Lecture 2

Small Businesses Networks maintenance
CNET 4
Lecture 2
Instructor:
Eng. Ameera Hasan AL-Jermozi
Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 1
Devices in a Small Network
Small Network Topologies
 Typical Small Network Topology
Networking
 The generic term node or host refers to any device on

a network
 Data transfer rate The speed with which data is
moved from one place on a network to another
 Data transfer rate is a key issue in computer networks
Networking
 Computer networks have opened up an entire frontier in
the world of computing called the client/server model
‫ الخادم‬/ ‫ فتحت شبكات الكمبيوتر حدوًد ا كاملة في عالم الحوسبة تسمى نموذج العميل‬
Figure 2.2 Client/Server interaction

5-5
Networking
 File server A computer that stores and manages files

for multiple users on a network
 Web server A computer dedicated to responding to
requests (from the browser client) for web pages
5-6
Types of Networks
 Various configurations, called topologies, have

been used to administer LANs
Ring topology A configuration that connects all
nodes in a closed loop on which messages travel in
one direction
Star topology A configuration that centers around
one node to which all others are connected and
through which all messages are sent
Bus topology All nodes are connected to a single
communication line that carries messages in both
directions
Types of Networks
Figure 2.3 Various network topologies
 A bus technology called Ethernet has become the

industry standard for local-area networks
15-10
5-8
Types of Networks
 Wide-area network (WAN) A network that

connects two or more local-area networks over
a potentially large geographic distance
Often one particular node on a LAN is set up to serve
as a gateway to handle all communication going
between that LAN and other networks
Communication between networks is called
internetworking
The Internet, as we know it today, is essentially the
ultimate wide-area network, spanning the entire
globe
5-9
Types of Networks
 Metropolitan-area network (MAN) The communication

infrastructures that have been developed in and around
large cities
-10
Types of Networks
Figure 2.4 Local-area networks connected across a distance to

create a wide-area network
-11
Internet Connections
 Internet backbone A set of high-speed networks that

carry Internet traffic
These networks are provided by companies such as
AT&T, GTE, and IBM
 Internet service provider (ISP) A company that
provides other companies or individuals with access to
the Internet
-12
 There are various technologies available that you can

use to connect a home computer to the Internet
A phone modem converts computer data into an analog
audio signal for transfer over a telephone line, and then a
modem at the destination converts it back again into data
A digital subscriber line (DSL) uses regular copper phone
lines to transfer digital data to and from the phone
company’s central office
A cable modem uses the same line that your cable TV
signals come in on to transfer the data back and forth
-13
 Broadband A connection in which transfer

speeds are faster than 128 bits per second
DSL connections and cable modems are broadband
connections
The speed for downloads (getting data from the
Internet to your home computer) may not be the
same as uploads (sending data from your home
computer to the Internet)
Packet Switching
 To improve the efficiency of transferring information over
a shared communication line, messages are divided into
fixed-sized, numbered packets
 Network devices called routers are used to direct packets
between networks
Figure 2.5
Messages
sent by
packet
switching
15-18
Device Selection for a Small Network
 Factors to be considered when selecting intermediate
devices while maintainence.
The Networking Devices(Nodes)
1. NIC Card
2. Repeater
3. Hub
4. Switch
5. Bridge
6. Router
7. Gateway
8. Firewall
1. Network Interface Card
 NIC is used to physically connect
host devices to the network media.
 A NIC is a printed circuit board that
fits into the expansion slot of a bus
on a computer motherboard.
 It can also be a peripheral device.
NICs are sometimes called network
adapters.
 Each NIC is identified by a unique
code called a Media Access Control
(MAC) address.
 This address is used to control data
communication for the host on the
network.
2. Repeaters
 A repeater is a network device used

to regenerate a signal.
 Repeaters regenerate analog or
digital signals that are distorted by
transmission loss due to attenuation.
A repeater does not make an
intelligent decision concerning
forwarding packets
3. Hubs
 Hubs concentrate on connections.

