Computer networks Course summary of Lan/Wan
Merit International Institute of Technology OOTY
American International University of Management and Technology
Submitted by – Anil Kumar Gupta Bachu Jim Varghese Bhaldein Redwan Ahmed Ada, Deepak Khushalani Mohit Tripathi Parth Ashok Kumar Shah Sudeep Sam Alex
Merit International Institute of Technology OOTY
22, Havelock Road, Ooty, India - 643 001 Tel: ++ 91-423-2443601-6, 2442486 E-mail: [email protected]
, [email protected]
This is to certify that students of final year BE(Electricals Electronics and Computer science) at Merit International Institute of Technology Ooty as per the partial requirements of degree course have submitted there course summary report and we certify that they have meet the requirements.
For MERIT Mr.Ashok Kumar
The written word has an unfortunate tendency to convert genuine gratitude into a stilled formality. But this is only way by which we can record our feelings permanently. Many people have contributed their time and efforts in helping us complete our disserting work successfully.
We would like to express our deepest gratitude and thanks to Management of Merit international institute of technology especially Mr. Ashok Kumar(coordinator) for following us to carry out our work.
We would also like to thank Mr. Bhagyanathan librarian Merit international institute of technology who helped us through in getting our hands on all the reference books and material required for our course summary. And last but not the least we would like to thank our parents and all those people who have directly or indirectly helped us in carrying out our dissertation successfully.
Anil Kumar Gupta Bachu Jim Varghese Bhaldein Redwan Ahmed Ada, Deepak Khushalani Mohit Tripathi Parth Ashok Kumar Shah Sudeep Sam Alex
• Introduction – overview of network environments. • Lan configurations and protocols. → Network models → Network topologies → Network communication media → Network protocols 05 08 - 13
• Lan hardware and clients 13 - 18 → Lan hardware and operating systems → Server and worlstation requirements → Server and workstation installation and configuration • Lan management ans services → Licensing → File systems → Domains and trust relationships → Passwords → User account policies → Local and global groups → Security and related issues → Directories , permissions and shares → Auditing → Network printing and sharing printer resources • System monitoring and maintenance → Monitoring issues → Server maintenance procedures → Troubleshooting → On-line help → System backup and backup techniques. 19 - 29
33 - 37
Computer on its own is referred to as a stand-alone machine, and most domestic computer user’s use their PC’s in this way. However even small commercial organizations may want to link their computers together. Two computers linked together so that they can exchange data form a network. However when we think of networks, we tend to think of lots of machines linked together. So what are the advantages of linking machines?
• • • • • •
Sharing of resources such as scanners and printers; Common information can be shared. Easier to install a program on a central computer rather than having to do it individually for each computer. E-mails can be sent between users. New users and equipment can be added easily. Different types of computers can connect to each other.
• • •
• • •
If a file server goes down, the users cannot access programs. If the network is not operating properly, hardware and software resources cannot be accessed. The network’s efficiency depends a lot on the skill of its manager. A poorly managed network (or one where the manager is obstructive) becomes frustrating to use and may be less efficient than stand-alone machines. Novices might do something wrong and mess the network up. Hard to keep secure from hackers. If a network is not well designed, it might not cope with an increase in traffic without a significant decrease in performance.
“The network’s down” is a phrase often heard in work places and it can seriously disrupt the operation of an organisation. Network managers enjoy the security of tenure of a manger of a premiership football team…
A network consists of two or more computers that are linked in order to share resources (such as printers and CD-ROMs), exchange files, or allow electronic communications. The computers on a network may be linked through cables, telephone lines, radio waves, satellites, or infrared light beams.
Local Area Network - A Local Area Network (LAN) is a network that is confined to a relatively small area. It is generally limited to a geographic area such as a writing lab, school, or building. Rarely are LAN computers more than a mile apart. In a typical LAN configuration, one computer is designated as the file server. It stores all of the software that controls the network, as well as the software that can be shared by the computers attached to the network. Computers connected to the file server are called workstations. The workstations can be less powerful than the file server, and they may have additional software on their hard drives. On most LANs, cables are used to connect the network interface cards in each computer. See the Topology, Cabling, and Hardware sections of this tutorial for more information on the configuration of a LAN.
Wide Area Network - Wide Area Networks (WANs) connect larger geographic areas, such as Florida, the United States, or the world. Dedicated transoceanic cabling or satellite uplinks may be used to connect this type of network. Using a WAN, schools in Florida can communicate with places like Tokyo in a matter of minutes, without paying enormous phone bills. A WAN is complicated. It uses multiplexers to connect local and metropolitan networks to global communications networks like the Internet. To users, however, a WAN will not appear to be much different than a LAN or a MAN.
How are local area networks set up? In large networks the workstations are connected to a central machine called a server. The terminals may or may not be able to act as stand-alone machines as well. In client server architecture, the devices act as clients sending in a request for service to the server, which is a computer dedicated to managing the networks. The files set up by the users are held on the server rather than the individual terminals. However it is possible to save data on individual machines if they have a hard disk. Associated with the file server may be a print server that stores all the print jobs. Peer-to-peer architecture is used on small networks. The PC’s can communicate with other PC’s without going through a central server. They are used where people do their own work but occasionally need to communicate with others and share data. However, if one of the stations is turned off, data stored there cannot be accessed.
Comparing the two: Type Examples Storage Software held centrally Server based Novell Client Central file server Software held centrally and distributed by the server to requests from the individual PC’s ID’s, Passwords, and access levels are centrally controlled Done regularly by the central system All users reliant on the server. If it goes down, then the whole network is unusable Through the central computer which has protocols to deal with different kinds of computer Speed and power Peer to peer Windows for Workgroups Storage on each machine Software held on each machine.
No central control of security Back up is responsibility of users No reliance on a central computer
Back up Reliance
Each computer needs to have software to deal with communication to other computers. Less expensive and easier to administer.
In some networks the terminals can act as stand alone machines; in others the terminals have to access everything from the server. Although these dumb terminals look like a PC, they cannot do anything, except perhaps the entry dialogue.
LAN CONFIGURATION AND PROTOCOLS →NETWORK MODELS
When dealing with networking, you may hear the terms "network model" and "network layer" used often. Network models define a set of network layers and how they interact. There are several different network models depending on what organization or company started them. The most important two are:
The TCP/IP Model - This model is sometimes called the DOD model since it was designed for the department of defense It is also called the internet model because TCP/IP is the protocol used on the internet. OSI Network Model - The International Standards Organization (ISO) has defined a standard called the Open Systems Interconnection (OSI) reference model. This is a seven layer architecture listed in the next section.
