gateway that receives Simple Mail Transfer Protocol (SMTP) e-mail, translates it
into a standard X.400 format, and forwards it to its destination
Gateway Service for NetWare (GSNW), which enables a machine running Microsoft Windows NT Server or
Windows Server to be a gateway for Windows clients so that they can access file and print resources on a NetWare
server
Gateways between a Systems Network Architecture (SNA) host and computers on a TCP/IP network, such as
the one provided by Microsoft SNA Server
A packet assembler/disassembler (PAD) that provides connectivity between a local area network (LAN) and an
X.25 packet-switching network
A CSU/DSU is a device that combines the functionality of a channel service unit (CSU) and a data service unit (DSU).
These devices are used to connect a LAN to a WAN, and they take care of all the translation required to convert a
data stream between these two methods of communication.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 46/95
A DSU provides all the handshaking and error correction required to maintain a connection across a wide area link,
similar to a modem. The DSU will accept a serial data stream from a device on the LAN and translate this into a
useable data stream for the digital WAN network. It will also take care of converting any inbound data streams from
the WAN back to a serial communication.A CSU is similar to a DSU except it does not have the ability to provide
handshaking or error correction. It is strictly an interface between the LAN and the WAN and relies on some other
device to provide handshaking and error correction.
(NIC)
Network Interface Card, or NIC is a hardware card installed in a computer so it can communicate on a network. The
network adapter provides one or more ports for the network cable to connect to, and it transmits and receives data
onto the network cable.Wireless Lan card Every networked computer must also have a network adapter driver,
which controls the network adapter. Each network adapter driver is configured to run with a certain type of
network adapter.Network card
Network Interface Adapter Functions
Network interface adapters perform a variety of functions that are crucial to getting data to and from the computer
over the network.These functions are as follows:Data encapsulation
The network interface adapter and its driver are responsible for building the frame around the data generated by
the network layer protocol, in preparation for transmission. The network interface adapter also reads the contents
of incoming frames and passes the data to the appropriate network layer protocol.Signal encoding and decoding
The network interface adapter implements the physical layer encoding scheme that converts the binary datagenerated by the network layer-now encapsulated in the frame-into electrical voltages, light pulses, or whatever
other signal type the network medium uses, and converts received signals to binary data for use by the network
layer.transmission and receptionThe primary function of the network interface adapter is to generate and transmit
signals of the appropriate type over the network and to receive incoming signals. The nature of the signals depends
on the network medium and the data-link layer protocol. On a typical LAN, every computer receives all of the
packets transmitted over the network, and the network interface adapter examines the destination address in each
packet, to see if it is intended for that computer. If so, the network interface adapter passes the packet to the
computer for processing by the next layer in the protocol stack; if not, the network interface adapter discards the
packet.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 47/95
Data buffering
Network interface adapters transmit and receive data one frame at a time, so they have built-in buffers that enable
them to store data arriving either from the computer or from the network until a frame is complete and ready for
processing.Serial/parallel conversion
The communication between the computer and the network interface adapter runs in parallel, that is, either 16 or
32 bits at a time, depending on the bus the adapter uses. Network communications, however, are serial (running
one bit at a time), so the network interface adapter is responsible for performing the conversion between the two
types of transmissions.
Media access control
The network interface adapter also implements the MAC mechanism that the data-link layer protocol uses to
regulate access to the network medium. The nature of the MAC mechanism depends on the protocol used.
Network protocolsA networked computer must also have one or more protocol drivers (sometimes called a
transport protocol or just a protocol). The protocol driver works between the upper-level network software and the
network adapter to package data to be sent on the network.
In most cases, for two computers to communicate on a network, they must use identical protocols. Sometimes, a
computer is configured to use multiple protocols. In this case, two computers need only one protocol in common to
communicate. For example, a computer running File and Printer Sharing for Microsoft Networks that uses both
NetBEUI and TCP/IP can communicate with computers using only
NetBEUI or TCP/IP.ISDN
(Integrated Services Digital Network) adaptersIntegrated Services Digital Network adapters can be used to send
voice, data, audio, or video over standard telephone cabling. ISDN adapters must be connected directly to a digital
telephone network. ISDN adapters are not actually modems, since they neither modulate nor demodulate the
digital ISDN signal.Like standard modems, ISDN adapters are available both as internal devices that connect directly
to a computer's expansion bus and as external devices that connect to one of a computer's serial or parallel ports.
ISDN can provide data throughput rates from 56 Kbps to 1.544 Mbps (using a T1 carrier service).
ISDN hardware requires a NT (network termination) device, which converts network data signals into the signaling
protocols used by ISDN. Some times, the NT interface is included, or integrated, with ISDN adapters and ISDN-
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 48/95
compatible routers. In other cases, an NT device separate from the adapter or router must be implemented. ISDN
works at the physical, data link, network, and transport layers of the OSI Model.
WAPs (Wireless Access Point)
A wireless network adapter card with a transceiver sometimes called an access point, broadcasts and receives
signals to and from the surrounding computers and passes back and forth between the wireless computers and the
cabled network.
Access points act as wireless hubs to link multiple wireless NICs into a single subnet. Access points also have at least
one fixed Ethernet port to allow the wireless network to be bridged to a traditional wired Ethernet network.
Modems
A modem is a device that makes it possible for computers to communicate over telephone lines. The word modem
comes from Modulate and Demodulate. Because standard telephone lines use analog signals, and computers digital
signals, a sending modem must modulate its digital signals into analog signals. The computers modem on the
receiving end must then demodulate the analog signals into digital signals.
Modems can be external, connected to the computers serial port by an RS-232 cable or internal in one of the
computers expansion slots. Modems connect to the phone line using standard telephone RJ-11 connectors.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 49/95
Transceivers (media converters)
Transceiver short for transmitter-receiver, a device that both transmits and receives analog or digital signals. The
term is used most frequently to describe the component in local-area networks (LANs) that actually applies signals
onto the network wire and detects signals passing through the wire. For many LANs, the transceiver is built into the
network interface card (NIC). Some types of networks, however, require an external transceiver.
In Ethernet networks, a transceiver is also called a Medium Access Unit (MAU). Media converters interconnect
different cable types twisted pair, fiber, and Thin or thick coax, within an existing network. They are often used to
connect newer 100-Mbps, Gigabit Ethernet, or ATM equipment to existing networks, which are generally 10BASE-T,
100BASE-T, or a mixture of both. They can also be used in pairs to insert a fiber segment into copper networks to
increase cabling distances and enhance immunity to electromagnetic interference (EMI).
9.FIREWALLMany personal computer operating systems include software-based firewalls to protect against threats from the public
Internet. Many routers that pass data between networks contain firewall components and, conversely, many firewalls
can perform basic routing functions.
First generation: packet filters
The first paper published on firewall technology was in 1988, when engineers from Digital Equipment Corporation (DEC)
developed filter systems known as packet filter firewalls. This fairly basic system was the first generation of what is now
a highly involved and technical internet security feature. At AT&T Bell Labs, Bill Cheswick and Steve Bellovin werecontinuing their research in packet filtering and developed a working model for their own company based on their
original first generation architecture.[6]
Packet filters act by inspecting the "packets" which are transferred between computers on the Internet. If a packet
matches the packet filter's set of filtering rules, the packet filter will drop (silently discard) the packet or reject it
(discard it, and send "error responses" to the source).
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 50/95
This type of packet filtering pays no attention to whether a packet is part of an existing stream of traffic (i.e. it stores no
information on connection "state"). Instead, it filters each packet based only on information contained in the packet
itself (most commonly using a combination of the packet's source and destination address, its protocol, and, for TCP
and UDP traffic, the port number).
TCP and UDP protocols constitute most communication over the Internet, and because TCP and UDP traffic by
convention uses well known ports for particular types of traffic, a "stateless" packet filter can distinguish between, and
thus control, those types of traffic (such as web browsing, remote printing, email transmission, file transfer), unless themachines on each side of the packet filter are both using the same non-standard ports
Packet filtering firewalls work mainly on the first three layers of the OSI reference model, which means most of the
work is done between the network and physical layers, with a little bit of peeking into the transport layer to figure out
source and destination port numbers. When a packet originates from the sender and filters through a firewall, the
device checks for matches to any of the packet filtering rules that are configured in the firewall and drops or rejects the
packet accordingly. When the packet passes through the firewall, it filters the packet on a protocol/port number basis
(GSS). For example, if a rule in the firewall exists to block telnet access, then the firewall will block the TCP protocol for
port number 23.
Second generation: "stateful" filters
From 1989-1990 three colleagues from AT&T Bell Laboratories, Dave Presetto, Janardan Sharma, and Kshitij Nigam,
developed the second generation of firewalls, calling them Circuit-level gateways.
Second-generation firewalls perform the work of their first-generation predecessors but operate up to layer 4
(transport layer) of the OSI model. This is achieved by retaining packets until enough information is available to make a
judgement about its state.[12] Known as stateful packet inspection, it records all connections passing through it and
determines whether a packet is the start of a new connection, a part of an existing connection, or not part of any
connection. Though static rules are still used, these rules can now contain connection state as one of their test criteria.
Certain denial-of-service attacks bombard the firewall with thousands of fake connection packets in an attempt to
overwhelm it by filling its connection state memory.
Third generation: application layer
Marcus Ranum, Wei Xu, and Peter Churchyard developed an Application Firewall known as Firewall Toolkit (FWTK). In
June 1994, Wei Xu extended the FWTK with the Kernel enhancement of IP filter and socket transparent. This was
known as the first transparent Application firewall, released as a commercial product of Gauntlet firewall at TIS.
Gauntlet firewall was rated one of the number 1 firewalls during 1995-1998.
The key benefit of application layer filtering is that it can "understand" certain applications and protocols (such as File
Transfer Protocol (FTP), Domain Name System (DNS), or Hypertext Transfer Protocol (HTTP)). This is useful as it is able
to detect if an unwanted protocol is attempting to bypass the firewall on an allowed port, or detect if a protocol is
being abused in any harmful way. As of 2012, the so-called next-generation firewall (NGFW) is nothing more than the
"widen" or "deepen" inspection at application-stack. For example, the existing deep packet inspection functionality of
modern firewalls can be extended to include i) Intrusion prevention systems (IPS); ii) User identity integration (by
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 51/95
binding user IDs to IP or MAC addresses for "reputation"); and/or iii) Web Application Firewall (WAF). WAF attacks may
be implemented in the tool “WAF Fingerprinting utilizing timing side channels” (WAFFle).
There are different types of firewalls depending on where the communication is taking place, where the
communication is intercepted and the state that is being traced.[15]
Network layer or packet filters
Network layer firewalls, also called packet filters, operate at a relatively low level of the TCP/IP protocol stack, not
allowing packets to pass through the firewall unless they match the established rule set. The firewall administrator may
define the rules; or default rules may apply. The term "packet filter" originated in the context of BSD operating systems.
Network layer firewalls generally fall into two sub-categories, stateful and stateless. Stateful firewalls maintain context
about active sessions, and use that "state information" to speed packet processing. Any existing network connection
can be described by several properties, including source and destination IP address, UDP or TCP ports, and the current
stage of the connection's lifetime (including session initiation, handshaking, data transfer, or completion connection). If
a packet does not match an existing connection, it will be evaluated according to the ruleset for new connections. If a
packet matches an existing connection based on comparison with the firewall's state table, it will be allowed to pass
without further processing.
Stateless firewalls require less memory, and can be faster for simple filters that require less time to filter than to look
up a session. They may also be necessary for filtering stateless network protocols that have no concept of a session.
However, they cannot make more complex decisions based on what stage communications between hosts have
reached.
