Professional Documents
Culture Documents
Network Fundamentals
01 | Understanding Local Area Networking
02 | Defining Networks with the OSI Model
03 | Understanding Wired and Wireless Networks
04 | Understanding Internet Protocol (IP)
05 | TCP/IP Tools
06 | Network Services
07 | Understanding Wide Area Networks
08 | Defining Network Infrastructure and Security
Setting Expectations
• Target Audience
• IT Help Desk staff interested in moving into Network/Systems Administration
• Anyone interested in learning more about networking
• Suggested Prerequisites/Supporting Material
• Exam 98-349: Windows Operating System Fundamentals
Understanding Local Area Networking
Module 1
Objectives
Skills/Concepts Objective Domain Objective Domain
Description Number
Examining Local Area Understand local area 1.2
Networks, Devices and networks (LANS)
Data Transfers
Identifying Network Understand network 1.5
Topologies and topologies and access
Standards methods
Network components and Terminology
• Data • Switch
• Node • Router
• Client • Media
• Server • Transport Protocol
• Peer • Bandwidth
• Network adapter
• Hub
Local Area Network
frame
preamble crc
(8 bytes) (4 bytes)
Centralized Computing
• Computing is done at a central location using terminals that are
attached to this main system
• Mainframes are a powerful computer and the rest of the devices
connected to the computer are known as terminals (or dumb
terminals)
• Each terminal consisted solely of a keyboard and display with no
processing power
Client/Server Model
• The client/server model is an architecture that distributes applications
between servers and client computers
• Server: System that provides services such as Windows Server 2008 R2
• Client: Device that requests services such as Windows 7
Peer-to-Peer Networking
• Peer-to-peer networking distributes applications or workloads between
computers
• Peers are both service providers and service requestors
Distributed Computing
• Distributive computing includes both client-server and peer-to-peer
networks
• Every device or workstation has its own processing power
Remote Desktop Services and Remote Sessions
• Centralized computing has made a comeback of sorts. Remote
Desktop Services and remote sessions to computers are based off of
the centralized computing model
• Thin-client computers do not have a hard drive and store an operating
system in RAM, to be loaded up every time the device is turned on
• All other applications and data are stored centrally, this system is a
blend of centralized and distributive computing
Servers
• More powerful computers that provide centralized services:
• File
• Print
• Database
• Network controller
• Messaging/Email
• Web
Client and Server Operating Systems
Client Operating Systems Server Operating Systems
Windows 8 Windows Server 2012
Windows 7 Windows Server 2008 R2
Windows Server 2008
Windows Vista Windows Server 2003
Windows XP
Windows 2000 Professional Windows 2000 Server
Windows NT 4.0 Workstation Windows NT 4.0 Server
Windows ME/98/95
P2P
• Peer-to-peer or P2P has recently taking on an additional meaning
• P2P can also refer to file sharing networks
• Examples of file sharing networks
• Napster
• Gnutella
• G2
Module 2
Objectives
Skills Concepts Objective Domain Objective Domain
Description Number
International
Organization for
Standardization (ISO) –
Federation of standards
organizations from multiple
nations
Open Systems Interconnection (OSI)
• The Open Systems Interconnection (OSI) reference model is used to
define how data communication occurs between devices
• The model is divided into 7 layers, each layer providing services to the
layers above and below
Layer Defines
Layer 7 – Application Layer Enables users and applications to access network services
Layer 6 – Presentation Layer Translates data into a common format
Layer 5 – Session Layer Establishes a communication session between devices
Layer 4 – Transport Layer Manages message fragmentation and reassembly
Layer 3 – Network Layer Manages data routing and creating sub networks
Layer 2 – Data Link Layer Provides error-free transfer of data frames
Layer 1 – Physical Layer Physical network media and signal methods
OSI Model Layers
The Wire
Layer 1 – Physical Layer
• Defines the physical and electrical medium for data transfer
• Physical layer components: cables, jacks, patch panels, punch blocks,
hubs, and MAUs
• Physical layer concepts: topologies, analog versus digital/encoding, bit
synchronization, baseband versus broadband, multiplexing, and serial
data transfer
• Unit of measurement: Bits
Ethernet Standards
• LAN standard providing a communication method for high speed data
exchange among devices
• Defined Physical and Data Link Layer
• 100BASE-T
• 100 for 100 Mbps
• BASE for baseband
• T for twisted-pair cabling
• Baseband refers to the fact that devices on the network use digital
