Professional Documents
Culture Documents
An access network is a user network that connects subscribers to a particular service provider
and, through the carrier network, to other networks such as the Internet.
Ethernet is the most commonly installed wired LAN (local area network) technology.
Ethernet LAN typically uses coaxial cable or special grades of twisted pair wires.
Wireless LANs allow mobile users to connect through a wireless (radio) connection.
Fibre optic networks such as fiber to the home (FTTH) use optical fiber from a
central point directly to individual buildings such as residences, apartment buildings
and businesses.
ADSL (Asymmetric Digital Subscriber Line) is a technology for
transmitting digital information at a high bandwidth on existing phone lines to homes
and businesses.
-Before network communications can occur, a physical connection to a local network must
be established.
-A physical connection can be a wired connection using a cable or a wireless connection using
radio waves.
NETWORK INTERFACE CARD
-Network Interface Cards (NICs) connect a device to a network.
-Electromagnetic interference (EMI) or radio frequency interference (RFI) - distorts and corrupts
the data signals being carried by copper media.
-To counter copper cables wrapped in shielding.
-Crosstalk - disturbance caused by the electric or magnetic fields of a signal on one wire to the
signal in an adjacent wire.
-To cancel crosstalk opposing circuit wire pairs twisted together
●UTP CABLING
PROPERTIES OF UTP CABLING
-Consists of four pairs of color-coded copper wires that have been twisted together and then
encased in a flexible plastic sheath.
-UTP cable does not use shielding to counter the effects of EMI and RFI.
•Cancellation: When two wires in an electrical circuit are placed close together, their magnetic
fields are the exact opposite of each other and cancel out any outside EMI and RFI signals.
•Varies the number of twists per wire pair to further enhance the cancellation effect of a paired
circuit
FIBER OPTIC CABLING
PROPERTIES OF FIBER OPTIC CABLING.
-Transmit signals with less attenuation and is completely immune to EMI and RFI.
-Flexible, but extremely thin, transparent strand of very pure glass, not much bigger than a
human hair.
WIRELESS LAN
Wireless LAN requires the following network devices:
•Wireless Access Point (AP): Concentrates the wireless signals from users and connects to the
existing copper-based network infrastructure, such as Ethernet.
•Wireless NIC adapters: Provide wireless communication capability to each network host.
Home and small business wireless routers integrate the functions of a router, switch, and access
point into one device6
What is network access control (NAC)
Network access control, also called network admission control, is a method to bolster the
security, visibility and access management of a proprietary network.
It restricts the availability of network resources to endpoint devices and users that comply with a
defined security policy.
The NAC can also provide endpoint security protection such as antivirus software, firewall,
and vulnerability assessment with security enforcement policies .
-NAC is one aspect of network security. It provides visibility into the devices and users trying to
access the enterprise network.
Pre-admission: evaluates access attempts and only allows entry to authorized devices
and users.
Post-admission: re-authenticates users trying to enter a different part of the network;
also restricts lateral movement to limit the damage from cyber attacks.
What is a network access server?
Many NAC functions are performed by a network access server.
A network access server can function in several ways, such as the following:
TYPES OF NAC
Pre-admission: evaluates access attempts and only allows entry to authorized devices
and users.
Post-admission: re-authenticates users trying to enter a different part of the network;
also restricts lateral movement to limit the damage from cyber attacks.
network access server
Many NAC functions are performed by a network access server. A traditional network
access server is a server that performs authentication and authorization functions by
verifying user logon information.
Also known as a media access gateway or remote access server, a network access server
handles remote logins, establishes point-to-point protocol connections and ensures that
authorized users can access the resources they need.
A network access server can function in several ways, such as the following:
Internet service provider: enables authorized customers to access the internet.
Virtual private network (VPN): gives remote users access to a private enterprise
network and resources.
Voice over Internet Protocol: allows users to access communication applications
over the internet.
Network access servers, also known as remote access servers, control remote logins,
ensure authorized users can access the resources they need and more.
What are the common use cases for network access control?
