Project Report On STUDY AND UPGRADATION OF DRONA ARCHITECTURE AT DESIDOC Guide: Submitted By: Anranya Yadav Tushar Scientist ‘C’Defence Scientific Information and Documentation Center Defence Research and Development Organization Ministry of Defence, Government of India Metcalfe House, Delhi-110054
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 1/95
Project Report
On
STUDY AND UPGRADATION OF DRONA
ARCHITECTURE AT DESIDOC
Guide: Submitted By:
Anranya Yadav Tushar
Scientist ‘C’
Defence Scientific Information and Documentation Center
Defence Research and Development Organization
Ministry of Defence, Government of India
Metcalfe House, Delhi-110054
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 2/95
CERTIFICATE
This is to certify that Mr.Tushar , student of B-Tech, from Galgotias university, did a five weeks
Training in Network Services Division (NSD) at Defence Scientif ic I nformation and Documentation Centr e
(DESIDOC), Defence Research and Development Organization (DRDO), M in istry of Defence, Metcalfe
House, Delh i-110054 from 14 jun, 2014 to 14 July, 2014 and has completed the project titled “ study and
upgradation of DRONA architecture ” to my entire satisfaction.
During the training, I found him to be very hardworking and sincere. He has the ability to learn new things
quickly and works well in a team. I wish him all the success in career and life.
(Anranya Yadav) (NISHANT KUMAR)
Project Head, NSD, Sc- ‘C’ Head NSD, Sc- ‘D’
(M. KARMAKAR)Head HRD
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 3/95
ACKNOWLEDGMENT
I would like to express my deep gratitude to Shri Suresh Kumar Jindal, Director,
Defence Scientific Information and Documentation Center (DESIDOC), DRDO, Metcalfe
House, New Delhi, for giving us the opportunity for five-weeks training in the esteemed
organization and providing all the necessary resources and expertise for this purpose.
I am highly grateful to Nishant Kumar, Sc ‘D’, Head, Network Services Division
(NSD),DESIDOC, DRDO for assigning us an innovative project and for their valuable
guidance. I would definitely like to place on record our thanks for their constant interest,
encouragement and support without which this venture would not have seen the dusk of the
day. As a project guide he also provided constant encouragement during our project for making
familiar with the intricacies of networking and guiding through the toughest time and leading
to the end of the tunnel.
(Tushar)
Roll .no.: 1101501027
Galgotias university
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 4/95
INTRODUCTION
This report f il e tell us about the DRONA archi tecture as well as its components in detail . Thi s report is
actually
based on the wide area network spread across whole DRDO network or we could say all the main as well as
the sub head quarters of DRDO
Also DRONA is the personal wide area network of DRDO and no other company nor any one else has ther igh t to use the services provided by DRONA wide area network.
Network facili ties avail able at DRDO are
Dnet is a 100 Mbps gigabit f iber optic local area network connecting all the bui ldings & Technology work
centr es. The facil ity i s available on 24 x 7 basis. DRDO Rapid Onl ine Network Access (DRONA) is also
accessed by all the off icers through th is network.
Wi th more than 40 in -house developed on-li ne applications and 50 knowledge portal . DRDL in tranet ha
become a very powerf ul tool for Communication and Knowledge Management for more than 1600 users
fr om DRDL and 300 users from RCI and ASL.
A separate ful ly secured in ternet connectivi ty is also avail able in DRDL on 24x7 basis. More than 100 nodes
are provided all across the lab thr ough a 2 Mbps leased l ine connection
Objective of Project
Study and upgradation of DRONA architecture at DRDO as well as knowledge of
servers
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 5/95
Table of Content
Certificate
Acknowledgement
Introduction and objective
Objective of Project1.Cables
2.connector
3.topology
4.diffrent types of network
5.bluetooth
6.FTP ,TELNET,SSH,RLOGIN
7.IP address,subnet8.Network devices
9.firewall
10.Network ports,web application server
11.OSI,TCP,IP model
12.TCP,IP,UDP
13.usb
14. vlan15.wifi wimax
16. proxy server
17.IDS,IPS
18.clb
19.WES,WAP
20. SCSI devices
21. RAID
22. UTM
23.DRONA architecture
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 6/95
Organization Profi le
The Defence Research and Development Organization (DRDO) is an agency of the Republic of India,
responsible for the development of technology for use by the military, headquartered in New Delhi, India. It
was formed in 1958 by the merger of the Technical Development Establishment and the Directorate of
Technical Development and Production with the Defence Science Organization. It is under the administrative
control of the Ministry of Defence, Government of India.
With a network of 52 laboratories, which are engaged in developing defence technologies covering various
fields, like aeronautics, armaments, electronics, land combat engineering, life sciences, materials, missiles, and
naval systems, DRDO is India's largest and most diverse research organization. The organization includes
around 5,000 scientists belonging to the Defence Research & Development Service (DRDS) and about 25,000
other scientific, technical and supporting personnel.
Defence Scientif ic I nformation & Documentation Centre (DESIDOC)
The Defence Scientific Information & Documentation Centre (DESIDOC) is a division of the Defence
Research and Development Organization (DRDO). Located in Delhi, its main function is the collection,
processing and dissemination of relevant technical information for DRDO scientists.
The Network Services Division (NSD) of DESIDOC is responsible for designing, hosting and maintenance of
DRDO website on Internet, DRDO Intranet administration and co-ordination, designing, hosting, maintenance
of DESIDOC website, Internet services through OFC based leased lines. The Division is also engaged in
software development, hardware maintenance, network management, and provides support for IT-based CEPcourses. It is also responsible for interaction with academia, project training of students, web casting of major
DRDO events from Dr. Bhagwantham Auditorium, DRDO Directors’ Conference, etc. to DRDO officials.
STUDY AND UPGRADATION OF DRONA
ARCHITECTURE AT DESIDOC
1. [CABLES]
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 7/95
The vast majority of networks today are connected by some sort of wiring or cabling that acts as a network
transmission medium that carries signals between computers. Many cable types are available to meet the varying
needs and sizes of networks, from small to large.
Cable types
Coaxial cable
Twisted-pair (unshielded and shielded) cable
Fiber-optic cable
Cable is the medium through which information usually moves from one network device to another. There are several
types of cable which are commonly used with LANs. In some cases, a network will utilize only one type of cable, other
networks will use a variety of cable types. The type of cable chosen for a network is related to the network's topology,
protocol, and size. Understanding the characteristics of different types of cable and how they relate to other aspects of
a network is necessary for the development of a successful network.
The following sections discuss the types of cables used in networks and other related topics.
Unshielded Twisted Pair (UTP) Cable
Shielded Twisted Pair (STP) Cable
Coaxial Cable
Fiber Optic Cable
Twisted pair cabling comes in two varieties: shielded and unshielded. Unshielded twisted pair (UTP) is the most popular
and is generally the best.The quality of UTP may vary from telephone-grade wire to extremely high-speed cable. The
cable has four pairs of wires inside the jacket. Each pair is twisted with a different number of twists per inch to help
eliminate interference from adjacent pairs and other electrical devices. The tighter the twisting, the higher the
supported transmission rate and the greater the cost per foot. The EIA/TIA (Electronic Industry
Association/Telecommunication Industry Association) has established standards of UTP and rated six categories of wire.
Twisted-pair cable is a type of cabling that is used for telephone communications and most modern Ethernet networks.
A pair of wires forms a circuit that can transmit data. The pairs are twisted to provide protection against crosstalk , the
noise generated by adjacent pairs. When electrical current flows through a wire, it creates a small, circular magnetic
field around the wire. When two wires in an electrical circuit are placed close together, their magnetic fields are the
exact opposite of each other. Thus, the two magnetic fields cancel each other out. They also cancel out any outside
magnetic fields. Twisting the wires can enhance this cancellation effect . Using cancellation together with twisting the
wires, cable designers can effectively provide self-shielding for wire pairs within the network media.
Two basic types of twisted-pair cable exist: unshielded twisted pair (UTP) and shielded twisted pair (STP). The following
sections discuss UTP and STP cable in more detail.
Twisted-Pair Cable
8/11/2019 Drona Tushar
http://slidepdf.com/reader/full/drona-tushar 8/95
In its simplest form, twisted-pair cable consists of two insulated strands of copper wire twisted around each other.
Figure 2.12 shows the two types of twisted-pair cable: unshielded twisted-pair (UTP) and shielded twisted-pair (STP)
cable.
Figure 2.12 Unshielded twisted-pair and shielded
twisted-pair cables
A number of twisted-pair wires are often grouped together and enclosed in a protective sheath to form a cable. The
total number of pairs in a cable varies. The twisting cancels out electrical noise from adjacent pairs and from other
sources such as motors, relays, and transformers.
Unshielded Twisted-Pair (UTP) Cable
UTP, using the 10BaseT specification, is the most popular type of twisted-pair cable and is fast becoming the mostpopular LAN cabling. The maximum cable length segment is 100 meters, about 328 feet.