The three top layers in the OSI model - the application layer, the presentation layer and the session layer - usually are lumped into one layer in the TCP/IP model.
Application layer - The application layer is used by most programs for network communication. Data is passed from the program in an application-specific format, then encapsulated into a transport layer protocol. Transport layer - The transport layer's responsibilities include end-to-end message transfer capabilities independent of the underlying network, along with error control, fragmentation and flow control. Network layer - As originally defined, the Network layer solves the problem of getting packets across a single network. Data link layer - The link layer, which is the method used to move packets from the network layer on two different hosts, is not really part of the Internet protocol suite, because IP can run over a variety of different link layers. The processes of transmitting packets on a given link layer and receiving packets from a given link layer can be controlled both in the software device driver for the network card, as well as on firmware or specialist chipsets. These will perform data link functions such as adding a packet header to prepare it for transmission, then actually transmit the frame over a physical medium. Physical layer - The Physical layer is responsible for encoding and transmission of data over network communications media. It operates with data in the form of bits that are sent from the Physical layer of the sending (source) device and received at the Physical layer of the destination device.
→ NETWORK TOPOLOGIES
Network topology is the study of the arrangement or mapping of the elements (links, nodes, etc.) of a network, especially the physical (real) and logical (virtual) interconnections between nodes. A local area network (LAN) is one example of a network that exhibits both a physical topology and a logical topology. Any given node in the LAN will have one or more links to one or more other nodes in the network and the
mapping of these links and nodes onto a graph results in a geometrical shape that determines the physical topology of the network. Likewise, the mapping of the flow of data between the nodes in the network determines the logical topology of the network. It is important to note that the physical and logical topologies might be identical in any particular network but they also may be different.
Linear Bus - A linear bus topology consists of a main run of cable with a terminator at each end. All nodes (file server, workstations, and peripherals) are connected to the linear cable. Ethernet and LocalTalk networks use a linear bus topology. Star - A star topology is designed with each node (file server, workstations, and peripherals) connected directly to a central network hub or concentrator. Data on a star network passes through the hub or concentrator before continuing to its destination. The hub or concentrator manages and controls all functions of the network. It also acts as a repeater for the data flow. This configuration is common with twisted pair cable; however, it can also be used with coaxial cable or fiber optic cable. Tree - A tree topology combines characteristics of linear bus and star topologies. It consists of groups of star-configured workstations connected to a linear bus backbone cable. Tree topologies allow for the expansion of an existing network, and enable schools to configure a network to meet their needs. Ring - The type of network topology in which each of the nodes of the network is connected to two other nodes in the network and with the first and last nodes being connected to each other, forming a ring – all data that is transmitted between nodes in the network travels from one node to the next node in a circular manner and the data generally flows in a single direction only. Mesh - The value of fully meshed networks is proportional to the exponent of the number of subscribers, assuming that communicating groups of any two endpoints, up to and including all the endpoints, is approximated by Reed's Law. Tree (also known as hierarchical) - The type of network topology in which a central 'root' node (the top level of the hierarchy) is connected to one or more other nodes that are one level lower in the hierarchy (i.e., the second level) with a point-to-point link between
each of the second level nodes and the top level central 'root' node, while each of the second level nodes that are connected to the top level central 'root' node will also have one or more other nodes that are one level lower in the hierarchy (i.e., the third level) connected to it, also with a point-to-point link, the top level central 'root' node being the only node that has no other node above it in the hierarchy – the hierarchy of the tree is symmetrical, each node in the network having a specific fixed number, f, of nodes connected to it at the next lower level in the hierarchy, the number, f, being referred to as the 'branching factor' of the hierarchical tree. Hybrid - The hybrid topology is a type of network topology that is composed of one or more interconnections of two or more networks that are based upon different physical topologies or a type of network topology that is composed of one or more interconnections of two or more networks that are based upon the same physical topology, but where the physical topology of the network resulting from such an interconnection does not meet the definition of the original physical topology of the interconnected networks.
→ NETWORK COMMUNICATION MEDIUM
Unshielded Twisted Pair (UTP) Cable - Twisted pair cabling comes in two varieties: shielded and unshielded. Unshielded twisted pair (UTP) is the most popular and is generally the best option for school networks . The standard connector for unshielded twisted pair cabling is an RJ-45 connector.
Coaxial Cable - Coaxial cabling has a single copper conductor at its center. A plastic layer provides insulation between the center conductor and a braided metal shield .The metal shield helps to block any outside interference from fluorescent lights, motors, and other computers. The most common type of connector used with coaxial cables is the Bayone-Neill-Concelman (BNC) connector.
Fiber Optic Cable - Fiber optic cabling consists of a center glass core surrounded by several layers of protective materials. It transmits light rather than electronic signals eliminating the problem of electrical interference.
Wireless LANs - Not all networks are connected with cabling; some networks are wireless. Wireless LANs use high frequency radio signals, infrared light beams, or lasers to communicate between the workstations and the file server or hubs. Each workstation and file server on a wireless network has some sort of transceiver/antenna to send and receive the data. Information is relayed between transceivers as if they were physically connected. For longer distance, wireless communications can also take place through cellular telephone technology, microwave transmission, or by satellite.
