Cyber Security - Network Fundamentals PDF

Summary

This document provides an introduction to computer networks, covering topics such as network components, types of networks (LAN, WAN), internet access, trends (BYOD, cloud), and network characteristics (fault tolerance, scalability).

Full Transcript

# CYBER SECURITY ## INFO1220 Network Fundamentals ### Lesson I Intro to Networks ### Introduction What is networking? - Communications - Word of mouth - Cell phone/telephone - Computer network ### Computer Networks - System of computers, print devices, network devices, and computer software -...

# CYBER SECURITY ## INFO1220 Network Fundamentals ### Lesson I Intro to Networks ### Introduction What is networking? - Communications - Word of mouth - Cell phone/telephone - Computer network ### Computer Networks - System of computers, print devices, network devices, and computer software - Transmit data, voice, video over cables, fiber-optics, radio waves, microwaves - Most important advantage - ability to share information (documents, data, pictures etc.) ### Networks - Networks support the way we: - Learn - Communicate - Work - Play ### Networks of Many Sizes - Networks come in all sizes, from simple networks consisting of two computers to networks connecting millions of devices. - Simple networks enable sharing of resources, between a few local computers. - In businesses and large organizations, networks can be used to provide rapid communication, storage, and access to information on network servers. - The internet is the largest network in existence. In fact, the term internet means a 'network of networks'. The internet is literally a collection of interconnected private and public networks ### Client Server - All computers connected to a network that participate directly in network communication are classified as hosts. Servers are hosts that have software installed that enable them to provide information, like email or web pages, to other hosts on the network. Clients are computer hosts that have software installed that enable them to request and display the information obtained from the server ### Peer to Peer - Client and server software usually runs on separate computers, but it is also possible for one computer to carry out both roles at the same time. In small businesses and homes, many computers function as the servers and clients on the network. This type of network is called a peer-to-peer network. ### Network Components - Devices and media are the physical elements, or hardware, of the network. Hardware is often the visible components of the network platform such as a laptop, PC, switch, router, wireless access point, or the cabling used to connect the devices. ### Devices - An end device is either the source or destination of a message transmitted over the network - to distinguish one end device from another, each end device on a network is identified by an address. - Intermediary devices connect the individual end devices to the network and provide connectivity and ensure that data flows across the network. ### Network Components - Devices and media are the physical elements, or hardware, of the network. Hardware is often the visible components of the network platform such as a laptop, PC, switch, router, wireless access point, or the cabling used to connect the devices. ### Devices - An end device is either the source or destination of a message transmitted over the network - to distinguish one end device from another, each end device on a network is identified by an address. - Intermediary devices connect the individual end devices to the network and provide connectivity and ensure that data flows across the network. ### Network Components - Services include many of the common network applications people use every day, like email hosting services and web hosting services. - Processes provide the functionality that directs and moves the messages through the network. Processes are less obvious to us but are critical to the operation of networks. ### Network Components - Data originates with the end device flows through the network (intermediate devices) and arrives at an end device ### Network Media - Metallic wires within cables - data is encoded into electrical impulses - Glass or plastic fibers (fiber optic cable) - data is encoded as pulses of light - Wireless transmission - data is encoded using wavelengths from the electromagnetic spectrum ### Types of Networks - The two most common types of network infrastructures are: - Local Area Network (LAN) - Wide Area Network (WAN) - Other types of networks include: - Metropolitan Area Network (MAN) - Wireless LAN (WLAN) - Storage Area Network (SAN) ### Local Area Networks (LAN) - Network infrastructure that provides access to users and end devices in a small geographical area ### Wide Area Networks (WAN) - LANs separated by geographic distance are connected by a network known as a WAN. - typically owned and managed by a telecommunications service provider. ### The Internet - LANs use WAN services to interconnect. ### Intranet - refers to a private connection of LANs and WANs that belongs to an organization, and is designed to be accessible only by the organization's members, employees, or others with authorization. ### Extranet to provide secure and safe access to individuals who work for a different organization, but require access to the organization's data. ### Internet Access Technologies - Internet Service Provider (ISP) - Broadband cable - Broadband Digital Subscriber Line (DSL) - Wireless WANS - Mobile Services - Business DSL - Leased Lines - Metro Ethernet ### Home and Small Office Internet Connections - Cable - Typically offered by cable television service providers, the data signal is carried on the same cable that delivers cable television. It provides a high bandwidth, always on, connection to the Internet. - DSL - Digital Subscriber Lines provide a high bandwidth, always on, connection to the Internet. DSL runs over a telephone line. In general, small office and home office users