Newer firewalls can filter traffic based on many packet attributes like source IP address, source port, destination IP
address or port, destination service like WWW or FTP. They can filter based on protocols, TTL values, netblock of
originator, of the source, and many other attributes.
Commonly used packet filters on various versions of Unix are IPFilter (various), ipfw (FreeBSD/Mac OS X), NPF (NetBSD),
PF (OpenBSD, and some other BSDs), iptables/ipchains (Linux).
Application-layer
: Application layer firewall
Application-layer firewalls work on the application level of the TCP/IP stack (i.e., all browser traffic, or all telnet or ftp
traffic), and may intercept all packets traveling to or from an application. They block other packets (usually dropping
them without acknowledgment to the sender).
On inspecting all packets for improper content, firewalls can restrict or prevent outright the spread of networked
computer worms and trojans. The additional inspection criteria can add extra latency to the forwarding of packets to
their destination.
Application firewalls function by determining whether a process should accept any given connection. Application
firewalls accomplish their function by hooking into socket calls to filter the connections between the application layer
and the lower layers of the OSI model. Application firewalls that hook into socket calls are also referred to as socket
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 52/95
filters. Application firewalls work much like a packet filter but application filters apply filtering rules (allow/block) on a
per process basis instead of filtering connections on a per port basis. Generally, prompts are used to define rules for
processes that have not yet received a connection. It is rare to find application firewalls not combined or used in
conjunction with a packet filter.
Also, application firewalls further filter connections by examining the process ID of data packets against a
ruleset for the local process involved in the data transmission. The extent of the filtering that occurs is
defined by the provided ruleset. Given the variety of software that exists, application firewalls only havemore complex rulesets for the standard services, such as sharing services. These per process rulesets have
limited efficacy in filtering every possible association that may occur with other processes. Also, these per
process rulesets cannot defend against modification of the process via exploitation, such as memory
corruption exploits. Because of these limitations, application firewalls are beginning to be supplanted by a new
generation of application firewalls that rely onmandatory access control (MAC), also referred to as sandboxing, to
protect vulnerable services.
ProxiES. In computing, a firewall is a piece of hardware and/or software which functions in a networked
environment to prevent some communications forbidden by the security policy, analogous to the function of
firewalls in building construction.
A firewall has the basic task of controlling traffic between different zones of trust. Typical zones of trust include the
Internet (a zone with no trust) and an internal network (a zone with high trust). The ultimate goal is to provide
controlled connectivity between zones of differing trust levels through the enforcement of a security policy and
connectivity model based on the least privilege principle.
There are three basic types of firewalls depending on:
whether the communication is being done between a single node and the network, or between two or more
networks
whether the communication is intercepted at the network layer, or at the application layer
whether the communication state is being tracked at the firewall or not
With regard to the scope of filtered communication these firewalls are exist:
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 53/95
Personal firewalls, a software application which normally filters traffic entering or leaving a single computer
through the Internet.
Network firewalls, normally running on a dedicated network device or computer positioned on the boundary of
two or more networks or DMZs (demilitarized zones). Such a firewall filters all traffic entering or leaving the
connected networks.
In reference to the layers where the traffic can be intercepted, three main
categories of firewalls exist:
network layer firewalls An example would be iptables.
application layer firewalls An example would be TCP Wrapper.
application firewalls An example would be restricting ftp services through /etc/ftpaccess file
These network-layer and application-layer types of firewall may overlap, even though the personal firewall does not
serve a network; indeed, single systems have implemented both together.
There's also the notion of application firewalls which are sometimes used during wide area network (WAN)
networking on the world-wide web and govern the system software. An extended description would place them
lower than application layer firewalls, indeed at the Operating System layer, and could alternately be calledoperating system firewalls.
Lastly, depending on whether the firewalls track packet states, two additional categories of firewalls exist:
stateful firewalls
stateless firewalls
Network layer firewalls
Network layer firewalls operate at a (relatively low) level of the TCP/IP protocol stack as IP-packet filters, not
allowing packets to pass through the firewall unless they match the rules. The firewall administrator may define the
rules; or default built-in rules may apply (as in some inflexible firewall systems).
A more permissive setup could allow any packet to pass the filter as long as it does not match one or more
"negative-rules", or "deny rules". Today network firewalls are built into most computer operating system and
network appliances.
Modern firewalls can filter traffic based on many packet attributes like source IP address, source port, destination
IP address or port, destination service like WWW or FTP. They can filter based on protocols, TTL values, netblock of
originator, domain name of the source, and many other attributes.
Application-layer firewalls
Application-layer firewalls work on the application level of the TCP/IP stack (i.e., all browser traffic, or all telnet or
ftp traffic), and may intercept all packets traveling to or from an application. They block other packets (usually
dropping them without acknowledgement to the sender). In principle, application firewalls can prevent all
unwanted outside traffic from reaching protected machines.
By inspecting all packets for improper content, firewalls can even prevent the spread of the likes of viruses. In
practice, however, this becomes so complex and so difficult to attempt (given the variety of applications and the
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 54/95
diversity of content each may allow in its packet traffic) that comprehensive firewall design does not generally
attempt this approach.
A proxy device (running either on dedicated hardware or as software on a general-purpose machine) may act as a
firewall by responding to input packets (connection requests, for example) in the manner of an application, whilst
blocking other packets.
Proxies make tampering with an internal system from the external network more difficult, and misuse of one
internal system would not necessarily cause a security breach exploitable from outside the firewall (as long as the
application proxy remains intact and properly configured). Conversely, intruders may hijack a publicly-reachable
system and use it as a proxy for their own purposes; the proxy then masquerades as that system to other internal
machines. While use of internal address spaces enhances security, crackers may still employ methods such as IP
spoofing to attempt to pass packets to a target network.
10.Port (computer networking) and web application server
In computer networking, a port is an application-specific or process-specific software construct serving as a
communications endpoint in a computer's host operating system. The purpose of ports is to uniquely identify
different applications or processes running on a single computer and thereby enable them to share a single physical
connection to a packet-switched network like the Internet. In the context of the Internet Protocol, a port is
associated with an IP address of the host, as well as the type of protocol used for communication.
The protocols that primarily use ports are the Transport Layer protocols, such as the Transmission Control Protocol
(TCP) and the User Datagram Protocol (UDP) of the Internet Protocol Suite. A port is identified for each address and
protocol by a 16-bit number, commonly known as the port number. The port number, added to a computer's IPaddress, completes the destination address for a communications session. That is, data packets are routed across
the network to a specific destination IP address, and then, upon reaching the destination computer, are further
routed to the specific process bound to the destination port number.
Note that it is the combination of IP address and port number together that must be globally unique. Thus,
different IP addresses or protocols may use the same port number for communication; e.g., on a given host or
interface UDP and TCP may use the same port number, or on a host with two interfaces, both addresses may be
associated with a port having the same number.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 55/95
Of the thousands of enumerated ports, about 250 well-known ports are reserved by convention to identify
specific service types on a host. In the client-server model of application architecture, ports are used to provide a
multiplexing service on each server-side port number that network clients connect to for service initiation, after which
communication can be reestablished on other connection-specific port numbers.
First, What is a Web Server?
A web server is a specialized type of file server. Its job is to retrieve files from the server’s hard drive, format the files
for the Web browser, and send them out via the network. Web servers are designed to do a great job of sending staticcontent out to a large number of users. The pages delivered by the server are expected to be the same for everyone
who visits the server.
The function of a typical Web server is shown below. The user requests a web page. The Web Server finds the web page
file in a local directory and sends it back out to the user. When graphic files are requested, the same thing happens. The
Web Server finds the requested graphic files and sends them back to the user.
The Web Server standards were originally designed to publish static documents on the Internet. There was a limited
capability for accessing dynamic content, but this was never intended to support high volume, highly interactive Web
applications.
Then, as the Internet and Web browsers became popular in the mid-1990′s, organizations saw an opportunity to
provide web pages that contained dynamic content like stock prices, weather information, inventory levels, andshipping status for a package. Web browsers became such a pervasive way to access information that users and
organizations desired to access a wide variety of information and applications through their Web browser. So, Web
servers had to be extended to allow software application development and access to databases.
Then, What is a Web Application Server?
Web application servers are designed specifically to extend web servers to support dynamic content. The application
server software “hooks in” to the web server software and automatically intercepts any user requests for dynamic
content. The web server still sends out static web pages and graphic files –Just like before. But now, the application
server can create dynamic content by mixing data with templates, running programs, or by accessing databases
11.OSI TCP IP MODEL
The Open Systems Interconnection model (OSI) is a conceptual model that characterizes and standardizes the internal
functions of a communication system by partitioning it into abstraction layers. The model is a product of the Open
Systems Interconnection project at the International Organization for Standardization (ISO), maintained by the
identification ISO/IEC 7498-1.
The model groups communication functions into seven logical layers. A layer serves the layer above it and is served by
the layer below it. For example, a layer that provides error-free communications across a network provides the path
needed by applications above it, while it calls the next lower layer to send and receive packets that make up the
contents of that path.
LAYERS OF OSI MODEL
Layer 1: physical layer[edit]
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 56/95
The physical layer has the following major functions:
it defines the electrical and physical specifications of the data connection. It defines the relationship between a
device and a physical transmission medium (e.g., a copper or fiber optical cable). This includes the layout of pins,
voltages, line impedance, cable specifications, signal timing, hubs, repeaters, network adapters, host bus adapters
(HBA used in storage area networks) and more.
it defines the protocol to establish and terminate a connection between two directly connected nodes over a
communications medium.
it may define the protocol for flow control.
it defines a protocol for the provision of a (not necessarily reliable) connection between two directly connected
nodes, and the modulation or conversion between the representation of digital data in user equipment and the
corresponding signals transmitted over the physical communications channel. This channel can involve physical
cabling (such as copper and optical fiber) or a wirelessradio link.
The physical layer of Parallel SCSI operates in this layer, as do the physical layers of Ethernet and other local-area
networks, such as Token Ring, FDDI, ITU-T G.hn, and IEEE 802.11, as well as personal area networks such as Bluetooth
and IEEE 802.15.4.
Layer 2: data link layer
The data link layer provides a reliable link between two directly connected nodes, by detecting and possibly correcting
errors that may occur in the physical layer. The data link layer is divided into two sublayers:
Media Access Control (MAC) layer - responsible for controlling how computers in the network gain access to
data and permission to transmit it.
Logical Link Control (LLC) layer - control error checking and packet synchronization.
The Point-to-Point Protocol (PPP) is an example of a data link layer in the TCP/IP protocol stack.
The ITU-T G.hn standard, which provides high-speed local area networking over existing wires (power lines, phone lines
and coaxial cables), includes a complete data link layer that provides both error correction and flow control by means of
a selective-repeat sliding-window protocol.
Layer 3: network layer[edit]
The network layer provides the functional and procedural means of transferring variable length data sequences (called
datagrams) from one node to another connected to the same network. A network is a medium to which many nodes
can be connected, on which every node has an address and which permits nodes connected to it to transfer messages
to other nodes connected to it by merely providing the content of a message and the address of the destination node
and letting the network find the way to deliver ("route") the message to the destination node. In addition to
messagerouting, the network may (or may not) implement message delivery by splitting the message into several
fragments, delivering each fragment by a separate route and reassembling the fragments, report delivery errors, etc.
Datagram delivery at the network layer is not guaranteed to be reliable.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 57/95
A number of layer-management protocols, a function defined in the management annex , ISO 7498/4, belong to the
network layer. These include routing protocols, multicast group management, network-layer information and error, and
network-layer address assignment. It is the function of the payload that makes these belong to the network layer, not
the protocol that carries them.