→ NETWORK PROTOCOLS
A protocol is a set of rules that governs the communications between computers on a network. These rules include guidelines that regulate the following characteristics of a network: access method, allowed physical topologies, types of cabling, and speed of data transfer. Ethernet - The Ethernet protocol is by far the most widely used. Ethernet uses an access method called CSMA/CD (Carrier Sense Multiple Access/Collision Detection). This is a system where each computer listens to the cable before sending anything through the network. If the network is clear, the computer will transmit. If some other node is already transmitting on the cable, the computer will wait and try again when the line is clear. LocalTalk - LocalTalk is a network protocol that was developed by Apple Computer, Inc. for Macintosh computers. The method used by LocalTalk is called CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance). It is similar to CSMA/CD except that a computer signals its intent to transmit before it actually does so. LocalTalk adapters and special twisted pair cable can be used to connect a series of computers through the serial port. Token Ring - The Token Ring protocol was developed by IBM in the mid-1980s. The access method used involves token-passing. In Token Ring, the computers are connected so that the signal travels around the network from one computer to another in a logical ring. A single electronic token moves around the ring from one computer to the next. FDDI - Fiber Distributed Data Interface (FDDI) is a network protocol that is used primarily to interconnect two or more local area networks, often over large distances. The access method used by FDDI involves token-passing. Transmission normally occurs on one of the rings; however, if a break occurs, the system keeps information moving by
automatically using portions of the second ring to create a new complete ring. A major advantage of FDDI is speed. It operates over fiber optic cable at 100 Mbps. ATM - Asynchronous Transfer Mode (ATM) is a network protocol that transmits data at a speed of 155 Mbps and higher. ATM works by transmitting all data in small packets of a fixed size; whereas, other protocols transfer variable length packets. ATM supports a variety of media such as video, CD-quality audio, and imaging. ATM employs a star topology, which can work with fiber optic as well as twisted pair cable.ATM is most often used to interconnect two or more local area networks. It is also frequently used by Internet Service Providers to utilize high-speed access to the Internet for their clients. As ATM technology becomes more cost-effective, it will provide another solution for constructing faster local area networks.
LAN HARWARE AND CLIENTS
→ NETWORK HARDWARE AND OPERATING SYSTEMS → SERVER AND WORKSTATION REQUIREMENTS → SERVER AND WORKSTATION INSTALLATION AND CONFIGURATION Networking hardware includes all computers, peripherals, interface cards and otherequipment needed to perform data-processing and communications within the network.
File Servers – A file server stands at the heart of most networks. It is a very fast computer with a large amount of RAM and storage space, along with a fast network interface card. The network operating system software resides on this computer, along with any software applications and data files that need to be shared. The file server controls the communication of information between the nodes on a network. For example, it may be asked to send a word processor program to one workstation, receive a database file from another workstation, and store an e-mail message during the same time period. This requires a computer that can store a lot of information and share it very quickly. File servers should have at least the following characteristics:
• • • • • • •
800 megahertz or faster microprocessor (Pentium 3 or 4, G4 or G5) A fast hard drive with at least 120 gigabytes of storage A RAID (Redundant Array of Inexpensive Disks) to preserve data after a disk casualty A tape back-up unit (i.e. DAT, JAZ, Zip, or CD-RW drive) Numerous expansion slots Fast network interface card At least of 512 MB of RAM
Workstations - All of the user computers connected to a network are called workstations. A typical workstation is a computer that is configured with a network interface card, networking software, and the appropriate cables. Workstations do not necessarily need floppy disk drives because files can be saved on the file server. Almost any computer can serve as a network workstation.
Network Interface Cards - The network interface card (NIC) provides the physical connection between the network and the computer workstation. Most NICs are internal, with the card fitting into an expansion slot inside the computer.Laptop computers can now be purchased with a network interface card built-in or with network cards that slip into a PCMCIA slot.Network interface cards are a major factor in determining the speed and performance of a network. Ethernet Cards - Ethernet cards are usually purchased separately from a computer, although many computers (such as the Macintosh) now include an option for a preinstalled Ethernet card. Ethernet cards contain connections for either coaxial or twisted pair cables (or both) (See fig. 1). If it is designed for coaxial cable, the connection will be BNC. If it is designed for twisted pair, it will have a RJ-45 connection. Some Ethernet cards also contain an AUI connector. This can be used to attach coaxial, twisted pair, or fiber optics cable to an Ethernet card.
LocalTalk Connectors - LocalTalk is Apple's built-in solution for networking Macintosh computers. It utilizes a special adapter box and a cable that plugs into the printer port of a Macintosh (See fig. 2). A major disadvantage of LocalTalk is that it is slow in comparison to Ethernet. Most Ethernet connections operate at 10 Mbps (Megabits per second). In contrast, LocalTalk operates at only 230 Kbps (or .23 Mbps).
Fig.2. LocalTalk connectors
Ethernet Cards vs. LocalTalk Connections Ethernet Fast data transfer (10 to 100 Mbps) Expensive - purchased separately Requires computer slot Available for most computers LocalTalk Slow data transfer (.23 Mbps) Built into Macintosh computers No computer slot necessary Works only on Macintosh computers
Token Ring Cards - Token Ring network cards look similar to Ethernet cards. One visible difference is the type of connector on the back end of the card. Token Ring cards generally have a nine pin DIN type connector to attach the card to the network cable. Switch - A concentrator is a device that provides a central connection point for cables from workstations, servers, and peripherals. In a star topology, twisted-pair wire is run from each workstation to a central switch/hub. Most switches are active, that is they electrically amplify the signal as it moves from one device to another. Switches no longer broadcast network packets as hubs did in the past, they memorize addressing of computers and send the information to the correct location directly. Switches are:
• • • • •
Usually configured with 8, 12, or 24 RJ-45 ports Often used in a star or star-wired ring topology Sold with specialized software for port management Also called hubs Usually installed in a standardized metal rack that also may store netmodems, bridges, or routers
Repeaters - Since a signal loses strength as it passes along a cable, it is often necessary to boost the signal with a device called a repeater. The repeater electrically amplifies the signal it receives and rebroadcasts it. Repeaters can be separate devices or they can be incorporated into a concentrator. They are used when the total length of your network cable exceeds the standards set for the type of cable being used. A good example of the use of repeaters would be in a local area network using a star topology with unshielded twisted-pair cabling. The length limit for unshielded twisted-pair cable is 100 meters. The most common configuration is for each workstation to be connected by twisted-pair cable to a multi-port active concentrator. The concentrator amplifies all the signals that pass
through it allowing for the total length of cable on the network to exceed the 100 meter limit. Bridges - A bridge is a device that allows you to segment a large network into two smaller, more efficient networks. If you are adding to an older wiring scheme and want the new network to be up-to-date, a bridge can connect the two. A bridge monitors the information traffic on both sides of the network so that it can pass packets of information to the correct location. Most bridges can "listen" to the network and automatically figure out the address of each computer on both sides of the bridge. The bridge can inspect each message and, if necessary, broadcast it on the other side of the network. The bridge manages the traffic to maintain optimum performance on both sides of the network. You might say that the bridge is like a traffic cop at a busy intersection during rush hour. It keeps information flowing on both sides of the network, but it does not allow unnecessary traffic through. Bridges can be used to connect different types of cabling, or physical topologies. They must, however, be used between networks with the same protocol.
