CIS 375 Network VPN and Test 1 review

  • Slides: 29
Download presentation
CIS 375 Network VPN and Test 1 review

CIS 375 Network VPN and Test 1 review

Network VPN A virtual private network (VPN) extends a private network across a public

Network VPN A virtual private network (VPN) extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running across the VPN may therefore benefit from the functionality, security, and management of the private network. [1] � VPNs may allow employees to securely access a corporate intranet while located outside the office. They are used to securely connect geographically separated offices of an organization, creating one cohesive network. Individual Internet users may secure their wireless transactions with a VPN, to circumvent geo-restrictions and censorship, or to connect to proxy servers for the purpose of protecting personal identity and location. However, some Internet sites block access to known VPN technology to prevent the circumvention of their geo-restrictions. �

Network VPN (continued) A VPN is created by establishing a virtual point-to-point connection through

Network VPN (continued) A VPN is created by establishing a virtual point-to-point connection through the use of dedicated connections, virtual tunneling protocols, or traffic encryption. A VPN available from the public Internet can provide some of the benefits of a wide area network (WAN). From a user perspective, the resources available within the private network can be accessed remotely. [2] � Traditional VPNs are characterized by a point-to-point topology, and they do not tend to support or connect broadcast domains, so services such as Microsoft Windows Net. BIOS may not be fully supported or work as they would on a local area network (LAN). Designers have developed VPN variants, such as Virtual Private LAN Service (VPLS), and layer-2 tunneling protocols, to overcome this limitation. � https: //en. wikipedia. org/wiki/Virtual_private_network �

VPN Pros & Cons � � � Like many commercialized network technologies, a significant

VPN Pros & Cons � � � Like many commercialized network technologies, a significant amount of sales and marketing hype surrounds VPN. In reality, VPNs provide just a few specific potential advantages over more traditional forms of wide-area networking. These advantages can be significant, but they do not come for free. The potential problems with the VPN outnumber the advantages and are generally more difficult to understand. The disadvantages do not necessarily outweigh the advantages, however. From security and performance concerns to coping with a wide range of sometimes incompatible vendor products, the decision of whether or not to use a VPN cannot be made without significant planning and preparation. Read more - Advantages and Disadvantages of VPNs

Types of VPNs �VPN systems may be classified by: The protocols used to tunnel

Types of VPNs �VPN systems may be classified by: The protocols used to tunnel the traffic The tunnel's termination point location, e. g. , on the customer edge or network-provider edge The type of topology of connections, such as site-tosite or network-to-network The levels of security provided The OSI layer they present to the connecting network, such as Layer 2 circuits or Layer 3 network connectivity The number of simultaneous connections

Technology of VPNs � Several network protocols have become popular as a result of

Technology of VPNs � Several network protocols have become popular as a result of VPN developments: PPTP L 2 TP IPsec SOCKS These protocols emphasize authentication and encryption in VPNs. Authentication allows VPN clients and servers to correctly establish the identity of people on the network. Encryption allows potentially sensitive data to be hidden from the general public. � Many vendors have developed VPN hardware and/or software products. Unfortunately, immature VPN standards mean that some of these products remain incompatible with each other. � Read more - VPN Technologies �

Creating your own VPN � Software VPN - Open. VPN Access Server is a

Creating your own VPN � Software VPN - Open. VPN Access Server is a full featured secure network tunneling VPN software solution that integrates Open. VPN server capabilities, enterprise management capabilities, simplified Open. VPN Connect UI, and Open. VPN Client software packages that accommodate Windows, MAC, Linux, Android, and i. OS environments. Open. VPN Access Server supports a wide range of configurations, including secure and granular remote access to internal network and/ or private cloud network resources and applications with fine-grained access control. https: //openvpn. net/index. php/access-server/overview. html Hardware VPN - http: //searchnetworking. techtarget. com/definition/hardware-VPN � The Future of VPN � Virtual private networks have grown in popularity as businesses to save money on remote network access for employees. Many corporations have also adopted VPNs as a security solution for private Wi-Fi wireless networks. Expect a continued gradual expansion in use of VPN technology to continue in the coming years.

Test 1 Review � General Terms Analog: Referring to a system or component that

Test 1 Review � General Terms Analog: Referring to a system or component that uses a system of measurement, response or storage in which values are expressed as a magnitude using a continuous scale of measurement. Backward Compatible: An upgraded component of a computing system that can be used interchangeably with its previous version. Band: In analog communications, the range of frequencies over which a communication system operates. Bandwidth: In analog communications, the difference between the highest and lowest frequencies available in the band. In digital communications, bandwidth is loosely used to refer to the information-carrying capacity of a network or component of a network. (*Only as fast as the slowest connection!)