Layer 4: transport layer
The transport layer provides the functional and procedural means of transferring variable-length data sequences from a
source to a destination host via one or more networks, while maintaining the quality of service functions.
An example of a transport-layer protocol in the standard Internet protocol stack is TCP, usually built on top of the IP
protocol.
The transport layer controls the reliability of a given link through flow control, segmentation/desegmentation, and
error control. Some protocols are state- and connection-oriented. This means that the transport layer can keep track of
the segments and retransmit those that fail. The transport layer also provides the acknowledgement of the successful
data transmission and sends the next data if no errors occurred. The transport layer creates packets out of the message
received from the application layer. Packetizing is a process of dividing the long message into smaller messages.
OSI defines five classes of connection-mode transport protocols ranging from class 0 (which is also known as TP0 and
provides the fewest features) to class 4 (TP4, designed for less reliable networks, similar to the Internet). Class 0
contains no error recovery, and was designed for use on network layers that provide error-free connections. Class 4 is
closest to TCP, although TCP contains functions, such as the graceful close, which OSI assigns to the session layer. Also,
all OSI TP connection-mode protocol classes provide expedited data and preservation of record boundaries. Detailed
characteristics of TP0-4 classes are shown in the following table
Feature Name TP0 TP1 TP2 TP3 TP4
Connection-oriented network Yes Yes Yes Yes Yes
Connectionless network No No No No Yes
Concatenation and separation No Yes Yes Yes Yes
Segmentation and reassembly Yes Yes Yes Yes Yes
Error recovery No Yes Yes Yes Yes
Reinitiate connection (if an excessive number of PDUs are
unacknowledged)No Yes No Yes No
Multiplexing and demultiplexing over a single virtual circuit No No Yes Yes Yes
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 58/95
Explicit flow control No No Yes Yes Yes
Retransmission on timeout No No No No Yes
Reliable transport service No Yes No Yes Yes
An easy way to visualize the transport layer is to compare it with a post office, which deals with the dispatch and
classification of mail and parcels sent. Do remember, however, that a post office manages the outer envelope of mail.
Higher layers may have the equivalent of double envelopes, such as cryptographic presentation services that can be
read by the addressee only. Roughly speaking, tunneling protocols operate at the transport layer, such as carrying non-
IP protocols such as IBM's SNA or Novell's IPX over an IP network, or end-to-end encryption with IPsec. WhileGeneric
Routing Encapsulation (GRE) might seem to be a network-layer protocol, if the encapsulation of the payload takes place
only at endpoint, GRE becomes closer to a transport protocol that uses IP headers but contains complete frames or
packets to deliver to an endpoint. L2TP carries PPP frames inside transport packet.
Although not developed under the OSI Reference Model and not strictly conforming to the OSI definition of the
transport layer, the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) of the Internet Protocol
Suite are commonly categorized as layer-4 protocols within OSI.
Layer 5: session layer
The session layer controls the dialogues (connections) between computers. It establishes, manages and terminates the
connections between the local and remote application. It provides for full-duplex, half-duplex, or simplex operation,
and establishes checkpointing, adjournment, termination, and restart procedures. The OSI model made this layer
responsible for graceful close of sessions, which is a property of the Transmission Control Protocol, and also for session
checkpointing and recovery, which is not usually used in the Internet Protocol Suite. The session layer is commonlyimplemented explicitly in application environments that use remote procedure calls.
Layer 6: presentation layer
The presentation layer establishes context between application-layer entities, in which the application-layer entities
may use different syntax and semantics if the presentation service provides a mapping between them. If a mapping is
available, presentation service data units are encapsulated into session protocol data units, and passed down the
TCP/IP stack.
This layer provides independence from data representation (e.g., encryption) by translating between application and
network formats. The presentation layer transforms data into the form that the application accepts. This layer formats
and encrypts data to be sent across a network. It is sometimes called the syntax layer.[5]
The original presentation structure used the Basic Encoding Rules of Abstract Syntax Notation One (ASN.1), with
capabilities such as converting an EBCDIC-coded text file to an ASCII-coded file, orserialization of objects and other data
structures from and to XML.
Layer 7: application layer
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 59/95
The application layer is the OSI layer closest to the end user, which means both the OSI application layer and the user
interact directly with the software application. This layer interacts with software applications that implement a
communicating component. Such application programs fall outside the scope of the OSI model. Application-layer
functions typically include identifying communication partners, determining resource availability, and synchronizing
communication. When identifying communication partners, the application layer determines the identity and
availability of communication partners for an application with data to transmit. When determining resource availability,
the application layer must decide whether sufficient network or the requested communication exists. In synchronizing
communication, all communication between applications requires cooperation that is managed by the application
layer. Some examples of application-layer are implementations also include:
On OSI stack:
FTAM File Transfer and Access Management Protocol
X.400 Mail
Common Management Information Protocol (CMIP)
On TCP/IP stack:
Hypertext Transfer Protocol (HTTP),
File Transfer Protocol (FTP),
Simple Mail Transfer Protocol (SMTP)
Simple Network Management Protocol (SNMP)...
TCP / IP MODEL
In computer science and in Information and communications technology, the Internet protocol suite is the computer
networking model andcommunications protocols used by the Internet and similar computer networks. It is commonly
known as TCP/IP, because its most important protocols, the Transmission Control Protocol (TCP) and the Internet
Protocol (IP), were the first networking protocols defined in this standard. It is occasionally known as the DoD model,
because the development of the networking model was funded by DARPA, an agency of the United States Departmentof Defense.
TCP/IP provides end-to-end connectivity specifying how data should be formatted, addressed, transmitted, routed and
received at the destination. This functionality has been organized into four abstraction layers which are used to sort all
related protocols according to the scope of networking involved.[1][2]From lowest to highest, the layers are the link
layer, containing communication technologies for a single network segment (link), the internet layer, connecting hosts
across independent networks, thus establishing internetworking, the transport layer handling host-to-host
communication, and theapplication layer, which provides process-to-process application data exchange.
12.The TCP/IP model
TCP/IP is based on a four-layer reference model. All protocols that belong to the TCP/IP protocol suite are located in the
top three layers of this model.
As shown in the following illustration, each layer of the TCP/IP model corresponds to one or more layers of the seven-
layer Open Systems Interconnection (OSI) reference model proposed by the International Standards Organization (ISO).
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 60/95
The types of services performed and protocols used at each layer within the TCP/IP model are described in more detail
in the following table.
Layer Description
Application Defines TCP/IP application protocols and how host programs interface with transport layer services to
the network.
Transport Provides communication session management between host computers. Defines the level of service
status of the connection used when transporting data.
Internet Packages data into IP datagrams, which contain source and destination address information that is useforward the datagrams between hosts and across networks. Performs routing of IP datagrams.
Network
interface
Specifies details of how data is physically sent through the network, including how bits are electri
signaled by hardware devices that interface directly with a network medium, such as coaxial cable, op
fiber, or twisted-pair copper wire.
UDP
The User Datagram Protocol (UDP) is one of the core members of the Internet protocol suite (the set of network
protocols used for the Internet). With UDP, computer applications can send messages, in this case referred to as
datagrams, to other hosts on an Internet Protocol (IP) network without prior communications to set up special
transmission channels or data paths. The protocol was designed by David P. Reed in 1980 and formally defined in RFC
768.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 61/95
UDP uses a simple transmission model with a minimum of protocol mechanism.[1] It has no handshaking dialogues, and
thus exposes any unreliability of the underlying network protocol to the user's program. As this is normally IP over
unreliable media, there is no guarantee of delivery, ordering, or duplicate protection. UDP provides checksums for data
integrity, and port numbers for addressing different functions at the source and destination of the datagram.
UDP is suitable for purposes where error checking and correction is either not necessary or is performed in the
application, avoiding the overhead of such processing at the network interface level. Time-sensitive applications often
use UDP because dropping packets is preferable to waiting for delayed packets, which may not be an option in a real-time system.[2] If error correction facilities are needed at the network interface level, an application may use
theTransmission Control Protocol (TCP) or Stream Control Transmission Protocol (SCTP) which are designed for this
purpose.
A number of UDP's attributes make it especially suited for certain applications.
It is transaction-oriented , suitable for simple query-response protocols such as the Domain Name System or the
Network Time Protocol.
It provides datagrams, suitable for modeling other protocols such as in IP tunneling or Remote Procedure Calland the Network File System.
It is simple, suitable for bootstrapping or other purposes without a full protocol stack, such as the DHCP and
Trivial File Transfer Protocol.
It is stateless, suitable for very large numbers of clients, such as in streaming media applications for example
IPTV
The lack of retransmission delays makes it suitable for real-time applications such as Voice over IP, online
games, and many protocols built on top of the Real Time Streaming Protocol.
Works well in unidirectional communication, suitable for broadcast information such as in many kinds of servicediscovery and shared information such as broadcast time or Routing Information Protocol
Applications use datagram sockets to establish host-to-host communications. An application binds a socket to its
endpoint of data transmission, which is a combination of an IP address and a service port. A port is a software structure
that is identified by the port number, a 16 bit integer value, allowing for port numbers between 0 and 65535. Port 0 is
reserved, but is a permissible source port value if the sending process does not expect messages in response.
The Internet Assigned Numbers Authority (IANA) has divided port numbers into three ranges. Port numbers 0 through
1023 are used for common, well-known services. On Unix-like operating systems, using one of these ports requires
superuser operating permission. Port numbers 1024 through 49151 are the registered ports used for IANA-registered
services. Ports 49152 through65535 are dynamic ports that are not officially designated for any specific service, and
may be used for any purpose. They also are used as ephemeral ports, from which software running on the host may
randomly choose a port in order to define itself. In effect, they are used as temporary ports primarily by clients when
communicating with servers.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 62/95
Universal Serial Bus (USB) is an industry standard developed in the mid-1990s that defines the cables, connectors and
communications protocols used in a bus for connection, communication, and power supply between computers and
electronic devices.
13.USB
USB was designed to standardize the connection of computer peripherals (including keyboards, pointing devices, digital
cameras, printers, portable media players, disk drives and network adapters) to personal computers, both to
communicate and to supply electric power. It has become commonplace on other devices, such as smartphones, PDAs
and video game consoles. USB has effectively replaced a variety of earlier interfaces, such as serial andparallel ports, as
well as separate power chargers for portable devices.
USB 1.x
Released in January 1996, USB 1.0 specified data rates of 1.5 Mbit/s (Low-Bandwidth) and 12 Mbit/s (Full-Bandwidth). It
did not allow for extension cables or pass-through monitors, due to timing and power limitations. Few USB devicesmade it to the market until USB 1.1 was released in August 1998, fixing problems identified in 1.0, mostly related to
using hubs. USB 1.1 was the earliest revision that was widely adopted.
USB 2.0
The Hi-Speed USB Logo
USB 2.0 was released in April 2000 (now called "Hi-Speed" ), adding higher maximum signaling rate of 480 Mbit/s (due
to bus access constraints the effective throughput is limited to 35 MB/s or 280 Mbit/s), in addition to the "USB 1.x Full
Speed" signaling rate of 12 Mbit/s.
Further modifications to the USB specification have been done via Engineering Change Notices (ECN). The most
important of these ECNs are included into the USB 2.0 specification package available from USB.org:
USB 3.0
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 63/95
The SuperSpeed USB Logo
USB 3.0 was released in November 2008. The standard defines a new SuperSpeed mode with a signaling speed of 5
Gbit/s and, due to encoding overhead, usable data rate of up to 4 Gbit/s (500 MB/s). A USB 3.0 port is usually colored
blue, and is backwards compatible with USB 2.0.