NAC tools are proactive and designed to stop unauthorized access before it happens.
They protect an organization’s network perimeter including the physical infrastructure,
devices, software, applications and cloud-based assets.
Bring Your Own Device: Protects from vulnerabilities created when employees use
their own devices or use company devices from remote locations.
Network access for non-employees (vendors or partners): NAC with VPN allows
external users to access the corporate network (or specific parts of it) through a secure
self-service portal.
Internet of things (IoT): Prevents cybercriminals from exploiting IoT devices
connected to the enterprise network but often overlooked in terms of security and
monitoring.
Incident response: Identifies compromised devices and automatically disables access
to prevent an attack from spreading across the network.
NAC tools are also useful for security and authentication in specific industrial use cases, such as
medical devices and healthcare systems.
FAULT TOLERANCE
Fault tolerance refers to the ability of a system (computer, network, cloud cluster, etc.) to
continue operating without interruption when one or more of its components fail.
The objective of creating a fault-tolerant system is to prevent disruptions arising from a
single point of failure, ensuring the high availability and business continuity of mission-
critical applications or systems.
Fault tolerance refers to how an operating system responds to and allows for software or
hardware malfunctions and failures.
An operating system’s ability to recover and tolerate faults without failing can be handled
by hardware, software, or a combined solution leveraging load balancers.
Some computer systems use multiple duplicate fault tolerant systems to handle faults
gracefully. This is called a fault tolerant network.
At the lowest level, the ability to respond to a power failure, for example.
A step up: during a system failure, the ability to use a backup system immediately.
Enhanced fault tolerance: a disk fails, and mirrored disks take over for it immediately.
This provides functionality despite partial system failure, or graceful degradation, rather
than an immediate breakdown and loss of function.
High level fault tolerant computing: multiple processors collaborate to scan data and
output to detect errors, and then immediately correct them.
Transactional log files that protect the Microsoft Windows registry and allow recovery
of hives
RAID 5 disk systems that protect against data loss
Uninterruptible power supply (UPS) to protect the system against primary power
failure
Fault tolerance can be built into a system to remove the risk of it having a single point of
failure.
To do so, the system must have no single component that, if it were to stop working
effectively, would result in the entire system failing.
Fault tolerance is reliant on aspects like load balancing and failover, which remove the
risk of a single point of failure.
It will typically be part of the operating system’s interface, which enables programmers
to check the performance of data throughout a transaction.
It follows two core models:
Normal functioning
This describes a situation when a fault-tolerant system encounters a fault but continues to
function as usual.
This means the system sees no change in performance metrics like throughput or response time.
Graceful degradation
Other types of fault-tolerant systems will go through graceful degradation of performance when
certain faults occur.
That means the impact the fault has on the system’s performance is proportionate to the fault
severity.
That is, a small fault will only have a small impact on the system’s performance rather than
causing the entire system to fail or have major performance issues.
Fault-tolerant systems also use backup components, which automatically replace failed
components to prevent a loss of service. These backup components include:
Hardware systems
Hardware systems can be backed up by systems that are identical or equivalent to them.
A typical example is a server made fault-tolerant by deploying an identical server that
runs in parallel to it and mirrors all its operations, such as the redundant array of
inexpensive disks (RAID), which combines physical disk components to achieve
redundancy and improved performance.
Software systems
Software systems can be made fault-tolerant by backing them up with other software.
A common example is backing up a database that contains customer data to ensure it can
continuously replicate onto another machine.
As a result, in the event that a primary database fails, normal operations will continue
because they are automatically replicated and redirected onto the backup database.
Power sources
Power sources can also be made fault-tolerant by using alternative sources to support
them.
One approach is to run devices on an uninterruptible power supply (UPS).
Another is to use backup power generators that ensure storage and hardware, heating,
ventilation, and air conditioning (HVAC) continue to operate as normal if the primary
power source fails.
Depending on the fault tolerance issues that your organization copes with, there may be
different fault tolerance requirements for your system.
That is because fault-tolerant software and fault-tolerant hardware solutions both offer
very high levels of availability, but in different ways.