connect using Asymmetrical DSL (ADSL), which means that the download speed is faster than the upload speed. - Cellular - Cellular Internet access uses a cell phone network to connect. Wherever you can get a cellular signal, you can get cellular Internet access. Performance will be limited by the capabilities of the phone and the cell tower to which it is connected. - Satellite - The availability of satellite Internet access is a real benefit in those areas that would otherwise have no Internet connectivity at all. Satellite dishes require a clear line of sight to the satellite. - Dial-up Telephone - An inexpensive option that uses any phone line and a modem. The low bandwidth provided by a dial-up modem connection is usually not sufficient for large data transfer, although it is useful for mobile access while traveling. ### Business Internet Connections - Dedicated Leased Lines - Leased lines are actually reserved circuits within the service provider's network that connect geographically separated offices for private voice and/or data networking. The circuits are typically rented at a monthly or yearly rate. They can be expensive. - Ethernet WAN - Ethernet WANs extend LAN access technology into the WAN. Ethernet is a LAN technology you will learn about in a later chapter. The benefits of Ethernet are now being extended into the WAN. - DSL - Business DSL is available in various formats. A popular choice is Symmetric Digital Subscriber Lines (SDSL) which is similar to the consumer version of DSL, but provides uploads and downloads at the same speeds. - Satellite - Similar to small office and home office users, satellite service can provide a connection when a wired solution is not available. ### New Trends - Top trends include: - Bring Your Own Device (BYOD) - Online collaboration - Video communications - Cloud computing - SDN – Software - Defined Networks - Internet of Things -IoT ### Bring Your Own Device - The concept of any device, to any content, in any manner, is a major global trend that requires significant changes to the way devices are used. - BYOD is about end users having the freedom to use personal tools to access information and communicate across a business or campus network. Gives more flexibility and opportunities but creates security concerns ### Online Collaboration - Defined as "the act of working with another or others on a joint project.' - Collaboration tools give employees, students, teachers, customers, and partners a way to instantly connect, interact, and achieve their objectives. - Example - Collaborate used in FOL ### Video Communication - Video is being used for communications, collaboration, and entertainment. It is a powerful tool for communicating with others at a distance, both locally and globally. ### Cloud Computing - Trend changing the way we access and store data. - Cloud computing allows us to store personal files, even backup our entire hard disk drive on servers over the Internet. Applications such as word processing and photo editing can be accessed using the Cloud. - For businesses, Cloud computing extends IT's capabilities without requiring investment in new infrastructure, training new personnel, or licensing new software. - These services are available on demand and delivered economically to any device anywhere in the world ### SDN -Software Defined Networks - SDN is meant to address the fact that the static architecture of traditional networks doesn't support the dynamic, scalable computing and storage needs of more modern computing environments - This is done by decoupling the system that makes decisions about where traffic is sent (the control plane) from the underlying systems that forward traffic to the selected destination (the data plane) ### Internet of Things - IoT - Today, more than 99% of things in the physical world are still not connected to the Internet. - But a phenomenon called "The Internet of Things" will wake up everything you can imagine. - By 2020, 50 billion intelligent things will be connected to the Internet. - The Internet of Things connects the physical world to the Internet. - Using microsensors on the network, everyday objects become connected and intelligent. - IoT is the inter-networking of physical devices (smart devices) which enables these objects to collect and exchange data. More direct integration of the physical world into computer-based systems results in improved efficiency, accuracy and economic benefit with reduced human intervention and more security issues. ### Reliable Networks - Networks must support a wide range of applications and services, as well as operate over many different types of cables and devices, which make up the physical infrastructure. - There are four basic characteristics that the underlying architectures need to address in order to meet user expectations ### Fault Tolerance - The expectation is that the Internet is always available to the millions of users who rely on it. This requires a network architecture that is built to be fault tolerant. A fault tolerant network is one that limits the impact of a failure, so that the fewest number of devices are affected. It is also built in a way that allows quick recovery when such a failure occurs. ### Scalability - A scalable network can expand quickly to support new users and applications without impacting the performance of the service being delivered to existing users. Networks are scalable because the designers follow accepted standards and protocols. ### Quality of Service - Quality of Service, managed by the router, ensures that priorities are matched with the type of communication and its importance to the organization. - Applications such as voice and live video transmissions, create higher expectations for the quality of the delivered services. QoS is a primary mechanism for managing congestion to ensure reliable delivery. When simultaneous communications are attempted across the network, the demand for network bandwidth can exceed its availability, creating network congestion. With a QoS policy