The USB 3.0 Promoter Group announced on 17 November 2008 that the specification of version 3.0 had been
completed and had made the transition to the USB Implementers Forum (USB-IF), the managing body of USB
specifications. This move effectively opened the specification to hardware developers for implementation in products.
The new SuperSpeed bus provides a fourth transfer mode at 5.0 Gbit/s (raw data rate), in addition to the modes
supported by earlier versions. The payload throughput is 4 Gbit/s (using 8b/10b encoding), and the specification
considers it reasonable to achieve around 3.2 Gbit/s (0.4 GB/s or 400 MB/s), which should increase with future
hardware advances. Communication is full-duplex in SuperSpeed transfer mode; in the modes supported previously, by
1.x and 2.0, communication is half-duplex, with direction controlled by the host.
As with previous USB versions, USB 3.0 ports come in low-power and high-power variants, providing 150 mA and 900
mA respectively while simultaneously transmitting data at SuperSpeed rates. Additionally, there is a Battery Charging
Specification (Version 1.2 – December 2010), which increases the power handling capability to 1.5 A but does not allow
concurrent data transmission. The Battery Charging Specification requires that the physical ports themselves be
capable of handling 5 A of current but the specification limits the maximum current drawn to 1.5 A.
USB 3.1
A January 2013 press release from the USB group revealed plans to update USB 3.0 to 10 Gbit/s, effectively putting it on
par with Thunderbolt by mid-2013. The USB 3.1 specification was released on 31 July 2013, introducing a faster transfer
mode called "SuperSpeed USB 10 Gbps"; its logo features a Superspeed+ (stylized as SUPERSPEED+) caption. The USB
3.1 standard increases the signalling rate to 10 Gbit/s, double that of USB 3.0, and reduces line encoding overhead to
just 3% by changing the encoding scheme to 128b/132b. Though, some initial tests demonstrated usable transfer
speeds of only 7.2 Gbit/s, suggesting a 30% overall overhead.
The USB 3.1 standard is backward compatible with USB 3.0 and USB 2.0. Using three power profiles of those defined in
the USB Power Delivery Specification, it lets devices with larger energy demands request higher currents and supply
voltages from compliant hosts – up to 2 A at 5 V (for a power consumption of up to 10 W), and optionally up to 5 A at
either 12 V (60 W) or 20 V (100 W).
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 64/95
14.VLAN : A VLAN is a switched network that is logically segmented by function, project team, or application,
without regard to the physical locations of the users. VLANs have the same attributes as physical LANs, but you can
group end stations even if they are not physically located on the same LAN segment. Any switch port can belong to a
VLAN, and unicast, broadcast, and multicast packets are forwarded and flooded only to end stations in the VLAN. Each
VLAN is considered a logical network, and packets destined for stations that do not belong to the VLAN must be
forwarded through a router or bridge
VLANs are often associated with IP subnetworks. For example, all the end stations in a particular IP subnet belong to
the same VLAN. Interface VLAN membership on the switch is assigned manually on an interface-by-interface basis.
When you assign switch interfaces to VLANs by using this method, it is known as interface-based, or static, VLAN
membership.
Configuration Guidelines for Normal-Range VLANs
Follow these guidelines when creating and modifying normal-range VLANs in your network:
• for the maximum number of supported VLANs per switch model. On a switch supporting 250 VLANs, if VTP reports
that there are 254 active VLANs, four of the active VLANs (1002 to 1005) are reserved for Token Ring and FDDI.
• Normal-range VLANs are identified with a number between 1 and 1001. VLAN numbers 1002 through 1005 are
reserved for Token Ring and FDDI VLANs.
• VLAN configuration for VLANs 1 to 1005 are always saved in the VLAN database. If VTP mode is transparent, VTP
and VLAN configuration is also saved in the switch running configuration file.
• The switch also supports VLAN IDs 1006 through 4094 in VTP transparent mode (VTP disabled) when the enhanced
software image is installed. These are extended-range VLANs and configuration options are limited. Extended-range
VLANs are not saved in the VLAN database. • Before you can create a VLAN, the switch must be in VTP server
mode or VTP transparent mode. If the switch is a VTP server, you must define a VTP domain or VTP will not
function.
• Catalyst 2950 switches do not support Token Ring or FDDI media. The switch does not forward FDDI, FDDI-Net,
TrCRF, or TrBRF traffic, but it does propagate the VLAN configuration through VTP.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 65/95
• The switch supports 64 spanning-tree instances. If a switch has more active VLANs than supported spanning-tree
instances, spanning tree can be enabled on 64 VLANs and is disabled on the remaining VLANs. If you have already
used all available spanning-tree instances on a switch, adding another VLAN anywhere in the VTP domain creates a
VLAN on that switch that is not running spanning-tree. If you have the default allowed list on the trunk ports of that
switch (which is to allow all VLANs), the new VLAN is carried on all trunk ports. Depending on the topology of the
network, this could create a loop in the new VLAN that would not be broken, particularly if there are several
adjacent switches that all have run out of spanning-tree instances. You can prevent this possibility by setting
allowed lists on the trunk ports of switches that have used up their allocation of spanning-tree instances.
If the number of VLANs on the switch exceeds 64, we recommend that you configure the IEEE 802.1S Multiple STP
(MSTP) on your switch to map multiple VLANs to a single STP instance. For more information about MSTP, see
"Configuring RSTP and MSTP."
VLAN Configuration Mode Options
You can configure normal-range VLANs (with VLAN IDs 1 to 1005) by using these two configuration modes:
• VLAN Configuration in config-vlan Mode
You access config-vlan mode by entering the vlan vlan-id global configuration command.
• VLAN Configuration in VLAN Configuration Mode
You access VLAN configuration mode by entering the vlan database privileged EXEC command.
VLAN Configuration in config-vlan Mode
To access config-vlan mode, enter the vlan global configuration command with a VLAN ID. Enter a new VLAN ID to
create a VLAN or with an existing VLAN ID to modify the VLAN. You can use the default VLAN configuration ) or enter
multiple commands to configure the VLAN. For more information about commands available in this mode, refer to the
vlan global configuration command description in the Catalyst 2950 Desktop Switch Command Reference for this
release. When you have finished the configuration, you must exit config-vlan mode for the configuration to take effect.
To display the VLAN configuration, enter the show vlan privileged EXEC command.
You must use this config-vlan mode when creating extended-range VLANs (VLAN IDs greater than 1005). See the"Configuring Extended-Range VLANs" section.
VLAN Configuration in VLAN Configuration Mode
To access VLAN configuration mode, enter the vlan database privileged EXEC command. Then enter the vlan command
with a new VLAN ID to create a VLAN or with an existing VLAN ID to modify the VLAN. You can use the default VLAN
configuration or enter multiple commands to configure the VLAN. For more information about keywords available in
this mode, refer to the vlan VLAN configuration command description in the Catalyst 2950 Desktop Switch Command
Reference for this release. When you have finished the configuration, you must enter apply or exit for the configuration
to take effect. When you enter the exit command, it applies all commands and updates the VLAN database. VTP
messages are sent to other switches in the VTP domain, and the privileged EXEC mode prompt appears.
Saving VLAN Configuration
The configurations of VLAN IDs 1 to 1005 are always saved in the VLAN database (vlan.dat file). If VTP mode is
transparent, they are also saved in the switch running configuration file and you can enter the copy running-config
startup-config privileged EXEC command to save the configuration in the startup configuration file. You can use the
show running-config vlan privileged EXEC command to display the switch running configuration file. To display the VLAN
configuration, enter the show vlan privileged EXEC command.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 66/95
When you save VLAN and VTP information (including extended-range VLAN configuration information) in the startup
configuration file and reboot the switch, the switch configuration is determined as follows:
• If the VTP mode is transparent in the startup configuration, and the VLAN database and the VTP domain name from
the VLAN database matches that in the startup configuration file, the VLAN database is ignored (cleared), and the
VTP and VLAN configurations in the startup configuration file are used. The VLAN database revision number
remains unchanged in the VLAN database.
• If the VTP mode or domain name in the startup configuration does not match the VLAN database, the domain
name and VTP mode and configuration for the first 1005 VLANs use the VLAN database information.
• If VTP mode is server, the domain name and VLAN configuration for the first 1005 VLANs use the VLAN database
information
• If the switch is running IOS release 12.1(9)EA1 or later and you use an older startup configuration file to boot up
the switch, the configuration file does not contain VTP or VLAN information, and the switch uses the VLAN database
configurations.
15.WIFI
Wi-Fi, also spelled Wifi or WiFi, is a local area wireless technology that allows an electronic device to exchange data or
connect to the internet using 2.4 GHzUHF and 5 GHz SHF radio waves. The name is a trademark name, and is a play on
the audiophile term Hi-Fi. The Wi-Fi Alliance defines Wi-Fi as any "wireless local area network (WLAN) products that are
based on the Institute of Electrical and Electronics Engineers' (IEEE) 802.11 standards". However, since most modern
WLANs are based on these standards, the term "Wi-Fi" is used in general English as a synonym for "WLAN". Only Wi-Fi
products that complete Wi-Fi Alliance interoperability certification testing successfully may use the "Wi-Fi CERTIFIED"
trademark.
Many devices can use Wi-Fi, e.g., personal computers, video-game consoles, smartphones, some digital cameras, tablet
computers and digital audio players. These can connect to a network resource such as the Internet via a wireless
network access point. Such an access point (or hotspot) has a range of about 20 meters (66 feet) indoors and a greater
range outdoors. Hotspot coverage can comprise an area as small as a single room with walls that block radio waves, or
as large as many square kilometres achieved by using multiple overlapping access points.
Depiction of a device sending information wirelessly to another device, both connected to the local network, in
order to print a document.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 67/95
Wi-Fi can be less secure than wired connections (such as Ethernet) because an intruder does not need a physical
connection. Web pages that use SSLare secure but unencrypted internet access can easily be detected by intruders.
Because of this, Wi-Fi has adopted various encryption technologies. The early encryption WEP, proved easy to break.
Higher quality protocols (WPA, WPA2) were added later. An optional feature added in 2007, called Wi-Fi Protected
Setup (WPS), had a serious flaw that allowed an attacker to recover the router's password. The Wi-Fi Alliance has since
updated its test plan and certification program to ensure all newly certified devices resist attacks.
WiMAX(Worldwide Interoperability for Microwave Access) is a wireless communications standard designed to provide 30 to 40
megabit-per-second data rates, with the 2011 update providing up to 1 Gbit/s for fixed stations. The name "WiMAX"
was created by the WiMAX Forum, which was formed in June 2001 to promote conformity and interoperability of the
standard. The forum describes WiMAX as "a standards-based technology enabling the delivery of last mile wireless
broadband access as an alternative to cable and DSL".
WiMAX can provide at-home or mobile Internet access across whole cities or countries. In many cases this has resulted
in competition in markets which typically only had access through an existing incumbent DSL (or similar) operator.
Additionally, given the relatively low costs associated with the deployment of a WiMAX network (in comparison with
3G, HSDPA, xDSL, HFC or FTTx), it is now economically viable to provide last-mile broadband Internet access in remote
locations.
Mobile WiMAX was a replacement candidate for cellular phone technologies such as GSM and CDMA, or can be used as
an overlay to increase capacity. Fixed WiMAX is also considered as a wireless backhaul technology for 2G, 3G, and 4G
networks in both developed and developing nations.