signaling over a single frequency
• Broadband systems use analog signaling over a range of frequencies
enabling multiple channels over the same physical medium
Layer 2 – Data Link Layer
• Establishes, maintains, and decides how transfer is accomplished over
the physical layer and ensures error-free transmission over the physical
layer
• Physical addresses (the hexadecimal address that is burned into the
ROM of the NIC), known as the MAC address uniquely identify each
hardware device work at the Data Link Layer
• Data Link Layer components: network interface cards and bridges
• Unit of measurement: frames
Media Access Control Address
• Network adapters on an Ethernet network have unique Media Access
Control (MAC) addresses
• MAC addresses are unique identifiers assigned to network adapters by
the manufacturer
• MAC address is six octets in length written in hexadecimal
Layer 2 Switches
• Layer 2 switches are hardware-based and use the MAC address of each
host computer’s network adapter when deciding where to direct data
frames
• Ports on the switch are mapped to the specific MAC address of the
device attached
Virtual LAN (VLAN)
• Layer 2 switching can also allow for a virtual LAN (VLAN) to be
implemented.
• A VLAN is implemented to segment and organize the network, to
reduce collisions, boost performance
• IEEE 802.1Q is the standard that supports VLANs
• A tag is added to the data frame to identify the VLAN
Layer 3 – Network Layer
• Controls the operations of routing and switching information to
different networks
• Translates logical addresses or names to physical addresses
• Internet Protocol (IP) is a Network Layer protocol
• Devices that work at the network layer are routers and IP switches
• Network Layer components: IP addresses, subnets
• Unit of measurement: packets
Layer 3 Switches
• Switches can also reside on the network layer
• A layer 3 switch determines paths for data using logical addressing (IP
addresses) instead of physical addressing (MAC addresses for a layer 2
switch)
• Layer 3 switches forward packets, whereas layer 2 switches forward
frames
Layer 4 – Transport Layer
• This layer ensures messages are delivered error-free, in sequence and
with no losses or duplications
• Protocols that work at this layer segment messages, ensure correct
reassembly at the receiving end, perform message acknowledgement
and message traffic control
• The Transport Layer contains both connection-oriented and
connectionless protocols
• Unit of measurement used: segments or messages
Connection Oriented Communications
• Require both devices involved in the communication establish an end-
to-end logical connection before data can be sent
• These communications are considered reliable network services
• Packets not received by the destination device can be resent by the
sender
Hello! I am a
PC
Hello! I am a
Server!
I want to send
you something
important!
Ok, I will
watch for it!
Connectionless Communications
• End-to-end connection is not necessary before data is sent
• Every packet that is sent has the destination address in the header
• Sufficient to move independent packets, such as in streaming media
• Datagram delivery is not guaranteed and lost packets cannot be resent
LISTEN TO ME!!!
AAAaaaahhh!!!!….
Connection-based Protocols
• The Transport Layer contains both connection-oriented and
connectionless protocols
• Transmission Control Protocol (TCP) provides a connection-based,
reliable, byte-stream service to programs
• User Datagram Protocol (UDP) provides a connectionless, unreliable
transport service
TCP and UDP
• TCP transport is used for logging on, file and print sharing, replication
of information between domain controllers, transfer of browse lists, and
other common functions. TCP can only be used for one-to-one
communications.
• UDP is often used for one-to-many communications, using broadcast
or multicast IP datagrams
Network Interface Details how data is physically sent through Ethernet, Token Ring, Frame
the network Relay
OSI Model compared to TCP Model
Lesson 3
Objectives
• Crossover cable
• Used to direct connect similar devices without the use of a hub
MDI and MDI-X Ports
• Medium dependent interface (MDI) is a type of Ethernet port connection
using twisted pair cabling
• For computers to communicate with other devices, the wires have to cross
somewhere
• Instead of using crossover cables to connect computers to central
connecting devices such as switches, these central connecting devices are
equipped with MDI-X ports (medium dependent interface crossover),
which take care of the cross
Patch Panel and RJ45 Wall Jack
Tools
• The tools necessary to make the connections between patch panels
and RJ45 jacks include a cutting tool, a wire stripper, a punch down
tool, and a testing device known as a continuity tester, which tests all of
the pins of a connection one by one.