Test 1 Review Binary: 1. A numerical system using “ 2” as its base.

Test 1 Review Binary: 1. A numerical system using “ 2” as its base. 2. Data that is encoded or presented in machine-readable form (1’s & 0’s). Bit Rate: The rate at which bits are transmitted or received during communication, expressed as the number bits in a given amount of time, usually one second. Byte: A group of 8 bits. Checksum: The result of a mathematical operation that uses the binary representation of a group of data as its basis, usually to check the integrity of the data. Half Duplex: Capability for data transmission in only one direction at a time between a sending station and a receiving station. Compare with full duplex(simultaneous bidirectional) and simplex (One Direction Only). Dual Band: equipment is capable of transmitting in either of two different standard frequency ranges. (https: //www. lifewire. com/dualband-wireless-networking-explained-818279)

Test 1 Review Encryption: The application of a specific algorithm to data so as

Test 1 Review Encryption: The application of a specific algorithm to data so as to alter the appearance of the data making it incomprehensible to those who are not authorized to see the information. � Ethernet: is a family of computer networking technologies commonly used in local area networks (LAN), metropolitan area networks (MAN) and wide area networks (WAN). [1] It was commercially introduced in 1980 and first standardized in 1983 as IEEE 802. 3, [2] and has since been refined to support higher bit rates and longer link distances. Over time, Ethernet has largely replaced competing wired LAN technologies such as token ring, FDDI and ARCNET. � Wi-Fi or Wi. Fi (/ˈwaɪfaɪ/) is a technology for wireless local area networking with devices based on the IEEE 802. 11 standards. Wi-Fi is a trademark of the Wi-Fi Alliance, which restricts the use of the term Wi-Fi Certified to products that successfully complete interoperability certification testing. [1] Access point (or hotspot) and adapters have a range of about 20 meters* (66 feet) indoors and a greater range outdoors. Hotspot coverage can be as small as a single room with walls that block radio waves, or as large as many square kilometres achieved by using multiple overlapping access points. (*depending on the version/spec of wifi – ex. G, N, AC, MIMO) �

Test 1 Review � IP Address: An Internet Protocol address (IP address) is a

Test 1 Review � IP Address: An Internet Protocol address (IP address) is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. [1] An IP address serves two principal functions: host or network interface identification and location addressing. Version 4 of the Internet Protocol (IPv 4) defines an IP address as a 32 -bit number. [1] A new version of IP (IPv 6), using 128 bits for the IP address, was developed in 1995, [2] and standardized as RFC 2460 in 1998 IP addresses are usually written and displayed in human-readable notations, such as 172. 16. 254. 1 in IPv 4, and 2001: db 8: 0: 1234: 0: 567: 8: 1 in IPv 6. The IP address space is managed globally by the Internet Assigned Numbers Authority (IANA), and by five regional Internet registries (RIR) responsible in their designated territories for assignment to end users and local Internet registries, such as Internet service providers. IPv 4 addresses have been distributed by IANA to the RIRs in blocks of approximately 16. 8 million addresses each. Each ISP or private network administrator assigns an IP address to each device connected to its network. Such assignments may be on a static (fixed or permanent) or dynamic basis (DHCP), depending on its software and practices. DHCP: The Dynamic Host Configuration Protocol (DHCP) is a standardized network protocol used on Internet Protocol (IP) networks. The DHCP is controlled by a DHCP server that dynamically distributes network configuration parameters, such as IP addresses, for interfaces and services. A router or a residential gatewaycan be enabled to act as a DHCP server. A DHCP server enables computers to request IP addresses and networking parameters automatically, reducing the need for a network administrator or a user to configure these settings manually. In the absence of a DHCP server, each computer or other device (e. g. , a printer) on the network needs to be statically (i. e. , manually) assigned to an IP address. (*Restarting your Modem/Router) *IPconfig

