Module 1-3 Netacad

­­­­­1.6: Reliable Networks

Fault Tolerance: Having redundancy; multiple paths to a destination.

              Ex: Packet Switched Network: Splits traffic into multiple packets that are routed through a shared (larger) network. Each packet has metadata containing the source and destination. Router switch the packets dynamically based on current conditions. User is unaware that a link may have failed.

Scalability: Being able to add a new network to an existing network.

              How? Designers follow accepted standards and protocols. This lets software/hardware vendors focus on product improvement without having to design a new ruleset for operation once a new network is added.

Quality of Service (QoS): A priority-based system to manage traffic congestion (when demand for bandwidth exceeds amount available).

              How? Devices hold packets in memory until there are resources to transmit them. The priority is time-sensitive traffic.

              Example: A VoIP call will have a high priority to maintain a smooth and uninterrupted experience. Web pages will have a low priority and therefore be queued up.

Network Security: 2 types, network infrastructure security and information security.

              Network Infrastructure: Physically device security and preventing unauthorized access to the software residing on them.

              Information Security: Protecting information contained within packets.

              Follow CIA goals, Confidentiality, Integrity, and Availability.

                            C: Only the intended and authorized recipients can access the data.

                           I: Ensuring that the information has not been altered in transmission.

                           A: Timely and reliable access to data for authorized users.

1.7: Network Trends (big Webex ad)

BYOD: The freedom for any device, with any ownership, used anywhere.

Online Collaboration: Think Google Collaboration Suite, individuals want to connect to the network, not only for access to data/applications but also to collaborate with one another.

Video Communications: Video calls are made to and from anyone with an internet connection.

Cloud Computing: Very expensive to build and maintain data centers, so smaller companies lease them from larger data centers.

              Redundancy: It’s very common to store data in distributed data centers with different data servers in different locations.

              Public clouds: Cloud-based apps and services offered to the general population (google docs)

              Private clouds: Cloud-based apps and services offered to a specific client. May be set up with the client’s private network but may be expensive to maintain. Could also be managed by an outside company.

              Hybrid clouds: Think google cloud for business. Made up of 2 or more clouds, part private part public, where they utilize and are connected by the same architecture but both remain distinct.

              Community Clouds: Similar to public clouds, but made for a specific type of client, think multiple healthcare providers using the same cloud with security that makes it private.

Powerline Networking: A system that can be used in homes to basically replace an ethernet port. It transmits information through your electricity line and allows you to plug in an ethernet to it.

1.8: Security Threats

Zero-day attacks: These occur on the first day that a vuln becomes known.

Internal Breaches: The most common data breaches happen because of internal users of the network. The difference is that they are already inside the network and do not have to go through the firewall.

              Examples: Lost or stolen devices, accidental misuse, malicious employees.

Security Solutions: No single solution can protect the network from the variety of threats that exist. This is why security should be layered.

              Small office/home: Usually basic, usually implemented on end devices, and can rely on the ISP.

                           AV/Antispyware: Help protect end devices from getting infected.

                           Firewall Filtering: Blocks unauthorized access to the end device or prevents access from the outside world.

              Corporate: By contrast, usually consists of many components, which ideally work together.

                           Dedicated firewall systems: Able to filter larges amounts of traffic with more granularity

                           Access control lists (ACL): Filter access and traffic forwarding based on IPs and applications.

                           VPN: Secure access into a network for remote workers.

 Data - The general term for the PDU used at the application layer.

• Segment - transport layer PDU

• Packet - network layer PDU

• Frame – data link layer PDU

• Bits - A physical layer PDU used when physically transmitting data over the medium

Operating System

              Shell (1^st layer : The UI that allows users to request specific tasks.     

              Kernel (2^nd layer): Communicates between the hardware and software of a computer and manages how hardware resources are used to meet software requirements.

              Hardware: lowest layer (3^rd)

Access Methods

              Console: out-of-band access to a device, usually using a console port.

              Secure Shell (SSH): In-band and recommended method of remotely accessing a CLI.

              Telnet: Insecure, in-band method of remotely accessing a CLI. Not recommended out of a lab as it transmits over plaintext.

              Aux: Connection over telephone call

IOS modes

-          To move to exec mode, enter enable,  use disable to return to user mode.

-          To enter line subconfiguration mode, you use line followed by the management line type and number you wish to access.

o   Line Configuration mode: used to configure console, SSH, Telnet or Aux access

o   Interface Configuration mode: used to configure a switch port or router network interface.

-           

Conventions in IOS

Boldface: commands and keywords you enter literally as shown

Italics: arguments for which you supply values

[x]: Square brackets indicate optional

{x}: Braces indicate required

{y | z}: required choice

Abort Keystroke: Ctrl-Shift-6, like task manager kill.

Interrupted typing keystroke: Use this when you get an output mid typing command and it’s difficult to see it. CTRL + R

-          Configure Passwords

o   Secure Console & VTY Access

§  Must be in global configuration mode (layer 3)

§  password ______

§  `login

o   Secure Privileged Mode Access

§  Must be in privileged mode (layer2)

§  enable secret ______

o   Encrypt Passwords

§  Must be in privileged mode (layer2)

§  service password-encryption

§  show running-config to ensure passwords are encrypted

o   Banner Messages (MOTD)

§  Must be in privileged mode (layer2)

§  banner motd # _____ #

-          Configure IP Addresses

o   ip address _______ _______

o    1. Ip address               2. Subnet Mask

o   no shutdown

Module 3 Notes

Protocols and Models

-          OSI Reference Model

1.      Physical

2.      Data Link

3.      Network

4.      Transport

5.      Session

6.      Presentation

7.      Application

a.      Please Don’t Throw Away New Sausage Pizza!