Routers - A router translates information from one network to another; it is similar to a superintelligent bridge. Routers select the best path to route a message, based on the destination address and origin. The router can direct traffic to prevent head-on collisions, and is smart enough to know when to direct traffic along back roads and shortcuts. While bridges know the addresses of all computers on each side of the network, routers know the addresses of computers, bridges, and other routers on the network. Routers can even "listen" to the entire network to determine which sections are busiest -- they can then redirect data around those sections until they clear up. If you have a school LAN that you want to connect to the Internet, you will need to purchase a router. In this case, the router serves as the translator between the information on your LAN and the Internet. It also determines the best route to send the data over the Internet. Routers can:
• • • •
Direct signal traffic efficiently Route messages between any two protocols Route messages between linear bus, star, and star-wired ring topologies Route messages across fiber optic, coaxial, and twisted-pair cabling.
What is a Network Operating System? Unlike operating systems, such as DOS and Windows, that are designed for single users to control one computer, network operating systems (NOS) coordinate the activities of multiple computers across a network. The network operating system acts as a director to
keep the network running smoothly. The two major types of network operating systems are: Peer-to-Peer - Peer-to-peer network operating systems allow users to share resources and files located on their computers and to access shared resources found on other computers. However, they do not have a file server or a centralized management source (See fig. 1). In a peer-to-peer network, all computers are considered equal; they all have the same abilities to use the resources available on the network. Peer-to-peer networks are designed primarily for small to medium local area networks. AppleShare and Windows for Workgroups are examples of programs that can function as peer-to-peer network operating systems.
Fig. 1. Peer-to-peer network
Advantages of a peer-to-peer network:
Less initial expense - No need for a dedicated server. Setup - An operating system (such as Windows XP) already in place may only need to be reconfigured for peer-to-peer operations.
Disadvantages of a peer-to-peer network:
Decentralized - No central repository for files and applications. Security - Does not provide the security available on a client/server network.
Client/Server - Client/server network operating systems allow the network to centralize functions and applications in one or more dedicated file servers (See fig. 2). The file servers become the heart of the system, providing access to resources and providing security. Individual workstations (clients) have access to the resources available on the file servers. The network operating system provides the mechanism to integrate all the components of the network and allow multiple users to simultaneously share the same resources irrespective of physical location. Novell Netware and Windows 2000 Server are examples of client/server network operating systems.
Fig. 2. Client/server network
Advantages of a client/server network:
• • • • •
Centralized - Resources and data security are controlled through the server. Scalability - Any or all elements can be replaced individually as needs increase. Flexibility - New technology can be easily integrated into system. Interoperability - All components (client/network/server) work together. Accessibility - Server can be accessed remotely and across multiple platforms.
Disadvantages of a client/server network:
• • •
Expense - Requires initial investment in dedicated server. Maintenance - Large networks will require a staff to ensure efficient operation. Dependence - When server goes down, operations will cease across the network.
Examples of network operating systems The following list includes some of the more popular peer-to-peer and client/server network operating systems.
• • •
AppleShare Microsoft Windows Server Novell Netware
LAN MANAGEMENT AND SERVICES → LICENSING
Network licensing helps ensure that your users have access to the right software at the right time and enables you to control the use of your software licenses easily and efficiently. Effective use of network licensing software requires investment in planning, implementation, and maintenance. But, used properly, it can generate significant benefits for you and your organization. Benefits of Network Licensing Network licensing provides improved value. Since a network license process can float to different machines as required and can serve many users over the course of a day, it will usually be employed a greater fraction of the time than a license fixed on one machine. For example, if no more than 10 users in a facility of 50 access Mathematica concurrently, a 10-seat Network Mathematica can replace 50 single-user copies. Yet each network process costs only 30 percent more than a process locked to one machine. This allows users to recoup the small fee for MathLM almost instantly. Of course, Wolfram Research supports mixed installations of network and locked processes. Therefore, those relying on a program extensively will have guaranteed access at any time--even when colleagues are temporarily using all available network processes.
More people can get the benefit of networked programs. Even users who do not yet use a program enough to justify purchasing a fixed license can access the program's power via the network license process your organization has purchased--as long as colleagues haven't tied up all the processes when you want to use one. It is more convenient for users and system administrators. Because of the option not to install Wolfram Research programs locally but to serve them over the network, system administration is greatly simplified and user time is saved. Serving over the network also makes upgrades and recovering orphaned licenses a snap.
It maximizes the use of a program and prevents orphaned licenses. All licenses are administered centrally. This means that even if a user leaves or moves to another department, the user's license will be available to others and not stand on a bookshelf. Network licensing is a powerful tool for managing your licenses. It is important to determine what type of licensing is most appropriate for your users. You can keep a majority of your seats as stand-alone users, while you run a pilot project with network licensing, or you can move most of your licenses to a license server, keeping a few 19
essential stand-alone licenses for key users. Most companies that implement network licensing also have some stand-alone licenses for special cases.
→ FILE SYSTEMS
A network file system is any computer file system that supports sharing of files, printers and other resources as persistent storage over a computer network. The first file servers were developed in the 1970s, and in 1985 Sun Microsystems created the file system called "Network File System" (NFS) which became the first widely used network file system. Other notable network file systems are Andrew File System (AFS), NetWare Core Protocol (NCP), and Server Message Block (SMB), also known as Common Internet File System (CIFS). Transparency Ideally, a network file system should appear to its users to be a conventional, centralized file system. The multiplicity and dispersion of its servers and storage devices should be made invisible. That is, the client interface used by programs should not distinguish between local and remote files. It is up to the network file system to locate the files and to arrange for the transport of the data. Performance The most important performance measurement of a network file system is the amount of time needed to satisfy service requests. In conventional systems, this time consists of a disk-access time and a small amount of CPU-processing time. But in a network file system, a remote access has additional overhead due to the distributed structure. This includes the time to deliver the request to a server, the time to deliver the response to the client, and for each direction, a CPU overhead of running the communication protocol software. The performance of a network file system can be viewed as one dimension of its transparency: ideally, it would be comparable to that of a conventional file system.