Fault-tolerant servers use a minimal amount of system overhead to achieve high
availability with an optimal level of performance.
Fault-tolerant software may be able to run on servers you already have in place that meet
industry standards.
There is more than one way to create a fault-tolerant server platform and thus prevent
data loss and eliminate unplanned downtime.
Fault tolerance in computer architecture simply reflects the decisions administrators and
engineers use to ensure a system persists even after a failure.
This is why there are various types of fault tolerance tools to consider.
At the drive controller level, a redundant array of inexpensive disks (RAID) is a common
fault tolerance strategy that can be implemented.
Other facility level forms of fault tolerance exist, including cold, hot, warm, and mirror
sites.
Fault tolerance computing also deals with outages and disasters.
For this reason a fault tolerance strategy may include some uninterruptible power supply
(UPS) such as a generator—some way to run independently from the grid should it fail.
Byzantine fault tolerance (BFT) is another issue for modern fault tolerant architecture.
BFT systems are important to the aviation, blockchain, nuclear power, and space
industries because these systems prevent downtime even if certain nodes in a system fail
or are driven by malicious actors.
Fault tolerance refers not only to the consequence of having redundant equipment, but
also to the ground-up methodology computer makers use to engineer and design their
systems for reliability.
Fault tolerance is a required design specification for computer equipment used in online
transaction processing systems, such as airline flight control and reservations systems.
Fault-tolerant systems are also widely used in sectors such as distribution and logistics,
electric power plants, heavy manufacturing, industrial control systems and retailing.
An error is a situation where the sender’s data does not match the data at the receiver’s end.
Burst error
3. Burst error
This is where there is a change in more than one consecutive bits of the sender’s data
Error control
Error correction
It involves ascertaining the exact number of bits that has been corrupted and the location of the
corrupted bit.
Error detection
It involves checking whether any error has occurred or not. The number of error bits and the type
of error bits doesn’t matter.
1.Checksum
In the sender’s end the segments are added using 1’s complement arithmetic to get the sum.
The sum is complemented to get the checksum.
The checksum segment is sent along with the data segments.
At the receiver’s end, all received segments are added using 1’s complement arithmetic to
get the sum. The sum is complemented.
If the result is zero, the received data is accepted; otherwise discard
This technique involves binary division of the data bits being sent.
The divisor is generated using polynomials.
The sender performs a division operation on the bits being sent and calculates the
remainder.
Before sending the actual bits, the sender adds the remainder at the end of the actual bits.
Actual data bits plus the remainder is called a code word.
The sender transmits data bits as code words and at the other end, the receiver performs
division operation on code words using the same CRC divisor.
If the remainder contains all zeros the data bits are accepted, otherwise it is considered as
there some data corruption occurred in transit.
3.Parity check.
In this technique;
One extra bit is sent along with the original bits to make number of 1s either even in case
of even parity, or odd in case of odd parity.
The sender while creating a frame counts the number of 1s in it.
For example, if even parity is used and number of 1s is even then one bit with value 0 is
added. This way number of 1s remains even.
If the number of 1s is odd, to make it even a bit with value 1 is added.
The receiver simply counts the number of 1s in a frame.
If the count of 1s is even and even parity is used, the frame is considered to be not-
corrupted and is accepted.
If the count of 1s is odd and odd parity is used, the frame is still not corrupted.
If a single bit flips in transit, the receiver can detect it by counting the number of 1s.
But when more than one bits are error nous, then it is very hard for the receiver to detect
the error.
Hamming code
Binary convolution code
Reed-Solomon code
Low-density parity check code
Hamming code
Hamming code is an error correction system that can detect and correct errors when data
is stored or transmitted.
Whenever data is transmitted or stored, it's possible that the data may become corrupted.
This can take the form of bit flips, where a binary 1 becomes a 0 or vice versa.
Error correcting codes seek to find when an error is introduced into some data.
This is done by adding parity bits, or redundant information, to the data.
If enough parity data is added, it enables forward error correction (FEC), where errors
can be automatically fixed when read back.