Traditional UTP cable, as shown in Figure 2.13, consists of two insulated copper wires. UTP specifications govern how
many twists are permitted per foot of cable; the number of twists allowed depends on the purpose to which the cable
will be put. In North America, UTP cable is the most commonly used cable for existing telephone systems and is already
UTP cable is a medium that is composed of pairs of wires . UTP cable is used in a variety of networks. Each of the eight
individual copper wires in UTP cable is covered by an insulating material. In addition, the wires in each pair are twisted
around each other.UTP cable relies solely on the cancellation effect produced by the twisted wire pairs to limit signal
degradation caused by electromagnetic interference (EMI) and radio frequency interference (RFI). To further reduce
crosstalk between the pairs in UTP cable, the number of twists in the wire pairs varies. UTP cable must follow precise
specifications governing how many twists or braids are permitted per meter (3.28 feet) of cable.UTP cable often is
installed using a Registered Jack 45 (RJ-45) connector . The RJ-45 is an eight-wire connector used commonly to connect
computers onto a local-area network (LAN), especially Ethernets.When used as a networking medium, UTP cable has
four pairs of either 22- or 24-gauge copper wire. UTP used as a networking medium has an impedance of 100 ohms; thisdifferentiates it from other types of twisted-pair wiring such as that used for telephone wiring, which has impedance of
600 ohms.UTP cable offers many advantages. Because UTP has an external diameter of approximately 0.43 cm (0.17
inches), its small size can be advantageous during installation. Because it has such a small external diameter, UTP does
not fill up wiring ducts as rapidly as other types of cable. This can be an extremely important factor to consider,
particularly when installing a network in an older building. UTP cable is easy to install and is less expensive than other
types of networking media. In fact, UTP costs less per meter than any other type of LAN cabling. And because UTP can
be used with most of the major networking architectures, it continues to grow in popularity.Disadvantages also are
involved in using twisted-pair cabling, however. UTP cable is more prone to electrical noise and interference than other
types of networking media, and the distance between signal boosts is shorter for UTP than it is for coaxial and fiber-
optic cables.Although UTP was once considered to be slower at transmitting data than other types of cable, this is nolonger true. In fact, UTP is considered the fastest copper-based medium today. The following summarizes the features
of UTP cable:Speed and throughput—10 to 1000 MbpsAverage cost per node—Least expensiveMedia and connector
size—Small Maximum cable length—100 m (short) Commonly used types of UTP cabling are as follows:
Category 1—Used for telephone communications. Not suitable for transmitting data.
Category 2—Capable of transmitting data at speeds up to 4 megabits per second (Mbps).
Category 3—Used in 10BASE-T networks. Can transmit data at speeds up to 10 Mbps.
Category 4—Used in Token Ring networks. Can transmit data at speeds up to 16 Mbps.
Category 5—Can transmit data at speeds up to 100 Mbps.
Used in networks running at speeds up to 1000 Mbps (1 gigabit per second [Gbps]). Category 6—Typically, Category 6
cable consists of four pairs of 24 American Wire Gauge (AWG) copper wires. Category 6 cable is currently the fastest
standard for UTP. Within unshielded twisted-pair (UTP) cable there are typically 2 to 8 wires, 1 to 4 pairs. Each pair is
twisted around each other at a different rate, which reduces EMI (Electro-Magnetic Interference) between the pairs
and other electrical signals. Each pair is color-coded, according to standards, and the entire cable is inside a protective
plastic insulation sheath. In Category 5 UTP, there are usually 4 pairs of wires, with one wire of solid color and one ofwhite with the same color stripe in each pair: The TIA/EIA 568 standard has two wiring sequences, T568A and T568B.
The sequence of the wires dictates how the wires are terminated on the RJ-45 connector. Either sequence may be used
to set up a network. Once a wiring sequence has been chosen, using the same sequence throughout the entire network
is necessary. Data networks usually use the TIA/EIA 568B standard. The wires must be correctly paired together for the
entire length of the cable to ensure signal quality. TIA/EIA 568A Wiring Sequence In both the 568A and 568B sequences,
pair 1 is always designated as the blue wires and pair 4 is always the brown wires. Pair 1 is always assigned to pins 4 and
5 in the connector. The solid blue wire connects to pin 4, as a ring (R) wire,and the white wire of the blue pair connects
to pin 5, as a tip (T) wire. Pair 4 is always assigned to pins 7 and 8 on the connector. The white wire of the brown pair
connects to pin 7, as the tip wire, and the brown wire connects to pin 8, as the ring wire. The terms tip and ring are old
telephony terms used to designate the tip (Tipping the telephone handset off the cradle to transmit a signal that a
phone number is about to be dialed) and ring (The response heard on the receiving end of the handset once the
number is dialed and the phone is ringing on the other end). The blue and brown pairs may not be used if the network
system is set to use up to 10 Mbps bandwidth. In this instance, the blue pair may be used for voice transmission
(telephone) and the brown pair dedicated to other network functions. The orange and green pairs, pin positions #1, 2,
3, and 6, are used for Ethernet transmitting (pins 1 and 2) and receiving (pins 3 and 6).
In the T568A sequence, the green pair is assigned to pins 1 and 2, and the orange pair is split between pin 3 and 6. Inthe T568B sequence, it is the green pair that is split between pin 3 and 6, and the orange pair that is assigned to pins 1
and 2. Speed and throughput—10 to 100 MbpsAverage cost per node—Moderately expensiveMedia and connector
size—Medium to larg Maximum cable length—100 m (short)When comparing UTP and STP, keep the following points in
mind:The speed of both types of cable is usually satisfactory for local-area distances.These are the least-expensive
media for data communication. UTP is less expensive than STP.Because most buildings are already wired with UTP,
many transmission standards are adapted to use it, to avoid costly rewiring with an alternative cable type.
Categories of Unshielded Twisted Pair
CategorySpeed Use
1 1 Mbps Voice Only (Telephone Wire)
2 4 Mbps LocalTalk & Telephone (Rarely used)
3 16 Mbps 10BaseT Ethernet
4 20 Mbps Token Ring (Rarely used)
5
100 Mbps (2 pair) 100BaseT Ethernet
1000 Mbps (4 pair) Gigabit Ethernet
5e 1,000 Mbps Gigabit Ethernet
6 10,000 Mbps Gigabit Ethernet
A twisted pair consists of two conductors (normally copper), each with its own plastic
insulation, twisted together One of the wires is used to carry signals to the receiver, and the otheris used only as a
ground reference. The receiver uses the difference between the two.In addition to the signal sent by the sender on one
ofthe wires, interference (noise)
and crosstalk may affect both wires and create unwanted signals.Ifthe two wires are parallel, the effect ofthese
unwanted signals is not the same inboth wires because they are at different locationsrelative to the noise or crosstalk
sources(e,g., one is closer and the otheris farther). Thisresults in a difference at the receiver. By twist,ing the pairs, a
balance is maintained. For example, suppose in one twist, one wire is closer to the noise source and the other is farther;
in the next twist, the reverse is true.Twisting makes it probable that both wires are equally affected by external
influences (noise or crosstalk). This means that the receiver, which calculatesthe difference between the two, receives
no unwanted signals. The unwanted signals are mostly canceled out.From the above discussion, it is clear that the
number of twists per unit of length (e.g., inch) has some effect on the quality of the cable
Unshielded Versus Shielded Twisted-Pair Cable
The most common twisted-pair cable used in communications is referred to as unshielded twisted-pair (UTP). IBM has
also produced a version oftwisted-pair cable for its use called shielded twisted-pair (STP).
Categories
The Electronic Industries Association (EIA) has developed standards to classify
unshielded twisted-pair cable into seven categories. Categories are determined by cable quality, with 1 as the lowest
and 7 as the highest. Each EIA category is suitable for specific uses
Applications
Twisted-pair cables are used in telephone lines to provide voice and data channels. The local loop-the line that connectssubscribersto the central telephone office---commonly consists of unshielded twisted-pair cables. The DSL lines that
are used by the telephone companies to provide high-data-rate connections also use the high-bandwidth capability of
unshielded twisted-pair cables. Local-area networks, such as lOBase-T and lOOBase-T, also use twisted-pair cables.
Shielded Twisted Pair (STP) Cable
Although UTP cable is the least expensive cable, it may be susceptible to radio and electrical frequency interference (it
should not be too close to electric motors, fluorescent lights, etc.). If you must place cable in environments with lots of
potential interference, or if you must place cable in extremely sensitive environments that may be susceptible to the
electrical current in the UTP, shielded twisted pair may be the solution. Shielded cables can also help to extend the
maximum distance of the cables.
Shielded twisted pair cable is available in three different configurations:
Each pair of wires is individually shielded with foil.
There is a foil or braid shield inside the jacket covering all wires (as a group).
There is a shield around each individual pair, as well as around the entire group of wires (referred to as double
unshielded wisted pair (UTP) for 10BASE-T networks and fiber optic for 10BASE-FL or Fiber-Optic Inter-Repeater Link
(FOIRL) networks. This wide variety of media reflects the evolution of Ethernet and also points to the technology's
flexibility. Thickwire was one of the first cabling systems used in Ethernet but was expensive and difficult to use. This
evolved to thin coax, which is easier to work with and less expensive.
Coaxial Cable
At one time, coaxial cable was the most widely used network cabling. There were a couple of reasons for coaxial cable's
wide usage: it was relatively inexpensive, and it was light, flexible, and easy to work with.In its simplest form, coaxialcable consists of a core of copper wire surrounded by insulation, a braided metal shielding, and an outer cover. Figure
2.1 shows the various components that make up a coaxial cable.The term shielding refers to the woven or stranded
metal mesh (or other material) that surrounds some types of cabling. Shielding protects transmitted data by absorbing
stray electronic signals, called noise, so that they do not get onto the cable and distort the data. Cable that contains one
layer of foil insulation and one layer of braided metal shielding is referred to as dual shielded . For environments that
are subject to higher interference, quad shielding is available. Quad shielding consists of two layers of foil insulation and
two layers of braided metal shielding.The stranded, protective sleeve absorbs stray electronic signals so that they do
not affect data being sent over the inner copper cable. For this reason, coaxial cabling is a good choice for longer
distances and for reliably supporting higher data rates with less sophisticated equipment.
Types of Coaxial Cable
There are two types of coaxial cable:
Thin (thinnet) cable
Thick (thicknet) cable
Which type of coaxial cable you select depends on the needs of your particular network.
Thinnet Cable Thinnet cable is a flexible coaxial cable about 0.64 centimeters (0.25 inches) thick. Because this type ofcoaxial cable is flexible and easy to work with, it can be used in almost any type of network installation. Figure below
shows thinnet cable connected directly to a computer's network interface card (NIC).
Close-up view of thinnet cable showing where it connects to a Thinnet
coaxial cable can carry a signal for a distance of up to approximately 185 meters (about 607 feet) before the signal
starts to suffer from attenuation.Cable manufacturers have agreed upon specific designations for different types of
cable. (Table 2.1 lists cable types and descriptions.) Thinnet is included in a group referred to as the RG-58 family and
has 50ohm impedance. (Impedance is the resistance, measured in ohms, to the alternating current that flows in a wire.)
