networking_merged.pdf

Full Transcript

Networking 2
Review of Networking Basics
Lesson 1
Review of Networking Basics

Network Topologies
Networking Devices
OSI Model
IP Addressing
Network Topologies

Network topologies refer to the layout
pattern of nodes and wiring in a
communication network.
This layout determines the physical or
logical structure through which network
devices are interconnected.
Network Topologies

Star Topology
Devices are connected to
a single central hub.
The central hub is not as
prominently visible. It's
usually a network switch
or router that might be
stored in a server room or
cabinet.
Network Topologies

Ring Topology
The "ring" aspect is more
about how the data travels
and the logical setup rather
than the physical
arrangement of the
components.
Data travels in one
direction, reducing the
chance of packet collisions.
Network Topologies

Bus Topology
All devices are connected
to a single
communication line.
Typically involves a single
communication line (the
bus) that all network
devices connect to
directly.
Network Topologies

Mesh Topology
Every device has a dedicated
point-to-point link to every
other device.
This topology is often used in
environments where
communication must remain
available at all times, such as
in data centers or critical
infrastructure setups.
Networking Devices

Routers
Connect multiple networks, direct
data packets, and handle traffic
within a network using headers
and forwarding tables.

Archer AX55 | AX3000 Dual Band Gigabit
Wi-Fi 6 Router | TP-Link Australia
Networking Devices

Switches
Operate at the data link
layer to connect devices
within the same network
Cisco’s Industry-Standard Network Switch
and filter traffic by
analyzing MAC
addresses.
Networking Devices

Gateways
These facilitate
communication between
different networks, often
integrating networks with
different protocols. (IP, Moxa Gateways

Ethernet , SMTP, POP,
TCP, UDP, HTTP, HTTPS,
FTP)
Networking Devices

Modems
Used for encoding
and decoding data
between digital and
analog formats for
internet
communication.
Networking Devices

Hubs
Simple devices connecting
multiple Ethernet devices, acting
as a single network segment. Hub Ethernet - Homecare24
Bridge
Connect multiple networks,
operate at the data link layer, and
filter traffic by storing MAC
addresses.
Networking Devices

Brouters
A combination of bridges and
routers, they can filter data as
well as direct it to specific parts of
a network.
They operate at both the data link
layer and the network layer, which
allows them to filter data like a
bridge and route packets like a
router.
OSI Model

The OSI (Open Systems
Interconnection) Model is
a conceptual framework
for understanding
network interactions in
seven layers.
OSI Model
OSI Layer Function Examples
Physical Layer Handles the physical transmission of raw data Ethernet cables, fiber optics,
NICs
Data Link Layer Manages data frames between network devices Switches, bridges

Network Layer Handles the routing of data packets Routers

Transport Layer Provides reliable data transfer TCP, UDP

Session Layer Manages sessions between applications APIs, sockets

Presentation Layer Translates data formats between network & app Encryption, data compression
protocols
Application Layer Supports application services for networking HTTP, SMTP, FTP
IP Addressing
IP addressing involves assigning a unique numeric identifier to each device on a network. These
addresses allow devices to locate each other and exchange information.

Two types of IP addresses:

IPv4 and IPv6

IPv4 addresses consist of four octets separated by dots

(e.g., 192.168.1.1).

IPv6 addresses are longer, consisting of eight groups of hexadecimal numbers
separated by colons, providing a larger address space to accommodate the growth of
the internet.

(e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334)
IPv4 and IPv6
Feature IPv4 IPv6

Address Space Uses 32-bit addresses, allowing for 2^32 (about 4.29 Uses 128-bit addresses, providing 2^128 (about 340
billion) unique addresses. Techniques like NAT are undecillion) possible addresses, eliminating the need for
used to extend its usage despite the limited number. NAT and addressing the issue of IP exhaustion.

Notation Expressed in decimal format, segmented into four Notated in hexadecimal format, divided into eight groups
octets separated by dots (e.g., 192.168.1.1). separated by colons (e.g.,
2001:0db8:85a3:0000:0000:8a2e:0370:7334). Supports
abbreviations like omitting leading zeros and using a
double colon (::) to condense consecutive zeros.

Configuration Configuration can be manual or via DHCP. Requires Supports auto-configuration capabilities such as SLAAC,
careful management to avoid IP conflicts. allowing devices to generate their own addresses without
server intervention.
Subnetting

Subnetting is the process of dividing a larger network into
smaller, more manageable segments called subnets.
It involves using a subnet mask to split an IP address
into parts that identify the subnet and the host within
that subnet.
This practice increases routing efficiency, enhances
network security, and optimizes the use of IP
addresses within a network by allowing more flexible
control over network design and addressing.
Benefits of Subnetting

Improved Network Performance and Speed: By dividing
larger networks into smaller, manageable subnets, network
congestion is reduced, and performance is enhanced.
Enhanced Security: Subnetting can isolate network
segments, restricting access to sensitive information and
reducing the potential reach of security breaches.
Efficient Use of IP Addresses: Subnetting allows allocating
IP addresses to different departments or locations without
needing multiple network classes.
Subnet Calculation Example
Scenario: Suppose you have an IPv4 address of 192.168.1.0 with a standard subnet mask
of 255.255.255.0 (a /24 network, indicating that the first 24 bits are the network part).
Goal: Create four subnets.
Process:
Convert the subnet mask to binary: 255.255.255.0 →
11111111.11111111.11111111.00000000
Borrow two bits from the host part to create additional subnets:
11111111.11111111.11111111.11000000 (255.255.255.192)
This new subnet mask (/26) provides:
Four subnets (2^2, as two bits were borrowed)
62 hosts per subnet (2^(32-26) - 2 for network and broadcast addresses)
Subnet Calculation Example

Subnet Breakdown:
Subnet 1: 192.168.1.0 to 192.168.1.63
Subnet 2: 192.168.1.64 to 192.168.1.127
Subnet 3: 192.168.1.128 to 192.168.1.191
Subnet 4: 192.168.1.192 to 192.168.1.255
Review of Networking Basics

Network Topologies
Networking Devices
OSI Model
IP Addressing
Advanced Routing Protocols
IT 135 - Networking 2 - Lesson 2
Advanced Routing Protocols

Routing Protocols
Types of Dynamic Routing
Protocols
○ OSPF (Open Shortest Path First)
○ EIGRP (Enhanced Interior Gateway
Routing Protocol)
○ BGP (Border Gateway Protocol)
Routing Protocols

Routing protocols are specialized algorithms or rules routers
use to determine the most efficient path forwarding data
across a network.
These protocols enable routers to communicate with each
other, sharing information that allows them to select routes
between any two nodes on a computer network.
The route choice is based on criteria such as the number of
hops, network traffic, link costs, or path reliability, ensuring that
data packets are delivered most effectively.
Key Functions of Routing Protocols

Path Determination: Calculating the most efficient
path for data to travel from a source to a
destination.
Route Advertisement: Broadcasting information
about these paths to other routers on the network.
Route Update: Modifying routing tables based on
new information or changes in the network.
OSPF (Open Shortest Path First)