FEC can increase the data transmission rate for noisy channels by reducing the amount of
necessary retransmits.
Hamming code uses a block parity mechanism.
The data is divided into blocks, and parity is added to the block.
Hamming code can correct single-bit errors and detect the presence of two-bit errors in a
data block.
The amount of parity data added to Hamming code is given by the formula 2 p ≥ d + p + 1,
where p is the number of parity bits and d is the number of data bits.
In convolutional codes, the message comprises of data streams of arbitrary length and a
sequence of output bits are generated by the sliding application of Boolean functions to
the data stream.
In block codes, the data comprises of a block of data of a definite length.
However, in convolutional codes, the input data bits are not divided into block but are
instead fed as streams of data bits, which convolve to output bits based upon the logic
function of the encoder.
Also, unlike block codes, where the output code word is dependent only on the present
inputs, in convolutional codes, output stream depends not only the present input bits but
also only previous input bits stored in memory.
Reed-Solomon code
It is a linear block code which has the capability of correcting errors in blocks of large
sizes.
It is constructed using a sparse tanner graph.
A low-density parity-check code is a code specified by a parity-check matrix.
The parity check matrix has rows and columns which represent equations and bits in code
symbols respectively.
In this there are basically two parameters as n,i,j where n is block size, i is fixed number
of 1's in each column and j is fixed number of 1's in each row.
When parity check bits are very small, we have to use decoders that help in doing parity
checks.
In the process, if we came across any bit that contains more than fixed number of parity
equations that are not satisfied then we will simply reverse that particular bit.
When we get new values, parity equations are recalculated.
This whole process keeps on running continuously until we get all parity equations which
are satisfied.
• Static:
• Dynamic:
A dynamic network is a network that changes with time. Nature, society, and the modern
communications landscape abound with examples.
Administrative roles are done automatically by the router dynamic protocols for example:
the DHCP (Dynamic Host Control Protocol)
How does the DHCP work?
DHCP runs at the application layer of the Transmission Control Protocol/IP (TCP/IP)
stack to dynamically assign IP addresses to DHCP clients and to allocate TCP/IP
configuration information to DHCP clients.
This includes subnet mask information, default gateway IP addresses and domain name
system (DNS) addresses.
DHCP is a client-server protocol in which servers manage a pool of unique IP addresses,
as well as information about client configuration parameters, and assign addresses out of
those address pools.
DHCP-enabled clients send a request to the DHCP server whenever they connect to a
network.
Clients configured with DHCP broadcast a request to the DHCP server and request
network configuration information for the local network to which they're attached.
A client typically broadcasts a query for this information immediately after booting up.
The DHCP server responds to the client request by providing IP configuration
information previously specified by a network administrator.
This includes a specific IP address, as well as a time period -- also called a lease -- for
which the allocation is valid.
When refreshing an assignment, a DHCP client requests the same parameters, but the
DHCP server may assign a new IP address based on policies set by administrators.
DHCP clients can also be configured on an Ethernet interface.
A DHCP server manages a record of all the IP addresses it allocates to network nodes.
If a node is relocated in the network, the server identifies it using its Media Access
Control (MAC) address, which prevents the accidental configuration of multiple devices
with the same IP address.
Configuring a DHCP server also requires the creation of a configuration file, which stores
network information for clients.
This involves assigning IP addresses to hosts and authenticating host devices on the
network
Dynamic Routes
STATIC NETWORKS
• Static network is where most administrative roles are done by an administrator including
assigning IP addresses to individual hosts and authenticating host devices.
• It is characterized by static IP addresses and host IP conflicts.
• Host IP conflicts is where the same IP addresses are assigned to more than one host
device i.e.
192.168.3.1
192.168.3.16 192.168.3.16
R0 R1
• In a completely connected network (CCN) each node is connected to all other nodes in
the network.
• Completely connected networks guarantee fast delivery of messages from any source
node to any destination node (only one link has to be traversed).
• Since every node is connected to every other node in the network, routing of messages
between nodes becomes a straightforward task.