The principal distinguishing feature of the RG-58 family is the center core of copper. Figure 2.4 shows two examples of
RG-58 cable, one with a stranded wire core and one with a solid copper core.
common application of coaxial cable is in traditional Ethernet LANs (see Chapter 13). Because of its high bandwidth,
and consequently high data rate, coaxial cable was chosen for digital transmission in early EthernetLANs. The 10Base-2,
orThin Ethernet, uses RG-58 coaxial cable with BNe connectors to transmit data at 10 Mbps with a range of 185 m. The
lOBase5, orThickEthernet, uses RG-11 (thick coaxial cable) to transmit 10 Mbps with a range of 5000 m. Thick Ethernet
has specialized connectors.Coaxial cabling has a single copper conductor at its center. A plastic layer provides insulation
between the center conductor and a braided metal shield (See fig. 3). The metal shield helps to block any outside
interference from fluorescent lights, motors, and other computers.
Fig. 3. Coaxial cable
Although coaxial cabling is difficult to install, it is highly resistant to signal interference. In addition, it can support
greater cable lengths between network devices than twisted pair cable. The two types of coaxial cabling are thick
coaxial and thin coaxial.
Thin coaxial cable is also referred to as thinnet. 10Base2 refers to the specifications for thin coaxial cable carrying
Ethernet signals. The 2 refers to the approximate maximum segment length being 200 meters. In actual fact themaximum segment length is 185 meters. Thin coaxial cable has been popular in school networks, especially linear bus
networks.
Thick coaxial cable is also referred to as thicknet. 10Base5 refers to the specifications for thick coaxial cable carrying
Ethernet signals. The 5 refers to the maximum segment length being 500 meters. Thick coaxial cable has an extra
protective plastic cover that helps keep moisture away from the center conductor. This makes thick coaxial a great
choice when running longer lengths in a linear bus network. One disadvantage of thick coaxial is that it does not bend
easily and is difficult to install.The most common type of connector used with coaxial cables is the Bayone-Neill-
Concelman (BNC) connector . Different types of adapters are available for BNC connectors, including a T-connector,
barrel connector, and terminator. Connectors on the cable are the weakest points in any network. To help avoidproblems with your network, always use the BNC connectors that crimp, rather screw, onto the cable.
Coaxial cable consists of a hollow outer cylindrical conductor that surrounds a single inner wire made of two conducting
elements. One of these elements, located in the center of the cable, is a copper conductor. Surrounding the copper
conductor is a layer of flexible insulation. Over this insulating material is a woven copper braid or metallic foil that acts
both as the second wire in the circuit and as a shield for the inner conductor. This second layer, or shield, can help
reduce the amount of outside interference. Covering this shield is the cable jacket. Coaxial cable supports 10 to 100
Mbps and is relatively inexpensive, although it is more costly than UTP on a per-unit length. However, coaxial cable can
be cheaper for a physical bus topology because less cable will be needed. Coaxial cable can be cabled over longer
distances than twisted-pair cable. For example, Ethernet can run approximately 100 meters (328 feet) using twisted-pair cabling. Using coaxial cable increases this distance to 500m (1640.4 feet).For LANs, coaxial cable offers several
advantages. It can be run with fewer boosts from repeaters for longer distances between network nodes than either
STP or UTP cable. Repeaters regenerate the signals in a network so that they can cover greater distances. Coaxial cable
is less expensive than fiber-optic cable, and the technology is well known; it has been used for many years for all types
of data communication.When working with cable, you need to consider its size. As the thickness, or diameter, of the
cable increases, so does the difficulty in working with it. Many times cable must be pulled through existing conduits and
troughs that are limited in size. Coaxial cable comes in a variety of sizes. The largest diameter (1 centimeter [cm]) was
specified for use as Ethernet backbone cable because historically it had greater transmission length and noise-rejection
characteristics. This type of coaxial cable is frequently referred to as Thicknet . As its nickname suggests, Thicknet cable
can be too rigid to install easily in some situations because of its thickness. The general rule is that the more difficult the
network medium is to install, the more expensive it is to install. Coaxial cable is more expensive to install than twisted-
pair cable. Thicknet cable is almost never used except for special-purpose installations.A connection device known as a
vampire tap was used to connect network devices to Thicknet. The vampire tap then was connected to the computers
via a more flexible cable called the attachment unit interface (AUI). Although this 15-pin cable was still thick and tricky
to terminate, it was much easier to work with than Thicknet.In the past, coaxial cable with an outside diameter of only
0.35 cm (sometimes referred to as Thinnet ) was used in Ethernet networks. Thinnet was especially useful for cable
installations that required the cable to make many twists and turns. Because it was easier to install, it was also cheaperto install. Thus, it was sometimes referred to asCheapernet . However, because the outer copper or metallic braid in
coaxial cable comprises half the electrical circuit, special care had to be taken to ensure that it was properly grounded.
Grounding was done by ensuring that a solid electrical connection existed at both ends of the cable. Frequently,
however, installers failed to properly ground the cable. As a result, poor shield connection was one of the biggest
sources of connection problems in the installation of coaxial cable. Connection problems resulted in electrical noise,
which interfered with signal transmittal on the networking medium. For this reason, despite its small diameter, Thinnet
no longer is commonly used in Ethernet networks.The most common connectors used with Thinnet are BNC, short for
British Naval Connector or Bayonet Neill Concelman, connectors . The basic BNC connector is a male type mounted at
each end of a cable. This connector has a center pin connected to the center cable conductor and a metal tube
connected to the outer cable shield. A rotating ring outside the tube locks the cable to any female connector. BNC T-connectors are female devices for connecting two cables to a network interface card (NIC). A BNC barrel connector
facilitates connecting two cables together.
The following summarizes the features of coaxial cables:
Speed and throughput—10 to 100 Mbps
Average cost per node—Inexpensive
Media and connector size—Medium
Maximum cable length—500 m (medium)
Fiber-OpticCable
Fiber-Optic Cable
In fiber-optic cable, optical fibers carry digital data signals in the form of modulated pulses of light. This is a relatively
safe way to send data because, unlike copper-based cables that carry data in the form of electronic signals, no electrical
impulses are carried over the fiber-optic cable. This means that fiberoptic cable cannot be tapped, and its data cannot
be stolen.Fiber-optic cable is good for very high-speed, high-capacity data transmission because of the purity of thesignal and lack of signal attenuation.
Fiber-Optic Cable Composition
An optical fiber consists of an extremely thin cylinder of glass, called the core, surrounded by a concentric layer of glass,
known as the cladding. The fibers are sometimes made of plastic. Plastic is easier to install, but cannot carry the light
pulses for as long a distance as glass.Because each glass strand passes signals in only one direction, a cable includes two
strands in separate jackets. One strand transmits and one receives. A reinforcing layer of plastic surrounds each glass
strand, and Kevlar fibers provide strength. See Figure 2.18 for an illustration of fiber-optic cable. The Kevlar fibers in the
fiber-optic connector are placed between the two cables. Just as their counterparts (twisted-pair and coaxial) are, fiber-
optic cables are encased in a plastic coating for protection.Fiber-optic cable transmissions are not subject to electrical
interference and are extremely fast, currently transmitting about 100 Mbps with demonstrated rates of up to 1 gigabit
per second (Gbps). They can carry a signal—the light pulse—for many miles.
Fiber-Optic Cabling Considerations
Use fiber-optic cable if you:
Need to transmit data at very high speeds over long distances in very secure media.
Do not use fiber-optic cable if you:
Are under a tight budget.
Do not have the expertise available to properly install it and connect devices to it.
Fiber optic cabling consists of a center glass core surrounded by several layers of protective materials . It transmits light
rather than electronic signals eliminating the problem of electrical interference. This makes it ideal for certainenvironments that contain a large amount of electrical interference. It has also made it the standard for connecting
networks between buildings, due to its immunity to the effects of moisture and lighting.Fiber optic cable has the ability
to transmit signals over much longer distances than coaxial and twisted pair. It also has the capability to carry
information at vastly greater speeds. This capacity broadens communication possibilities to include services such as
video conferencing and interactive services. The cost of fiber optic cabling is comparable to copper cabling; however, it
is more difficult to install and modify. 10BaseF refers to the specifications for fiber optic cable carrying Ethernet signals.
The center core of fiber cables is made from glass or plastic fibers (see fig 5). A plastic coating then cushions the fiber
center, and kevlar fibers help to strengthen the cables and prevent breakage. The outer insulating jacket made of teflon
or PVC.
There are two common types of fiber cables -- single mode and multimode. Multimode cable has a larger diameter;
There are basically two types of Ethernet cables. There are the normal regular straight through cables and the other
type is crossover cables. I will explain both of these separately below.
Straight Through Cables
When you buy "regular" computer network cables, you are really just buying a straight through Ethernet cable. This
means that both ends of the cables will be identical. The colours of the smaller cables inside the ethernet cable, will be
in the same order, from left to right.
This type of cable is used for connecting a PC to a hub/switch or for connecting a router to a switch. The hub/switchperforms the crossover for you, that is why you need a crossover cable, for when you connect a PC directly with
another PC.
Crossover Cables
A crossover Ethernet cable have a different look on either side of the cable. The purpose of the crossover cable, is to
connect one device directly to another device, without a switch or hub being present.So if you were connecting one PC
directly with another PC, you would then use a crossover network cable.The image below, shows you the differences
between a crossover cable and a straight through computer network cable.
Ethernet Cables Summary
Straight through cables have identical ends and are used for connecting computers through a hub/switch
Crossover cables have different ends and are used for connecting devices directly with eachother (eg. PC to PC)
Category 5e cables are the most popular and common computer network cables used today. To gain a fast Gigabit network, you don't just require Cat6 cables, but you are also in need of compatible gigabit
components, such as Gigabit network cards and a Gigabit Router.
Conclusion
Well I hope that through this article you have managed to learn some different things about computer network cables.
Hopefully you can now identify the different types of network cabling and also be aware of the different categories of
Most of us know that a connector is best known for providing the physical link betwe en two components. Some
example of the use of a connector might be a connector linking a cable and a network interface card or NIC card, a
connector linking a transceiver and a cable or even a connector linking two cable segments.