OSPF is a link-state routing protocol.
It is used within a single autonomous
system (AS) and is one of the most widely
used interior gateway protocols (IGP) in
large enterprise networks.
OSPF (Open Shortest Path First)

Functionality: OSPF routers maintain a map of the network
that is updated after any change in network topology. It
uses the Dijkstra algorithm to calculate the shortest path
through the network based on the link-state information.
Advantages: OSPF offers fast convergence, scalable
design, and efficient routing updates. It supports complex
hierarchies with multiple areas, reducing the amount of
routing information each router must process.
EIGRP (Enhanced Interior Gateway Routing Protocol)

EIGRP is an advanced distance-vector routing protocol,
which is sometimes described as a hybrid routing protocol
because it has characteristics of both distance-vector and
link-state protocols.
Initially proprietary to Cisco systems but now partially open
standard, it is widely used in enterprise networks to automate
routing decisions and configuration.
EIGRP (Enhanced Interior Gateway Routing Protocol)

Functionality: EIGRP uses the Diffusing Update Algorithm
(DUAL) to ensure loop-free and reliable routing. It only
sends incremental updates, reducing the bandwidth used
for routing protocols.
Advantages: EIGRP is known for its speed and efficiency in
converging and its ability to balance load across multiple
routes that have equal cost.
BGP (Border Gateway Protocol)

BGP is a path-vector routing protocol.
It is used between different autonomous
systems on the internet and is classified
as an exterior gateway protocol (EGP).
BGP (Border Gateway Protocol)

Functionality: BGP exchanges routing and reachability
information among edge routers on the internet. It makes routing
decisions based on paths, network policies, or rule-sets
configured by a network administrator, which can involve
multiple hops and is not solely based on shortest path.
Advantages: BGP is essential for the operation of the internet. It
allows for policy-based routing, which is crucial for maintaining
large-scale networks like the internet. It can manage thousands
of routes and updates dynamically to changes in network
conditions.
Feature OSPF (Open EIGRP (Enhanced BGP (Border Gateway
Shortest Path First) Interior Gateway Routing Protocol)
Protocol)

Type Link-state routing Advanced distance-vector Path-vector protocol
protocol routing protocol, often
described as a hybrid

Operational Used within a single Originally proprietary to Cisco Used between different
Environment autonomous system but now partially open autonomous systems, Exterior
(AS), Interior Gateway standard, used within a single Gateway Protocol (EGP)
Protocol (IGP) AS (IGP)

Mechanism - Exchanges link-state - Uses the Diffusing Update - Exchanges routing and
advertisements (LSAs) Algorithm (DUAL) for loop-free reachability information among
to build a network map- routing- Sends partial updates ASes- Determines best path
Uses the Dijkstra reducing bandwidth usage based on policy, not just
algorithm to compute the shortest path
shortest path
Use Cases - Ideal for medium to large - Predominantly used in smaller - Essential for Internet routing
enterprise networks- to medium-sized networks- between different ISPs- Used in
Supports complex Suitable for Cisco environments large-scale networks where
topologies with multiple policy-based routing is required
areas

Advantages - Fast convergence- Highly - Quick convergence and route - Highly scalable- Manages
scalable- Robust fault redundancy- Supports unequal thousands of routes- Allows
tolerance- Efficient traffic cost path load balancing complex routing policies
management

Key - IGP, suitable for internal - IGP, simpler and more efficient - EGP, crucial for Internet routing-
network routing- Shares but less versatile outside Cisco Exchanges path and policy
Differences
complete link-state environments information with other
information autonomous systems

Convergence Typically faster than BGP, Generally faster than BGP, Slower, due to complex decision
due to simpler decision optimized for quick adaptations processes involving vast route
Speed
processes within its operational scope and policy information

Protocol High complexity due to Less complex compared to High complexity due to the need
area configurations and OSPF and BGP, designed for to manage large-scale policy and
Complexity
LSA types efficiency path attribute configurations
Advanced Routing Protocols

Routing Protocols
Types of Dynamic Routing
Protocols
○ OSPF (Open Shortest Path First)
○ EIGRP (Enhanced Interior Gateway
Routing Protocol)
○ BGP (Border Gateway Protocol)
Network Security
IT 135 - Lesson 3
Network Security

What is Network Security?
Advantages and Importance of Network Security
Types of Network Security
Key Tools of Network Security
How Network Security Works
What is Network Security?

Network security involves implementing technologies,
processes, and policies designed to protect the integrity,
confidentiality, and accessibility of computer networks
and data.
The primary goal is to prevent unauthorized access,
misuse, malfunction, modification, destruction, or
improper disclosure, thereby creating a secure platform
for computers, users, and programs.
Advantages and Importance of Network Security

Protection Against Threats
Business Continuity
Compliance and Trust
Types of Network Security

Physical Security
Technical Security
Administrative Security
Types of Network Security

Physical Security
Physical security refers to the measures taken to protect the
physical infrastructure of an organization, including hardware,
buildings, and sensitive areas, from physical actions and
events that could cause serious loss or damage.
Examples:
Access Control, Surveillance, Environmental Controls
Types of Network Security

Technical Security
Technical security involves the use of software and hardware technologies
to protect data and resources within the network. This type of security
focuses on safeguarding information from cyber threats and ensuring data
integrity and confidentiality during transmission and storage.
Examples:
Encryption, Firewalls, Antivirus / Anti-malware Software, IDPS
Intrusion Detection and Prevention Systems (IDPS): Monitors network
traffic for suspicious activities and reacts automatically to block potential
threats.
Types of Network Security

Administrative Security
Administrative security includes the policies, procedures, and
controls that govern user access and behavior within the network. It
involves setting rules for how the network is used and how data is
managed, aligning security practices with organizational goals and
regulatory requirements.
Examples: Security Policies and Procedures, User
Authentication and Authorization, Training and Awareness
Programs
Key Tools of Network Security
Firewalls: Acts as a barrier between trusted and untrusted networks,
controlling incoming and outgoing traffic based on security rules.
Antivirus and Anti-malware Software: Scans the network and connected
devices for malicious software and files, removing or quarantining them to
prevent damage.
Intrusion Detection and Prevention Systems (IDS/IPS): Monitors network
traffic for suspicious activities and reacts by blocking or reporting them.
Virtual Private Networks (VPN): Creates a secure and encrypted connection
over a less secure network, typically the internet.
Encryption Tools: Ensures data security by encoding the information sent
across the network, making it accessible only to those who possess the
decryption keys.
How Network Security Works

Network Security Principles (CIA Triad)
1. Confidentiality
2. Integrity
3. Availability
How Network Security Works

Network Security Principles (CIA Triad)
1. Confidentiality:
Confidentiality involves ensuring that
sensitive information is accessed only by
authorized individuals and is not disclosed to
anyone unauthorized.
How Network Security Works

Network Security Principles (CIA Triad)
2. Integrity:
Integrity means maintaining the accuracy and
consistency of data over its entire lifecycle.
This principle ensures that information is not
altered in unauthorized ways.
How Network Security Works

Network Security Principles (CIA Triad)
3. Availability:
Availability ensures that information and
resources are available to authorized users
when needed. This principle involves keeping
systems running and accessible, despite errors
or attacks.
How Network Security Works