Attenuation:
The quantity of information reaching the receiver as compared to the
transmitted quantity of information
• Electrical Sources
• Lights
• Electrical Outlets
• Motors
• Appliances
• Copper-based cables and network devices should be kept away from
these electrical devices and cables if at all possible
Electromagnetic Interference (EMI)
• Electromagnetic Interference (EMI) disturbance can affect electrical
circuits, devices, and cables due to electromagnetic conduction and
possibly radiation
• Any type of electrical device causes EMI: TVs, air conditioning units,
motors, unshielded electrical cables (Romex)
• Copper-based cables and network devices should be kept away from
these electrical devices and cables to prevent network communication
issues
Radio Frequency Interference (RFI)
• This is interference that can come from AM/FM transmissions and cell
phone towers
• It is often considered part of the EMI family and is sometimes even
referred to as EMI
• Filters can be installed on the network to eliminate the signal frequency
being broadcast by a radio tower, although this will usually not affect
standard wired Ethernet networks
Crosstalk
When the signal that is transmitted on one copper wire or pair of wires
creates an undesired effect on another wire or pair of wires
• Multi-mode
• Cable with a larger fiber core, capable of carrying multiple rays of light.
• This type of cable is used for shorter distance runs, up to 600 meters.
• Though much shorter than single mode fiber runs, this is still six times the distance of twisted-pair cable runs.
• Less expensive equipment
Fiber Optic Cables
Wireless Networks
• Enables connection to the network without using a wired connection
• Provide a degree of portability
• Extend connectivity to a pre-existing wireless network and could be
used to connect entire local area networks to the Internet
• Some wireless devices can be connected directly to each other in a
point-to-point fashion
Wireless Network Adapters
• Wireless network adapters enable connectivity between a desktop
computer or laptop and the wireless access point
• These network adapters come in a variety of shapes and sizes,
including USB, PC Card, and as an internal PCI or PCI Express adapter
card
Wireless Access Point
• A wireless access point (WAP) enables wireless devices to connect to a
wired network
• A wireless router can also acts as a router, firewall, and IP proxy
Wireless Modes
• There several different methods to connect to a wireless network
• Infrastructure – the mode used when wireless clients connect to and are authenticated by a wireless
access point
• Ad-hoc – used when all of the clients communicate directly with each other
Wireless LAN (WLAN)
• Wireless LAN or WLAN is a network composed of at least one WAP
and a computer or handheld device that connect to the WAP
• Usually these networks are Ethernet based, but they can be built on
other networking architectures
• In order to ensure compatibility, the WAP and other wireless devices
must all use the same IEEE 802.11 WLAN standard
• Wireless Fidelity (WiFi ) is a trademark to brand products that belong
to the category of WLAN devices
Other wireless devices
• Wireless Repeater
• used to extend the coverage of a wireless network
• Wireless Bridge
• A wireless bridge is similar to a wireless repeater, but the bridge can connect different 802.11 standards together;
this is known as bridge mode.
WLAN Standards
IEEE 802.11 Standard Data Transfer Rate Frequency
(Max.)