Test 1 Review MAC Address: A media access control address (MAC address) of a

Test 1 Review MAC Address: A media access control address (MAC address) of a computer is a unique identifier assigned to network interfaces for communications at the data link layer of a network segment. MAC addresses are used as a network address for most IEEE 802 network technologies, including Ethernet and Wi-Fi. Logically, MAC addresses are used in the media access control protocol sublayer of the OSI reference model. MAC addresses are most often assigned by the manufacturer of a network interface controller (NIC) and are stored in its hardware, such as the card's read-only memoryor some other firmware mechanism. � Network gateway is an internetworking system capable of joining together two networks that use different base protocols. A network gateway can be implemented completely in software, completely in hardware, or as a combination of both. Depending on the types of protocols they support, network gateways can operate at any level of the OSI model. Because a network gateway, by definition, appears at the edge of a network, related capabilities like firewalls tend to be integrated with it. �

Test 1 Review � Infrared (IR): A means of short distance wireless networking that

Test 1 Review � Infrared (IR): A means of short distance wireless networking that depends on an unobstructed line of sight path. � Integrity: In networking, a desirable condition where the information received is exactly equal to the information sent. (Checksum) � Interface: Connection between two systems or devices. In routing terminology, a network connection. � I/O: input/output. � Multicast: Routing technique that allows IP traffic to be propagated from one source to a number of destinations or from many sources to many destinations. � Packet: A discrete chunk of communication in a predefined format.

Test 1 Review � � � Peer: In networking, a device to which a

Test 1 Review � � � Peer: In networking, a device to which a computer has a network connection that is relatively symmetrical, i. e. where both devices can initiate or respond to a similar set of requests. Ping: A network diagnostic utility on Unix systems that sends an ICMP Echo Request to a distant node which must then immediately return an ICMP Echo Reply packet back to the originating node Port: On a network hub, bridge or router, a physically distinct and individually controllable set of transmission hardware. Each such port is connected to the devices other ports through the device’s internal electronic structures. Protocol: In networking, a specification of the data structures and algorithms necessary to accomplish a particular network function. Session: An on-going relationship between two computing devices involving the allocation of resources and sustained date flow. (Time-out – session stall/hangs)

Test 1 Review � Types of Networks Based on Host Roles ▪ Peer-to-Peer –

Test 1 Review � Types of Networks Based on Host Roles ▪ Peer-to-Peer – provide & consume services ▪ Easy to set-up and share resources ▪ Difficult to manage/Scale ▪ Client/Server – clients consume services from servers ▪ *Server – Software/Hardware that provides services ▪ Easy to manage/scale ▪ More expensive and planning/configuration Based on Geography ▪ LAN – Local Area Network ▪ Small Geographic Area: local office, home, site ▪ Internetwork – connected LANs (locally) ▪ WAN – Wide Area Network ▪ Large Geographic Area - connected LANs at Multiple sites Based on Signaling ▪ Baseband ▪ 1 signal (packet) at a time with full transmission speed ▪ Broadband ▪ Transmission medium (cable) divided into “channels” with multiple signals at the same time (one per channel)

Test 1 Review �Types of Media Bounded (Wires) ▪ Coaxial (Cable wire) (RG-6, 10

Test 1 Review �Types of Media Bounded (Wires) ▪ Coaxial (Cable wire) (RG-6, 10 Mbps, BNC) ▪ Twisted Pair (Phone wire) ▪ Cat-5 – (100 Mbps, RJ-45) Shielded/Unshielded (STP/UTP) ▪ Cat-5 e - (1 Gbps, RJ-45) ▪ Cat-6 - (10 Gbps, RJ-45) �Plenum Cable: cable that is laid in theplenum spaces of buildings. (between floors/roof – safety/fire codes) ▪ Fiber Optic Cable (no cross-talk, fast, secure, expensive) ▪ Single/Multi-mode fiber (ST/SC/LC/MT-RJ Connector)

Network Wiring �Standard Network Wiring Convention – Patch Cable (Cat 5/Cat 5 e)

Network Wiring �Standard Network Wiring Convention – Patch Cable (Cat 5/Cat 5 e)

Network Wiring (continued) �Crossover Cable Wiring (Used to connect 2 computers directly)

Network Wiring (continued) �Crossover Cable Wiring (Used to connect 2 computers directly)

Test 1 Review �Types of media (continued) Unbounded (Wireless) ▪ Wi-Fi (Wireless Fidelity) 802.