In North America, backhaul for urban operations is typically provided via one or more copper wire line connections,
whereas remote cellular operations are sometimes backhauled via satellite. In other regions, urban and rural backhaul
is usually provided by microwave links. (The exception to this is where the network is operated by an incumbent with
ready access to the copper network.) WiMAX has more substantial backhaul bandwidth requirements than legacy
cellular applications. Consequently the use of wireless microwave backhaul is on the rise in North America and existing
microwave backhaul links in all regions are being upgraded.[8] Capacities of between 34 Mbit/s and 1 Gbit/s [9] are
routinely being deployed with latencies in the order of 1 ms.
In many cases, operators are aggregating sites using wireless technology and then presenting traffic on to fiber
networks where convenient. WiMAX in this application competes with microwave, E-line and simple extension of the
fiber network itself.
WiMAX directly supports the technologies that make triple-play service offerings possible (such as Quality of Service
and Multicasting). These are inherent to the WiMAX standard rather than being added on as Carrier Ethernet is to
Ethernet.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 68/95
On May 7, 2008 in the United States, Sprint Nextel, Google, Intel, Comcast, Bright House, and Time Warner announced
a pooling of an average of 120 MHz of spectrum and merged with Clearwire to market the service. The new company
hopes to benefit from combined services offerings and network resources as a springboard past its competitors. The
cable companies will provide media services to other partners while gaining access to the wireless network as a Mobile
virtual network operator to provide triple-play services.
Some analysts questioned how the deal will work out: Although fixed-mobile convergence has been a recognized factor
in the industry, prior attempts to form partnerships among wireless and cable companies have generally failed to leadto significant benefits to the participants. Other analysts point out that as wireless progresses to higher bandwidth, it
inevitably competes more directly with cable and DSL, inspiring competitors into collaboration. Also, as wireless
broadband networks grow denser and usage habits shift, the need for increased backhaul and media service will
accelerate, therefore the opportunity to leverage cable assets is expected to increase.
16.PROXY SERVER
A proxy server (running either on dedicated hardware or as software on a general-purpose machine) may act as a
firewall by responding to input packets (connection requests, for example) in the manner of an application, whileblocking other packets. A proxy server is a gateway from one network to another for a specific network application, in
the sense that it functions as a proxy on behalf of the network user.
Proxies make tampering with an internal system from the external network more difficult and misuse of one internal
system would not necessarily cause a security breach exploitable from outside the firewall (as long as the application
proxy remains intact and properly configured). Conversely, intruders may hijack a publicly reachable system and use it
as a proxy for their own purposes; the proxy then masquerades as that system to other internal machines. While use of
internal address spaces enhances security, crackers may still employ methods such as IP spoofing to attempt to pass
packets to a target network.Network address translation
: Network address translation
Firewalls often have network address translation {NAT} functionality, and the hosts protected behind a firewall
commonly have addresses in the "private address range", as defined in RFC 1918. Firewalls often have such
functionality to hide the true address of protected hosts. Originally, the NAT function was developed to address the
limited number of IPv4 routable addresses that could be used or assigned to companies or individuals as well as reduce
both the amount and therefore cost of obtaining enough public addresses for every computer in an organization.Hiding the addresses of protected devices has become an increasingly important defense against network
reconnaissance
17.IDS IPS
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 69/95
Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network
security appliances that monitor network and/or system activities for malicious activity. The main functions of intrusion
prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and
report it.
Intrusion prevention systems are considered extensions of intrusion detection systems because they both monitor
network traffic and/or system activities for malicious activity. The main differences are, unlike intrusion detection
systems, intrusion prevention systems are placed in-line and are able to actively prevent/block intrusions that aredetected. More specifically, IPS can take such actions as sending an alarm, dropping the malicious packets, resetting the
connection and/or blocking the traffic from the offending IP address. An IPS can also correct Cyclic Redundancy Check
(CRC) errors, unfragment packet streams, prevent TCP sequencing issues, and clean up unwanted transport and
network layer options.
An intrusion detection system (IDS) is a device or software application that monitors network or system activities for
malicious activities or policy violations and produces reports to a management station. IDS come in a variety of
“flavors” and approach the goal of detecting suspicious traffic in different ways. There are network based (NIDS) and
host based (HIDS) intrusion detection systems. Some systems may attempt to stop an intrusion attempt but this is
neither required nor expected of a monitoring system. Intrusion detection and prevention systems (IDPS) are primarily
focused on identifying possible incidents, logging information about them, and reporting attempts. In addition,
organizations use IDPSes for other purposes, such as identifying problems with security policies, documenting existing
threats and deterring individuals from violating security policies. IDPSes have become a necessary addition to the
security infrastructure of nearly every organization.
IDPSes typically record information related to observed events, notify security administrators of important observed
events and produce reports. Many IDPSes can also respond to a detected threat by attempting to prevent it from
succeeding. They use several response techniques, which involve the IDPS stopping the attack itself, changing the
security environment (e.g. reconfiguring a firewall) or changing the attack's content.
18.CLBComponent load balancing (CLB) is a Microsoft Windows Server OS series technology that enables the efficient and
even balancing of services requests in a COM/COM+ based computing architecture. CLB is designed to provide
availability, reliability and scalability of components or objects that are essential for real-time application based
transactions or processes.CLB is implemented in distributed computing architectures in which an application is
deployed over one or more servers. The entire CLB process works on the collaboration of a CLB configured load
balancing router and application server(s).
The CLB router receives all application requests from the Web/front end server. These requests are then routed
between the connected application server cluster. The CLB router is responsible for managing a routing table, which
includes network paths, to implement server clustering, load processing on each server and the entire
interprocess/device communication. This helps identify the current status of an application server and balance the
network/request load across the cluster.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 70/95
The Web or front end server also may be configured to provide CLB services and directly interact with the application
server cluster.
19.WES WAP
Wireless Application Protocol (WAP) is a technical standard for accessing information over a mobile wireless network. A
WAP browser is a web browser for mobile devices such as mobile phonesthat uses the protocol.
Before the introduction of WAP, mobile service providers had limited opportunities to offer interactive data services,but needed interactivity to support Internet and Web applications such as:
Email by mobile phone
Tracking of stock-market prices
Sports results
News headlines
Music downloads
The Japanese i-mode system offers another major competing wireless data protocol. As of 2013, WAP use has largely
disappeared in Europe and the United States. Most modern handset internet browsers now support full HTML, so do
not need to use WAP markup for webpage compatibility.
The bottom-most protocol in the suite, the WAP Datagram Protocol (WDP), functions as an adaptation layer that makes
every data network look a bit likeUDP to the upper layers by providing unreliable transport of data with two 16-bit port
numbers (origin and destination). All the upper layers view WDP as one and the same protocol, which has several
"technical realizations" on top of other "data bearers" such as SMS, USSD, etc. On native IP bearers such as GPRS, UMTS
packet-radio service, orPPP on top of a circuit-switched data connection, WDP is in fact exactly UDP.
WTLS, an optional layer, provides a public-key cryptography-based security mechanism similar to TLS.
WTP provides transaction support (reliable request/response) adapted to the wireless world. WTP supports more
effectively than TCP the problem of packet loss, which occurs commonly in 2G wireless technologies in most radio
conditions, but is misinterpreted by TCP as network congestion.
Finally, one can think of WSP initially as a compressed version of HTTP.
This protocol suite allows a terminal to transmit requests that have an HTTP or HTTPS equivalent to a WAP gateway;
the gateway translates requests into plain HTTP.
The WAP Forum dates from 1997. It aimed primarily to bring together the various wireless technologies in a
standardised protocol.[1] The first company to launch a WAP site was Dutch mobile phoneoperator Telfort BV in
October 1999. The site was developed as a side project by Christopher Bee and Euan McLeod and launched with the
debut of the Nokia 7110.
In 2002 the WAP Forum was consolidated (along with many other forums of the industry) into Open Mobile Alliance
(OMA]).
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 71/95
WAP Push Process
WAP Push was incorporated into the specification to allow WAP content to be pushed to the mobile handset with
minimum user intervention. A WAP Push is basically a specially encoded message which includes a link to a WAP
address.
WAP Push was specified on top of WAP Datagram Protocol (WDP); as such, it can be delivered over any WDP-supported
bearer, such as GPRS or SMS. Most GSM networks have a wide range of modified processors, but GPRS activation from
the network is not generally supported, so WAP Push messages have to be delivered on top of the SMS bearer.
On receiving a WAP Push, a WAP 1.2 (or later) -enabled handset will automatically give the user the option to access
the WAP content. This is also known as WAP Push SI (Service Indication). A variant, known as WAP Push SL (Service
Loading), directly opens the browser to display the WAP content, without user interaction. Since this behaviour raises
security concerns, some handsets handle WAP Push SL messages in the same way as SI, by providing user interaction.
The network entity that processes WAP Pushes and delivers them over an IP or SMS Bearer is known as a Push Proxy
Gateway (PPG).
WAP 2.0
A re-engineered 2.0 version was released in 2002. It uses a cut-down version of XHTML with end-to-end HTTP, dropping
the gateway and custom protocol suite used to communicate with it. A WAP gateway can be used in conjunction with
WAP 2.0; however, in this scenario, it is used as a standard proxy server. The WAP gateway's role would then shift from
one of translation to adding additional information to each request. This would be configured by the operator and
could include telephone numbers, location, billing information, and handset information.
Mobile devices process XHTML Mobile Profile (XHTML MP), the markup language defined in WAP 2.0. It is a subset of
XHTML and a superset of XHTML Basic. A version of cascading style sheets (CSS) called WAP CSS is supported by XHTML
MP.
20.SCSI
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 72/95
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 73/95
Internal parallel SCSI cables are usually ribbons, with two or more 50 –, 68 –, or 80 –pin connectors attached. External
cables are typically shielded (but may not be), with 50 – or 68 –pin connectors at each end, depending upon the specific
SCSI bus width supported.[24] The 80 –pin Single Connector Attachment (SCA) is typically used for hot-pluggable devices
Fibre Channel
Fibre Channel can be used to transport SCSI information units, as defined by the Fibre Channel Protocol for SCSI (FCP).
These connections are hot-pluggable and are usually implemented with optical fiber.
Serial attached SCSI
Serial attached SCSI (SAS) uses a modified Serial ATA data and power cable.
iSCSI
iSCSI (Internet Small Computer System Interface) usually uses Ethernet connectors and cables as its physical transport,
but can run over any physical transport capable of transporting IP.
SRP
The SCSI RDMA Protocol (SRP) is a protocol that specifies how to transport SCSI commands over a reliable RDMA
connection. This protocol can run over any RDMA-capable physical transport, e.g.InfiniBand or Ethernet when using
RoCE or iWARP.
USB Attached SCSI
USB Attached SCSI allows SCSI devices to use the Universal Serial Bus.
Automation/Drive Interface
The Automation/Drive Interface − Transport Protocol (ADT) is used to connect removable media devices, such as tape
drives, with the controllers of the libraries (automation devices) in which they are installed. The ADI standard specifies
the use of RS-422 for the physical connections. The second-generation ADT-2 standard defines iADT, use of the ADT
protocol over IP (Internet Protocol) connections, such as over Ethernet. The Automation/Drive Interface − Commands
standards (ADC, ADC-2, and ADC-3)
21.RAID
RAID (originally redundant array of inexpensive disks; now commonly redundant array of independent disks) is a data
storage virtualization technology that combines multiple disk drivecomponents into a logical unit for the purposes of
data redundancy or performance improvement.