When using an electrical cable, a connection is established when the conducting wires are joined by way of connectors
in order to make and maintain continuous contact, allowing the signal to simply move along the cable across thecontact.
When using fiber-optic cable, it takes much more work to manage and maintain good connections due to the degree of
fit between the two fiber cores. The fit determines the quality of the connection between the fiber cores. To complicate
matters, the diameters involved in this fit are smaller than a human hair.
Connections differ in various ways, which help in determining where that type of connector can be used. These features
include:
Shape
Size
Gender
Connection mechanism
Function
In some cases, it is necessary to use a special adapter in order to use different types of connector combinations. An
example of this is when using an N-series connector and a BNC adapter in order to connect thick to thin coaxial
cable.
Another difference between connectors is their sturdiness, the ease of attaching and detaching the connector, andthe amount of signal loss that may occur at the connection point.
When determining the type of connector that is used, it is important to take into consideration the components
being used, and, as far as networks, the type of cable and architecture being used. An Ethernet network that is
using a coaxial cable would use different connectors between the cable and the NIC, as opposed to an IBM Token
Ring network that is using a shielded twisted-pair cable.
When about a half a dozen types of connectors available for electrical cable, there are also about a dozen more
types of connectors available for use when using a fiber-optic cable.
In information science, connectors, normally called "input-output connectors" (or I/O for short), are interfaces forlinking devices by using cables. They generally have a male end with pins protruding from it. This plug is meant to
be inserted into a female part (also called a socket),which includes holes for accommodating the pins. However,
there are "hermaphroditic" plugs which can act as either male or female plugs, and can be inserted into either
one.Pin layout The pins and holes in connectors are usually linked to the electric wires which form the cable.The pin
layout describes which pins couple with which wires.Each numbered pin generally corresponds to a wire within the
cable, but sometimes one of the pins is left unused. Additionally, in some cases, two pins may be linked to one
another; this is called a "bridge."Input/output connectors.The computer's motherboard has a certain number of
input-ouput connectors located on the "rear panel."
Most motherboards have the following connectors: Serial port, which uses a DB9 connector, for connecting older
devices Serial port, which uses a DB9 connector, for connecting older devices Parallel port, which uses a DB25
connector, mainly for connecting old printers USB ports (1.1, low-speed, or 2.0, high-speed), for connecting more
recent peripherals RJ45 connector (called the LAN port or Ethernet port), for connecting the computer to a
network. It interfaces with a network card built into the motheboardVGA connector (called SUB-D15), used for
hooking up a monitor. This connector interfaces with the built-in graphics card;
3.TOPOLOGY
Think of a topology as a network's virtual shape or structure. This shape does not necessarily correspond to the actual
physical layout of the devices on the network. For example, the computers on a home LAN may be arranged in a circle
in a family room, but it would be highly unlikely to find a ring topology there.
Network topologies are categorized into the following basic types:
bus
ring
star
tree
mesh
More complex networks can be built as hybrids of two or more of the above basic topologies.
Bus Topology
Bus networks (not to be confused with the system bus of a computer) use a common backbone to connect all devices. A
single cable, the backbone functions as a shared communication medium that devices attach or tap into with aninterface connector. A device wanting to communicate with another device on the network sends a broadcast message
onto the wire that all other devices see, but only the intended recipient actually accepts and processes the message.
Ethernet bus topologies are relatively easy to install and don't require much cabling compared to the alternatives.
10Base-2 ("ThinNet") and 10Base-5 ("ThickNet") both were popular Ethernet cabling options many years ago for bus
topologies. However, bus networks work best with a limited number of devices. If more than a few dozen computers
are added to a network bus,
performance problems will likely result. In addition, if the backbone cable fails, the entire network effectively becomes
unusable.
Ring Topology
In a ring network, every device has exactly two neighbors for communication purposes. All messages travel through a
ring in the same direction (either "clockwise" or "counterclockwise"). A failure in any cable or device breaks the loop
and can take down the entire network.
To implement a ring network, one typically uses FDDI, SONET, or Token Ring technology. Ring topologies are found in
Let’s talk about these types of networking in detail:
LAN(Local Area Networking)
Local Area Networking
Local Area Networking is used primarily in small areas such as schools, hospitals and office buildings. Local Area
Networking, is one of the older types of networks. TCP/IP is used as the method of communication between computersin Local Area Networking. Due to its small size, it is possible for one person to administrate a Local Area Network. Local
Area Networks are viable to quick change, using a bus network topology that allows for easy access to the Local Area
Extended Synchronous Connections (eSCO), which improve voice quality of audio links by allowing
retransmissions of corrupted packets, and may optionally increase audio latency to provide better concurrent data
transfer.
Host Controller Interface (HCI) operation with three-wire UART.
Ratified as IEEE Standard 802.15.1 –2005[38]
Introduced Flow Control and Retransmission Modes for L2CAP.
Bluetooth v2.0 + EDR
This version of the Bluetooth Core Specification was released in 2004. The main difference is the introduction of an
Enhanced Data Rate (EDR) for faster data transfer. The nominal rate of EDR is about 3 Mbit/s, although the practical
data transfer rate is 2.1 Mbit/s. EDR uses a combination of GFSK and Phase Shift Keying modulation (PSK) with two
variants, π/4-DQPSK and 8DPSK.EDR can provide a lower power consumption through a reduced duty cycle.
The specification is published as "Bluetooth v2.0 + EDR" which implies that EDR is an optional feature. Aside from EDR,
there are other minor improvements to the 2.0 specification, and products may claim compliance to "Bluetooth v2.0"
without supporting the higher data rate. At least one commercial device states "Bluetooth v2.0 without EDR" on its
data sheet.
Bluetooth v2.1 + EDR
Bluetooth Core Specification Version 2.1 + EDR was adopted by the Bluetooth SIG on 26 July 2007.
The headline feature of 2.1 is secure simple pairing (SSP): this improves the pairing experience for Bluetooth devices,
while increasing the use and strength of security. See the section on Pairingbelow for more details.
2.1 allows various other improvements, including "Extended inquiry response" (EIR), which provides more information
during the inquiry procedure to allow better filtering of devices before connection; and sniff subrating, which reduces
the power consumption in low-power mode.
Bluetooth v3.0 + HS
Version 3.0 + HS of the Bluetooth Core Specification was adopted by the Bluetooth SIG on 21 April 2009. Bluetooth
3.0+HS provides theoretical data transfer speeds of up to 24 Mbit/s, though not over the Bluetooth link itself. Instead,
the Bluetooth link is used for negotiation and establishment, and the high data rate traffic is carried over a collocated
802.11 link.
The main new feature is AMP (Alternative MAC/PHY), the addition of 802.11 as a high speed transport. The High-Speed
part of the specification is not mandatory, and hence only devices sporting the "+HS" will actually support theBluetooth over 802.11 high-speed data transfer. A Bluetooth 3.0 device without the "+HS" suffix will not support High
Speed, and needs to only support a feature introduced in Core Specification Version 3.0 or earlier Core Specification
Enables the use of alternative MAC and PHYs for transporting Bluetooth profile data. The Bluetooth radio is still
used for device discovery, initial connection and profile configuration, however when large quantities of data need
to be sent, the high speed alternative MAC PHY 802.11 (typically associated with Wi-Fi) will be used to transport the
data. This means that the proven low power connection models of Bluetooth are used when the system is idle, and
the faster radio is used when large quantities of data need to be sent. AMP links require enhanced L2CAP modes.
Unicast Connectionless Data
Permits service data to be sent without establishing an explicit L2CAP channel. It is intended for use by applications
that require low latency between user action and reconnection/transmission of data. This is only appropriate forsmall amounts of data.
Enhanced Power Control
Updates the power control feature to remove the open loop power control, and also to clarify ambiguities in power
control introduced by the new modulation schemes added for EDR. Enhanced power control removes the
ambiguities by specifying the behaviour that is expected. The feature also adds closed loop power control, meaning
RSSI filtering can start as the response is received. Additionally, a "go straight to maximum power" request has
been introduced. This is expected to deal with the headset link loss issue typically observed when a user puts their
phone into a pocket on the opposite side to the headset.
Ultra-wideband
The high speed (AMP) feature of Bluetooth v3.0 was originally intended for UWB, but the WiMedia Alliance, the body
responsible for the flavor of UWB intended for Bluetooth, announced in March 2009 that it was disbanding, and
ultimately UWB was omitted from the Core v3.0 specification.
On 16 March 2009, the WiMedia Alliance announced it was entering into technology transfer agreements for the
WiMedia Ultra-wideband (UWB) specifications. WiMedia has transferred all current and future specifications, including
work on future high speed and power optimized implementations, to the Bluetooth Special Interest Group (SIG),
Wireless USB Promoter Group and the USB Implementers Forum. After the successful completion of the technology
transfer, marketing and related administrative items, the WiMedia Alliance will cease operations.
In October 2009 the Bluetooth Special Interest Group suspended development of UWB as part of the alternative
MAC/PHY, Bluetooth v3.0 + HS solution. A small, but significant, number of formerWiMedia members had not and
would not sign up to the necessary agreements for the IP transfer. The Bluetooth SIG is now in the process of
evaluating other options for its longer term roadmap.
Bluetooth v4.0
See also: Bluetooth low energy
The Bluetooth SIG completed the Bluetooth Core Specification version 4.0 (called Bluetooth Smart) and has beenadopted as of 30 June 2010. It includes Classic Bluetooth, Bluetooth high speed andBluetooth low energy protocols.
Bluetooth high speed is based on Wi-Fi, and Classic Bluetooth consists of legacy Bluetooth protocols.
Bluetooth low energy, previously known as Wibree,[52] is a subset of Bluetooth v4.0 with an entirely new protocol stack
for rapid build-up of simple links. As an alternative to the Bluetooth standard protocols that were introduced in
Bluetooth v1.0 to v3.0, it is aimed at very low power applications running off a coin cell. Chip designs allow for two
types of implementation, dual-mode, single-mode and enhanced past versions.[53] The provisional names Wibree and
Bluetooth ULP (Ultra Low Power) were abandoned and the BLE name was used for a while. In late 2011, new logos
“Bluetooth Smart Ready” for hosts and “Bluetooth Smart” for sensors were introduced as the general -public face of
BLE.