Test 1 Review �Types of media (continued) Unbounded (Wireless) ▪ Wi-Fi (Wireless Fidelity) 802. 11 2. 4/5 Ghz Spectrum (2. 4 – Hospital/Medical Band) Radio Signal ▪ 100 ft indoor, 300 ft outdoor range ▪ Wireless Routers, Repeaters, Adapters – Signal issues ▪ Mimo - (multiple input, multiple output) is an antenna technology for wireless communications in which multiple antennas are used at both the source (transmitter) and the destination (receiver). The antennas at each end of the communications circuit are combined to minimize errors and optimize data speed.

Modems A modem (modulator-demodulator) is a network hardware device that modulates one or more

Modems A modem (modulator-demodulator) is a network hardware device that modulates one or more carrier wave signals to encode digital information for transmission and demodulates signals to decode the transmitted information. The goal is to produce a signal that can be transmitted easily and decoded to reproduce the original digital data. Modems can be used with any means of transmitting analog signals, from light emitting diodes to radio. A common type of modem is one that turns the digital dataof a computer into modulated electrical signal for transmission over telephone lines and demodulated by another modem at the receiver side to recover the digital data. (https: //en. wikipedia. org/wiki/Modem) � Types of Modems: � Docsis - Data Over Cable Service Interface Specification (DOCSIS /ˈdɒksɪs/) - https: //en. wikipedia. org/wiki/DOCSIS Satelite - https: //en. wikipedia. org/wiki/Satellite_modem DSL – Digital Subscriber line Phone Modem/ISDN - https: //hackaday. com/2013/01/31/how-a-dial-upmodem-handshake-works/ (https: //www. youtube. com/watch? v=abap. FJN 6 glo)

Network Backbone/Connection Devices This class of devices connect computers/networks together and form the “glue”

Network Backbone/Connection Devices This class of devices connect computers/networks together and form the “glue” that connects everything together and facilitates the connection of the devices/media on the network � Types of Network Backbone/Connection Devices � Routers: A router is a network device with interfaces in multiple networks whose task is to copy packets from one network to another. *Routers operate at Layer 3 of the OSI Model, the Network Layer. A router will utilize one or more routing protocols to create a routing table. The router will then use the information in its routing table to make intelligent decisions about what packets to copy to which interface. This process is known as routing. *Routers are available with many interface types, such as Ethernet and DSL. Wireless routers support wireless interfaces, such as 802. 11 (Wi-Fi). (Wireless Access Point) *Not all routers clearly fall into the category of network hardware. Routing softwaremakes it possible to build a fully functional router out of a normal computer.

Network Backbone/Connection Devices (continued) � Types of Network Backbone/Connection Devices (continued) Switches: A switch

Network Backbone/Connection Devices (continued) � Types of Network Backbone/Connection Devices (continued) Switches: A switch is a network device with multiple ports in one network whose task is to copy frames from one port to another. Switches operate at Layer 2 of the OSI Model, the Data-Link Layer. A switch stores the MAC Address of every device which is connected to it. The switch will then evaluate every frame that passes through it. The switch will examine the destination MAC Address in each frame. Based upon the destination MAC Address, the switch will then decide which port to copy the frame to. If the switch does not recognize the MAC Address, it will not know which port to copy the frame to. When that happens, the switch will broadcast the frame to all of its ports.

Network Backbone/Connection Devices (continued) � Network Adapters (NIC, Wireless Adapters) NIC: A network interface

Network Backbone/Connection Devices (continued) � Network Adapters (NIC, Wireless Adapters) NIC: A network interface controller (NIC, also known as a network interface card, network adapter, LAN adapter or physical network interface, [1] and by similar terms) is a computer hardware component that connects a computer to a computer network. [2] Wireless Adapters: A wireless network interface controller (WNIC) is a network interface controller which connects to a wireless radio-based computer network, rather than a wired network, such as Token Ring or Ethernet. A WNIC, just like other NICs, works on the Layer 1 and Layer 2 of the OSI Model. This card uses an antenna to communicate via microwave radiation. A WNIC in a desktop computer is traditionally connected using the PCI bus. Other connectivity options are USB and PC card. Integrated WNICs are also available, (typically in Mini PCI/PCI Express Mini Card form). *Often built into the motherboard

Network Reference �OSI Data Model https: //alln-extcloud-storage. cisco. com/ciscoblogs/osi-550 x 425. gif http: //csharpcorner.