Concurrent file updates A network file system should allow multiple client processes on multiple machines to access and update the same files. Hence updates to the file from one client should not interfere with access and updates from other clients. Concurrency control or locking may be either built into the file system or be provided by an add-on protocol.
List of network file systems Client-server file systems: 9P Amazon S3 Andrew File System (AFS), OpenAFS Apple Filing Protocol (AFP)
Coda DCE Distributed File System NetWare Core Protocol (NCP) Network File System (protocol) (NFS) Secure File System (SFS) Self-certifying File System (SFS) Server Message Block (SMB)
→DOMAINS AND TRUST RELATIONSHIPS
The word domain naming system is commonly abbreviated as DNS. For a domain naming system, the word domain is defined as a group of workstations and servers which share a single group name. The word domain also refers to the address of a website on the Internet. The protocol, the path, the page and the other items are not attached to the domain.
Multiple domains and trust relationships
As the network grows, simplify administration by dividing the network into multiple domains. Each domain has a unique name that you choose when installing the domain's primary server. A network with three domains might look like this:
Sample Advanced Server network A trust relationship is a link between domains where the trusting domain honors the logon validations from the trusted domain. Trust relationships make the network easier to manage and easier to use because each user needs only a single account in one of the domains on the network, which can provide access to resources anywhere on the network.
Passwords are nothing but access control limits prescribed to a user. Access control can be based on:
What you know, for example a password or PIN number. We know that these are not foolproof because people use obvious words, divulge their password, or write it down. Sometimes fraudsters pose as people who would seem to be authorised to know it. The fraudster runs a program that appears to be a login procedure and the employee is asked to supply their password. (Some fraudsters have been known to send bogus but genuine-looking e-mails to bank customers, to ask for bank details and PINs. If that happens to you, DO NOT send them details, but let your bank know. Your bank will never send such an e-mail.) What you have, for example an ID card with a barcode or a chip. Where you are, using a specified telephone number. This is a call-back system. The use dials in and enters an ID and a password. After checking these, the user is called back on a predetermined phone number. Who you are - the computer can check voice-print and/or biometric data.
These become less effective if users leave their computers logged in. Screensavers can come on if there is no keyboard activity for, say, ten minutes. A password may be needed to restore the system. Or the user can be logged out.
→ USER ACCOUNTS POLICIES
Policies can define a specific user's settings or the settings for a group of users. The resulting policy file contains the registry settings for all users, groups, and computers that will be using the policy file. Separate policy files for each user, group, or computer are not necessary. If you create a policy that will be automatically downloaded from validating domain controllers, you should name the file NTConfig.POL. As system administrator, you have the option of renaming the policy file and, by modifying the Windows NT-based workstation, directing the computer to update the policy from a manual path. You can do this by either manually changing the registry or by using the System Policy Editor. This can even be a local path such that each machine has its own policy file, but if a change is necessary to all machines, it must be made individually to each workstation. When a Windows NT4/200x/XP machine logs onto the network, the client looks in the NETLOGON share on the authenticating domain controller for the presence of the NTConfig.POL file. If one exists, it is downloaded, parsed, and then applied to the user's part of the registry. MS Windows 200x/XP clients that log onto an MS Windows Active Directory security domain may additionally acquire policy settings through GPOs that are defined and stored in Active 22
Directory itself. The key benefit of using AD GPOs is that they impose no registry spoiling effect. This has considerable advantage compared with the use of NTConfig.POL (NT4) style policy updates. In addition to user access controls that may be imposed or applied via system and/or group policies in a manner that works in conjunction with user profiles, the user management environment under MS Windows NT4/200x/XP allows per-domain as well as per-user account restrictions to be applied. Common restrictions that are frequently used include:
• • • • •
Logon hours Password aging Permitted logon from certain machines only Account type (local or global) User rights
Samba-3.0.20 does not yet implement all account controls that are common to MS Windows NT4/200x/XP. While it is possible to set many controls using the Domain User Manager for MS Windows NT4, only password expiry is functional today. Most of the remaining controls at this time have only stub routines that may eventually be completed to provide actual control. Do not be misled by the fact that a parameter can be set using the NT4 Domain User Manager or in the NTConfig.POL.
→ LOCAL AND GLOBAL GROUPS
Groups are nothing but the way in which a network is connected that is network type
Main Network Types
• • • • •
Ethernet FDDI Token Ring ARCnet AppleTalk
Other Network Types
Fiber channel - Operates at 256 Mbps or 1 Gbps. It was developed for peripheral devices like disk arrays, but is now used for point to point networking for full duples server to server communications. It is the lowest cost 1 Gbps network. Gigabit Ethernet - This type of ethernet places ethernet packets in fiber channel packets. The fiber channel network works like an ethernet bridge.
The IEEE 802.3 standard defines ethernet at the physical and data link layers of the OSI network model. Most ethernet systems use the following:
• • • •
Carrier-sense multiple-access with collision detection (CSMA/CD) for controlling access to the network media. Use baseband broadcasts A method for packing data into data packets called frames Transmit at 10Mbps, 100Mbps, and 1Gbps.
FDDI stands for Fiber Distributed Data Interface. The FDDI standard is ANSI X3T9.5 . The FDDI topology is ring with two counter rotating rings for reliability with no hubs. Cable type is fiber-optic. Connectors are specialized. The media access method is token passing. Multiple tokens may be used by the system. The maximum length is 100 kilometers. The maximum number of nodes on the network is 500. Speed is 100 Mbps. FDDI is normally used as a backbone to link other networks. A typical FDDI network can include servers, concentrators, and links to other networks. CDDI is a copper version of FDDI which uses category 5 cable. Obviously the distance is more limited than FDDI. Devices called concentrators provide functions similar to hubs. Most concentrators use dual attachment station network cards but single attachment concentrators may be used to attach more workstations to the network. FDDI token passing allows multiple frames to circulate around the ring at the same time. Priority levels of a data frame and token can be set to allow servers to send more data frames. Time sensitive data may also be given higher priority. The second ring in a FDDI network is a method of adjusting when there are breaks in the cable. The primary ring is normally used, but if the nearest downstream neighbor stops responding the data is sent on the secondary ring in attempt to reach the computer. Therefore a break in the cable will result in the secondary ring being used. There are two network cards which are: 1. Dual attachment stations (DAS) used for servers and concentrators are attached to both rings. 2. Single Attachment stations (SAS) attached to one ring and used to attach workstations to concentrators. A router or switch can link an FDDI network to a local area network (LAN). Normally FDDI is used to link LANs together since it covers long distances.