In a single-mode implementation, only the low energy protocol stack is implemented. AMICCOM, CSR, Nordic
Semiconductor and Texas Instruments have released single mode Bluetooth low energy solutions.
In a dual-mode implementation, Bluetooth Smart functionality is integrated into an existing Classic Bluetooth
controller. As of March 2011, the following semiconductor companies have announced the availability of chips
meeting the standard: Qualcomm-Atheros, CSR, Broadcom and Texas Instruments. The compliant architecture
shares all of Classic Bluetooth’s existing radio and functionality resulting in a negligible cost increase compared to
Classic Bluetooth.
Cost-reduced single-mode chips, which enable highly integrated and compact devices, feature a lightweight Link Layer
providing ultra-low power idle mode operation, simple device discovery, and reliable point-to-multipoint data transfer
with advanced power-save and secure encrypted connections at the lowest possible cost.
General improvements in version 4.0 include the changes necessary to facilitate BLE modes, as well the GenericAttribute Profile (GATT) and Security Manager (SM) services with AES Encryption.
Core Specification Addendum 2 was unveiled in December 2011; it contains improvements to the audio Host Controller
Interface and to the High Speed (802.11) Protocol Adaptation Layer.
Core Specification Addendum 3 revision 2 has an adoption date of 24 July 2012.
Core Specification Addendum 4 has an adoption date of 12 February 2013.
Bluetooth v4.1
The Bluetooth SIG announced formal adoption of the Bluetooth 4.1 specification on 4 December 2013. This
specification is an incremental update to Bluetooth Specification v4.0. The update incorporates Bluetooth Core
Specification Addenda (CSA 1, 2, 3 & 4) and adds new features which improve consumer usability with increased co-
existence support for LTE, bulk data exchange rates, and aid developer innovation by allowing devices to support
The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files from one host to
another host over a TCP-based network, such as the Internet.
FTP is built on a client-server architecture and uses separate control and data connections between the client and the
server.[1] FTP users may authenticate themselves using a clear-text sign-in protocol, normally in the form of a username
and password, but can connect anonymously if the server is configured to allow it. For secure transmission that
protects the username and password, and encrypts the content, FTP is often secured with SSL/TLS (FTPS). SSH File
Transfer Protocol (SFTP) is sometimes also used instead, but is technologically different.
The first FTP client applications were command-line applications developed before operating systems had graphical
user interfaces, and are still shipped with most Windows, Unix, and Linuxoperating systems.
Communication and data transfer
Illustration of starting a passive connection using port 21
FTP may run in active or passive mode, which determines how the data connection is established. In both cases, the
client creates a TCP control connection from a random unprivileged port N to the FTP server command port 21. In
active modes, the client starts listening for incoming data connections on port N+1 from the server (the client sends the
FTP command PORT N+1 to inform the server on which port it is listening). In situations where the client is behind
afirewall and unable to accept incoming TCP connections, passive mode may be used. In this mode, the client uses thecontrol connection to send a PASVcommand to the server and then receives a server IP address and server port number
from the server,[5][6] which the client then uses to open a data connection from an arbitrary client port to the server IP
address and server port number received. Both modes were updated in September 1998 to support IPv6. Further
changes were introduced to the passive mode at that time, updating it to extended passive mode.
The server responds over the control connection with three-digit status codes in ASCII with an optional text message.
For example "200" (or "200 OK") means that the last command was successful. The numbers represent the code for the
FTP over SSH is the practice of tunneling a normal FTP session over a Secure Shell connection. Because FTP uses
multiple TCP connections (unusual for a TCP/IP protocol that is still in use), it is particularly difficult to tunnel over SSH.
With many SSH clients, attempting to set up a tunnel for the control channel (the initial client-to-server connection on
port 21) will protect only that channel; when data is transferred, the FTP software at either end sets up new TCP
connectionsAn SSH server is a software program which uses the secure shell protocol to accept connections from
remote computers. SFTP/SCP file transfers and remote terminal connections are popular use cases for an SSH server.
This article compares a selection of popular servers.
SSH
Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote command-line login,
remote command execution, and other secure network services between two networked computers. It connects, via a
secure channel over an insecure network, a server and a client runningSSH server and SSH client programs, respectively.
The protocol specification distinguishes between two major versions that are referred to as SSH-1 and SSH-2.
The best-known application of the protocol is for access to shell accounts on Unix-like operating systems, but it can also
be used in a similar fashion for accounts on Windows. It was designed as a replacement for Telnet and other insecure
remote shell protocols such as the Berkeley rsh and rexecprotocols, which send information, notably passwords, in
plaintext, rendering them susceptible to interception and disclosure using packet analysis. Theencryption used by SSH is
intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet.
SSH is typically used to log into a remote machine and execute commands, but it also supports tunneling, forwarding
TCP ports and X11 connections; it can transfer files using the associated SSH file transfer (SFTP) or secure copy (SCP)
protocols. SSH uses the client-server model.
The standard TCP port 22 has been assigned for contacting SSH servers.
An SSH client program is typically used for establishing connections to an SSH daemon accepting remote connections.Both are commonly present on most modern operating systems, includingMac OS X, most distributions of GNU/Linux,
OpenBSD, FreeBSD, NetBSD, Solaris and OpenVMS. Notably, Windows is one of the few modern desktop/server OSs
that does not include SSH by default. Proprietary, freeware and open source (e.g. PuTTY, and the version of openSSH
which is part of Cygwin[6]) versions of various levels of complexity and completeness exist. Native Linux file managers
(e.g. Konqueror) can use the FISH protocol to provide a split-pane GUI with drag-and-drop. The open source Windows
program WinSCP provides similar file management (synchronization, copy, remote delete) capability using PuTTY as a
back-end. Both WinSCP[8] and PuTTY are available packaged to run directly off of a USB drive, without requiring
installation on the client machine. Setting up a SSH server in Windows typically involves installation (e.g. via installingCygwin, or by installing a stripped down version of Cygwin with the SSH server[11]).
SSH is important in cloud computing to solve connectivity problems, avoiding the security issues of exposing a cloud-
based virtual machine directly on the Internet. An SSH tunnel can provide a secure path over the Internet, through a
Ticks measure the time it takes to traverse a link. Each tick is 1/18 of a second. When the router selects a route
based on tick and hop metrics, it chooses the one with the lowest number of ticks first.You can use routers, to
segment a large network, and to connect local area segments to a single network backbone that uses a different
physical layer and data link layer standard. They can also be used to connect LAN's to a WAN's.
BROUTERS
Brouters are a combination of router and bridge. This is a special type of equipment used for networks that can be
either bridged or routed, based on the protocols being forwarded. Brouters are complex, fairly expensive pieces of
equipment and as such are rarely used.
BROUTERS
A Brouter transmits two types of traffic at the exact same time: bridged traffic and routed traffic. For bridged traffic,
the Brouter handles the traffic the same way a bridge or switch would, forwarding data based on the physical address
of the packet. This makes the bridged traffic fairly fast, but slower than if it were sent directly through a bridge because
the Brouter has to determine whether the data packet should be bridged or routed.
GATEWAYS
A gateway is a device used to connect networks using different protocols. Gateways operate at the network layer of the
OSI model. In order to communicate with a host on another network, an IP host must be configured with a route to the
destination network. If a configuration route is not found, the host uses the gateway (default IP router) to transmit thetraffic to the destination host. The default t gateway is where the IP sends packets that are destined for remote
networks. If no default gateway is specified, communication is limited to the local network. Gateways receive data from
a network using one type of protocol stack, removes that protocol stack and repackages it with the protocol stack that
the other network can use.
Examples
E-mail gateways-for example, a gateway that receives Simple Mail Transfer Protocol (SMTP) e-mail, translates it
into a standard X.400 format, and forwards it to its destination
Gateway Service for NetWare (GSNW), which enables a machine running Microsoft Windows NT Server or
Windows Server to be a gateway for Windows clients so that they can access file and print resources on a NetWare
server
Gateways between a Systems Network Architecture (SNA) host and computers on a TCP/IP network, such as
the one provided by Microsoft SNA Server
A packet assembler/disassembler (PAD) that provides connectivity between a local area network (LAN) and an
X.25 packet-switching network
A CSU/DSU is a device that combines the functionality of a channel service unit (CSU) and a data service unit (DSU).
These devices are used to connect a LAN to a WAN, and they take care of all the translation required to convert a
data stream between these two methods of communication.
A DSU provides all the handshaking and error correction required to maintain a connection across a wide area link,
similar to a modem. The DSU will accept a serial data stream from a device on the LAN and translate this into a
useable data stream for the digital WAN network. It will also take care of converting any inbound data streams from
the WAN back to a serial communication.A CSU is similar to a DSU except it does not have the ability to provide
handshaking or error correction. It is strictly an interface between the LAN and the WAN and relies on some other
device to provide handshaking and error correction.
(NIC)
Network Interface Card, or NIC is a hardware card installed in a computer so it can communicate on a network. The
network adapter provides one or more ports for the network cable to connect to, and it transmits and receives data
onto the network cable.Wireless Lan card Every networked computer must also have a network adapter driver,
which controls the network adapter. Each network adapter driver is configured to run with a certain type of
network adapter.Network card
Network Interface Adapter Functions
Network interface adapters perform a variety of functions that are crucial to getting data to and from the computer
over the network.These functions are as follows:Data encapsulation
The network interface adapter and its driver are responsible for building the frame around the data generated by
the network layer protocol, in preparation for transmission. The network interface adapter also reads the contents
of incoming frames and passes the data to the appropriate network layer protocol.Signal encoding and decoding
The network interface adapter implements the physical layer encoding scheme that converts the binary datagenerated by the network layer-now encapsulated in the frame-into electrical voltages, light pulses, or whatever
other signal type the network medium uses, and converts received signals to binary data for use by the network
layer.transmission and receptionThe primary function of the network interface adapter is to generate and transmit
signals of the appropriate type over the network and to receive incoming signals. The nature of the signals depends
on the network medium and the data-link layer protocol. On a typical LAN, every computer receives all of the
packets transmitted over the network, and the network interface adapter examines the destination address in each
packet, to see if it is intended for that computer. If so, the network interface adapter passes the packet to the
computer for processing by the next layer in the protocol stack; if not, the network interface adapter discards the
Transceiver short for transmitter-receiver, a device that both transmits and receives analog or digital signals. The
term is used most frequently to describe the component in local-area networks (LANs) that actually applies signals
onto the network wire and detects signals passing through the wire. For many LANs, the transceiver is built into the
network interface card (NIC). Some types of networks, however, require an external transceiver.