Network Reference �OSI Data Model https: //alln-extcloud-storage. cisco. com/ciscoblogs/osi-550 x 425. gif http: //csharpcorner. mindcrackerinc. netdnacdn. com/Upload. File/898089/concept-of-open-systems-interconnection-osimodel-in-netwo/Images/Clipboard 01. jpg

Network Reference (continued) �IP Address Reference http: //www. unixwiz. net/techtips/netmask-ref. html All devices on

Network Reference (continued) �IP Address Reference http: //www. unixwiz. net/techtips/netmask-ref. html All devices on a local network have a unique IP address, but each address is inherently divided into two parts, a shared network part, and a unique host part, and this information is used by the TCP/IP stack for routing. When sending traffic to a machine with a different network part, it must be sent through a router for final delivery. The dividing line between the network and host parts is determined by the subnet mask, and it's often seen in 255. 0 notation. It looks like an IP address, and it uses a "1" bit to select, or "mask" the network part.

Network Reference (continued) �IP Address Reference (continued) *Reserved IP Addresses – (127. 0. 0.

Network Reference (continued) �IP Address Reference (continued) *Reserved IP Addresses – (127. 0. 0. 1) https: //en. wikipedia. org/wiki/Reserved_IP_addresses Local/Internal IP Addresses – (Class A – 10. x. x. x) *What is my IP Address vs IPConfig

Network Reference (continued) � Port: In the internet protocol suite, a port is an

Network Reference (continued) � Port: In the internet protocol suite, a port is an endpoint of communication in an operating system. While the term is also used for female connectors on hardware devices (see computer port), in software it is a logical construct that identifies a specific process or a type of network service. A port is always associated with an IP address of a host and the protocol type of the communication, and thus completes the destination or origination network address of a communication session. A port is identified for each address and protocol by a 16 -bit number, commonly known as the port number. For example, an address may be "protocol: TCP, IP address: 1. 2. 3. 4, port number: 80", which may be written 1. 2. 3. 4: 80 when the protocol is known from context. Specific port numbers are often used to identify specific services. Of the thousands of enumerated ports, 1024 well-known port numbers are reserved by convention to identify specific service types on a host. In the client–server model of application architecture, the ports that network clients connect to for service initiation provide a multiplexing service. After initial communication binds to the well-known port number, this port is freed by switching each instance of service requests to a dedicated, connection-specific port number, so that additional clients can be serviced. The protocols that primarily use ports are the transport layer protocols, such as the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP). https: //en. wikipedia. org/wiki/Port_(computer_networking)

Network Reference (continued) �Common TCP/UDP Ports Port Service name Transport protocol 20, 21 File

Network Reference (continued) �Common TCP/UDP Ports Port Service name Transport protocol 20, 21 File Transfer Protocol (FTP) TCP 22 Secure Shell (SSH) TCP and UDP 23 Telnet TCP 25 Simple Mail Transfer Protocol (SMTP) TCP 50, 51 IPSec 53 Domain Name Server (DNS) TCP and UDP 67, 68 Dynamic Host Configuration Protocol (DHCP) UDP 69 Trivial File Transfer Protocol (TFTP) UDP 80 Hyper. Text Transfer Protocol (HTTP) TCP 110 Post Office Protocol (POP 3) TCP 119 Network News Transport Protocol (NNTP) TCP 123 Network Time Protocol (NTP) UDP 135 -139 Net. BIOS TCP and UDP 143 Internet Message Access Protocol (IMAP 4) TCP and UDP 161, 162 Simple Network Management Protocol (SNMP) TCP and UDP 389 Lightweight Directory Access Protocol TCP and UDP 443 HTTP with Secure Sockets Layer (SSL) TCP and UDP Full list of *common port assignments: https: //en. wikipedia. org/wiki/List_of_TCP_and_UDP_port_numbers

Additional Resources/Review � VPN Apps and Resources https: //www. pcmag. com/roundup/354059/the-best-vpn-apps-for-the- iphone https: //www.

Additional Resources/Review � VPN Apps and Resources https: //www. pcmag. com/roundup/354059/the-best-vpn-apps-for-the- iphone https: //www. pcmag. com/roundup/348411/the-best-android-vpn-apps https: //www. techhive. com/article/3158192/privacy/howand-whyyoushould-use-a-vpn-any-time-you-hop-on-the-internet. html � Port Assignments and Reference (Certification) http: //www. pearsonitcertification. com/articles/article. aspx? p=1868080 � Understanding IP Addresses https: //www. cisco. com/c/en/us/support/docs/ip/routing-information-protocol-rip/13788 -3. html � Additional Hardware/Networking resources/info https: //www. youtube. com/user/Linus. Tech. Tips