Developed by IBM, Token Ring, is standardized to IEEE 802.5. Token Ring uses a star topology, but it is wired so the signal will travel from hub to hub in a logical ring. These networks use a data token passed from computer to computer around the ring to allow each computer to have network access. The token comes from the nearest active upstream neighbor (NAUN). When a computer receives a token, if it has no attached data and the computer has data for transmission, it attaches its data to the token then sends it to its nearest active downstream neighbor (NADN). Each computer downstream will pass the data on since the token is being used until the data reaches its recipient. The recipient will set two bits to indicate it received the data and transmit the token and data. When the computer that sent the data receives the package, it can verify that the data was received correctly. It will remove the data from the token and pass the token to its NADN. It can use UTP, STP, or fiber optic cable. Maximum cable length is 45 meters with UTP and 101 meters with STP. Topology is star-wired ring. Uses type 1 STP and type 3 UTP. Connectors are RJ-45 or IBM type A. Minimum length between nodes is 2.5 meters. Maximum number of hubs or segments is 33. Maximum nodes per network is 72 nodes with UTP and 260 nodes with STP. Speed is 4 or 16 Mps. IEEE 802.5 defines token ring. Data frames may be 4,000 to 17,800 bytes long. A token ring network uses a multistation access unit (MAU) as a hub. It may also be known as a Smart Multistation Access Unit (SMAU). A MAU normally has ten ports. Two ports are Ring In (RI) and Ring Out (RO) which allow multiple MAUs to be linked to each other. The other 8 ports are used to connect to computers.
ARCnet (Attached Resource Computer Network) (CR)
ARCnet Topology is star and bus or a mixture. Cable type is RG-62 A/U coaxial (93 ohm), UTP or fiber-optic. A network can use any combination of this media. Connectors used include BNC, RJ-45, and others. It passes tokens passing for media access. Maximum segment length is 600 meters with RG-62 A/U, 121 meters with UTP, 3485 meters with fiber-optic, and 30 meters from a passive hub. It may use active and passive hubs. The specification is ANSI 878.1. It can have up to 255 nodes per network. The speed is 2.5 Mbps. ARCnet Plus has operating speeds approaching 20Mbps.
Signals are broadcast across the entire network with computers processing only signals addressed to them. ARCnet tokens travel based on a station identifier (SID) which each computer has. Each network card has a DIP switch used to set the SID with an address between 1 and 255. Signals are generally sent from the lowest numbered station to the next until they wrap around back to SID of 1. To determine non-existent stations, the station with the lowest ID indicates it has the token and begins querying IDs of higher value until it gets a response. Then the next computer does the same until the original station is queried. This procedure is done when a station is added or removed from the network or when the network is originally started. The acronym SID is used for a station identifier with regard to ARCnet, but as used in the Windows NT and Windows 95 operating systems, it refers to the security identification number of a user or group.
AppleTalk topology is bus. Cable type is STP. The connectors are specialized. The media access method is CSMA/CA . Maximum segment and network length is 300 meters. The maximum number of connected segments is 8. There are 32 maximum nodes per segment with 254 maximum number of nodes per network. Speed is 230.4Kbps. The cabling system used with AppleTalk is called LocalTalk.
Addressing is dynamic with each computer, when powered on, choosing its last used address or a random address. The computer broadcasts that address to determine if the address is used. If it is used, it will broadcast another random address until it finds an unused address. EtherTalk and TokenTalk provide for use of AppleTalk network protocols on top of ethernet and token ring architectures respectively.
LocalTalk uses STP cable and bus topology. Using CSMA/CA for media access, computers will first determine if any other computers are transmitting, before they transmit. A packet is transmitted prior to transmitting that alerts other computers that a transmission will be sent. Usually LocalTalk is only used in small environments.
→ SECURITY AND RELATED ISSUES
Security can be maximised by
Training users about security - every employee needs to know about the importance of security and what the company security policies are. Downloading programs can bring in viruses. All files need to be virus checked before use. Strangers should not be given access to restricted areas, and computers should be logged off when employees are out of the office. Access Privileges - to both software and data. We know of the different levels of access to data such as read only, read and copy, read and update. Employees should have just the software that is needed for them to do their jobs.
Firewalls The primary purpose of a firewall is to keep out hackers. Firewall software can also be configured to control what goes in or out of an organisation. Placed at the interface between the LAN and the WAN, the firewall products can be:
A router that examines all packets of data going in and out, checking source or destination addresses. Packets going to or from unwanted addresses are barred. Special software that restricts traffic to a particular application, for example e-mail, or Lotus Notes, software that enables several users to work on the same document at the same time. A proxy server that maintains replicated copies of web-pages for easy access to normal or outside users of the site. Only authorised users can access the more sensitive information. For example, a college will have web-pages that anyone can access, usually with details of courses, and a message from the principal. Only staff and students can access the intranet through an ID and a password.
Audit Controls Audit controls can track all network activity:
• • • •
What programs have been used; What files have been opened; How many reads and writes have been carried out; How many times the server has been accessed.
Special monitoring software can produce statistical profiles on the use of the network. Each individual user can also be monitored, and any abnormal behaviour of users can be detected. 27
Performance Monitoring The network performance can be monitored:
• • • • •
Network availability (i.e. on but not working); Response time, e.g. time taken between a query being made and the response being received. Usage of hardware resources; Usage of software. Traffic density.
These will help in the management and planning of a network. Bottlenecks can be identified and sorted out. If more copies of software are being used than allowed by the licence, then action can be taken. Encryption Data passing through a wire or as a radio signal are vulnerable to interception. Such data can be scrambled or encrypted to make sure they are meaningless to everyone else other than the intended recipient.Encryption is nothing new; the Enigma machine used by the Germans in the Second World War were sophisticated devices. And it took a sophisticated electro-mechanical computer, Collosus, to crack them. Collosus was faster at decoding Enigma than a Pentium Processor, so it was a pretty good machine. (Many historians state that the Germans were good soldiers, but had a blind spot about the value of good intelligence. The Allies were good at intelligence which won the war.) There are different ways of encrypting data based on:
transposition where characters are moved about; substitution where one character stands for another.