Core Processes in Network Security
1. Authentication
2. Authorization
3. Auditing and Monitoring
How Network Security Works

Core Processes in Network Security
1. Authentication
Authentication is the process of verifying the identity of a
user, device, or other entity in a network to ensure they are
who they claim to be before granting access to network
resources.
Examples:
Passwords, Two-Factor Authentication (2FA), Biometrics
How Network Security Works

Core Processes in Network Security
2. Authorization
Authorization is the process of granting the authenticated user
permission to access specific resources or perform specific actions
within a network.
Analogy: Think of it like having a key to a locked door within an
office. Just because you can enter the office building
(authentication) doesn't mean you have the key to every room
(authorization). You are only allowed into spaces relevant to
your work or role.
How Network Security Works
Core Processes in Network Security
3. Auditing and Monitoring
Auditing: Involves keeping records of user activities to ensure compliance
with security policies and to help in recovering lost transactions.
Helps in detecting and responding to incidents by providing a log of
user actions that can be reviewed after a security breach.
Monitoring: Continuous observation of network activities to identify and
respond to threats in real time.
Crucial for early detection of potential security threats, allowing for
immediate response to protect data and network integrity.
How Network Security Works

Defense Strategies in Network Security
1. Defense in Depth (Layered Security):
Defense in Depth is a security strategy that
employs multiple layers of defense to protect
network resources, ensuring that if one layer
fails, another will continue to provide protection.
How Network Security Works
Defense Strategies in Network Security
How Network Security Works

Defense Strategies in Network Security
2. Proactive Defense:
Proactive defense involves anticipating and mitigating
security threats before they can cause harm.
Components:
Vulnerability Management
Threat Intelligence
How Network Security Works

Defense Strategies in Network Security
3. Incident Response
Incident response is the methodology an
organization uses to respond to and manage a
cyber attack or breach, aiming to handle the
situation in a way that limits damage and reduces
recovery time and costs.
Network Security

What is Network Security?
Advantages and Importance of Network Security
Types of Network Security
Key Tools of Network Security
How Network Security Works
Network Troubleshooting
Methodologies
IT 135 - Networking 2 - Lesson 4
Network Troubleshooting Methodologies

Systematic Troubleshooting
OSI Model for Troubleshooting
Troubleshooting Techniques
Systematic Troubleshooting

Systematic troubleshooting is a structured
approach to efficiently identifying,
diagnosing, and resolving network issues.
It minimizes downtime and reduces the
impact on business operations.
Steps in Systematic Troubleshooting
Problem Identification
Recognize and define the issue based on symptoms reported by users
Information Gathering
Collect relevant data and logs to gain insights into the problem.
Problem Isolation
Narrow down the cause of the issue to a specific part of the network
Problem Resolution
Implement a solution to fix the identified issue.
Verification
Test the network to ensure the problem is resolved.
Using the OSI Model for Troubleshooting

Layer-by-Layer Analysis:
The OSI (Open Systems Interconnection) model
divides network communication into seven layers,
each responsible for specific functions.
Troubleshooting involves examining each layer to
pinpoint where issues occur.
Layer-by-Layer Analysis

Physical Layer (Layer 1)
This layer deals with physical connectivity issues such as faulty
cables or damaged ports.

Data Link Layer (Layer 2)
This layer handles data transfer between devices on the same
network segment. Issues can include MAC address conflicts or
errors in Ethernet frames.
Layer-by-Layer Analysis

Network Layer (Layer 3)
This layer manages the logical addressing and routing of data packets
between different networks. Common issues include IP address
conflicts or routing table errors.

Transport Layer (Layer 4)
This layer provides reliable data transfer services and error-checking
mechanisms. Problems may involve port blocking or issues with
TCP/UDP protocols.
Layer-by-Layer Analysis

Session Layer (Layer 5), Presentation Layer
(Layer 6), and Application Layer (Layer 7)
These layers manage communication sessions,
data formatting, and application-specific
functions. Issues can range from session
timeouts to application crashes.
Diagnostic Tools

Utilize specific tools for each layer:
Ping and Traceroute
Basic connectivity tests for troubleshooting network reachability
issues.
Packet Sniffers (like Wireshark)
Capture and analyze network traffic to diagnose complex
issues such as protocol errors or unauthorized access attempts.
Troubleshooting Techniques

Divide and Conquer
Segment the network to isolate the
problem area. This approach simplifies
troubleshooting by narrowing down
potential causes.
Troubleshooting Techniques

Top-Down Approach
Start troubleshooting from the application
layer and move downward through the OSI
layers. This approach is useful when issues
are application-specific.
Troubleshooting Techniques

Bottom-Up Approach
Begin troubleshooting from the
physical layer upwards. Effective for
diagnosing connectivity or
hardware-related issues.
Network Troubleshooting Methodologies

Systematic Troubleshooting
OSI Model for Troubleshooting
Troubleshooting Techniques
 Network Performance
Optimization - Quality of
Service (QoS)
IT 135 - Networking 2 - Lesson 5
Network Performance Optimization
Quality of Service (QoS)

Key Terms Review
Quality of Service (QoS)
Key Components of QoS
Network Performance Optimization
Key Terms Review:
VoIP (Voice over Internet Protocol)
Technology that allows telephone calls to be made over the internet
instead of through traditional telephone lines.
Latency
The time delay from the moment data is sent to when it is received. Low
latency is crucial for real-time applications like video calls.
Packet Loss
Occurs when data packets fail to reach their destination, which can lead
to disruptions in communication and data transfer.
Quality of Service (QoS)

QoS is a set of technologies and practices used to
manage and prioritize network traffic to ensure the
performance of critical applications.
Essential for networks that handle diverse types of
data traffic, particularly where real-time data needs
prioritization to function effectively, such as in VoIP
or streaming video.
Key Components of QoS

Classification and Marking
Queuing
Policing and Shaping
Congestion Management
Key Components Quality of Service (QoS)

Classification and Marking
The process of identifying and categorizing network
traffic by examining the data packets.
Enables the network to apply different QoS policies
to different types of traffic, ensuring that critical
applications receive higher priority.
Key Components Quality of Service (QoS)

Tools Used:
DPI (Deep Packet Inspection)
Looks deeply into the data passing through the
network to figure out what it is.
DSCP (Differentiated Services Code Point)
A way to mark packets to show the kind of service
they should get.
 Tools Used
Feature Deep Packet Inspection (DPI) Differentiated Services Code Point
(DSCP)
Definition A network packet filtering method that A field in the IP header that is used to
examines the data and header of a classify packets into different priority
packet as it passes through a checkpoint levels for quality of service (QoS).
to identify, manage, or block specific
data.
Primary Inspects the content and details within Prioritizes packets to manage network
Function data packets to ensure compliance, traffic flow and ensure quality service for
security, or data management. important applications.