• Completely connected networks are, however, expensive in terms of the number of links
needed for their construction.
• This disadvantage becomes more and more apparent for higher values of N.
• It should be noted that the number of links in a completely connected network is given
by:
N (N - 1)/2
• The delay complexity of CCNs, measured in terms of the number of links traversed as
messages are routed from any source to any destination is constant, that is, O(1).
• An example of having N = 6 nodes is shown in the figure. A total of 15 links are
required to satisfy the complete interconnectivity of the network.
• Limited connection networks (LCNs) do not provide a direct link from every node to
every other node in the network.
• Instead, communications between some nodes have to be routed through other nodes in
the network.
• The length of the path between nodes, measured in terms of the number of links that
have to be traversed, is expected to be longer compared to the case of CCNs.
• Two other conditions seem to have been imposed by the existence of limited
interconnectivity in LCNs.
• These are the need for a pattern of interconnection among nodes and the need for a
mechanism for routing messages around the network until they reach their destinations.
• These patterns include linear arrays, ring (loop) networks, two-dimensional arrays
(nearest-neighbour mesh), tree networks, and cube networks.
NETWORK SECURITY
Network security is a set of rules and configurations designed to protect the confidentiality,
integrity and availability of computer networks and data using both software and hardware.
It basically combines multiple layers of defenses at the edge of the network and within the
internal network so only authorized users gain access to the network resources. But malicious
actors are blocked from carrying exploits or threats
Which is to ensure:
They include:
● Intercept packets; modify, change it before it reaches destination. This can be prevented
by encrypting data.
● Inject data that you never sent
● An attacker can participate in protocols via their own machines.
They are;
1. Firewall
Firewalls control incoming and outgoing traffic on networks and decides whether to allow or
block specific traffic based on a defined set of security rules.
It acts as a barrier between the untrusted external networks and your trusted internal network
Administrators typically configure a set of defined rules that block or permit traffic onto the
network.
It can be a hardware or software appliance or both based on the need in the network.
For instance, you could grant administrators full access to the network but deny access to
specific confidential folders or prevent their personal devices from joining the network.
4. VPN
It encrypts connection from an endpoint to a network, often over the internet.
5. SIEM
Security, information and event management.
SIEM products pull together information that the information security analysts need in order to
identify and respond to threats.
7. Sandboxing.
This approach lets organizations scan for malware by opening a file in an isolated environment
before granting it access to the network. Once opened in a sandbox, the organization can observe
whether the file acts in a malicious way or shows any indications of malware.
attackers and unauthorized users. It uses identity criteria to limit access to resources and forms a
9. Web security.
This practice controls employee web use on an organization’s network and devices, including
blocking certain threats and websites, while also protecting the integrity of an organization’s
website themselves.
Functionality- Network security ensures that ongoing high performance of the networks that
Privacy and security- Network security prevents the security breaches that can expose PII and
other sensitive information, damage a business’s reputation and result in financial losses.
complete. Securing access to intellectual property related to products, services and business
Compliance- Complying with data security and privacy regulations is a legal requirement in
many countries hence security networks are a key part of adhering to these mandates.
Evolving network attacks methods- The biggest network security challenge is the rate at which
cyber-attacks evolve. Threat actors and their methods constantly change as technology changes.
User adherence- It can be difficult for an organization to ensure that everyone is adhering to
network security best practices, while simultaneously evolving those strategies to address the
newest threats.
Remote and mobile access- Remote work is more prevalent. This makes wireless security more
important as users are more likely to be using a personal or a public network while accessing the
company’s networks.
Third party partners- Cloud providers, managed security services and security products
vendors
ENTERPRISE NETWORKS
When it comes to enterprise networking, every organization has different needs, and in the era
of digital transformation, modern enterprises are relying more on software-driven solutions to
power intelligent network architecture, automation and design
This network usually connects computers and other devices in a small area such as an
office building.
It’s local because it only covers a limited geographic area and typically uses cables to
connect devices.
Since LANs cover a small space, there isn’t much concern about security or privacy.