 In other words, they take a group of
hosts and allow the network to see
them as a single unit. This is done
passively, without any other effect
on the data transmission.
 Active hubs concentrate hosts and
also regenerate signals.
4. Bridges
 Bridges convert network data formats
and perform basic data transmission
management.
 Bridges provide connections between
LANs.
 They also check data to determine if it
should cross the bridge. This makes
each part of the network more efficient
5. Switches
 Switches add more intelligence to data transfer

management.
 They can determine if data should remain on a LAN and
transfer data only to the connection that needs it.
 Another difference between a bridge and switch is that a
switch does not convert data transmission formats
6. Routers
 Routers have all the capabilities listed above.
 Routers can regenerate signals, concentrate multiple
connections, convert data transmission formats, and
manage data transfers.
 They can also connect to a WAN, which allows them to
connect LANs that are separated by great distances.
7. Gateway
 A gateway is a piece of networking hardware used in

telecommunications for telecommunications networks that
allows data to flow from one discrete network to another.
 Gateways are distinct from routers or switches in that they
communicate using more than one protocol to connect a
bunch of networks
8. Firewall
 A firewall is a network device or software for
controlling network security and access rules.
 Firewalls are inserted in connections between
secure internal networks and potentially
insecure external networks such as the
Internet.
 Firewalls are typically configured to reject
access requests from unrecognized sources
while allowing actions from recognized ones.
 The vital role firewalls play in network security
grows in parallel with the constant increase in
cyber attacks.
Network Media
The function of the media is to carry a flow of information
through a LAN.
A. Wired Media:- A widely adopted family that uses copper and fiber
media in local area network (LAN) technology are collectively
known as Ethernet
1. Copper Cable
a. Coaxial Cables
b. Shielded Twisted Pair(STP)
c. Unshielded Twisted Pair
2. Fibre Optic Cable
B. Wireless Media:- use the atmosphere, or space, as the medium.
1. Copper Cable
 The most common, easiest,

quickest, and cheapest form of
network media to install.
 The disadvantage of sending
data over copper wire is that the
further the signal travels, the
weaker it becomes.
a. Coaxial Cable
 It can be run longer distances than Twisted pair Cables.
• Speed: 10-100Mbps
• Cost: Inexpensive
• Media and connector size: Medium
• Maximum cable length: 500m
c. Unshielded Twisted Pair
 UTP is a four-pair wire Speed: 10-100-1000 Mbps*
medium used in a Cost: Least Expensive
variety of networks. Media and connector size: Small
 Each of the eight Maximum cable length: 100m *
copper wires in the (Depending on the
UTP cable is covered quality/category of cable)
by insulating material
UTP Implementation
 EIA/TIA specifies an RJ-45

connector for UTP cable.
 The letters RJ stand for
registered jack.
Fiber Optic Cable
 Glass fiber carrying light
pulses, each pulse a bit.
 Based on the Total Internal
Reflection of Light.
 High-speed point-to-point
transmission 10-100’s Gbps
 low error rate:

 repeaters spaced far apart
 immune to electromagnetic
noise
Addressing for a Small Network
 IP addressing scheme should be planned, documented
and maintained based on the type of devices receiving
the address.
 Examples of devices that will be part of the IP design:
End devices for users
Servers and peripherals
Hosts that are accessible from the Internet
Intermediary devices
 Planned IP schemes help the administrator:
Track devices and troubleshoot
Control access to resources
IP Addresses
 An identifier for a computer or device on a TCP/IP network

. Networks using the TCP/IP protocol route messages
based on the IP address of the destination. The format of
an IP address is a 32-bit numeric address written as four
numbers separated by periods. Each number can be zero
to 255. For example, 1.160.10.240 could be an IP address.
IP Address Classes
 Class A - 168.212.226.204
 supports 16 million hosts on each of 127 networks
 Class B - 168.212.226.204
 supports 65,000 hosts on each of 16,000 networks
NDUS has two Class B addresses
 Class C - 168.212.226.204
 supports 254 hosts on each of 2 million networks
IPv4 vs. IPv6
 IPv4
• 32 bits used for address
• IPv4 addresses written as four octets (8 bits) separated by
periods.
134.129.67.235
 IPv6
• 128 bits used for address
• IPv6 address written as eight 4-digit (16-bit) hexadecimal
numbers separated by colons.
1080:0:0:0:0:800:0:417A
Loopback address
 127.0.0.0
Network number that cannot be assigned to any network
 127.0.0.1
The loopback address
Used for diagnostic testing of the local TCP/IP installation
Reserved IP Network Numbers
Network number Subnet mask IP address range