→ DIRECTORIES, PERMISSIONS AND SHARES
Directories Directories contain data describing resources such as computers, printers and user accounts that are contained within a particular network. Directories can be as simple as text file, such as the /etc.passwd and /etc/group files on traditional Unix systems, which list the active user accounts and their group permissions, or a directory can be complex LDAP directory structure such as microsoft's active directory. Directories can contain authentication data. Authenticating "against" a directory takes two forms: a client machine can contact a directory, obtain the hashed version of the user's password, hash the password given by the user, and compare the two. this method is used by NIS, for example. 28
the other form, employed by most LDAP authentication mechanisms, is to attempt to bind to the LDAP directory using the crudentials that the user provided.The pam_ldap PAM module uses this latter method to authenticate against an LDAP directory. Permissions Microsoft windows XP to support many different types of partitions(NTFS,FAT16 ,FAT32), old and new! network permissions are Microsoft's way of enabling you to administer file sharing on any typr of partition supported by windows, no mater how ancient. sure your options will be pretty limited if you are working with the older partition type, but you can do it. the beauty of windowsNT/2000/xp is that gives you another tool - NTFS permissions - that can do much more. NTFS is where power lies, but power always comes with a price: you have to configure two seperate sets of permissions, so if you are sharing a folder on an NTFS drive, as you normally are these days, you must set both the network permissions and the NTFS permissions to let others access your shared resources.
Shares In network sharing you just give access or permissions shared on LAN to transfer or view files according to the levels specified once the network ids are setup with IP addresses specified and communication link build up. To share a folder right click on the folder or drive to be shared then click on the sharing and security tab, then in the network sharing and security area highlight the sharing option and specify the mane with which it can be seen on the network.
Assessment can be defined as the act of testing network security to determine the strength of current security measures taken in the network. futhermore auditing can be defined as teh act of examining, evaluating and recording security measures. so basically both the terms mean similar but in laymans language have to be assessed together to prevent hacking of the network in means of theft , piracy and many more terms related to cyber crime. So hence we require lot of securities firewalls and auditing is the means of testing of those measures.
→ NETWORK PRINTING AND SHARING PRINTER RESOURCES
The most common network printing implementation is a “printserver” accepting print jobs from clients tied to the server via a network cable. The term "printserver" is one of those networking terms, like packet, that has been carelessly tossed around until its meaning has become somewhat confusing and blurred. To be specific, a printserver is simply a program that arbitrates print data from multiple clients for a single printer. Printservers can be implemented in one of the four methods described in the following sections.The printer can be physically cabled to the PC running the Network OS. Print jobs are submitted by clients to the printserver software on the fileserver, which sends them down the parallel or serial cable to the printer. The printer must be physically close to the fileserver. This kind of printserving is popular in smaller workgroup networks, in smaller offices.
The printer can be physically cabled to the PC running the Network OS. Print jobs are submitted by clients to the printserver software on the fileserver, which sends them down the parallel or serial cable to the printer. The printer must be physically close to the fileserver. This kind of printserving is popular in smaller workgroup networks, in smaller offices. Figure 8-1. Printserver on the fileserver
It is possible to run a print server program on a cheap PC that is located next to the printer and plugged into it via parallel cable. This program simply acts as a pass-through program, taking network packets from the network interface and passing them to the printer. This kind of server doesn't allow any manipulation of print jobs, jobs usually come from a central fileserver, where jobs are controlled.
Figure 8-2. Printserver on a separate PC
The HP JetDirect Internal is the best known printserver of this type. It is inserted into a slot in the printer case, and it works identically to the external JetDirect units. Figure 8-4. Printserver in the printer
Printspooling is an integral part of network printing. Since the PC can spit out data much faster than the printer can accept it, the data must be buffered in a spool at some location. In addition, because many clients share printers, when clients send print jobs at the same time, jobs must be placed on a queue so that one can be printed after the other. Figure 8-5. Print spool locations
Sharing printer resources→ To share the printer, I opened the Printers and Faxes folder on the computer that was connected to my printer. To open the Printers and Faxes folder •Click Start and then click Control Panel. •Click Printers and Other Hardware, and then click Printers and Faxes. •In the Printers and Faxes folder, I clicked the printer's icon and, in the tasks pane, I clicked Share This Printer. •I opened the printer's Properties dialog box, and clicked on the Sharing tab. •I clicked Share Name, and then clicked OK. That's it—the printer was immediately available for other computers to use. Now that I had a network printer, I was ready to connect to it and print from other computers on the network. To connect to the printer •I opened Control Panel, and clicked Printers and Other Hardware. •I clicked Add a Printer. 32
•Instead of adding a local printer, though, I clicked Printer Connection and then browsed the network for the printer. The whole process took less than a minute before I was printing to the network printer as though it was connected to the computer.
SYSTEM MONITORING AND MAINTENANCE
→MONITORING ISSUES • Quality of data - how complete is the logging data sent to logging systems and are logging systems working as designed. • Volume of traffic - how much data volume is being stored and is it possible to effectively analyze it. • Spatial distribution - where is the data coming from within the organization. • More sophisticated attacks - do data analysis systems have the capability to detect sophisticated attacks embedded within the data collected. • Complexity of the networks - how complex is our network and does its complexity outstrip our ability of our analysis systems to comprehend the attacks taking place on it. • Encryption . • Protection of reported network data. • Identifying attacks on an encrypted network. •Attacks concealed within encrypted data. • Switched networks. • Decreased network event visibility. • Complexity of network IDS. • Packet loss for a network ID increases with bandwidth → SERVER MAINTENANCE PROCEDURES The maintenance procedures to be followed are • Providing a continuous power backup to the server • Keeping memory management to the max by providing backup techniques and implementing those techniques at least once a day/week whenever the server remains ideal. • Keeping dust level to the minimum and cleaning the server workstation with blowers whenever possible.