Mechanism Analyzes both header and payload of Marks packets with a numerical value that
packets, looking for specific signatures indicates their priority level, influencing
or anomalies that match predefined how network devices handle these
security or management rules. packets.
 Tools Used
Feature Deep Packet Inspection (DPI) Differentiated Services Code Point
(DSCP)
Typical Use Used for security purposes such as Used in traffic shaping and network quality of
intrusion detection and prevention, content service (QoS) to prioritize essential traffic
filtering, and network monitoring. such as VoIP, streaming media, and critical
data applications.

Impact on Traffic Can block or reroute traffic based on the Does not block traffic but organizes packet
content found in packets, directly affecting handling priorities, ensuring that high-priority
what data is allowed through a network. traffic gets bandwidth preference.

Configuration High, as it requires detailed definitions of Moderate, involves setting priority levels but
Complexity what data patterns to look for and how to less detailed inspection of packet content.
respond to different types of data.

Performance Can be resource-intensive, potentially Generally low impact on performance as it
Impact slowing down traffic because each packet only involves checking header values and
must be thoroughly inspected. does not inspect packet contents.
Key Components Quality of Service (QoS)

Queuing
The method by which packets are held and
organized at network devices before being
forwarded.
Prevents buffer overflow and manages the service
order of packets, which is vital for maintaining the
quality of service during high traffic periods.
Key Components Quality of Service (QoS)

Queuing

FIFO (First-In, First-Out)
A simple queuing algorithm where packets are
processed in the order they arrive, with no
priority differentiation.
Key Components Quality of Service (QoS)

Queuing

PQ (Priority Queuing)
A queuing method that processes packets
based on priority levels, with higher priority
packets processed before lower ones.
Key Components Quality of Service (QoS)

Queuing

WFQ (Weighted Fair Queuing)
An intelligent queuing method that assigns
bandwidth to packets based on weights, ensuring
a fair distribution of resources.
 Queuing
Feature FIFO (First-In, First-Out) PQ (Priority Queuing) WFQ (Weighted Fair
Queuing)

Definition A simple queuing A queuing method that An intelligent queuing method
algorithm where packets processes packets based that assigns bandwidth to
are processed in the order on priority levels, with packets based on weights,
they arrive, with no priority higher priority packets ensuring a fair distribution of
differentiation. processed before lower resources.
ones.

Mechanism Packets are queued and Packets are classified into Packets are classified and
processed sequentially as different priority classes; assigned weights; packets
they arrive at the queue. within each class, they from flows with higher weights
First packet in is the first are treated in FIFO order. are given more bandwidth, but
packet out. all flows are guaranteed some
bandwidth.
 Queuing
Feature FIFO (First-In, First-Out) PQ (Priority Queuing) WFQ (Weighted Fair Queuing)

Advantages Simple to implement and Ensures that critical packets Provides fairness among flows,
understand. No processing (like real-time traffic) are preventing any single flow from
delay added by processed quickly, reducing dominating the bandwidth; good
prioritization. latency for important data. for mixed traffic environments.

Disadvantages No prioritization, which can Can lead to starvation of More complex to implement and
lead to poor performance for lower priority traffic if requires more processing power
time-sensitive data if stuck high-priority traffic is to calculate and maintain
behind large or numerous constant. weights.
packets.

Typical Use Suitable for small or Ideal for networks where Best used in environments
uncomplicated networks priority levels are clear and where bandwidth needs to be
where traffic patterns are maintaining the quality of allocated among many users or
predictable and not highly service for high-priority applications fairly, such as large
variable. traffic is critical. enterprise networks.
Key Components Quality of Service (QoS)

Policing
A method of controlling the rate of network traffic by reducing
the flow of packets that exceed a specified rate limit.
Prevents certain traffic from consuming too much bandwidth,
ensuring availability for other critical services.
Shaping
Smooths out traffic spikes by delaying packets to fit them into a
desired traffic profile.
Helps maintain consistent traffic flow and reduces congestion.
Policing
Feature Policing Shaping
Definition A method of controlling the rate of network A technique used to regulate network
traffic by enforcing a limit on the bandwidth traffic by delaying packets to conform to
that certain types of traffic can use. If traffic a specified traffic profile, effectively
exceeds this limit, it is either dropped or smoothing out bursts of traffic.
marked down for lower priority.
Importance Policing is crucial for preventing bandwidth Shaping is important for maintaining a
overuse by limiting high-volume traffic, consistent flow of traffic, reducing peaks
which ensures that sufficient bandwidth is of data that can cause congestion and
available for other critical services and degrade overall network performance.
applications.
Typical Usage Used in situations where it is critical to Often used in broadband networks to
strictly enforce bandwidth limits for certain manage data flow from the network to
types of traffic, such as limiting the user, ensuring that all users get a fair
non-essential applications during peak share of bandwidth and preventing any
usage times to preserve bandwidth for single user from overwhelming the
critical services. network.
Policing
Feature Policing Shaping
Impact on Can result in dropped packets if Does not drop packets but
Traffic the traffic exceeds predefined delays them, managing traffic
bandwidth limits, which may be flow more gently than policing
acceptable for non-critical and thus preserving data
applications but not for essential integrity while controlling
services. bandwidth usage.
Configuration policing-rate 100 mbps - Any traffic-shape rate 100 mbps -
Example traffic exceeding 100 Mbps is Traffic is allowed to burst to
either dropped or marked as higher speeds but averaged out
lower priority. to 100 Mbps to prevent
long-term congestion.
Key Components Quality of Service (QoS)
Congestion Management
Techniques:
Tail Drop
Drops packets at the tail end of the queue when no more space
is available, simple but can lead to TCP synchronization issues.
WRED (Weighted Random Early Detection)
Proactively manages congestion by beginning to drop packets
before the transmission buffer becomes full, based on the priority
of the packet.
 Congestion Management
Feature Tail Drop WRED (Weighted Random Early
Detection)
Definition A congestion management An intelligent congestion avoidance
technique where packets are technique that starts dropping packets before
dropped from the tail end of the the queue becomes full, based on their
queue when no more space is priority.
available.
Function Drops the newest arriving packets Drops packets selectively based on their
that find the queue full, without priority level and the current size of the
discrimination between types of queue, aiming to prevent the queue from
traffic. becoming full.
Effects Simple and straightforward, but can Helps to smooth out potential bursts of traffic
cause TCP synchronization issues by reducing the flow gradually before the
as all packets are treated equally, point of congestion, thus minimizing the need
leading to potential for retransmission.
retransmissions.
 Congestion Management
Feature Tail Drop WRED (Weighted Random Early
Detection)
Typical Usage Used in scenarios where a basic, Suited for larger or more complex networks
low-overhead method is sufficient where different types of traffic need to be
to handle congestion, such as in treated according to their importance and
smaller or less complex networks. where minimizing retransmissions is crucial.
Advantages Easy to implement with minimal Reduces the likelihood of queue overflow
processing requirements. and provides fair bandwidth distribution
among different traffic classes.
Disadvantages Can lead to global TCP More complex to configure as it requires
synchronization, where multiple setting different thresholds and weights for
TCP flows reduce their various traffic types.
transmission rates at once, thus
reducing overall network
throughput.
Network Performance Optimization
Quality of Service (QoS)