-          TCP/IP Protocol Model

1.      Network Access

2.      Internet

3.      Transport

4.      Application

a.      Nine Idiots Took Americans Hostage

Physical Layer

Receives the data, encodes it, and sends it over.

Receives the sent data, restores it, and passes it to the data link layer as a complete frame.

-          Physical Layer Organizations

o   ISO

o   ANSI/TIA

o   ITU-T

o   ANSI

o   IEEE

-          Physical Components

o   Physical Components

§  electronic hardware, cables, ports, etc

o   Encoding

§  Converting data into predefined patterns (ex: morse, manchester)

o   Signaling

§  Represents the 1s and 0s.

§  Electrical, optical, or wireless signals.

-          Bandwidth

o   Capacity at which a medium can carry data.

o   Latency

§  Time & delays for data to travel

o   Throughput

§  Measure of the transfer of bits over a given period of time

o   Goodput

§  Usable data transferred over a given period of time

§  (Internet Speed Test?)

-          Copper Cabling

o   Why?

§  Pros:

·       Inexpensive

·       Easy to install

·       Low resistance to electrical current

§  Cons:

·       Limited distance

·       Signal Interference

o   Electromagnetic (EMI)

o   Radio Frequency (RFI)

o   Crosstalk

o   How?

§  Transmitted via Electrical Pulses

·       Deteriorates over distance

o   Types

§  Unshielded Twisted-Pair (UTP)

·       Most common

·       RJ45 Connectors

·       4 pairs of color-coded wires that are twisted together and encased in plastic

o   Twisting helps from interference

o   Plastic helps physical damage

o   Plastic isolates electricity from each wire

·       UTP Interference Countering Strategies

o   Cancellation

§  Designers pair wires in a circuit, which cancel out their magnetic fields (and EMI/RFI)

o   Variating Twists per Pair

§  Enhances cancellation effect

§  Shielded Twisted-Pair (STP)

·       Better noise protection than UTP

·       More expensive

·       Difficult to install

·       Uses RJ-45

·       Twisted

o   To reduce crosstalk

·       4 pairs wrapped in a foil shield

§  Coaxial (Coax)

·       Layer of plastic surrounds a copper conductor.

·       Material surrounded in copper braid/metallic foil

o   Acts as the second wire

o   Shield for the inner conductor

o   Reduces EMI

·       Surrounded with cable jacket

·       Used by Cable Companies

o   Attaches to wireless devices/antennas

-          Cable Standards

o   UTP – TIA/EIA-568

§  Categories (CAT)

·       CAT5 is the standard. Supports 100Mbps and 5e 1000Mbps.

·       CAT6 has an added separator between each pair to support higher speeds. Goes up to 10Gbps.

·       CAT7 is also 10Gbps

·       CAT8 is 40Gbps.

o   Copper Cabling – IEEE

-          Different UTP cables

o   Ethernet Straight-Through

§  Most common

§  Commonly used to interconnect a host to a switch/switch to a router.

§  Both ends T568A or T568B

o   Ethernet Crossover

§  Cable used to interconnect similar devices

§  Ex: Switch to a switch, host to a host.

§  Now considered legacy: Most NICs autodetect cable types.

§  One end T568A, other end T568B.

o   Rollover Cable

§  Cisco proprietary

§  Used to connect a workstation to a router or switch console port.

o   T568B – OGBGBr (colors)

o   T568A – GOBOBr.

-          Fiber Optic Cables

o   Pros

§  Longer distance

§  Higher bandwidth than anything

§  Immune to EMI and RFI

o   Cons

§  Expensive

o   Single-mode fiber (SMF)

§  Single, very small, core of light

§  Expensive laser technology to send a single ray

§  Popular for long-distance, spanning 100s of KMs.

o   Multimode fiber (MMF)

§  Single, larger core

§  Uses LED emitters (sent out at different angles)

§  Popular for low-cost LEDs.

§  Upto 10Gbps and 550 meters.

-          Fiber-Optic Connectors

o   Straight-Tip (ST)

§  Twist-on, twist-off mechanism

o   Subscriber-Connector (SC)

§  Square connectors or Standard connectors

§  Push-pull mechanism

§  Uses multimode and single-mode.

§  FIOS

o   Lucent Connector (LC) Simplex

§  Smaller version of LC

o   Duplex Multimode LC

§  LC, except uses a duplex connector.

-          Patch Coords

o   Single-Mode Fiber

§  Yellow

o   Multimode

§  Orange or Aqua

o   Protect with a small plastic cap when not in use!

-          Wireless Media

o   Cons

§  Coverage Area

§  Interference

§  Security

§  Shared

o   Standards

§  Wi-Fi (IEEE 802.11)

§  Bluetooth (IEEE 802.15)

§  WiMAX(IEEE 802:16) – point to multipoint topology to provide wireless broadband access

§  Zigbee (IEEE 802.15.4) – low-data, low-power communications, usually IoT

o   Wireless LAN

§  Wireless Access Point (AP) – routers, etc.

§  Wireless NIC adapters – like laptops