In Ethernet networks, a transceiver is also called a Medium Access Unit (MAU). Media converters interconnect
different cable types twisted pair, fiber, and Thin or thick coax, within an existing network. They are often used to
connect newer 100-Mbps, Gigabit Ethernet, or ATM equipment to existing networks, which are generally 10BASE-T,
100BASE-T, or a mixture of both. They can also be used in pairs to insert a fiber segment into copper networks to
increase cabling distances and enhance immunity to electromagnetic interference (EMI).
9.FIREWALLMany personal computer operating systems include software-based firewalls to protect against threats from the public
Internet. Many routers that pass data between networks contain firewall components and, conversely, many firewalls
can perform basic routing functions.
First generation: packet filters
The first paper published on firewall technology was in 1988, when engineers from Digital Equipment Corporation (DEC)
developed filter systems known as packet filter firewalls. This fairly basic system was the first generation of what is now
a highly involved and technical internet security feature. At AT&T Bell Labs, Bill Cheswick and Steve Bellovin werecontinuing their research in packet filtering and developed a working model for their own company based on their
original first generation architecture.[6]
Packet filters act by inspecting the "packets" which are transferred between computers on the Internet. If a packet
matches the packet filter's set of filtering rules, the packet filter will drop (silently discard) the packet or reject it
(discard it, and send "error responses" to the source).
This type of packet filtering pays no attention to whether a packet is part of an existing stream of traffic (i.e. it stores no
information on connection "state"). Instead, it filters each packet based only on information contained in the packet
itself (most commonly using a combination of the packet's source and destination address, its protocol, and, for TCP
and UDP traffic, the port number).
TCP and UDP protocols constitute most communication over the Internet, and because TCP and UDP traffic by
convention uses well known ports for particular types of traffic, a "stateless" packet filter can distinguish between, and
thus control, those types of traffic (such as web browsing, remote printing, email transmission, file transfer), unless themachines on each side of the packet filter are both using the same non-standard ports
Packet filtering firewalls work mainly on the first three layers of the OSI reference model, which means most of the
work is done between the network and physical layers, with a little bit of peeking into the transport layer to figure out
source and destination port numbers. When a packet originates from the sender and filters through a firewall, the
device checks for matches to any of the packet filtering rules that are configured in the firewall and drops or rejects the
packet accordingly. When the packet passes through the firewall, it filters the packet on a protocol/port number basis
(GSS). For example, if a rule in the firewall exists to block telnet access, then the firewall will block the TCP protocol for
port number 23.
Second generation: "stateful" filters
From 1989-1990 three colleagues from AT&T Bell Laboratories, Dave Presetto, Janardan Sharma, and Kshitij Nigam,
developed the second generation of firewalls, calling them Circuit-level gateways.
Second-generation firewalls perform the work of their first-generation predecessors but operate up to layer 4
(transport layer) of the OSI model. This is achieved by retaining packets until enough information is available to make a
judgement about its state.[12] Known as stateful packet inspection, it records all connections passing through it and
determines whether a packet is the start of a new connection, a part of an existing connection, or not part of any
connection. Though static rules are still used, these rules can now contain connection state as one of their test criteria.
Certain denial-of-service attacks bombard the firewall with thousands of fake connection packets in an attempt to
overwhelm it by filling its connection state memory.
Third generation: application layer
Marcus Ranum, Wei Xu, and Peter Churchyard developed an Application Firewall known as Firewall Toolkit (FWTK). In
June 1994, Wei Xu extended the FWTK with the Kernel enhancement of IP filter and socket transparent. This was
known as the first transparent Application firewall, released as a commercial product of Gauntlet firewall at TIS.
Gauntlet firewall was rated one of the number 1 firewalls during 1995-1998.
The key benefit of application layer filtering is that it can "understand" certain applications and protocols (such as File
Transfer Protocol (FTP), Domain Name System (DNS), or Hypertext Transfer Protocol (HTTP)). This is useful as it is able
to detect if an unwanted protocol is attempting to bypass the firewall on an allowed port, or detect if a protocol is
being abused in any harmful way. As of 2012, the so-called next-generation firewall (NGFW) is nothing more than the
"widen" or "deepen" inspection at application-stack. For example, the existing deep packet inspection functionality of
modern firewalls can be extended to include i) Intrusion prevention systems (IPS); ii) User identity integration (by
filters. Application firewalls work much like a packet filter but application filters apply filtering rules (allow/block) on a
per process basis instead of filtering connections on a per port basis. Generally, prompts are used to define rules for
processes that have not yet received a connection. It is rare to find application firewalls not combined or used in
conjunction with a packet filter.
Also, application firewalls further filter connections by examining the process ID of data packets against a
ruleset for the local process involved in the data transmission. The extent of the filtering that occurs is
defined by the provided ruleset. Given the variety of software that exists, application firewalls only havemore complex rulesets for the standard services, such as sharing services. These per process rulesets have
limited efficacy in filtering every possible association that may occur with other processes. Also, these per
process rulesets cannot defend against modification of the process via exploitation, such as memory
corruption exploits. Because of these limitations, application firewalls are beginning to be supplanted by a new
generation of application firewalls that rely onmandatory access control (MAC), also referred to as sandboxing, to
protect vulnerable services.
ProxiES. In computing, a firewall is a piece of hardware and/or software which functions in a networked
environment to prevent some communications forbidden by the security policy, analogous to the function of
firewalls in building construction.
A firewall has the basic task of controlling traffic between different zones of trust. Typical zones of trust include the
Internet (a zone with no trust) and an internal network (a zone with high trust). The ultimate goal is to provide
controlled connectivity between zones of differing trust levels through the enforcement of a security policy and
connectivity model based on the least privilege principle.
There are three basic types of firewalls depending on:
whether the communication is being done between a single node and the network, or between two or more
networks
whether the communication is intercepted at the network layer, or at the application layer
whether the communication state is being tracked at the firewall or not
With regard to the scope of filtered communication these firewalls are exist:
diversity of content each may allow in its packet traffic) that comprehensive firewall design does not generally
attempt this approach.
A proxy device (running either on dedicated hardware or as software on a general-purpose machine) may act as a
firewall by responding to input packets (connection requests, for example) in the manner of an application, whilst
blocking other packets.
Proxies make tampering with an internal system from the external network more difficult, and misuse of one
internal system would not necessarily cause a security breach exploitable from outside the firewall (as long as the
application proxy remains intact and properly configured). Conversely, intruders may hijack a publicly-reachable
system and use it as a proxy for their own purposes; the proxy then masquerades as that system to other internal
machines. While use of internal address spaces enhances security, crackers may still employ methods such as IP
spoofing to attempt to pass packets to a target network.
10.Port (computer networking) and web application server
In computer networking, a port is an application-specific or process-specific software construct serving as a
communications endpoint in a computer's host operating system. The purpose of ports is to uniquely identify
different applications or processes running on a single computer and thereby enable them to share a single physical
connection to a packet-switched network like the Internet. In the context of the Internet Protocol, a port is
associated with an IP address of the host, as well as the type of protocol used for communication.
The protocols that primarily use ports are the Transport Layer protocols, such as the Transmission Control Protocol
(TCP) and the User Datagram Protocol (UDP) of the Internet Protocol Suite. A port is identified for each address and
protocol by a 16-bit number, commonly known as the port number. The port number, added to a computer's IPaddress, completes the destination address for a communications session. That is, data packets are routed across
the network to a specific destination IP address, and then, upon reaching the destination computer, are further
routed to the specific process bound to the destination port number.
Note that it is the combination of IP address and port number together that must be globally unique. Thus,
different IP addresses or protocols may use the same port number for communication; e.g., on a given host or
interface UDP and TCP may use the same port number, or on a host with two interfaces, both addresses may be
Of the thousands of enumerated ports, about 250 well-known ports are reserved by convention to identify
specific service types on a host. In the client-server model of application architecture, ports are used to provide a
multiplexing service on each server-side port number that network clients connect to for service initiation, after which
communication can be reestablished on other connection-specific port numbers.
First, What is a Web Server?
A web server is a specialized type of file server. Its job is to retrieve files from the server’s hard drive, format the files
for the Web browser, and send them out via the network. Web servers are designed to do a great job of sending staticcontent out to a large number of users. The pages delivered by the server are expected to be the same for everyone
who visits the server.
The function of a typical Web server is shown below. The user requests a web page. The Web Server finds the web page
file in a local directory and sends it back out to the user. When graphic files are requested, the same thing happens. The
Web Server finds the requested graphic files and sends them back to the user.
The Web Server standards were originally designed to publish static documents on the Internet. There was a limited
capability for accessing dynamic content, but this was never intended to support high volume, highly interactive Web
applications.
Then, as the Internet and Web browsers became popular in the mid-1990′s, organizations saw an opportunity to
provide web pages that contained dynamic content like stock prices, weather information, inventory levels, andshipping status for a package. Web browsers became such a pervasive way to access information that users and
organizations desired to access a wide variety of information and applications through their Web browser. So, Web
servers had to be extended to allow software application development and access to databases.
Then, What is a Web Application Server?