• Providing the server with as many cooler fans as possible to keep the heat level of the processor as well as the machine to the minimum. • Keeping track of the access limits to different hierarchy of users and implementing firewalls wherever possible and to keep a check for loop holes and vires definations by using a anti virus. • Keeping server I/O procedures to the minimum to help in implementing a faster network and limiting the count of users by implementing service counts. • Prevention of deadlock implementation and techniques to resolve them should be implemented and user primary and unique status should be maintained. • Up gradation of hardware as well as software should be taken into account whenever the load on the machine servers is unbearable. → TROUBLESHOOTING The 10 step Universal Troubleshooting Process: Prepare Make damage control plan Get a complete and accurate symptom description Reproduce the symptom Do the appropriate corrective maintenance Narrow it down to the root cause Repair or replace the defective component Test Take pride in your solution Prevent future occurrence of this problem. Eg : if the lan card is not functioning : then according to the above steps 1> Calm your self to search the problem as banging the machine is not a solution. 2> Then set your goal that you wont make the problem worse in the troubleshooting process 3> Then why is the problem being caused like hardware or is it software related. 4> Then recheck whether it is the same problem. 5,6,7> If hardware then check whether the slot where lan card is placed is properly functioning if yes then check the card if yes then the problem is software related then perform the nic check if that is also working then it is the network media problem. Whatever is the cause once determined replace it with spare or get the cause fixed or else call an expert. 8> Once fixed recheck whether the cause is not creating trouble once again 9,10> Take precaution that you don’t create that problem again.
→ ON-LINE HELP Online Help is topic, procedural or reference information delivered through computer software. It is a form of User Assistance. Most Help is designed to give assistance in the use of a software application or operating system, but can also be used to present information on a broad range of subjects. When Help is linked to the state of application (what user is doing), it's called context-sensitive Help. Online Help is created through Help authoring tools. It is delivered in a wide variety of formats, some proprietary and some open-standard, including: Hypertext Markup Language (HTML), which includes HTML Help, HTML-based Help, JavaHelp, and Oracle Help. Adobe Portable Document Format (PDF) .
→ EFFECTIVE USE OF SYSTEM RESOURCES The method for managing system resources required for communication between a source device and a sink device includes the steps of (a) initially allocating system resources presently required to the source device, (b) monitoring the format of the output bit stream of the source device in a state in which communication between the two devices is maintained, (c) allocating additional system resources to the source device or releasing redundant system resources from the source device, under the lead of the source device when it is determined as a result of monitoring that the requirements for system resources have changed, and (d) detecting final system resources and releasing the detected system resources when communication between two devices is terminated. Eg: Useful results from monitoring software usage: If there are more copies of the software being used than is allowed for in the licence, then the licence needs to be changed; Monitoring whether the software is performing as it claims to; Assessing whether the software is using more resources than it should do; In the event of a software crash, looking at the software behaviour just before the crash. Assessing whether all functions are working. Accounting Software There are organisations that provide other organisations with network services and charge for network use. The charge depends on: Time logged on; Processing time; Resources used (such as disk space or printer);
Time of day. Like auditing software, patterns of usage can be monitored to encourage users to use the system at less busy times of the day. It can also help administrators to decide whether extra resources are used.
→ SYSTEM BACKUP AND BACKUP TENIQUES Backup: Information technology, backup refers to making copies of data so that these additional copies may be used to restore the original after a data loss event. These additional copies are typically called "backups." Backups are useful primarily for two purposes. The first is to restore a computer to an operational state following a disaster (called disaster recovery). The second is to restore small numbers of files after they have been accidentally deleted or corrupted.Backups are typically that last line of defense against data loss, and consequently the least granular and the least convenient to use. Since a backup system contains at least one copy of all data worth saving, the data storage requirements are considerable. Organizing this storage space and managing the backup process is a complicated undertaking. A data repository model can be used to provide structure to the storage. In the modern era of computing there are many different types of data storage devices that are useful for making backups. There are also many different ways in which these devices can be arranged to provide geographic redundancy, data security, and portability.Before data is sent to its storage location, it is selected, extracted, and manipulated. Many different techniques have been developed to optimize the backup procedure. These include optimizations for dealing with open files and live data sources as well as compression, encryption, and de-duplication, among others. Many organizations and individuals try to have confidence that the process is working as expected and work to define measurements and validation techniques. It is also important to recognize the limitations and human factors involved in any backup scheme. Backup teniques: Data repository models - Any backup strategy starts with a concept of a data repository. The backup data needs to be stored somehow and probably should be organized to a degree. It can be as simple as a sheet of paper with a list of all backup tapes and the dates they were written or a more sophisticated setup with a computerized index, catalog, or relational database. Different repository models have different advantages. This is closely related to choosing a backup rotation scheme. Unstructured - An unstructured repository may simply be a stack of floppy disks or CD-R/DVD-R media with minimal information about what was backed up and when. This is the easiest to implement, but probably the least likely to achieve a high level of recoverability.
Full + Incrementals - A Full + Incremental repository aims to make storing several copies of the source data more feasible. At first, a full backup (of all files) is taken. After that an incremental backup (of only the files that have changed since the previous full or incremental backup) can be taken. Restoring whole systems to a certain point in time would require locating the full backup taken previous to that time and all the incremental backups taken between that full backup and the particular point in time to which the system is supposed to be restored. This model offers a high level of security that something can be restored and can be used with removable media such as tapes and optical disks. The downside is dealing with a long series of incrementals and the high storage requirements. Full + Differential - A full + differential backup differs from a full + incremental in that after the full backup is taken, each partial backup captures all files created or changed since the full backup, even though some may have been included in a previous partial backup. Its advantage is that a restore involves recovering only the last full backup and then overlaying it with the last differential backup. Mirror + Reverse Incrementals - A Mirror + Reverse Incrementals repository is similar to a Full + Incrementals repository. The difference is instead of an aging full backup followed by a series of incrementals, this model offers a mirror that reflects the system state as of the last backup and a history of reverse incrementals. One benefit of this is it only requires an initial full backup. Each incremental backup is immediately applied to the mirror and the files they replace are moved to a reverse incremental. This model is not suited to use removable media since every backup must be done in comparison to the mirror. Continuous data protection - This model takes it a step further and instead of scheduling periodic backups, the system immediately logs every change on the host system. This is generally done by saving byte or block-level differences rather than filelevel differences.It differs from simple disk mirroring in that it enables a roll-back of the log and thus restore of old image of data.
• Site: www.google.co.in • Site: www.wikipedia.org • Site: www.nevisnetworks.com • Site: www.networkcomputing.com • Site: www.sdn.sap.com • Book: Data and Computer Communications by Prentice Hall, 1997 • Book: Data Network Design by McGraw-Hill, 1997 • Book: Computer Networks – A systems Approach by Morgan Kaufman, 1998