10.0.0.0 255.0.0.0 10.0.0.1-10.255.255.255
172.16.0.0-172.31.0.0 255.255.0.0 172.16.0.1-172.31.255.255
192.168.0.0 255.255.255.0 192.168.0.1-192.168.255.255
Designed for use on a private network behind a Network Address Translation

(NAT) device, such as a firewall, proxy servers, or some routers.
A NAT device can be used to disguise local or internal IP addresses from outside
networks.
Redundancy in a Small Network
 Redundancy helps to eliminate single points of failure.
 Improves the reliability of the network.
Design Considerations for a Small Network
 The following should be included in the network
design:
Secure file and mail servers in a centralized location.
Protect the location by physical and logical security measures.
Create redundancy in the server farm.
Configure redundant paths to the servers.
Protocols in a Small Network
Common Applications in a Small Network
 Network-Aware Applications - software programs
used to communicate over the network.
 Application Layer Services - programs that interface
with the network and prepare the data for transfer.
Common Protocols in a Small Network
 Network Protocols Define:
Processes on either end of a communication session
Types of messages
Syntax of the messages
Meaning of informational fields
How messages are sent and the expected response
Interaction with the next lower layer
Real-Time Applications for a Small Network
 Infrastructure - needs to be evaluated to ensure it will
support proposed real time applications.
 VoIP is implemented in organizations that still use
traditional telephones
 IP telephony - the IP phone itself performs voice-to-IP
conversion
 Real-time Video Protocols - Use Time Transport
Protocol (RTP) and Real-Time Transport Control
Protocol (RTCP)
Growing to Larger Networks
Scaling a Small Network
Important considerations when growing to a larger network:
 Documentation – physical and logical topology
 Device inventory – list of devices that use or comprise the
network
 Budget – itemized IT budget, including fiscal year
equipment purchasing budget
 Traffic Analysis – protocols, applications, and services
and their respective traffic requirements should be
documented
Network Device Security Measures
Threats to Network Security
 Categories of Threats to Network Security
Physical Security
Four classes of physical threats are:
 Hardware threats - physical damage to servers, routers,
switches, cabling plant, and workstations.
 Environmental threats - temperature extremes (too hot
or too cold) or humidity extremes (too wet or too dry)
 Electrical threats - voltage spikes, insufficient supply
voltage (brownouts), unconditioned power (noise), and
total power loss
 Maintenance threats - poor handling of key electrical
components (electrostatic discharge), lack of critical
spare parts, poor cabling, and poor labeling
Types of Security Vulnerabilities
 Technological weaknesses
 Configuration weaknesses
 Security policy weaknesses
Vulnerabilities and Network Attacks
Viruses, Worms and Trojan Horses
 A virus is malicious software that is attached to another
program to execute a particular unwanted function on a
workstation.
 A Trojan horse is different only in that the entire
application was written to look like something else,
when in fact it is an attack tool.
 Worms are self-contained programs that attack a
system and try to exploit a specific vulnerability in the
target. The worm copies its program from the attacking
host to the newly exploited system to begin the cycle
again.
Reconnaissance, Access, and DoS Attacks
Reconnaissance, Access, and DoS Attacks
Mitigating Network Attacks
Backup, Upgrade, Update, and Patch
 Keep current with the latest versions of antivirus
software.
 Install updated security patches
Authentication, Authorization, and Accounting
Authentication, Authorization, and Accounting (AAA, or
“triple A”)
 Authentication - Users and administrators must prove
their identity. Authentication can be established using
username and password combinations, challenge and
response questions, token cards, and other methods.
 Authorization - which resources the user can access
and which operations the user is allowed to perform.
 Accounting - records what the user accessed, the
amount of time the resource is accessed, and any
changes made.
Firewalls
A firewall resides between two or more networks. It
controls traffic and helps prevent unauthorized access.
Methods used are:
 Packet Filtering
 Application Filtering
 URL Filtering
 Stateful Packet Inspection
(SPI) - Incoming packets
must be legitimate
responses to requests from
internal hosts.
Endpoint Security
 Common endpoints are laptops, desktops, servers,
smart phones, and tablets.
 Employees must follow the companies documented
security policies to secure their devices.
 Policies often include the use of anti-virus software and
host intrusion prevention.
Securing Devices
Introduction to Securing Devices
 Part of network security is securing devices, including
end devices and intermediate devices.
 Default usernames and passwords should be changed
immediately.
 Access to system resources should be restricted to only
the individuals that are authorized to use those
resources.
 Any unnecessary services and applications should be
turned off and uninstalled, when possible.
 Update with security patches as they become available.
Securing Devices
Passwords
Securing Devices
Basic Security Practices
 Encrypt passwords
 Require minimum length passwords
 Block brute force attacks
 Use Banner Message
 Set EXEC timeout
Securing Devices
Enable SSH
Ping
Leveraging Extended Ping
 The Cisco IOS offers an "extended" mode of the ping
command
R2# ping
Protocol [ip]:
Target IP address: 192.168.10.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 10.1.1.1
Type of service [0]:
Show Commands
Common Show Commands Revisited
 The status of nearly every process or function of the
router can be displayed using a show command.
 Frequently used show commands:
show running-config
show interfaces
show arp
show ip route
show protocols
show version
Show Commands
Viewing Router Settings with Show Version
Cisco IOS version