Web application servers are designed specifically to extend web servers to support dynamic content. The application
server software “hooks in” to the web server software and automatically intercepts any user requests for dynamic
content. The web server still sends out static web pages and graphic files –Just like before. But now, the application
server can create dynamic content by mixing data with templates, running programs, or by accessing databases
11.OSI TCP IP MODEL
The Open Systems Interconnection model (OSI) is a conceptual model that characterizes and standardizes the internal
functions of a communication system by partitioning it into abstraction layers. The model is a product of the Open
Systems Interconnection project at the International Organization for Standardization (ISO), maintained by the
identification ISO/IEC 7498-1.
The model groups communication functions into seven logical layers. A layer serves the layer above it and is served by
the layer below it. For example, a layer that provides error-free communications across a network provides the path
needed by applications above it, while it calls the next lower layer to send and receive packets that make up the
An easy way to visualize the transport layer is to compare it with a post office, which deals with the dispatch and
classification of mail and parcels sent. Do remember, however, that a post office manages the outer envelope of mail.
Higher layers may have the equivalent of double envelopes, such as cryptographic presentation services that can be
read by the addressee only. Roughly speaking, tunneling protocols operate at the transport layer, such as carrying non-
IP protocols such as IBM's SNA or Novell's IPX over an IP network, or end-to-end encryption with IPsec. WhileGeneric
Routing Encapsulation (GRE) might seem to be a network-layer protocol, if the encapsulation of the payload takes place
only at endpoint, GRE becomes closer to a transport protocol that uses IP headers but contains complete frames or
packets to deliver to an endpoint. L2TP carries PPP frames inside transport packet.
Although not developed under the OSI Reference Model and not strictly conforming to the OSI definition of the
transport layer, the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) of the Internet Protocol
Suite are commonly categorized as layer-4 protocols within OSI.
Layer 5: session layer
The session layer controls the dialogues (connections) between computers. It establishes, manages and terminates the
connections between the local and remote application. It provides for full-duplex, half-duplex, or simplex operation,
and establishes checkpointing, adjournment, termination, and restart procedures. The OSI model made this layer
responsible for graceful close of sessions, which is a property of the Transmission Control Protocol, and also for session
checkpointing and recovery, which is not usually used in the Internet Protocol Suite. The session layer is commonlyimplemented explicitly in application environments that use remote procedure calls.
Layer 6: presentation layer
The presentation layer establishes context between application-layer entities, in which the application-layer entities
may use different syntax and semantics if the presentation service provides a mapping between them. If a mapping is
available, presentation service data units are encapsulated into session protocol data units, and passed down the
TCP/IP stack.
This layer provides independence from data representation (e.g., encryption) by translating between application and
network formats. The presentation layer transforms data into the form that the application accepts. This layer formats
and encrypts data to be sent across a network. It is sometimes called the syntax layer.[5]
The original presentation structure used the Basic Encoding Rules of Abstract Syntax Notation One (ASN.1), with
capabilities such as converting an EBCDIC-coded text file to an ASCII-coded file, orserialization of objects and other data
The types of services performed and protocols used at each layer within the TCP/IP model are described in more detail
in the following table.
Layer Description
Application Defines TCP/IP application protocols and how host programs interface with transport layer services to
the network.
Transport Provides communication session management between host computers. Defines the level of service
status of the connection used when transporting data.
Internet Packages data into IP datagrams, which contain source and destination address information that is useforward the datagrams between hosts and across networks. Performs routing of IP datagrams.
Network
interface
Specifies details of how data is physically sent through the network, including how bits are electri
signaled by hardware devices that interface directly with a network medium, such as coaxial cable, op
fiber, or twisted-pair copper wire.
UDP
The User Datagram Protocol (UDP) is one of the core members of the Internet protocol suite (the set of network
protocols used for the Internet). With UDP, computer applications can send messages, in this case referred to as
datagrams, to other hosts on an Internet Protocol (IP) network without prior communications to set up special
transmission channels or data paths. The protocol was designed by David P. Reed in 1980 and formally defined in RFC
UDP uses a simple transmission model with a minimum of protocol mechanism.[1] It has no handshaking dialogues, and
thus exposes any unreliability of the underlying network protocol to the user's program. As this is normally IP over
unreliable media, there is no guarantee of delivery, ordering, or duplicate protection. UDP provides checksums for data
integrity, and port numbers for addressing different functions at the source and destination of the datagram.
UDP is suitable for purposes where error checking and correction is either not necessary or is performed in the
application, avoiding the overhead of such processing at the network interface level. Time-sensitive applications often
use UDP because dropping packets is preferable to waiting for delayed packets, which may not be an option in a real-time system.[2] If error correction facilities are needed at the network interface level, an application may use
theTransmission Control Protocol (TCP) or Stream Control Transmission Protocol (SCTP) which are designed for this
purpose.
A number of UDP's attributes make it especially suited for certain applications.
It is transaction-oriented , suitable for simple query-response protocols such as the Domain Name System or the
Network Time Protocol.
It provides datagrams, suitable for modeling other protocols such as in IP tunneling or Remote Procedure Calland the Network File System.
It is simple, suitable for bootstrapping or other purposes without a full protocol stack, such as the DHCP and
Trivial File Transfer Protocol.
It is stateless, suitable for very large numbers of clients, such as in streaming media applications for example
IPTV
The lack of retransmission delays makes it suitable for real-time applications such as Voice over IP, online
games, and many protocols built on top of the Real Time Streaming Protocol.
Works well in unidirectional communication, suitable for broadcast information such as in many kinds of servicediscovery and shared information such as broadcast time or Routing Information Protocol
Applications use datagram sockets to establish host-to-host communications. An application binds a socket to its
endpoint of data transmission, which is a combination of an IP address and a service port. A port is a software structure
that is identified by the port number, a 16 bit integer value, allowing for port numbers between 0 and 65535. Port 0 is
reserved, but is a permissible source port value if the sending process does not expect messages in response.
The Internet Assigned Numbers Authority (IANA) has divided port numbers into three ranges. Port numbers 0 through
1023 are used for common, well-known services. On Unix-like operating systems, using one of these ports requires
superuser operating permission. Port numbers 1024 through 49151 are the registered ports used for IANA-registered
services. Ports 49152 through65535 are dynamic ports that are not officially designated for any specific service, and
may be used for any purpose. They also are used as ephemeral ports, from which software running on the host may
randomly choose a port in order to define itself. In effect, they are used as temporary ports primarily by clients when
Universal Serial Bus (USB) is an industry standard developed in the mid-1990s that defines the cables, connectors and
communications protocols used in a bus for connection, communication, and power supply between computers and
electronic devices.
13.USB
USB was designed to standardize the connection of computer peripherals (including keyboards, pointing devices, digital
cameras, printers, portable media players, disk drives and network adapters) to personal computers, both to
communicate and to supply electric power. It has become commonplace on other devices, such as smartphones, PDAs
and video game consoles. USB has effectively replaced a variety of earlier interfaces, such as serial andparallel ports, as
well as separate power chargers for portable devices.
USB 1.x
Released in January 1996, USB 1.0 specified data rates of 1.5 Mbit/s (Low-Bandwidth) and 12 Mbit/s (Full-Bandwidth). It
did not allow for extension cables or pass-through monitors, due to timing and power limitations. Few USB devicesmade it to the market until USB 1.1 was released in August 1998, fixing problems identified in 1.0, mostly related to
using hubs. USB 1.1 was the earliest revision that was widely adopted.
USB 2.0
The Hi-Speed USB Logo
USB 2.0 was released in April 2000 (now called "Hi-Speed" ), adding higher maximum signaling rate of 480 Mbit/s (due
to bus access constraints the effective throughput is limited to 35 MB/s or 280 Mbit/s), in addition to the "USB 1.x Full
Speed" signaling rate of 12 Mbit/s.
Further modifications to the USB specification have been done via Engineering Change Notices (ECN). The most
important of these ECNs are included into the USB 2.0 specification package available from USB.org:
On May 7, 2008 in the United States, Sprint Nextel, Google, Intel, Comcast, Bright House, and Time Warner announced
a pooling of an average of 120 MHz of spectrum and merged with Clearwire to market the service. The new company
hopes to benefit from combined services offerings and network resources as a springboard past its competitors. The
cable companies will provide media services to other partners while gaining access to the wireless network as a Mobile
virtual network operator to provide triple-play services.
Some analysts questioned how the deal will work out: Although fixed-mobile convergence has been a recognized factor
in the industry, prior attempts to form partnerships among wireless and cable companies have generally failed to leadto significant benefits to the participants. Other analysts point out that as wireless progresses to higher bandwidth, it
inevitably competes more directly with cable and DSL, inspiring competitors into collaboration. Also, as wireless
broadband networks grow denser and usage habits shift, the need for increased backhaul and media service will
accelerate, therefore the opportunity to leverage cable assets is expected to increase.
16.PROXY SERVER
A proxy server (running either on dedicated hardware or as software on a general-purpose machine) may act as a
firewall by responding to input packets (connection requests, for example) in the manner of an application, whileblocking other packets. A proxy server is a gateway from one network to another for a specific network application, in
the sense that it functions as a proxy on behalf of the network user.
Proxies make tampering with an internal system from the external network more difficult and misuse of one internal
system would not necessarily cause a security breach exploitable from outside the firewall (as long as the application
proxy remains intact and properly configured). Conversely, intruders may hijack a publicly reachable system and use it
as a proxy for their own purposes; the proxy then masquerades as that system to other internal machines. While use of
internal address spaces enhances security, crackers may still employ methods such as IP spoofing to attempt to pass
packets to a target network.Network address translation
: Network address translation
Firewalls often have network address translation {NAT} functionality, and the hosts protected behind a firewall
commonly have addresses in the "private address range", as defined in RFC 1918. Firewalls often have such
functionality to hide the true address of protected hosts. Originally, the NAT function was developed to address the
limited number of IPv4 routable addresses that could be used or assigned to companies or individuals as well as reduce
both the amount and therefore cost of obtaining enough public addresses for every computer in an organization.Hiding the addresses of protected devices has become an increasingly important defense against network
Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network
security appliances that monitor network and/or system activities for malicious activity. The main functions of intrusion
prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and
report it.