Module 4
Objectives
• Private IP addresses are hidden from the Internet and any other
networks
• Usually behind an IP proxy or firewall device
• Private Address
Class Start of Range End of Range
A 10.0.0.0 10.255.255.255
B 172.16.0.0 172.31.255.255
C 192.168.0.0 192.168.255.255
Static and Dynamic Addresses
• Static IP address are addresses that are manually assigned to a host
• Dynamic IP addresses are more common than static IP addresses,
whereas they automatically obtain an IP address (and other IP
information)
APIPA
• APIPA is an acronym for Automatic Private IP Addressing
• It uses a single Class B network number: 169.254.0.0
• If a Windows client cannot get an IP address from a DHCP server and
has not been configured statically, it will auto-assign a number on this
network
Default Gateway and DNS Server
• For a device to communicate on the Internet, a default gateway and
DNS server must be assigned
• Default gateway – Provides a default route for TCP/IP hosts to use when
communicating with hosts on remote networks
The first IP address of the device that a client computer will look for
when attempting to gain access outside the local network
• DNS Server – The server that provides name resolution of domain
names to IP addresses
DEMO: IP Address Properties, Default Gateway and
DNS Server
Network Address Translation
• Network address translation (NAT) provides a method for translating IPv4
addresses of devices on one network into IPv4 addresses of devices on a
different network
• NAT was developed to provide a temporary solution to the IPv4 address
issue
• Enables one address space (private) to be re-mapped to another address
space, or perhaps re-mapped to a single public IP address
Network Address Translation
Network Address Translation (NAT) is the process of
modifying IP address information in IPv4 headers
while in transit across a traffic routing device
192.168.0.10
192.168.0.11
192.168.0.255 56.72.210.7
Network Address Translation
Subnetting
• Subnetting is the subdivision of your logical IP network
• By default, all computers are on one subnet or network with no divisions
involved.
• My modifying the default subnet mask, you can subnet your network into
multiple smaller networks.
Lesson 5
Objectives
Skills/Concepts Objective Domain Objective Domain
Description Number
Using basic TCP/IP Understanding TCP/IP 3.6
commands
Working with advanced Understanding TCP/IP 3.6
TCP/IP commands
Common TCP/IP Tools (with Demos)
• command prompt
• ipconfig
• ping
• Tracert
Command Prompt
• The Windows command prompt is Microsoft’s version of a command-line
interface or CLI
• Running the command prompt as an Administrator is also known as
running it in elevated mode
• Tools can be run using the command prompt
ipconfig
• Displays the current configuration of the installed IP stack on a
networked computer using TCP/IP
• The /all switch can be used to view additional details about each
adapter
• Can be used to refresh Dynamic Host Configuration Protocol (DHCP)
and Domain Name System (DNS) settings
ping
• Verifies IP-level connectivity to another TCP/IP device by sending
Internet Control Message Protocol (ICMP) Echo Request messages
• A number of switches can accommodate different testing scenarios
• Can be used to test IPv4 and IPv6 connectivity
• Netstat • Netsh
• NbtStat • Route (-print)
• PathPing • Net
• Nslookup • Telnet
Netstat
• Displays active TCP connections, ports on which the computer is
listening, Ethernet statistics, the IP routing table, IPv4 statistics (for the IP,
ICMP, TCP, and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6,
TCP over IPv6, and UDP over IPv6 protocols)
• Used without parameters, netstat displays active TCP connections
NbtStat
• Displays NetBIOS over TCP/IP (NetBT) protocol statistics for local and
remote computers, NetBIOS name tables for both the local computer
and remote computers, and the NetBIOS name cache
• NetBIOS was developed in the 1980s to allow applications to
communicate over a network using the session layer of the OSI model
• NetBIOS establishes logical names on the network, establishes sessions
between two logical names on the network, and supports reliable data
transfer between computers that have established a session
• NetBIOS over TCP/IP sends the NetBIOS protocol within TCP and UDP
sessions
PathPing
• A command-line route tracing tool that combines features of the tools
Ping and TraceRt that includes additional information
• PathPing sends packets to each router on the way to a final destination
over a period of time, and then computes results based on the packets
returned from each hop
• PathPing can show the degree of packet loss at any specified router or
link enabling you to pinpoint links that might be causing network
problems
Nslookup
• Displays information that you can use to diagnose Domain Name
System (DNS)
• The Nslookup command-line tool is available only if you have
installed the TCP/IP protocol
• You should be familiar with DNS before using this tool
Netsh
• A command-line scripting utility that enables you to display or
modify the network configuration of a computer currently
running
• Command works on local or remote computers
• Provides a scripting feature that allows you to run a group of
commands in batch mode against a specified computer
• Enables you to save a configuration script in a text file for
archival purposes or to help you configure other servers
Route
• Displays and modifies the entries in the local IP routing table
• The Route Print command can be used to display routing table for a
Windows machine
This command gives the same result as netstat –r, but it is more commonly used
• The Route command can also be used to add and delete static routes
Net
• Many services use networking commands that begin with the
word net
• Although not specifically part of the TCP/IP command set, the net
command can display various important networking data, and it
enables you to configure various networking options such as services
Telnet
• The telnet commands enables you to communicate with a remote
computer that is using the Telnet protocol
• You can run telnet without parameters in order to enter the telnet context,
indicated by the Telnet prompt (telnet>)
• From the Telnet prompt, use the following commands to manage a
computer running Telnet Client
• A network administrator can connect to a remote computer, server, router,
or switch by typing telnet [IPAddress].