System bootstrap
Cisco IOS image
CPU and RAM
Number and type of
physical interfaces
Amount of NVRAM
Amount of Flash
Config. register
Host and IOS Commands
ipconfig Command Options
 ipconfig - displays ip address, subnet mask, default
gateway.
 ipconfig /all – also displays MAC address.
 Ipconfig /displaydns - displays all cached dns entries in
a Windows system .
arp Command Options
show cdp neighbors Command Options
Using show ip interface brief Command
 Can be used to verify the status of all network
interfaces on a router or a switch.
Backup and Restore Configuration Files
Backup and Restore using TFTP
 Configuration files can be stored on a Trivial File
Transfer Protocol (TFTP) server.
 copy running-config tftp – save running configuration to
a tftp server
 copy startup-config tftp - save startup configuration
to a tftp server
Using USB Interfaces on a Cisco Router
 USB flash drive must be formatted in a FAT16 format.
 Can hold multiple copies of the Cisco IOS and multiple
router configurations.
 Allows administrator to easily move configurations from
router to router.
Backup and Restore Using USB
Chapter 2 Summary
 Good network design incorporates reliability, scalability, and
availability.
 Networks must be secured from viruses, Trojan horses, worms
and network attacks.
 Document Basic Network Performance.
 Test network connectivity using ping and traceroute.
 Use IOS commands to monitor and view information about the
network and network devices.
 Backup configuration files using TFTP or USB.
QUIZ 1 ON 10 OCT.
BEST WISHES

Lecture 2

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Lecture 2

Uploaded by

Copyright:

Available Formats

Small Businesses Networks maintenance

 The generic term node or host refers to any device on

Figure 2.2 Client/Server interaction

 File server A computer that stores and manages files

 Various configurations, called topologies, have

Figure 2.3 Various network topologies

 A bus technology called Ethernet has become the

 Wide-area network (WAN) A network that

 Metropolitan-area network (MAN) The communication

Figure 2.4 Local-area networks connected across a distance to

 Internet backbone A set of high-speed networks that

 There are various technologies available that you can

 Broadband A connection in which transfer

 A repeater is a network device used

 Hubs concentrate on connections.

 Switches add more intelligence to data transfer

 A gateway is a piece of networking hardware used in

 The most common, easiest,

 EIA/TIA specifies an RJ-45

 low error rate:

 An identifier for a computer or device on a TCP/IP network

Network number Subnet mask IP address range

Designed for use on a private network behind a Network Address Translation

Cisco IOS version

You might also like