A wide-area network (WAN) is any computer network that spans larger distances than a
LAN.
A WAN may span cities, states, countries, or even continents.
In contrast to LANs, which use cables for connectivity, WANs often use telephone lines
or radio waves to communicate between network nodes.
The Internet is one example of a WAN.
Cloud Networks
Networking
It goes beyond any reasonable doubt that a business can hardly survive without good
networking.
How then will customers, clients as well as partners keep in touch? The process involves
creating and designing a network of devices involved.
The components include a Switches, Routers, and Firewalls among others.
Advantages
Wireless
It is a computer network without physical cables connecting the devices.
Radio waves are used to enable communication.
As a result, the sender and the receiver communicate seamlessly.
There are many companies that offer innovative wireless solutions in Dubai and
facilitates BYOD.
Advantages
Ease scaling.
Management of mobile devices and their security
Reduce confinement to a particular workstation
Facilitates Bring Your Own Device (BYOD)
WAN
In enterprise networks, a Wide Area Network (WAN) may be inevitable.
If you have branches in various parts of the globe, WAN will ensure that each of them
communicates.
Considering each department will have a Local Area Network (LAN), the WAN
solutions Dubai will connect all of them into one big enterprise network.
Advantages
Security
Network Security Solutions in Dubai is essential for any organization that relies on a
network enterprise.
For it to be abundant, policies, as well as protocols, are vital. Security ensures that no
unauthorized people access data and vice versa.
For the authorized, there is no room for change or misuse of information.
Advantages
Minimization of cost
Fast Communication
This sector in your organization becomes quick and easy once you consider enterprise
networking.
Why not when it will facilitate several activities? They include email messaging, video
conferencing and IP telephony.
There will be ample communication between all the employees from various stations.
Manageability
The sharing feature simplifies the management of your firm.
When files’ storage is in a central place, those using remote workstations efficiently
access it.
As a result, every employee obtains all the needed data without the need for duplication.
Applications, as well as expensive devices, can be shared through as well.
Additionally, enterprise Networking Companies eliminates personal backing up of data.
Instead, it is the data in the central location that is backed up.
Security
In enterprise networking, appropriate measures are in place to secure your network from
attacks.
There will be a central place to monitor access, and every user gets what he or she is
supposed to retrieve.
Threats are detected to prevent where possible.
Sign up with a reliable and trustworthy technology partner for best network security
solutions .
Productivity and Performance
The two will improve if you go for enterprise network solutions .
Elements that facilitate that include the mobility, BYOD, real-time access and efficiency.
They subsequently increase the two.
What are the consequences if a good networking solution is not in place in Enterprise
Networking?
An increase in downtime
Security threats
High Costs
If a good networking solution is not in place, identifying problems will take longer. The service
fee and the waiting time will cost the organization a lot.
Cyber security: Cyber security tools are one of the fastest growing applications for AI.
Enterprises are finding these solutions more important now than ever due to concerns
around 5G cyber security.
Task automation: As we previously mentioned, many AI-driven automation solutions, such
as RPAs, are growing in popularity for enterprises. They are a precursor to the full potential
AI-based automation holds.
Virtual assistants: Virtual assistants are one of the more practical ways enterprises continue
to leverage AI in their business operations. Sales and customer service teams use them to
automate and learn from customer support.
5G
With the advancement and standardization of 5G comes the idea of 5G-powered
businesses — essentially businesses that leverage 5G for their operations.
5G promises faster and more flexible ways to connect with one another.
It will also likely advance the amount of Internet of Things (IoT) devices.
This is one of the most actionable benefits 5G provides for enterprises, who can provide
and offer services that would’ve previously been too expensive to operate.
Although IoT devices can bring a tectonic shift to enterprise networking, the benefits of
5G will also bring with them cyber security concerns.
SD-WAN
Cybersecurity
Because so many other technologies and advancements, such as hyper automation, AI,
and 5G, all have security implications, cyber security will be a main topic for enterprises.
One of the main reasons cyber security will trend is due to the sheer amount of data
businesses are dealing with.