Key Terms Review
Quality of Service (QoS)
Key Components of QoS
Security Protocols
IT 135 - Networking 2 - Lesson 6
Security Protocols

SSL - Secure Sockets Layer
TLS - Transport Layer Security
IPSec - Internet Protocol Security
SSL - Secure Sockets Layer

SSL is a security protocol developed to provide secure
communication over the Internet by encrypting the
data transmitted between two systems.
History: Originally developed by Netscape in 1995,
SSL has undergone several revisions to enhance
security, eventually evolving into TLS (Transport Layer
Security).
How SSL Works

Handshake Protocol:
Purpose: Establishes a secure connection between a client and a
server.
Process: Involves key exchange and authentication to ensure that
both parties are legitimate and can communicate securely.
Key Exchange: Typically uses asymmetric encryption to establish a
shared secret without actually sending it over the network.
Authentication: Usually involves certificates to verify the server’s (and
optionally the client’s) identity.
How SSL Works

Record Protocol:
Function: Ensures that the data exchanged
through an SSL connection is encrypted and
reliable.
Mechanism: Encrypts the data using symmetric
encryption based on the keys generated during
the handshake.
SSL is commonly used

Web Browsing
Secure Websites: Websites that require users to log in or enter
personal information use SSL to secure these interactions.
When you visit a website whose URL starts with "https://" rather
than "http://", it means SSL is protecting your connection. The
's' stands for 'secure'.
Example Sites: Banking websites, online retailers, and any
services requiring user registration or data input, like Amazon,
eBay, and all major banks.
SSL is commonly used

Email Communications
Email Encryption: Email services use SSL to encrypt the
connection between email clients and their servers. This
prevents unauthorized access to email messages while
they are in transit.
Email Providers Using SSL: Gmail, Yahoo Mail, and
Microsoft Outlook all use SSL to secure users' emails from
eavesdropping.
SSL is commonly used

File Transfers
FTP Over SSL (FTPS): While traditional FTP does not
encrypt its traffic, FTPS adds a layer of security by using
SSL to encrypt commands and data. This ensures secure
file transfers between a client and server.
Example Usage: Uploading files to a web server,
transferring sensitive data between internal networks in
corporate environments.
SSL is commonly used

Online Transactions
E-Commerce: SSL certificates are crucial for online stores
and any businesses that handle credit card transactions,
personal information, or login credentials. SSL encryption
protects this data against cyber theft.
Example Platforms: Shopify, WooCommerce, and other
e-commerce platforms integrate SSL to secure all
transactions.
SSL is commonly used

Cloud Services
Data Encryption: Cloud-based applications use SSL to
secure data in transit. Whether it's accessing Google
Docs or streaming content on Netflix, SSL helps to
ensure that data exchanged with the cloud is not
intercepted.
Example Services: Google Apps, Microsoft Office 365,
Dropbox, and other cloud storage or SaaS providers.
SSL is commonly used

VPN Connections
Secure Remote Access: VPNs use SSL to create
secure "tunnels" through which remote employees
can access their company networks safely over the
Internet.
Example Applications: SSL VPNs are offered by
Cisco, SonicWall, and Fortinet for secure remote
access to corporate networks.
SSL is commonly used

VoIP Communications
Securing Voice Calls: VoIP services use SSL to
encrypt voice communication, protecting calls from
interception and eavesdropping.
Example Providers: Skype, WhatsApp, and other
VoIP platforms often employ SSL/TLS to secure call
setup and signaling.
TLS - Transport Layer Security

TLS (Transport Layer Security) is an
updated, more secure version of SSL
(Secure Sockets Layer). It's extensively
used across the internet to protect the
privacy and integrity of exchanged data and
communications.
Improvements over SSL

Enhancements: TLS includes stronger encryption
algorithms and more robust mechanisms to
prevent attacks such as cipher block chaining
(CBC) attacks and padding oracle attacks.
Protocol Support: Provides better support for modern
cryptographic algorithms and flexible
configurations.
Improvements over SSL
Key Components:
TLS Handshake:
Enhanced Security: Utilizes more secure algorithms for encryption
and hashing.
Flexible Architecture: Allows negotiation of which encryption method
and cryptographic keys to use without prior arrangement.
TLS Record Layer:
Improved Features: Includes mechanisms for integrity check and
encryption, ensuring that the communication is not only secure
but also reliable.
 Improvements over SSL

Aspect SSL (Secure Sockets Layer) TLS (Transport Layer Security)
Security Strength Uses older encryption algorithms; some Uses stronger, more modern encryption algorithms
versions are now deprecated and considered and is consistently updated to enhance security.
insecure.

Protocol Versions Older protocol with versions like SSL 2.0 and Includes versions from TLS 1.0 to TLS 1.3, with
SSL 3.0, which are vulnerable to several types each subsequent version improving on the security
of cryptographic attacks. and efficiency of the previous. TLS 1.3 significantly
increases security and performance.

Handshake Process Handshake is less efficient and secure, Streamlined handshake process in TLS 1.3, which
susceptible to vulnerabilities like cipher block reduces the number of round trips needed to
chaining attacks. establish a secure connection, enhancing both
security and connection speed.

Certificate Less flexible in certificate verification, which Provides robust mechanisms for certificate
Verification can expose communications to certain verification, supporting a wide range of
vulnerabilities. cryptographic algorithms and flexible configurations.
Improvements over SSL
Aspect SSL (Secure Sockets Layer) TLS (Transport Layer Security)

Industry Support Largely phased out due to known security Widely adopted as the standard protocol for
and Adoption flaws. No longer supported by most modern secure web communications. Supported by all
browsers and web servers. modern browsers and is mandatory for many
compliance standards.

Performance and Generally slower due to less efficient Offers improvements in performance, especially
Efficiency handshake and encryption processes. noticeable in TLS 1.3, due to a more efficient
handshake process and better use of modern
CPUs.

Common Usage Historically used for web browsing, emails, Used across all platforms that require secure
Examples and file transfers but now replaced by TLS communications, including web browsing,
in these applications due to security emails, online transactions, cloud services, and
concerns. more.
IPSec - Internet Protocol Security

IPSec (Internet Protocol Security) is a suite of
protocols designed to secure Internet communications
by authenticating and encrypting each IP packet of a
data stream. It is used extensively to provide secure,
encrypted communications between two or more
endpoints over potentially unsecured networks, such
as the Internet.
How IPSec Works
Transport Mode:
Function: Encrypts only the payload of the IP packet, leaving the header
unencrypted.
Use Case: Typically used for end-to-end communication between a client and
a server.
Tunnel Mode:
Function: Encrypts both the payload and the headers of the IP packet.
Use Case: Commonly used for VPNs to secure the entire packet for it to be
sent over an untrusted network.
Key Operations

Authentication Headers (AH): Provides
authentication and integrity but does not encrypt
data.