Data is distributed across the drives in one of several ways, referred to as RAID levels, depending on the specific level of
redundancy and performance required. The different schemes or architectures are named by the word RAID followed
by a number (e.g. RAID 0, RAID 1). Each scheme provides a different balance between the key goals: reliability and
availability, performance and capacity. RAID levels greater than RAID 0 provide protection against unrecoverable
(sector) read errors, as well as whole disk failure.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 74/95
A number of standard schemes have evolved. These are called levels. Originally, there were five RAID levels, but many
variations have evolved—notably several nested levels and many non-standard levels (mostly proprietary). RAID levels
and their associated data formats are standardized by the Storage Networking Industry Association (SNIA) in the
Common RAID Disk Drive Format (DDF) standard:
RAID 0
RAID 0 comprises striping (but neither parity nor mirroring). This level provides no data redundancy nor fault
tolerance, but improves performance through parallelism of read and write operations across multiple drives. RAID
0 has no error detection mechanism, so the failure of one disk causes the loss of all data on the array.
RAID 1
RAID 1 comprises mirroring (without parity or striping). Data is written identically to two (or more) drives, thereby
producing a "mirrored set". The read request is serviced by any of the drives containing the requested data. This
can improve performance if data is read from the disk with the least seek latency and rotational latency.
Conversely, write performance can be degraded because all drives must be updated; thus the write performance is
determined by the slowest drive. The array continues to operate as long as at least one drive is functioning.
RAID 2
RAID 2 comprises bit-level striping with dedicated Hamming-code parity. All disk spindle rotation is synchronized
and data is striped such that each sequential bit is on a different drive. Hamming-code parity is calculated across
corresponding bits and stored on at least one parity drive. This level is of historical significance only. Although itwas used on some early machines (e.g. theThinking Machines CM-2),it is only recently used by high-performance
commercially available systems.
RAID 3
RAID 3 comprises byte-level striping with dedicated parity. All disk spindle rotation is synchronized and data is
striped such that each sequential byte is on a different drive. Parity is calculated across corresponding bytes and
stored on a dedicated parity drive.[9] Although implementations exist RAID 3 is not commonly used in practice.
RAID 4
RAID 4 comprises block-level striping with dedicated parity. This level was previously used by NetApp, but has now
been largely replaced by a proprietary implementation of RAID 4 with two parity disks, called RAID-DP.
RAID 5RAID 5 comprises block-level striping with distributed parity. Unlike in RAID 4, parity information is distributed
among the drives. It requires that all drives but one be present to operate. Upon failure of a single drive,
subsequent reads can be calculated from the distributed parity such that no data is lost. RAID 5 requires at least
three disks.[9] RAID 5 is seriously affected by the general trends regarding array rebuild time and chance of failure
during rebuild. In August 2012, Dell posted an advisory against the use of RAID 5 in any configuration and of RAID
50 with "Class 2 7200 RPM drives of 1 TB and higher capacity".
RAID 6
RAID 6 comprises block-level striping with double distributed parity. Double parity provides fault tolerance up to
two failed drives. This makes larger RAID groups more practical, especially for high-availability systems, as large-
capacity drives take longer to restore. As with RAID 5, a single drive failure results in reduced performance of the
entire array until the failed drive has been replaced.With a RAID 6 array, using drives from multiple sources andmanufacturers, it is possible to mitigate most of the problems associated with RAID 5. The larger the drive
capacities and the larger the array size, the more important it becomes to choose RAID 6 instead of RAID 5 ,RAID 10
also minimizes these problems.
22.UTM
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 75/95
Unified threat management (UTM) is a solution in the network security industry, and since 2004 it has gained currency
as a primary network gateway defense solution for organizations.[1] In theory, UTM is the evolution of the traditional
firewall into an all-inclusive security product able to perform multiple security functions within one single appliance:
network firewalling, network intrusion prevention and gateway antivirus (AV), gateway anti-spam, VPN, content
filtering, load balancing, data leak prevention and on-appliance reporting.
The worldwide UTM market was approximately worth $1.2 billion in 2007, with a forecast of 35-40% compounded
annual growth rate through 2011. The primary market of UTM providers is the SMBand enterprise segments, althougha few providers are now providing UTM solutions for small offices/remote offices.
The term UTM was originally coined by market research firm IDC. The advantages of unified security lie in the fact that
rather than administering multiple systems that individually handle antivirus, content filtering, intrusion prevention and
spam filtering functions, organizations now have the flexibility to deploy a single UTM appliance that takes over all their
functionality into a single rack mountable network appliance.
A single UTM appliance simplifies management of a company's security strategy, with just one device taking the place
of multiple layers of hardware and software. Also from one single centralized console, all the security solutions can be
monitored and configured.
In this context, UTMs represent all-in-one security appliances that carry a variety of security capabilities including
firewall, VPN, gateway anti-virus, gateway anti-spam, intrusion prevention, content filtering, bandwidth management,
application control and centralized reporting as basic features. The UTM has a customized OS holding all the security
features at one place, which can lead to better integration and throughput than a collection of disparate devices.
For enterprises with remote networks or distantly located offices, UTMs are a means to provide centralized security
with control over their globally distributed networks.
Key advantages
Reduced complexity: Single security solution. Single Vendor. Single AMC
Simplicity: Avoidance of multiple software installation and maintenance
Easy Management: Plug & Play Architecture, Web-based GUI for easy management
Reduced technical training requirements, one product to learn.
Regulatory compliance
Key Disadvantages
Single point of failure for network traffic, unless HA is used
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 76/95
BLOCK DIAGRAM OF DRONA
ARCHITECTURE
EXPLAINATION OF EACH ELEMENT OF DRONAARCHITECTURE
RACK SERVER
A rack server is a type of hardware that is placed in a downright horizontal rack, rather than in an upright tower
server system. It provides the ability to install more than one server within a single rack-mount server chassis
or casing.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 77/95
Rackmount servers collectively host, execute and manage an enterprise application or serve as a data center.
Designed to save physical floor space and other server resources, a rackmount server is typically housed with a
horizontal rack chassis that can simultaneously hold multiple servers placed above each other.
The server console designed for a rackmount server is in a horizontal factor form, each of which has its own
processor, motherboard, storage and other input/output (I/O) resources. Each rackmount server can operateindependently but requires the underlying chassis for power, cooling and the server’s structural and mounting
support.
A rack server, also called a rack-mounted server, is a computer dedicated to use as a server and designed to be
installed in a framework called a rack. The rack contains multiple mounting slots called bays, each designed to
hold a hardware unit secured in place with screws. A rack server has a low-profile enclosure, in contrast to
a tower server, which is built into an upright, standalone cabinet.
A single rack can contain multiple servers stacked one above the other, consolidating network resources and
minimizing the required floor space. The rack server configuration also simplifies cabling among network
components. In an equipment rack filled with servers, a special cooling system is necessary to prevent
excessive heat buildup that would otherwise occur when many power-dissipating components are confined in a
small space.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 78/95
BLADE SERVER(HPBLC460)
A blade server is a stripped down server computer with a modular design optimized to minimize the use of
physical space and energy. Whereas a standard rack-mount server can function with (at least) a power cord and
network cable, blade servers have many components removed to save space, minimize power consumption and
other considerations, while still having all the functional components to be considered a computer. A blade
enclosure, which can hold multiple blade servers, provides services such as power, cooling, networking,
various interconnects and management. Together, blades and the blade enclosure form a blade system
(although BladeSystem from Hewlett-Packard is a specific product name). Different blade providers have
differing principles regarding what to include in the blade itself, and in the blade system altogether.
In a standard server-rack configuration, one rack unit or 1U — 19 inches (480 mm) wide and 1.75 inches
(44 mm) tall — defines the minimum possible size of any equipment. The principal benefit and justification of
blade computing relates to lifting this restriction so as to reduce size requirements. The most common
computer rack form-factor is 42U high, which limits the number of discrete computer devices directly
mountable in a rack to 42 components. Blades do not have this limitation. As of 2014, densities of up to 180
servers per blade system (or 1440 servers per rack) are achievable with blade systems
BLADE SERVER
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 79/95
Enclosure (or chassis) performs many of the non-core computing services found in most computers. Non-blade
systems typically use bulky, hot and space-inefficient components, and may duplicate these across many
computers that may or may not perform at capacity. By locating these services in one place and sharing them
between the blade computers, the overall utilization becomes higher. The specifics of which services are
provided may vary by vendor.
HP BladeSystem c7000 enclosure (populated with 16 blades), with two 3U UPS units below.
Power
Computers operate over a range of DC voltages, but utilities deliver power as AC, and at higher voltages than
required within computers. Converting this current requires one or more power supply units (or PSUs). To
ensure that the failure of one power source does not affect the operation of the computer, even entry-level
servers may have redundant power supplies, again adding to the bulk and heat output of the design.
The blade enclosure's power supply provides a single power source for all blades within the enclosure. This
single power source may come as a power supply in the enclosure or as a dedicated separate PSU supplying
DC to multiple enclosures.[3][4]
This setup reduces the number of PSUs required to provide a resilient power
supply.
The popularity of blade servers, and their own appetite for power, has led to an increase in the number of rack-
mountable uninterruptible power supply (or UPS) units, including units targeted specifically towards blade
servers (such as the BladeUPS).
Cooling
During operation, electrical and mechanical components produce heat, which a system must dissipate to ensure
the proper functioning of its components. Most blade enclosures, like most computing systems, remove heat by
using fans.
A frequently underestimated problem when designing high-performance computer systems involves the
conflict between the amount of heat a system generates and the ability of its fans to remove the heat. The
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 80/95
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 81/95
Although blade server technology in theory allows for open, cross-vendor solutions, the stage of development
of the technology as of 2009 is such that users encounter fewer problems when using blades, racks and blade
management tools from the same vendor.
Eventual standardization of the technology might result in more choices for consumers;[13][14]
as of
2009 increasing numbers of third-party software vendors have started to enter this growing field.[15]
Blade servers do not, however, provide the answer to every computing problem. One can view them as a form
of productized server-farm that borrows from mainframe packaging, cooling, and power-supply technology.
Very large computing tasks may still require server farms of blade servers, and because of blade servers' high
power density, can suffer even more acutely from the heating, ventilation, and air conditioning problems that
affect large conventional server farms.
SWITCHES (HP A5500)
Key features :
High expandability for investment protection
Premium security and integrated management
Multilayer reliability
Convergence-ready support
Outstanding Quality of Service (QoS)
These Gigabit Ethernet switches deliver outstanding security, reliability, and multiservice support capabilities
for robust switching at the edge or aggregation layer of large enterprise and campus networks, or in the core
layer of SMB networks. The HP 5500 EI Switch Series is comprised of Layer 2/3 Gigabit Ethernet switches
that can accommodate the most demanding applications and provide resilient and secure connectivity as well
as the latest traffic prioritization technologies to enhance applications on convergent networks. With complete
IPv4/IPv6 dual-stack support, the series provides a migration path from IPv4 to IPv6 and has hardware support
for IPv6. Designed for increased flexibility, these switches are available with 24 or 48 Gigabit Ethernet ports.
Power over Ethernet (PoE) and non-PoE models are available with optional GbE and 10 GbE expansion
capability. The all-fiber model with dual power supplies is ideal for applications that require the highest
availability.