• Telnet is an older, out-of-date protocol, and as such, it should be replaced
with a more secure program such as SSH.
• It can also be used for troubleshooting by adding a port number
• telnet server01 25
Summary
• You have learned basic TCP/IP commands and their functionality.
• You have learned how to use advanced TCP/IP commands.
Additional Resources & Next Steps
Instructor-Led Courses
• 40033A: Windows Operating System and Windows
Server Fundamentals: Training 2-Pack for MTA
Exams 98-349 and 98-365 (5 Days)
• 40349A: Windows Operating System Fundamentals:
MTA Exam 98-349 (3 Days)
• 40032A: Networking and Security Fundamentals:
Training 2-Pack for MTA Exams 98-366 and 98-367
(5 Days)
• 40366A: Networking Fundamentals: MTA Exam 98-
Books 366
• Exam 98-366: MTA
Exams &
Networking Certifications
Fundamentals (Microsoft • Exam 98-366:
Official Academic Networking
Course) Fundamentals
Network Services
Lesson 6
Objectives
Skills/Concepts Objective Domain Objective Domain
Description Number
Setting up common Understanding network 3.5
networking services services
Defining more network Understanding network 3.5
services services
Defining Name Understand Name 3.4
Resolution Techniques Resolution
DHCP
• Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that
enables configured client computers to obtain IP addresses automatically
• The IP information obtained might include the following:
• IP addresses
• Subnet masks
• Gateway addresses
• DNS server addresses
• Other advanced options
• The DHCP Server service provides the following benefits:
• Reliable IP address configuration
• Reduced network administration
DHCP Server
• Before a DHCP server can start leasing IP addresses to client computers, the
following steps must be performed:
1. Install the DHCP service
2. Configure an IP scope
3. Activate the scope
4. Authorize the server
5. Configure advanced IP options (optional)
DEMO: Install and view the DHCP Service (and console)
DORA
• DHCP sessions use a four-step process known as DORA.
• Discovery: The client sends a broadcast to the network to find a DHCP server
• Offer: The DHCP server sends a unicast “offering” of an IP address to the client
• Request: The client broadcasts to all servers that it has accepted the offer
• Acknowledge: The DHCP server sends a final unicast to the client that includes the
IP information the client will use
• DHCP utilizes ports 67 and 68
Hey, are there any DHCP
Servers here? (DHCPDiscover)
Yes, I am a DHCP Server, and here is
an IP Address for you (DHCPOffer)
Internet/ISP
DEMO: Install and view Routing and Remote Access
Internet Protocol Security (IPSec)
• Protocol within the TCP/IP suite that encrypts and authenticates IP packets
• Ensures private, secure communications over Internet Protocol (IP)
networks, through the use of cryptographic security services
• Designed to secure any application traffic because it resides on the
network layer (or Internet layer for the TCP/IP reference model)
• Used in conjunction with virtual private networks and is an integral part of
IPv6
• IPsec has been defined to work in two different modes:
• Tunnel mode is most often used for site-to-site VPN connections
• Transport mode is most often used for securing IP traffic on private networks
IPSec Protocol Types
Protocol Requirement Usage
Authentication The data and the header need to Use for data integrity in situations where data is not
Header (AH) be protected from modification secret but must be authenticated — for example, where
and authenticated, but remain access is enforced by IPSec to trusted computers only, or
readable. where network intrusion detection, QoS, or firewall
filtering requires traffic inspection.
Encapsulating Only the data needs to be Use when data must be kept secret, such as file sharing,
Security Payload protected by encryption so it is database traffic, RADIUS protocol data, or internal Web
(ESP) unreadable, but the IP addressing applications that have not been adequately secured by
can be left unprotected SSL.