Encapsulating Security Payloads (ESP): Provides
confidentiality, integrity, and authentication by
encrypting the packet data.
Examples where IPSec is commonly utilized

VPN Connections
Corporate VPNs: Many organizations use IPSec to secure VPNs
that connect remote employees to corporate networks. This
ensures that all data transmitted between remote workers and the
company's internal network is encrypted and secure from
eavesdropping or interception.
Example: A company might configure IPSec VPNs to allow
employees to access sensitive financial systems and internal
documents securely from outside the office.
Examples where IPSec is commonly utilized

Site-to-Site VPN
Branch Office Connectivity: IPSec is often used to connect
different branches of a company via the internet securely. It
allows network traffic to travel securely between sites without
the need for expensive leased lines.
Example: A retail chain could use an IPSec VPN to securely
connect the point-of-sale systems in its various stores back to its
main inventory database located at the headquarters.
Examples where IPSec is commonly utilized

Secure File Transfer
Data Encryption: For industries that require secure file transfer
capabilities, such as healthcare or finance, IPSec provides a
reliable way to encrypt file transfers between systems across
unsecured networks like the internet.
Example: A financial institution uses IPSec to ensure that
transactions and customer data exchanged with external audit
systems are secure and private.
Examples where IPSec is commonly utilized

Government and Military Communications
Defense Communications: Given its strong security
features, IPSec is extensively used in military and
government applications to secure classified
communications.
Example: Government agencies use IPSec to protect
sensitive diplomatic communications between embassies
across the globe.
Examples where IPSec is commonly utilized

Mobile Device Security
Mobile VPNs: IPSec is also used to secure mobile VPN
connections, providing reliable security for mobile devices
that need to access corporate resources securely.
Example: Employees use IPSec VPN on their smartphones
and tablets to access corporate emails and applications
securely while traveling.
Security Protocols

SSL - Secure Sockets Layer
TLS - Transport Layer Security
IPSec - Internet Protocol Security
Wireless Networking Standards and Technology -
IEEE 802.11 Standards
IT 135 - Networking 2 - Lesson 7.1
Wireless Networking Standards and Technology

IEEE 802.11 Standards
○ WLAN Standards
○ Key Wireless Technologies
○ IEEE 802.11 Standards
○ Applications and Limitations
WPA3 Security
WLAN Standards

Brief History:
Early Beginnings: The concept of Wireless Local Area Networks (WLAN)
emerged in the late 1980s as a solution to connect devices without the
need for physical cabling. Initially, these systems were proprietary and
lacked standardization, leading to compatibility issues.
Standardization Effort: The IEEE (Institute of Electrical and Electronics
Engineers) formed a committee in 1990 to create a standard that would
ensure interoperability among different manufacturers’ devices. This led to
the introduction of the first IEEE 802.11 standard in 1997.
Role of IEEE 802.11 Standards

Interoperability
Compatibility
Innovation and Growth
Key Wireless Technologies

MIMO (Multiple Input Multiple Output)
MU-MIMO (Multi-User Multiple Input
Multiple Output)
OFDMA (Orthogonal Frequency
Division Multiple Access)
MIMO (Multiple Input Multiple Output)

MIMO technology involves using multiple
antennas at both the transmitter and receiver to
improve communication performance. It
enhances the capacity and reliability of the
wireless connection without requiring additional
bandwidth or increased transmit power.
MU-MIMO (Multi-User Multiple Input Multiple Output)

An extension of the basic MIMO
technology, MU-MIMO allows a single
wireless router or access point to
communicate with multiple devices
simultaneously, rather than sequentially.
OFDMA (Orthogonal Frequency Division Multiple Access)

OFDMA is a multi-user version of the popular
Orthogonal Frequency-Division Multiplexing
(OFDM) digital modulation technology. OFDMA
subdivides a communication channel into
multiple narrowband channels at different
frequencies to enhance spectral efficiency,
reduce interference, and increase throughput.
 Technology Definition How It Works

MIMO (Multiple MIMO uses multiple antennas at By utilizing spatial multiplexing, MIMO
Input Multiple both the transmitter and receiver to sends and receives multiple data
Output) improve communication signals simultaneously, increasing
performance. data rate and range.

MU-MIMO An advancement of MIMO that Divides the bandwidth into separate
(Multi-User allows a wireless router to streams for multiple users, reducing
Multiple Input communicate with multiple devices wait times and enhancing network
Multiple Output) simultaneously. efficiency for multiple device
environments.
OFDMA A version of OFDM designed for Assigns subsets of subcarriers to
(Orthogonal multiple users, improving spectral different users, allowing multiple
Frequency efficiency and throughput by low-data-rate transmissions
Division Multiple subdividing channels into simultaneously, which is ideal for
Access) narrowband frequencies. dense user environments.
IEEE 802.11 Wireless Standards - Functions and Applications
1. IEEE 802.11a

A wireless networking standard that operates in the 5 GHz band and provides a maximum
data rate of 54 Mbps.

Example: Suitable for office settings where higher speed and lower interference from
other devices are needed.

2. IEEE 802.11b

Operates at 2.4 GHz frequency, offering up to 11 Mbps. It was notable for its broad
compatibility and lower cost.

Example: Commonly used in residential internet setups during the early 2000s.
IEEE 802.11 Wireless Standards - Functions and Applications
3. IEEE 802.11g
Combines the benefits of 802.11a and 802.11b, operating at 2.4 GHz with a
maximum throughput of 54 Mbps.
Example: Used in both homes and small businesses to provide faster internet
speeds without the need for new hardware compatible with 5 GHz
frequencies.
4. IEEE 802.11n (Wi-Fi 4)
Introduces MIMO technology and operates on both 2.4 GHz and 5 GHz bands,
with speeds up to 600 Mbps.
Example: Ideal for streaming high-definition video or supporting a high
number of devices in a home or business network.
IEEE 802.11 Wireless Standards - Functions and Applications
5. IEEE 802.11ac (Wi-Fi 5)
Operates only in the 5 GHz band and supports higher data rates over 1 Gbps
through wider channels and more spatial streams.
Example: Used in larger environments like offices and educational institutions
to support high-speed connections and heavy data usage.
6. IEEE 802.11ax (Wi-Fi 6)
Enhances efficiency in crowded environments using new technologies like
OFDMA and MU-MIMO, offering improved throughput and capacity.
Example: Suitable for smart homes, IoT environments, and high-density areas
like stadiums or urban centers where many devices connect simultaneously.
 Standard Frequency Band Max Data Rate Definition Typical Use Case

IEEE 802.11a 5 GHz 54 Mbps Operates in the 5 GHz band and Used in offices for
offers higher speeds with reduced high-speed connections with
interference. less interference.

IEEE 802.11b 2.4 GHz 11 Mbps Operates at 2.4 GHz, known for Ideal for residential internet
broad compatibility and lower setups from the early 2000s.
cost.

IEEE 802.11g 2.4 GHz 54 Mbps Combines the benefits of 802.11a Common in homes and
and b, offering higher speeds at small businesses for faster
the more common 2.4 GHz internet access.
frequency.

IEEE 802.11n 2.4/5 GHz 600 Mbps Introduces MIMO technology, Suitable for streaming HD
improving speed and range on video and supporting
both 2.4 GHz and 5 GHz bands. multiple devices.

IEEE 802.11ac 5 GHz Over 1 Gbps Provides higher data rates Used in larger settings like
through wider channels and more offices and schools for
spatial streams in the 5 GHz heavy data usage.
band.