Features and benefits :
Software-defined networking
OpenFlow
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 82/95
supports OpenFlow 1.0 and 1.3 specifications to enable SDN by allowing separation of the data (packet
forwarding) and control (routing decision) paths
Quality of Service (QoS)
Storm restraint: allows limitation of broadcast, multicast, and unknown unicast traffic rate to cut down on
unwanted broadcast traffic on the network
Advanced classifier-based QoS: classifies traffic using multiple match criteria based on Layer 2, 3, and 4
information; applies QoS policies such as setting priority level and rate limit to bi-directional selected traffic ona per-port, per-VLAN, or whole switch basis Powerful QoS feature: creates traffic classes based on ACLs,
IEEE 802.1p precedence, IP, DSCP or ToS precedence; supports filter, redirect, mirror, or remark; supports the
following congestion actions: strict priority queuing (SP), weighted round robin (WRR), SP+WRR, weighted
fair queuing (WFQ), and weighted random early discard (WRED) Traffic policing: supports Committed
Access Rate (CAR) and line rate
Connectivity
Auto-MDIX: automatically adjusts for straight-through or crossover cables on all 10/100/1000 ports
Flow control: provides back pressure using standard IEEE 802.3x, reducing congestion in heavy traffic
situations Jumbo packet support: supports up to 9216-byte frame size to improve the performance of large data
transfers Optional 10 GbE ports: deliver, through the use of optional modules, additional 10GbE connections,
which are available for uplinks or high-bandwidth server connections; flexibly support copper, XFP, SFP+, or
CX4 local connections High-density port connectivity: provides up to 48 fixed 10/100/1000BASE-T or 24 SFP
100/1000BASE-X ports in a Layer 2/Layer 3 stackable switch supporting unique IRF stacking IEEE 802.3at
Power over Ethernet (PoE+) support: simplifies deployment and dramatically reduces installation costs by
helping to eliminate the time and cost involved in supplying local power at each access point location Ethernet
operations, administration and maintenance (OAM): detects data link layer problems that occurred in the "lastmile" using the IEEE 802.3ah OAM standard; monitors the status of the link between two devices High-
bandwidth CX4 and SFP+ local stacking: provide 10 Gb/s SPF+ or 12 Gb/s CX4 local stacking cables; achieve
a resilient stacking configuration
STORAGE (SAN) [12TB]
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 83/95
A storage area network (SAN) is a dedicated network that provides access to consolidated, block level data
storage. SANs are primarily used to enhance storage devices, such as disk arrays, tape libraries, and optical
jukeboxes, accessible to servers so that the devices appear like locally attached devices to the operating system.
A SAN typically has its own network of storage devices that are generally not accessible through the local area
network (LAN) by other devices. The cost and complexity of SANs dropped in the early 2000s to levels
allowing wider adoption across both enterprise and small to medium sized business environments.
A SAN does not provide file abstraction, only block-level operations. However, file systems built on top of
SANs do provide file-level access, and are known as SAN filesystems or shared disk file systems.Operating
systems maintain their own file systems on their own dedicated, non-shared LUNs, as though they were local
to themselves. If multiple systems were simply to attempt to share a LUN, these would interfere with each
other and quickly corrupt the data. Any planned sharing of data on different computers within a LUN requires
advanced solutions, such as SAN file systems or clustered computing.Despite such issues, SANs help to
increase storage capacity utilization, since multiple servers consolidate their private storage space onto the disk
arrays.Common uses of a SAN include provision of transactionally accessed data that require high-speed
block-level access to the hard drives such as email servers, databases, and high usage file servers.
To set up a simple SAN, you need only three major components: a SAN switch, a storage device and a server.
You'll also require cables to connect the various elements together and SAN management software. In most
real-world settings, a SAN will include many different switches, storage devices and servers, and it will likely
also include routers, bridges and gateways to extend the SAN over large areas and to connect to other parts of
the data center network. The SAN's topology will depend on its size and the needs of the organization.
The process of deploying a SAN requires several steps. First, you need to design your SAN, taking into
account your current needs and future scalability requirements. Second, you'll need to select a vendor or
vendors to provide the hardware and software you'll need, as well as any related services. Next, you'll install
the necessary hardware and then install and configure the software for managing your SAN. Deploying a SAN
is a complicated process that often requires specialized knowledge and a great deal of planning, particularly if
your SAN is very large.Several different industry groups have developed standards related to SAN technology.
The most prominent is probably the Storage Networking Industry Association (SNIA), which promotes the
Storage Management Initiative Specification (SMI-S), as well as related standards. The Fibre Channel Industry
Association (FCIA) also promotes standards related to SAN and administers the SANmark Qualified Program.
Fibre Channel is currently the most widely used communication protocol for SANs, but it is by no means the
only one. Some SAN networks rely on iSCSI communication, a mapping of SCSI protocol over TCP/IP. SANs
can also use ATA over Ethernet (AoE), Fibre Channel over Ethernet (FCoE), ESCON over Fibre Channel,
HyperSCSI and some other protocols.A storage area network (SAN) is any high-performance network whose
primary purpose is to enable storage devices to communicate with computer systems and with each other.
We think that the most interesting things about this definition are what it doesn't say:
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 84/95
It doesn't say that a SAN's only purpose is communication between computers and storage. Many
organizations operate perfectly viable SANs that carry occasional administrative and other application
traffic.
It doesn't say that a SAN uses Fibre Channel or Ethernet or any other specific interconnect
technology. A growing number of network technologies have architectural and physical properties that
make them suitable for use in SANs.
It doesn't say what kind of storage devices are interconnected. Disk and tape drives, RAID
subsystems, robotic libraries, and file servers are all being used productively in SAN environments today.
One of the exciting aspects of SAN technology is that it is encouraging the development of new kinds of
storage devices that provide new benefits
to users. Some of these will undoubtedly fail in the market, but those that succeed will make lasting
improvements in the way digital information is stored and processed.
DMZ INTRANET
In computer security, a DMZ or Demilitarized Zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a
larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of
security to an organization'slocal area network (LAN); an external attacker only has direct access to
equipment in the DMZ, rather than any other part of the network. The name is derived from the term
"demilitarized zone", an area between nation states in which military operation is not permitted. In the
military sense, a DMZ is not seen as belonging to either party bordering it. This concept applies to the
computing use of the metaphor in that a DMZ which is, for example, acting as a gateway to the public
Internet, is neither as secure as the internal network, nor as insecure as the public Internet.. In this case,
the hosts most vulnerable to attack are those that provide services to users outside of the local area network,
such as e-mail, web and Domain Name System (DNS) servers. Because of the increased potential of these
hosts suffering an attack, they are placed into this specific sub-network in order to protect the rest of the
network if an intruder were to successfully compromise any of them.
Hosts in the DMZ are permitted to have only limited connectivity to specific hosts in the internal network, as
the content of DMZ is not as secure as the internal network. Similarly communication between hosts in the
DMZ and to the external network is also restricted, to make the DMZ more secure than the Internet, and
suitable for housing these special purpose services. This allows hosts in the DMZ to communicate with both
the internal and external network, while an intervening firewall controls the traffic between the DMZ servers
and the internal network clients, and another firewall would perform some level of control to protect the DMZ
from the external network.
A DMZ configuration provides security from external attacks, but it typically has no bearing on internal attacks
such as sniffing communication via a packet analyzer or spoofingsuch as e-mail spoofing. It is also sometimes
good practice to configure separate Classified Militarized Zone (CMZ), a highly monitored militarized zone
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 85/95
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 86/95
Diagram of a typical network employing DMZ using dual firewalls.
A more secure approach is to use two firewalls to create a DMZ. The first firewall (also called the "front-end"
or "perimeter" [1]
firewall) must be configured to allow traffic destined to the DMZ only. The second firewall
(also called "back-end" or "internal" firewall) only allows traffic from the DMZ to the internal network.
This setup is considered more secure since two devices would need to be compromised. There is even more
protection if the two firewalls are provided by two different vendors, because it makes it less likely that both
devices suffer from the same security vulnerabilities. For example, accidental misconfiguration is less likely to
occur the same way across the configuration interfaces of two different vendors, and a security hole found to
exist in one vendor's system is less likely to occur in the other one. The drawback of this architecture is that it's
more costly. The practice of using different firewalls from different vendors is sometimes described as a
component of a "defense in depth" security strategy.
ISG FIREWALL
The Juniper Networks Integrated Security Gateways (ISG) are purpose-built, security solutions that leverage
a fourth generation security ASIC, the GigaScreen3, along with high-speed microprocessors to deliver
unmatched firewall and VPN performance. The Juniper Networks ISG 1000 is ideally suited for securing
enterprise, carrier and data center environments where advanced applications such as VoIP and streaming
media dictate consistent, scalable performance. Integrating best-in-class Deep Inspection firewall, VPN and
DoS solutions, the ISG 1000 enables secure, reliable connectivity along with network and application-level
protection for critical, high-traffic network segments.
ISG is a fully integrated FW/VPN/IDP system with multi-gigabit performance, a modular architecture, and
rich virtualization capabilities. The base FW/VPN system comes with four fixed 10/100/1000 interfaces and
two additional I/O modules for interface expansion.
The Juniper Networks® ISG1000 and ISG2000 Integrated Security Gateways are fully integrated
firewall/VPN systems that offer multi-gigabit performance, modular architecture and rich virtualization
capabilities. They are an ideal security solution for large enterprise, data center and service provider
networks.The ISG Series Integrated Security Gateways are firewall/VPN-based systems that deliver security
features such as intrusion prevention system (IPS), antispam, Web filtering, and Internet Content Adaptation
Protocol (ICAP) antivirus redirection support. The advanced system is further expandable with optionally
integrated Intrusion Detection and Prevention (IDP) or as a General Packet Radio Service (GPRS)
firewall/VPN for mobile network service provider environments.The ISG Series modular architecture enables
deployment with a wide variety of copper and fiber interface options. Highly flexible segmentation and
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 87/95
isolation of traffic belonging to different trust levels can be achieved using advanced features such as virtual
systems, virtual LANs, and security zones. The ISG Series Integrated Security Gateways allow multiple,
separate firewall inspection or routing policies to simplify network design. This enables the enforcement of
security policies to traffic streams — even in highly complex environments — without significant impact on the
network itself.The ISG Series with IDP utilizes the same award-winning software found on Juniper Networks
IDP Series Intrusion Detection and Prevention Appliances. The IDP security module supports multi-method
detection, combining eight different detection mechanisms — including stateful signatures and protocol
anomaly detection. In addition to helping businesses defend against security threats such as worms, trojans,
malware, spyware, and hackers, the ISG Series with IDP can provide information on rogue servers as well as
types and versions of the applications and operating systems that may have inadvertently been added to the
network. Application signatures go a step further by enabling administrators to maintain compliance and
enforce corporate business policies with accurate
SG Series Integrated Security Gateways firewall/VPN systems are for securing enterprise, carrier, and datacenter, environments where advanced applications, such as VoIP and streaming media, demand secure,
consistent, scalable performance.
Security features include intrusion prevention system (IPS), anti-spam, Web filtering, and Internet Content
Adaptation Protocol (ICAP) antivirus redirection support, and can include integrated Intrusion Detection and
Prevention (IDP) or a General Packet Radio Service (GPRS) firewall/VPN for mobile network environments.
ISG Series architecture enables deployment with a variety of copper and fiber interface options, enabling
segmentation and isolation of traffic for different trust levels and allowing multiple, separate firewall or routing policies without network impact.
The architecture enables a firewall/VPN or an integrated firewall/VPN/IDP solution. The ISG Series with IDPutilizes the software found on IDP Series Intrusion Detection and Prevention Appliances.
Security modules maintain dedicated processing and memory, reducing the number of separate devices for
greater cost savings. In addition to defending against common security threats, the ISG Series with IDP can
provide rogue server information, and types and versions of software that may have been added to the network.