Traditional IT departments are beginning to implement AIOps to deal with this amount of
data.
AIOps, alongside the rise of data democratization, could help mitigate cyber security
threats by opening up analysis to a wider breadth of departments.
However, this conversely means that any breach could be detrimental for enterprises due
to the vast amount of customer data cyber attackers could gain access to.
Another point of vulnerability for enterprises is in their adoption of 5G networking.
5G cyber security is a growing concern for many enterprises and has even been addressed
by former FCC chairman Tom Wheeler, who maintains that enterprises must adopt a
“new cyber duty of care.” They must also adopt new business standards to mitigate any
risks.
Ultimately, questions surrounding cyber security must stay at the forefront going into
2022.
Metaverse
Finally, just as unified communications and collaboration tools such as Zoom and
Microsoft Teams have grown during the pandemic, so shall new frontiers for
communication in the metaverse.
The metaverse refers to online spaces where humans can interact in a more engaging and
immersive way compared to our existing modes of communications. With the rise of
other blockchain technologies such as cryptocurrency, the metaverse has become a main
topic of discussion for enterprises.
VPN
Virtual Private Network (VPN) is a private network that connects one network node to
another network node using a public network (internet).
The data passed will be encapsulated and encrypted to ensure confidentiality. The
security system on VPN uses several layers which include;
a) Tunneling method
Tunnels are a method for transporting data across a network using protocols that
are not supported by that network.
Tunneling works by encapsulating packets: wrapping packets inside of
other packets.
A typical packet has two parts: the header, which indicates the packet's
destination and which protocol it uses, and the payload, which is the packet's
actual contents.
An encapsulated packet is essentially a packet inside another packet. In an
encapsulated packet, the header and payload of the first packet goes inside the
payload section of the surrounding packet. The original packet itself becomes the
payload.
b) Encryption method
It refers to wrapping a data packet that passes in tunneling, the data passed on the
packaging will be changed with certain cryptographic algorithms such as DES,
3DES, and AES.
c) User authentication method
Because many users who will access usually use many user authentication
methods such as Remote Access Dialin user services (RADIUS) and Digital
Certificates.
d) Data integrity
Data packets that are passed on public networks need to guarantee data integrity
(integrity), whether changes occur or not.
The VPN method uses HMA C-MD5 or HMA CSHA1 so that the data packet
does not change at the time of transmission.
VPN Applications
They extend the connectivity to business partners, suppliers, and customers across
the Internet or an SP's network.
The security policy becomes very important at this point; for example, the
company does not want a hacker to spoof any orders from a business partner.
b) Intranet VPN
The intranet VPN services are typically based on extending the basic
remote-access VPN to other corporate offices across the Internet or across
the SP's IP backbone.
c) Access VPN:
Overlay VPN
VPDNs
1) Secure Your Network-One of the most important is the fact that businesses can effectively
secure their network. Without your knowledge, an application or website can keep track
of your activity online. They can then analyze the data they collect and use it to try to
target you with ads. Without a VPN, you may experience an influx of pop-up ads that can
interrupt your browsing experience and be a general nuisance.
2) Hide Your Private Information-Hackers can use a variety of methods to intercept sensitive
information you enter on websites. Using that information, they can try to impersonate
you, gaining access to bank accounts, credit card information, and more. With a VPN,
however, you can enjoy high-level security.
servers, because support can be outsourced to third-party service providers who can
5) Avoid censorship when traveling abroad- Some VPNs can help you bypass geographical
restrictions.
Disadvantages of VPNs
A VPN reroutes and encrypts your internet connection, which may slightly lessen your
internet speed.
In some countries, the use of VPNs is banned or heavily regulated, so always check the
legislation where you’re located.
Depending on the VPN you use, you may have some trouble setting it up. Be sure to choose a
beginner-friendly VPN service to avoid this.
Unless you’re an encryption expert, it’s hard to know the encryption quality of your
VPN. However, selecting a reliable VPN service with positive reviews will make it more likely
that your encryption quality is high.