Both AH and The header and data, respectively, Use for the highest security. However, there are very few
ESP need to be protected while data is circumstances in which the packet must be so strongly
encrypted. protected. When possible, use ESP alone instead.
DNS
• Domain Name System (DNS) is a worldwide service that resolves host
names to IP addresses
• DNS architecture is a hierarchical distributed database and an
associated set of protocols that define:
• A mechanism for querying and updating the database
• A mechanism for replicating the information in the database among servers
• A schema of the database
Instructor-Led Courses
• 40033A: Windows Operating System and Windows
Server Fundamentals: Training 2-Pack for MTA
Exams 98-349 and 98-365 (5 Days)
• 40349A: Windows Operating System Fundamentals:
MTA Exam 98-349 (3 Days)
• 40032A: Networking and Security Fundamentals:
Training 2-Pack for MTA Exams 98-366 and 98-367
(5 Days)
• 40366A: Networking Fundamentals: MTA Exam 98-
Books 366
• Exam 98-366: MTA
Exams &
Networking Remote Desktop Poster Certifications
Fundamentals (Microsoft • http://www.microsoft.com/en- • Exam 98-366:
Official Academic us/download/confirmation.aspx?id=32 Networking
Course) 62 Fundamentals
Understanding Wide Area Networks
Lesson 7
Objectives
Skills/Concepts Objective Domain Objective Domain
Description Number
Understanding routing Understanding routers 2.2
Defining common WAN Understanding wide area 1.3
technologies and networks (wan’s)
connections
Routing
• Routing is the process of managing the flow of data between network
segments and between hosts or routers
• Data is sent along a path according to the IP networks and individual
IP addresses of the hosts
• A router is a network device that maintains tables of information about
other routers on the network or internetwork
Static and Dynamic Routing
• A static route is a path that is manually configured and remains
constant throughout the router’s operation
• A dynamic route is a path that is generated dynamically by using
special routing protocols
Static Dynamic
Dynamic Routing
• Dynamic routing method has two conceptual parts:
• Routing protocol used to convey information about the network environment
• Routing Algorithm that determines paths through the network
AS
BGP
AS
RIP RIP
OSPF OSPF
DEMO: Configuring RRAS Server (verify RIP)
Wide Area Network
• Wide area networks (WANs) connect multiple local area networks
together
• WANs connect multiple LANs that can include a home, school, or
buildings
• WANs enable network to function without concern to a location
• WAN technologies can include:
• Packet Switching: Devices transport packets via shared links
• Leased Line: Dedicated point to point connection
• Circuit Switching: Dedicated circuit path is created between end points (dial up)
• Cell Relay: Similar to packet switching but uses fixed packet lengths
Packet Switching
• WANs utilize some type of packet switching technology
• Packet switching services include X.25 and Frame Relay
• Before packet switching, technology such as direct dial-up connections
was used
X.25
• X.25 communications protocol was one of the first implementations of
packet switching
• Data Terminal Equipment (DTEs) or a network device, connect to Data
Communications Equipment (DCEs), a modem is a DCE enabling
communication to the X.25 network
• Dummy terminals can connect to the network using Packet
Assembler/Disassembler (PADs) which connect to the DCE
Level 3 – DS3 44.736 Mbps (T3: 672 32.064 Mbps (J3: 34.368 Mbps (E3: 512 user
user channels) 480 user channels) channels)
Level 4 – DS4 274.176 Mbps (T4: 4032 97.728 Mbps (J4: 139.264 Mbps (E4: 2048
user channels) 1440 user channels) user channels)
ISDN
A digital technology developed to offer faster communication speed than
an analog telephone line
Instructor-Led Courses
• 40033A: Windows Operating System and Windows
Server Fundamentals: Training 2-Pack for MTA
Exams 98-349 and 98-365 (5 Days)
• 40349A: Windows Operating System Fundamentals:
MTA Exam 98-349 (3 Days)
• 40032A: Networking and Security Fundamentals:
Training 2-Pack for MTA Exams 98-366 and 98-367
(5 Days)
• 40366A: Networking Fundamentals: MTA Exam 98-
Books 366
• Exam 98-366: MTA
Exams &
Networking Certifications
Fundamentals (Microsoft • Exam 98-366:
Official Academic Networking
Course) Fundamentals
Defining Network Infrastructure and Security
Lesson 8
Objectives
Skills/Concepts Objective Domain Objective Domain
Description Number
Understanding networks Understanding the 1.1
outside the LAN concepts of the Internet,
Intranet and Extranet
Understanding Security Understanding the 1.1
Devices and Zones concepts of the Internet,