Cisco 7604 Router
The Cisco® 7604 Router is a compact, high-performance router designed in a 4-slot form factor for deployment
at the network edge, where robust performance and IP/Multiprotocol Label Switching (MPLS) services arenecessary to meet the requirements of both enterprises and service providers. It enables Carrier Ethernet
service providers to deploy an advanced network infrastructure that supports a range of IP video and triple-play
(voice, video, and data) system applications in both the residential and business services markets. The Cisco7604 also delivers WAN and metropolitan-area network (MAN) networking solutions at the enterprise edge.
With a powerful combination of speed and services in a compact form factor, the Cisco 7604 is an outstandingchoice for multiple applications. Whether deployed as a mobile Radio Access Network (RAN) preaggregationdevice, as a device for peering, as a residential broadband services aggregator, or as a device for Metro
Ethernet aggregation and uplink, the Cisco 7604 meets requirements for redundancy, high availability, and
rack density. In the point-of-presence (POP) enterprise edge or the metropolitan network edge, the Cisco 7604sets new standards as part of the industry-leading Cisco 7600 Series Routers (Figure 1).
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 88/95
Figure 1. Cisco 7604 Router
With a forwarding rate of up to 144-Mpps distributed and 320-Gbps total throughput, the Cisco 7604 provides
performance and reliability with options for redundant route processors and power supplies. The inclusion oftwo Gigabit Ethernet ports on the Cisco Catalyst
® 6500 Series Supervisor Engine 720 with the Multilayer
Switch Feature Card 3 (MSFC-3) or the new Cisco Route Switch Processor 720 (RSP 720) with the MSFC-4
used in the Cisco 7604 eliminates the need for a line-card slot for uplink ports. The result of this design is moreefficient use of available line-card slots and increased deployment flexibility. Four Gigabit Ethernet ports are
available for use in dual-route processor configurations.
Shared port adaptors (SPAa) on the SPA interface processors ( SIPs) are available on the Cisco 7600 Series
with interface speeds ranging from OC-3 to OC-192 and from Fast Ethernet to 10 Gigabit Ethernet. The Cisco
7600 Series can also use the Cisco 7600 Series/Catalyst 6500 Series Enhanced FlexWAN Module to take
advantage of most Cisco 7200 and 7500 Port Adapters for terminating DS-0 to OC-3 speeds. By using the
Cisco Catalyst 6000 Series of Ethernet line cards in conjunction with the SIP-based SPAs and the enhancedFlexWAN module, the Cisco 7600 provides a multitude of options to scale WAN connectivity from DS-0 to
OC-192 and LAN connectivity from 10-Mbps Ethernet through 10 Gigabit Ethernet.
The Cisco 7604 chassis accommodates a broad selection of line cards supporting numerous applications,
including:
● SPAs and SIPs (Cisco 7600 Series SPA Interface Processor-200 [SIP-200], SIP-400, and SIP-600):
- Channelized T1/E1, Channelized T3, and Channelized OC-3/STM-1
- OC-3/STM-1, OC-12/STM-4, OC-48/STM-16 Packet over SONET/SDH (PoS), and OC-192/STM-64 PoS
- OC-3/STM-1 ATM, OC-12/STM-4 ATM, and OC-48/STM-16 ATM
- Fast Ethernet, Gigabit Ethernet, and 10 Gigabit Ethernet
● Enhanced FlexWAN module: Supporting Cisco 7200 and 7500 WAN Port Adapters from DS-0 to OC-3
for channelized and ATM interfaces and also Fast Ethernet port adapters
● High-density Ethernet services modules: 10/100 Mbps, Gigabit Ethernet, and 10 Gigabit Ethernet
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 89/95
● Services modules: IP Security (IPsec), firewall, distributed denial of service, intrusion detection, networkanalysis, and content switching commonly used, for example, in the Cisco Mobile Exchange solution
● Supervisor support: Cisco Catalyst 6500 Supervisor Engine 32 (WS-SUP32-GE-3B and WS-SUP32-10GE-
3B), Cisco Catalyst 6500 Supervisor Engine 720 (WS-SUP720-3B and WS-SUP720-3BXL), and the new
Cisco Route Switch Processor 720 (RSP720-3C and RSP720-3CXL)
The Cisco 7604 can be configured two ways: with a single supervisor engine and up to three line cards, or withdual supervisor engines and up to two line cards for high availability and redundancy. The Cisco 7604 also
supports redundant 2700W (AC/DC) power supplies for increased availability. Understanding the need to use
rack space efficiently, Cisco designed this router to be 8.75 inches tall (5 rack units [RUs]), with single-sideconnection management for both interface and power terminations. This setup allows placement of up to nineCisco 7604 units per standard 7-foot rack.
Applications
The flexible Cisco 7604 Router is ideal for addressing high-performance applications such as:
● IP/MPLS provider edge
● Metro Ethernet access
● Enterprise WAN aggregation● Mobile RAN preaggregation
● Residential subscriber aggregation
● Customer premises equipment (CPE)
● Leased line
CISCO 3935 ROUTER
The Cisco 3925 Integrated Services Router (ISR) delivers highly secure data, voice, video, and application
services to small branch offices. Key features include:
Modular Services Performance Engine (SPE) 100, which can be upgraded for even higher performance
as next-generation WAN environments evolve
3 integrated 10/100/1000 Ethernet ports with 2 ports capable of RJ-45 or SFP connectivity
2 service module slots
4 Enhanced High-Speed WAN Interface Card (EHWIC) slots
4 onboard digital signal processor (DSP) slots
1 Internal Services Module slot
Dual integrated power supplies
Fully integrated power distribution to modules supporting 802.3af Power over Ethernet
A universal IOS image that lets you deploy new IOS services quickly
Security
o Embedded hardware-accelerated VPN encryption for secure collaboration
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 90/95
o Integrated threat control using Cisco IOS Firewall, Cisco IOS Zone-Based Firewall, Cisco IOS
IPS, and Cisco IOS Content Filtering
o Identity management using authentication, authorization, and accounting (AAA) and public key
infrastructure
Unified Communications
o High-density-packet voice DSP module, optimized for voice and video support
o
Standards-certified VoiceXML browser services
o Cisco Unified Border Element capabilities for up to 800 sessions
o Cisco Unity Express voicemail support
o Support for Cisco Communications Manager Express and Survivable Remote Site Telephony
BULK ENCRYPTOR UNIT
Bulk Encryptor is a powerful, networkattachedencryption device designed for broadcast and
on-demand applications in systems that use MPEGtransport over UDP, IP, and Ethernet.
The Netcrypt Bulk Encryptor has a maximum
throughput of four gigabits per second (4 Gbps) in a compact, two rack-unit high chassis.It is capable of encrypting as many as 4,000 input programs into a maximum of 4,000
transport streams suitable for distribution as digital broadcast or as IP multicast sessions.
The Netcrypt Bulk Encryptor is designed to be connected to a switch or router network
using four Gigabit Ethernet ports in bi-directional mode. In this application, QAMmodulator edge devices are connected to ports on the Gigabit Ethernet switch either
directly or remotely through network transport equipment. The Netcrypt Bulk Encryptorreceives clear data to be encrypted and sends the data to the edge device’s Gigabit
Ethernet switch for distribution through other porY.
Features• Ideal for encryption of switched digital video (SDV) streams
• Maximum throughput of 4 Gbps
• Capable of encrypting up to 4,000 input programs into a maximum of 4,000 transport streams suitable for digital broadcast or multicast sessions
• Four Gigabit Ethernet ports for MPEG data (duplex multimode fiber optic cables or
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 91/95
copper cables)• Optimizes system management with provisioning and monitoring by the DNCS
• Five front-panel status indicators provide an at-a-glance status of the unit
MEDIA CONVERTOR(FCOE)
Fibre Channel over Ethernet (FCoE) is a computer network technology that encapsulates Fibre Channel frames
over Ethernet networks. This allows Fibre Channel to use 10 Gigabit Ethernet networks (or higher speeds)
while preserving the Fibre Channel protocol. The specification was part of the International Committee for
Information Technology Standards.
FCoE maps Fibre Channel directly over Ethernet while being independent of the Ethernet forwarding scheme.
The FCoE protocol specification replaces the FC0 and FC1 layers of the Fibre Channel stack with Ethernet. By
retaining the native Fibre Channel constructs, FCoE was meant to integrate with existing Fibre Channel
networks and management software.
Data centers used Ethernet for TCP/IP networks and Fibre Channel for storage area networks (SANs). With
FCoE, Fibre Channel becomes another network protocol running on Ethernet, alongside traditional Internet
Protocol (IP) traffic. FCoE operates directly above Ethernet in the network protocol stack, in contrast
to iSCSI which runs on top of TCP and IP. As a consequence, FCoE is not routable at the IP layer, and will not
work across routed IP networks.
Since classical Ethernet had no priority-based flow control, unlike Fibre Channel, FCoE required
enhancements to the Ethernet standard to support a priority-based flow control mechanism (to reduce frame
loss from congestion). The IEEE standards body added priorities in the data center bridging Task Group.
Fibre Channel required three primary extensions to deliver the capabilities of Fibre Channel over Ethernet
networks:
Encapsulation of native Fibre Channel frames into Ethernet Frames.
Extensions to the Ethernet protocol itself to enable an Ethernet fabric in which frames are not routinely
lost during periods of congestion.
Mapping between Fibre Channel N_port IDs (aka FCIDs) and Ethernet MAC addresses.
"Converged" network adapter
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 92/95
Computers can connect to FCoE with converged network adapters (CNAs), which contain both Fibre
Channel host bus adapter (HBA) and Ethernet Network Interface Card (NIC) functionality on the same adapter
card. CNAs have one or more physical Ethernet ports. FCoE encapsulation can be done in software with a
conventional Ethernet network interface card, however FCoE CNAs offload (from the CPU) the low level
frame processing and SCSI protocol functions traditionally performed by Fibre Channel host bus adapters.
APPLICATION
The main application of FCoE is in data center storage area networks (SANs). FCoE has particular application
in data centers due to the cabling reduction it makes possible, as well as in server virtualization applications,
which often require many physical I/O connections per server.
With FCoE, network (IP) and storage (SAN) data traffic can be consolidated using a single network. This
consolidation can:
reduce the number of network interface cards required to connect to disparate storage and IP networks
reduce the number of cables and switches
reduce power and cooling costs
FRAME FORMAT
FCoE Frame Format
FCoE is encapsulated over Ethernet with the use of a dedicated Ethertype, 0x8906. A single 4-bit field
(version) satisfies the IEEE sub-type requirements. The SOF (start of frame) and EOF (end of frame) are
encoded as specified in RFC 3643. Reserved bits are present to guarantee that the FCoE frame meets the
minimum length requirement of Ethernet. Inside the encapsulated Fibre Channel frame, the frame header is
retained so as to allow connecting to a storage network by passing on the Fibre Channel frame directly after de-
encapsulation.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 93/95
The FIP (FCoE Initialization Protocol) is an integral part of FCoE. Its main goal is to discover and initialize
FCoE capable entities connected to an Ethernet cloud. FIP uses a dedicated Ethertype of 0x8914.
SYNCHRONOUS TRANSFER MODE
Data transfer method in which a continuous stream of data signals is accompanied by timing signals (generated
by an electronic clock) to ensure that the transmitter and the receiver are in step (synchronized) with oneanother. The data is sent in blocks (called frames or packets) spaced by fixed time intervals. In
contrast,asynchronous transmission works in spurts and must insert a start bit before each data character and a
stop bit at its termination to inform the receiver where it begins and ends. Most network protocols (such
as Ethernet, SONET, Token Ring) use synchronous transmission whereas asynchronous transmission is used
commonly for communications over telephone lines.
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 94/95
References
Various links through www.google.com
www.wikipedia.com
Behrouz a forouzan e book
Other computer networks e books
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 95/95