IEEE 802.11ax 2.4/5 GHz Higher than 1 Enhances efficiency in crowded Ideal for smart homes, IoT
Gbps environments with technologies devices, and crowded areas
like OFDMA and MU-MIMO. like stadiums.
Limitations and Challenges
Standard Frequency Band Applications Limitations
802.11b/g/n 2.4 GHz Suitable for home and small Prone to interference due to
(Wi-Fi 4) office environments, ideal for congestion in the 2.4 GHz band,
basic internet activities like leading to potential slower speeds and
browsing and streaming. disconnections.
802.11a 5 GHz Originally used in business Limited by shorter range and poor wall
environments to reduce penetration, less commonly used now.
interference in crowded settings.
802.11ac 5 GHz Ideal for large businesses and Requires modern hardware for
(Wi-Fi 5) academic institutions needing optimal performance, increasing setup
high-speed connections for costs.
multiple devices.
802.11ax 2.4/5 GHz Optimized for high-density High initial hardware costs and may
(Wi-Fi 6) environments like stadiums or require users to upgrade existing
IoT setups, managing many devices to fully benefit.
devices efficiently.
Devices by IEEE 802.11 Standard and Frequency Band
Standard Frequency Band Typical Devices

802.11b/g/n 2.4 GHz Older laptops and desktops, budget smartphones, home routers,
(Wi-Fi 4) IoT devices like smart thermostats and security cameras.

802.11a 5 GHz Older enterprise-grade equipment, often replaced or
supplemented by newer ac/ax standards in modern setups.

802.11ac 5 GHz Modern smartphones, tablets, laptops, high-performance routers,
(Wi-Fi 5) smart TVs, and streaming devices that require high bandwidth for
activities like streaming HD/4K video.

802.11ax 2.4/5 GHz Latest smartphones, high-end laptops, next-generation routers,
(Wi-Fi 6) and devices designed for dense environments and efficiency,
such as enterprise-grade hardware in offices or campuses.
Wireless Networking Standards and Technology

IEEE 802.11 Standards
○ WLAN Standards
○ Key Wireless Technologies
○ IEEE 802.11 Standards
○ Applications and Limitations
WPA3 Security
Wireless Networking Standards and Technology -
WPA3 Security
IT 135 - Networking 2 - Lesson 7.2
Wireless Networking Standards and Technology

IEEE 802.11 Standards
WPA3 Security
○ WPA (Wi-Fi Protected Access)
○ Wireless Security Timeline
○ WPA3 Features
WPA (Wi-Fi Protected Access)

WPA was developed by the Wi-Fi Alliance to
secure wireless computer networks. Introduced
in 2003, it was designed to improve upon the
security features of WEP without requiring new
hardware. WPA provides stronger encryption
and user authentication than WEP.
Wireless Security Timeline

WEP (Wired Equivalent Privacy)
WPA (Wi-Fi Protected Access )
WPA2 (Wi-Fi Protected Access 2)
WPA3 (Wi-Fi Protected Access 3)
 Standard Introduction Year Key Security Features Vulnerabilities

WEP (Wired Late 1990s Basic encryption methods Easily compromised due
Equivalent Privacy) to weak encryption

WPA (Wi-Fi 2003 Uses TKIP (Temporal Key Still vulnerable to certain
Protected Access) Integrity Protocol) attacks despite
improvements over WEP

WPA2 (Wi-Fi 2004 Implements AES (Advanced Known vulnerabilities
Protected Access Encryption Standard) exploited in attacks like
2) KRACK (Key
Reinstallation Attack)

WPA3 (Wi-Fi 2018 Enhances security, addresses Designed to counteract
Protected Access vulnerabilities of WPA2, uses modern cyber threats, no
3) 192-bit encryption major vulnerabilities
reported yet
WPA3 Features

Enhanced Encryption
Improved Authentication
Forward Secrecy
 Enhanced Encryption
Feature 128-bit Encryption 192-bit Encryption
Key Combinations 2^128 possible combinations 2^192 possible
combinations
Security Level Considered secure against brute Provides significantly higher
force attacks with current security, out of reach for
technology. current and foreseeable
future technology, including
early quantum computers.
Computational Power Feasible with future Requires exponentially
to Crack advancements in computing, more computational power,
including potential quantum making it impractical to
computing capabilities. crack with existing or
near-future technology.
Enhanced Encryption
Feature 128-bit Encryption 192-bit Encryption
Standard Compliance Meets commercial security Meets the Commercial National
standards for protecting general Security Algorithm (CNSA) Suite
business and personal data. standards, designed for top secret
and highly sensitive information.

Typical Use Cases Suitable for consumer and Ideal for government, military, and
corporate environments where other high-security environments
extremely high-level security is not where protection of highly
the primary concern. sensitive data is critical.

Performance Impact Minimal impact on system May impact system performance
resources, offering a good due to the increased complexity,
balance between security and requiring more robust hardware
performance. for efficient management.
Improved Authentication

SAE (Simultaneous Authentication of Equals): Replaces WPA2’s
PSK (Pre-shared Key) with a more secure handshake
mechanism.
WPA3 introduces an enhanced authentication method called
Simultaneous Authentication of Equals (SAE), which significantly
improves upon the Pre-shared Key (PSK) system used in
WPA2. This upgrade addresses inherent weaknesses in the
older system that made it susceptible to security breaches.
SAE Mechanism: Unlike the PSK used in WPA2, which involves a shared key
that could be exposed or guessed, SAE employs a more robust, handshake-based
process. This process uses a cryptographic exchange that ensures both parties
(the Wi-Fi client and the access point) prove to each other that they know the
password without actually exchanging the password itself.

How It Works: SAE uses a method called "Dragonfly Key Exchange," a form of
elliptic curve cryptography, to create a secure channel. This method protects
against passive and active attacks, including those where an attacker attempts to
masquerade as a legitimate user or network.
Forward Secrecy

Ensures that session keys cannot be used to decrypt past
sessions, even if a future session key is compromised.
Forward secrecy is a critical security feature in
cryptographic protocols, which is fully implemented in the
WPA3 standard for Wi-Fi security. It is designed to protect
past communication sessions from future compromises, an
essential aspect as cyber threats continue to evolve.
Forward Secrecy

Mechanism: Forward secrecy ensures that each session
between a Wi-Fi client and an access point uses a unique set of
encryption keys. These keys are not derived from a static or
reused master key but are instead generated dynamically for
each session.
Key Exchange: The generation of these keys typically involves
complex key agreement protocols, such as those based on
Diffie-Hellman or elliptic curve Diffie-Hellman exchanges, which
allow the keys to be established securely even over a public
channel without revealing the keys themselves.
Wireless Networking Standards and Technology

IEEE 802.11 Standards
WPA3 Security
○ WPA (Wi-Fi Protected Access)
○ Wireless Security Timeline
○ WPA3 Features
Emerging Network
Technologies
IT 135 - Networking 2 - Lesson 8
Emerging Network Technologies