Intranet and Extranet
Internet
• The Internet is a worldwide system of connected computer networks
• Devices that connect to the Internet use the TCP/IP protocol suite
• The Internet contains a lot of information, resources and services:
• World Wide Web (WWW) servers hosting content
• Supporting infrastructure for email
• Connectivity for peer-to-peer networks
Internet
World Wide Web
• The World Wide Web (WWW) is an enormous system of interlinked
hypertext documents that can be accessed by using a web browser
• Interlinked hypertext documents can contain text, graphics and videos
• Currently, the World Wide Web is in a stage known as Web 2.0
• Web 2.0 is an interactive type of web experience compared to the
previous version 1.0
Intranet
• An intranet is a private computer network or single Web site that an
organization implements in order to share data with employees
around the world
• User authentication is necessary before a person can access the
information in an intranet
• Ideally, this keeps the general public out, as long as the intranet is properly secured
Extranet
• An extranet is similar to an intranet except that it is extended to users
outside a company, and possibly to entire organizations that are
separate from or lateral to the company
• User authentication is still necessary, and an extranet is not open to the
general public
Public
Accessing Company Data
Remote Users
Partner
Internet/ISP
Popular VPN Protocols
• Point-to-Point Tunneling Protocol (PPTP): Encapsulates Point-to-Point
(PPP) frames into IP datagrams for transmission over an IP-based
network (data isn’t encrypted by default)
• Layer Two Tunneling Protocol with Internet Protocol Security
(L2TP/IPSec) is a combination of PPTP and Layer 2 Forwarding (L2F) a
technology from Cisco Systems, Inc, IPSec is used to encrypt the
message
Point-to-Point Tunneling Protocol
• PPTP allows multiprotocol traffic to be encrypted and then encapsulated
in an IP header to be sent across an IP network or a public IP network
• PPTP can be used for remote access and site-to-site VPN connections
• PPTP encapsulates PPP frames in IP datagrams for transmission
• PPTP uses a TCP connection for tunnel management and a modified
version of Generic Routing Encapsulation (GRE) to encapsulate PPP frames
• The payload of the encapsulated PPP frame can be encrypted,
compressed or both
Encrypted
IP Header GRE Header PPP PPP Payload (IP Datagram)
Header
PPP Frame
L2TP with IPSec
• L2TP allows multiprotocol traffic to be encrypted and then sent over any
medium that supports point-to-point datagram delivery
• L2TP relies on IPSec in Transport Mode for encryption services
• Encapsulation for L2TP/IPSec packets consists of two layers:
• L2TP Encapsulation: PPP frame is wrapped with an L2TP and UDP header
• IPSec Encapsulation: The L2TP message is wrapped with an IPSec Encapsulating Security Payload (ESP) header and
trailer, and an IPSec Authentication Trailer
Encrypted by IPSec
IP IPSec UDP L2TP PPP PPP Payload (IP Datagram) IPSec IPSec
Header ESP Header Heade Header ESP Auth
Header r Trailer Trailer
DEMO: Custom RRAS Configuration and show a VPN
connection
Firewalls
• Firewalls are used to help protect a network from malicious attack and
unwanted intrusion
• They are the most commonly used type of security device in an
organization’s perimeter
Security Devices and Zones
• Security devices such as firewalls are the Public
Remote Users
main defense for a company’s networks, Partner
whether they are LANs, WANs, intranets,
or extranets
• Perimeter networks help keep certain
information open to specific users or to
the public while keeping the rest of an
organization’s data secret
Packet Filtering
• Packet filtering inspects each packet that passes through the firewall
and accepts or rejects it based on a set of rules
• Stateless packet inspection does not retain memory of packets that have passed through the firewall
• Stateful packet inspection (SPI) maintain context about active sessions
NAT Filtering
• NAT filtering, also known as NAT endpoint filtering, filters traffic
according to ports (TCP or UDP)
• This can be done in three ways:
• Using basic endpoint connections
• Matching incoming traffic to the corresponding outbound IP address
connection
• Matching incoming traffic to the corresponding IP address and port
Application-Level Gateway
• Application-level gateway (ALG) supports address and port translation
and checks whether the type of application traffic is allowed
• It adds a layer of security; however, it is resource intensive
Circuit-Level Gateway
• Circuit-level gateway works at the session layer of the OSI model when
a TCP or UDP connection is established.