in place, the router can manage the flow of data and voice traffic, giving priority to voice communications if the network experiences congestion. ### Security - Administrators can protect the network with software and hardware security and by preventing physical access to network devices. - Security measures protect the network from unauthorized access. - There are two types of network security concerns that must be addressed: network infrastructure security and information security. ### Threats to Networks - Must be able to secure data while still allowing for the quality of service that is expected - Securing a network involves protocols, technologies, devices, tools, and techniques to secure data and mitigate threats - Threat vectors may be external or internal – important to address both - Many external network security threats today are spread over the Internet ### Internal Threats - Many studies show that the most common data breaches happen because of internal users of the network - can be attributed to lost or stolen devices, accidental misuse by employees, and in the business environment, even malicious employees. - With the evolving BYOD strategies, corporate data is much more vulnerable. ### External Threats - The most common external threats to networks include: - Viruses, worms, and Trojan horses - malicious software and arbitrary code running on a user device - Spyware and adware - software installed on a user device that secretly collects information about the user - Zero-day attacks, also called zero-hour attacks - an attack that occurs on the first day that a vulnerability becomes known - Hacker attacks - an attack by a knowledgeable person to user devices or network resources - Denial of service attacks - attacks designed to slow or crash applications and processes on a network device - Data interception and theft - an attack to capture private information from an organization's network - Identity theft - an attack to steal the login credentials of a user in order to access private data ### Security Solutions - No single solution can protect the network from the variety of threats that exist - security should be implemented in multiple layers, using more than one security solution - Antivirus and antispyware - Firewall filtering - Access control lists (ACL) - Dedicated firewall systems - Intrusion prevention systems (IPS) - Virtual Private Networks (VPNs) - End Point Security - Content Security ### Network Equipment ### Network interface card ### Switch - 48 10/100/1000 PoE+ switch ports with 370W available PoE power - RJ-45 console port - USB mini-Type B (console) port - USB Type A port - Ethernet management port - Mode button and switch LEDs ### Router - EHWIC slots 0, 1, 2, and 3 (0, Far right) - Aux port - USB serial port - CompactFlash 0 and 1 - 10/100/1000 Ethernet port (GE0/0) - Ground - RJ-45 serial console port - USBO and USB1 (1, Top) - 10/100/1000 Ethernet ports (GE0/1) ### Network Layouts - Logical & Physical Layout - Logical – how they connect - Physical - where they are - Logical connections not obvious ### Topology Diagrams - **Physical Topology** - The topology of a network is the arrangement or relationship of the network devices and the interconnections between them. - **Physical topology** - refers to the physical connections and identifies how end devices are interconnected. ### Logical Topology - Refers to the way a network transfers frames from one node to the next. - These logical signal paths are defined by data link layer protocols which offer different access control methods ### LAN Physical Topologies - Physical topology defines how the end systems are physically interconnected. - In shared media LANs, end devices can be interconnected using the following physical topologies: - Star topology - Extended star topology - Bus topology - Ring topology ### LAN Physical Topologies - Star - End devices are connected to a central intermediate device. Early star topologies interconnected end devices using Ethernet hubs. However, star topologies now use Ethernet switches. The star topology is easy to install, very scalable (easy to add and remove end devices), and easy to troubleshoot. - Extended Star - In an extended star topology, additional Ethernet switches interconnect other star topologies. - Bus - All end systems are chained to each other and terminated in some form on each end. Infrastructure devices such as switches are not required to interconnect the end devices. Bus topologies using coax cables were used in legacy Ethernet networks because it was inexpensive and easy to set up. - Ring - End systems are connected to their respective neighbor forming a ring. Unlike the bus topology, the ring does not need to be terminated. Ring topologies were used in legacy Fiber Distributed Data Interface (FDDI) and Token Ring networks ### WAN Physical Technologies - Point-to-Point - This is the simplest topology that consists of a permanent link between two endpoints. For this reason, this is a very popular WAN topology. - Hub and Spoke - A WAN version of the star topology in which a central site interconnects branch sites using point-to-point links. - Mesh - This topology provides high availability, but requires that every end system be interconnected to every other system. Therefore the administrative and physical costs can be significant. Each link is essentially a point-to-point link to the other node. Variations of this topology include a partial mesh where some but not all of end devices are interconnected. ### Network Representations - Diagrams of networks often use symbols to represent different devices and connections. - End Devices - Desktop Computer - Laptop - Printer - IP Phone - Wireless Tablet - TelePresence - Endpoint - Intermediary Devices - Wireless Router - LAN Switch - Multilayer Switch - Firewall Appliance - Router - Network Media - Wireless Media - LAN Media - WAN Media ### Install Tools - Wireshark program - Packet Tracer - from the Cisco Academy (www.netacad.com)

Use Quizgecko on...
Browser
Browser