Key Aspects
Examples of Emerging Network Technologies
○ Software Defined Networking (SDN)
○ Network Functions Virtualization (NFV)
○ Internet of Things (IoT) Connectivity
○ 5G Networks
○ Multi-access Edge Computing (MEC)
○ Quantum Networking
Emerging Network Technologies

Emerging network technologies refer to the
latest advancements and innovations in
networking that aim to improve the
efficiency, security, scalability, and
manageability of communication networks.
Key Aspects of Emerging Network Technologies

Innovation in Network Management and Operation
Enhanced Flexibility and Scalability
Increased Network Functionality
Cost Efficiency
Support for Diverse Applications
Examples of Emerging Network Technologies

Software Defined Networking (SDN)
Network Functions Virtualization (NFV)
Internet of Things (IoT) Connectivity
5G Networks
Multi-access Edge Computing (MEC)
Quantum Networking
Software Defined Networking (SDN)

SDN is a transformative networking architecture
that separates the network's control logic (control
plane) from the underlying routers and switches
that forward traffic (data plane), allowing for more
centralized and flexible network management.
Software Defined Networking (SDN) Examples
Data Center Network Management
Google B4: Google uses SDN for its internal data center networks, notably with its B4
SDN that manages inter-data center traffic. This deployment allows Google to manage
complex network behaviors to optimize traffic flow across their massive global
infrastructure.
Network Traffic Control
AT&T Domain 2.0 Initiative: AT&T has implemented SDN across its networks to
improve network management and reduce operating costs. This initiative helps AT&T to
dynamically adjust and optimize network routing and manage services more efficiently.
Cloud Networking
Microsoft Azure: Azure uses SDN to provide virtual networking capabilities to its cloud
services. This enables features such as Azure Virtual Network, allowing customers to
securely link Azure virtual machines to one another and to on-premises data centers.
Network Functions Virtualization (NFV)
NFV decouples network functions such as routing, firewalling, and load balancing
from dedicated hardware, instead running them as software on virtualized hardware.
Key Features:
Hardware Independence: Allows network services to be hosted on generic
hardware, reducing dependency on proprietary hardware.
Scalability and Flexibility: Makes it easier to scale up or down network services
without the need for additional physical hardware, adapting quickly to network
demand.
Reduced Costs: Lowers both capital expenditure (CAPEX) and operational
expenditure (OPEX) by minimizing the need for specialized hardware and
reducing power and space requirements.
Network Functions Virtualization (NFV) Examples
Virtualized Network Functions (VNF)

Verizon Virtual Network Services: Verizon offers NFV-based services that allow businesses to
deploy and manage network services such as security, WAN optimization, and SD-WAN on a
universal customer premises equipment (uCPE). This approach reduces the need for dedicated
network hardware.

Service Providers

Orange: This telecommunications operator uses NFV to virtualize its mobile gateway, allowing it
to scale operations quickly and efficiently in response to customer demand without the need for
additional physical infrastructure.

Enterprise NFV

Cisco’s Enterprise NFV: Provides enterprise customers with NFV solutions to virtualize their
network services (routing, firewall, WAN optimization) on supported hardware platforms,
simplifying branch office deployments and management.
Internet of Things (IoT) Connectivity
IoT refers to the extension of internet connectivity into physical devices and
everyday objects, allowing them to communicate and interact with others over
the internet, and they can be remotely monitored and controlled.
Key Features:
Interconnectivity: Enables devices to collect and exchange data
automatically, fostering integration between the physical world and
computer-based systems.
Automation and Control: Simplifies tasks and enhances communication
within the smart environments, be it homes, cities, or industries.
Efficiency Improvements: Boosts the efficiency of energy use, logistics,
and consumption in various environments.
Internet of Things (IoT) Connectivity Examples
Smart Homes
Amazon Echo and Smart Home Devices: Amazon’s Echo uses IoT connectivity to
control smart devices within homes. It can connect with lights, thermostats, and
security systems to provide users with a seamless home automation experience.
Industrial IoT (IIoT)
GE Predix: GE’s Predix platform provides IoT connectivity for industrial environments,
enabling machinery and equipment to collect and analyze data. This helps in
predictive maintenance and efficiency optimizations across various industries.
Smart Cities
Barcelona Smart City: Barcelona has implemented various IoT initiatives, including
smart lighting and waste management systems that use IoT connectivity to optimize
energy usage and improve city services.
5G Networks
5G is the fifth generation of mobile network technology, succeeding 4G. It offers
significantly faster data speeds, reduced latency, and more reliable connectivity
compared to its predecessors.

Key Features:

High Speed: Enables much faster data download and upload speeds,
potentially up to 10 gigabits per second.
Low Latency: Reduces the communication delay to as low as 1 millisecond,
enhancing performance for real-time applications.
Massive Connectivity: Supports a vast number of connected devices per
square kilometer, suitable for urban environments and IoT deployments.
5G Networks Applications

Autonomous Vehicles: Utilize 5G for real-time data
transmission, essential for navigation and safety.
Smart Cities: Leverage 5G to connect thousands of sensors
and devices for traffic management, security, and
environmental monitoring.
Telemedicine: Employs 5G's low latency and high bandwidth
for remote diagnostics and surgical procedures, making
healthcare more accessible.
Multi-access Edge Computing (MEC)

MEC is a network architecture concept that brings cloud computing
capabilities and an IT service environment to the edge of the network,
closer to the user or data source.
Key Features:
Low Latency: Reduces the delay by processing data near the source
rather than relying on distant servers.
Improved Efficiency: Saves bandwidth and speeds up processing by
handling data locally.
Location Awareness: Facilitates the delivery of contextual services
based on the user’s location.
Multi-access Edge Computing (MEC) Applications

Augmented Reality: Enhances AR applications by
processing complex tasks like image recognition at the
network edge to reduce latency.
Content Delivery: Optimizes video streaming and gaming
with edge servers that cache content close to users,
minimizing buffering.
Industrial IoT: Supports IoT devices in manufacturing for
real-time analytics and decision-making, improving
operational efficiency.
Quantum Networking
Quantum networking involves using quantum signals to transmit information more
securely than traditional networks. It leverages principles of quantum mechanics, such
as quantum entanglement and superposition, to achieve communication that cannot be
intercepted without detection.

Key Features:

Quantum Key Distribution (QKD): Uses quantum mechanics to securely
distribute encryption keys.
Unhackable Networks: Offers a level of security that is fundamentally protected
by the laws of physics, making it virtually impossible to intercept or tamper with.
Entanglement: Enables instant transfer of the state between quantum bits, even
over long distances.
Quantum Networking Applications

Secure Communications: Governments and financial
institutions can use quantum networks for transmitting
sensitive information securely.
Quantum Internet: Researchers are working on
developing a quantum internet that will radically change
how data is transmitted across the globe.
Scientific Research: Quantum networks enhance secure
sharing of data among research institutions, enabling
collaboration on quantum computing research.
Emerging Network Technologies

Key Aspects
Examples of Emerging Network Technologies
○ Software Defined Networking (SDN)
○ Network Functions Virtualization (NFV)
○ Internet of Things (IoT) Connectivity
○ 5G Networks
○ Multi-access Edge Computing (MEC)
○ Quantum Networking