• Circuit-level filtering inspects sessions rather than connections or
packets
• Once the connection has been made, packets can flow between the
hosts without further checking
• Circuit-level gateways hide information about the private network, but
they do not filter individual packets
Proxy Server
• A proxy server acts as an intermediary between a LAN and the
Internet
• By definition, proxy means “go-between,” acting as such a mediator
between a private and a public network
• The proxy server evaluates requests from clients, and if they meet
certain criteria, forwards them to the appropriate server
Caching Proxy
• Caching proxy attempts to serve client requests without actually
contacting the remote server
• Although there are FTP and SMTP proxies among others, the most
common caching proxy is the HTTP proxy, also known as a web proxy,
which caches web pages from servers on the Internet for a set amount of
time
• This is done to save bandwidth on the company’s Internet connection and
to increase the speed at which client requests are carried out
IP Proxy
• IP proxy secures a network by keeping machines behind it anonymous
• It does this through the use of NAT
Internet Content Filter
• An Internet content filter, or simply a content filter, is usually applied as
software at the application layer and it can filter out various types of
Internet activities, such as access to certain Web sites, email, instant
messaging, and so on.
Network Intrusion Detection and Prevention
• A network intrusion detection system (NIDS) is a type of IDS that attempts to
detect malicious network activities (e.g., port scans and DoS attacks) by
constantly monitoring network traffic
• The NIDS will then report any issues that it finds to a network administrator as
long as it is configured properly
• A network intrusion prevention system (NIPS) is designed to inspect traffic,
and, based on its configuration or security policy, it can remove, detain, or
redirect malicious traffic in addition to simply detecting it
Perimeter Network
• A perimeter network is a small network that is set up separately from a company’s
private local area network and the Internet
• It is called a perimeter network because it is usually on the edge of a LAN, but DMZ
is an industry standard term
• A perimeter network allows users outside a company LAN to access specific
services located on the DMZ
• When the perimeter network is set up properly, those users are blocked from
gaining access to the company LAN
• The perimeter network might house a switch with servers connected to it that offer
web, email, and other services
Perimeter Network Configurations
• Back-to-back configuration: This configuration has the perimeter
network situated between two firewall devices, which could be black
box appliances or Microsoft Internet Security and Acceleration (ISA)
Servers
• 3-leg perimeter configuration: In this scenario, the perimeter network is
usually attached to a separate connection of the company firewall.
Therefore, the firewall has three connections—one to the company
LAN, one to the perimeter network, and one to the Internet
Summary
• How to differentiate between the Internet, intranets, and extranets.
• You have learned about firewalls and how to initiate port scans on them to
see whether they are locked down.
• Understand other perimeter devices and zones, such as proxy servers,
internet content filters, NIDS, NIPS, and a perimeter network.
Additional Resources & Next Steps
Instructor-Led Courses
• 40033A: Windows Operating System and Windows
Server Fundamentals: Training 2-Pack for MTA
Exams 98-349 and 98-365 (5 Days)
• 40349A: Windows Operating System Fundamentals:
MTA Exam 98-349 (3 Days)
• 40032A: Networking and Security Fundamentals:
Training 2-Pack for MTA Exams 98-366 and 98-367
(5 Days)
• 40366A: Networking Fundamentals: MTA Exam 98-
Books 366
• Exam 98-366: MTA
Exams &
Networking Remote Desktop Poster Certifications
Fundamentals (Microsoft • http://www.microsoft.com/en- • Exam 98-366:
Official Academic us/download/confirmation.aspx?id=32 Networking
Course) 62 Fundamentals