Intrusion prevention systems are considered extensions of intrusion detection systems because they both monitor
network traffic and/or system activities for malicious activity. The main differences are, unlike intrusion detection
systems, intrusion prevention systems are placed in-line and are able to actively prevent/block intrusions that aredetected. More specifically, IPS can take such actions as sending an alarm, dropping the malicious packets, resetting the
connection and/or blocking the traffic from the offending IP address. An IPS can also correct Cyclic Redundancy Check
(CRC) errors, unfragment packet streams, prevent TCP sequencing issues, and clean up unwanted transport and
network layer options.
An intrusion detection system (IDS) is a device or software application that monitors network or system activities for
malicious activities or policy violations and produces reports to a management station. IDS come in a variety of
“flavors” and approach the goal of detecting suspicious traffic in different ways. There are network based (NIDS) and
host based (HIDS) intrusion detection systems. Some systems may attempt to stop an intrusion attempt but this is
neither required nor expected of a monitoring system. Intrusion detection and prevention systems (IDPS) are primarily
focused on identifying possible incidents, logging information about them, and reporting attempts. In addition,
organizations use IDPSes for other purposes, such as identifying problems with security policies, documenting existing
threats and deterring individuals from violating security policies. IDPSes have become a necessary addition to the
security infrastructure of nearly every organization.
IDPSes typically record information related to observed events, notify security administrators of important observed
events and produce reports. Many IDPSes can also respond to a detected threat by attempting to prevent it from
succeeding. They use several response techniques, which involve the IDPS stopping the attack itself, changing the
security environment (e.g. reconfiguring a firewall) or changing the attack's content.
18.CLBComponent load balancing (CLB) is a Microsoft Windows Server OS series technology that enables the efficient and
even balancing of services requests in a COM/COM+ based computing architecture. CLB is designed to provide
availability, reliability and scalability of components or objects that are essential for real-time application based
transactions or processes.CLB is implemented in distributed computing architectures in which an application is
deployed over one or more servers. The entire CLB process works on the collaboration of a CLB configured load
balancing router and application server(s).
The CLB router receives all application requests from the Web/front end server. These requests are then routed
between the connected application server cluster. The CLB router is responsible for managing a routing table, which
includes network paths, to implement server clustering, load processing on each server and the entire
interprocess/device communication. This helps identify the current status of an application server and balance the
The Web or front end server also may be configured to provide CLB services and directly interact with the application
server cluster.
19.WES WAP
Wireless Application Protocol (WAP) is a technical standard for accessing information over a mobile wireless network. A
WAP browser is a web browser for mobile devices such as mobile phonesthat uses the protocol.
Before the introduction of WAP, mobile service providers had limited opportunities to offer interactive data services,but needed interactivity to support Internet and Web applications such as:
Email by mobile phone
Tracking of stock-market prices
Sports results
News headlines
Music downloads
The Japanese i-mode system offers another major competing wireless data protocol. As of 2013, WAP use has largely
disappeared in Europe and the United States. Most modern handset internet browsers now support full HTML, so do
not need to use WAP markup for webpage compatibility.
The bottom-most protocol in the suite, the WAP Datagram Protocol (WDP), functions as an adaptation layer that makes
every data network look a bit likeUDP to the upper layers by providing unreliable transport of data with two 16-bit port
numbers (origin and destination). All the upper layers view WDP as one and the same protocol, which has several
"technical realizations" on top of other "data bearers" such as SMS, USSD, etc. On native IP bearers such as GPRS, UMTS
packet-radio service, orPPP on top of a circuit-switched data connection, WDP is in fact exactly UDP.
WTLS, an optional layer, provides a public-key cryptography-based security mechanism similar to TLS.
WTP provides transaction support (reliable request/response) adapted to the wireless world. WTP supports more
effectively than TCP the problem of packet loss, which occurs commonly in 2G wireless technologies in most radio
conditions, but is misinterpreted by TCP as network congestion.
Finally, one can think of WSP initially as a compressed version of HTTP.
This protocol suite allows a terminal to transmit requests that have an HTTP or HTTPS equivalent to a WAP gateway;
the gateway translates requests into plain HTTP.
The WAP Forum dates from 1997. It aimed primarily to bring together the various wireless technologies in a
standardised protocol.[1] The first company to launch a WAP site was Dutch mobile phoneoperator Telfort BV in
October 1999. The site was developed as a side project by Christopher Bee and Euan McLeod and launched with the
debut of the Nokia 7110.
In 2002 the WAP Forum was consolidated (along with many other forums of the industry) into Open Mobile Alliance
A number of standard schemes have evolved. These are called levels. Originally, there were five RAID levels, but many
variations have evolved—notably several nested levels and many non-standard levels (mostly proprietary). RAID levels
and their associated data formats are standardized by the Storage Networking Industry Association (SNIA) in the
Common RAID Disk Drive Format (DDF) standard:
RAID 0
RAID 0 comprises striping (but neither parity nor mirroring). This level provides no data redundancy nor fault
tolerance, but improves performance through parallelism of read and write operations across multiple drives. RAID
0 has no error detection mechanism, so the failure of one disk causes the loss of all data on the array.
RAID 1
RAID 1 comprises mirroring (without parity or striping). Data is written identically to two (or more) drives, thereby
producing a "mirrored set". The read request is serviced by any of the drives containing the requested data. This
can improve performance if data is read from the disk with the least seek latency and rotational latency.
Conversely, write performance can be degraded because all drives must be updated; thus the write performance is
determined by the slowest drive. The array continues to operate as long as at least one drive is functioning.
RAID 2
RAID 2 comprises bit-level striping with dedicated Hamming-code parity. All disk spindle rotation is synchronized
and data is striped such that each sequential bit is on a different drive. Hamming-code parity is calculated across
corresponding bits and stored on at least one parity drive. This level is of historical significance only. Although itwas used on some early machines (e.g. theThinking Machines CM-2),it is only recently used by high-performance
commercially available systems.
RAID 3
RAID 3 comprises byte-level striping with dedicated parity. All disk spindle rotation is synchronized and data is
striped such that each sequential byte is on a different drive. Parity is calculated across corresponding bytes and
stored on a dedicated parity drive.[9] Although implementations exist RAID 3 is not commonly used in practice.
RAID 4
RAID 4 comprises block-level striping with dedicated parity. This level was previously used by NetApp, but has now
been largely replaced by a proprietary implementation of RAID 4 with two parity disks, called RAID-DP.
RAID 5RAID 5 comprises block-level striping with distributed parity. Unlike in RAID 4, parity information is distributed
among the drives. It requires that all drives but one be present to operate. Upon failure of a single drive,
subsequent reads can be calculated from the distributed parity such that no data is lost. RAID 5 requires at least
three disks.[9] RAID 5 is seriously affected by the general trends regarding array rebuild time and chance of failure
during rebuild. In August 2012, Dell posted an advisory against the use of RAID 5 in any configuration and of RAID
50 with "Class 2 7200 RPM drives of 1 TB and higher capacity".
RAID 6
RAID 6 comprises block-level striping with double distributed parity. Double parity provides fault tolerance up to
two failed drives. This makes larger RAID groups more practical, especially for high-availability systems, as large-
capacity drives take longer to restore. As with RAID 5, a single drive failure results in reduced performance of the
entire array until the failed drive has been replaced.With a RAID 6 array, using drives from multiple sources andmanufacturers, it is possible to mitigate most of the problems associated with RAID 5. The larger the drive
capacities and the larger the array size, the more important it becomes to choose RAID 6 instead of RAID 5 ,RAID 10
filtering, load balancing, data leak prevention and on-appliance reporting.
The worldwide UTM market was approximately worth $1.2 billion in 2007, with a forecast of 35-40% compounded
annual growth rate through 2011. The primary market of UTM providers is the SMBand enterprise segments, althougha few providers are now providing UTM solutions for small offices/remote offices.
The term UTM was originally coined by market research firm IDC. The advantages of unified security lie in the fact that
rather than administering multiple systems that individually handle antivirus, content filtering, intrusion prevention and
spam filtering functions, organizations now have the flexibility to deploy a single UTM appliance that takes over all their
functionality into a single rack mountable network appliance.
A single UTM appliance simplifies management of a company's security strategy, with just one device taking the place
of multiple layers of hardware and software. Also from one single centralized console, all the security solutions can be
monitored and configured.
In this context, UTMs represent all-in-one security appliances that carry a variety of security capabilities including
Rackmount servers collectively host, execute and manage an enterprise application or serve as a data center.
Designed to save physical floor space and other server resources, a rackmount server is typically housed with a
horizontal rack chassis that can simultaneously hold multiple servers placed above each other.
The server console designed for a rackmount server is in a horizontal factor form, each of which has its own
processor, motherboard, storage and other input/output (I/O) resources. Each rackmount server can operateindependently but requires the underlying chassis for power, cooling and the server’s structural and mounting
support.
A rack server, also called a rack-mounted server, is a computer dedicated to use as a server and designed to be
installed in a framework called a rack. The rack contains multiple mounting slots called bays, each designed to
hold a hardware unit secured in place with screws. A rack server has a low-profile enclosure, in contrast to
a tower server, which is built into an upright, standalone cabinet.
A single rack can contain multiple servers stacked one above the other, consolidating network resources and
minimizing the required floor space. The rack server configuration also simplifies cabling among network
components. In an equipment rack filled with servers, a special cooling system is necessary to prevent
excessive heat buildup that would otherwise occur when many power-dissipating components are confined in a
supports OpenFlow 1.0 and 1.3 specifications to enable SDN by allowing separation of the data (packet
forwarding) and control (routing decision) paths
Quality of Service (QoS)
Storm restraint: allows limitation of broadcast, multicast, and unknown unicast traffic rate to cut down on
unwanted broadcast traffic on the network
Advanced classifier-based QoS: classifies traffic using multiple match criteria based on Layer 2, 3, and 4
information; applies QoS policies such as setting priority level and rate limit to bi-directional selected traffic ona per-port, per-VLAN, or whole switch basis Powerful QoS feature: creates traffic classes based on ACLs,
IEEE 802.1p precedence, IP, DSCP or ToS precedence; supports filter, redirect, mirror, or remark; supports the
following congestion actions: strict priority queuing (SP), weighted round robin (WRR), SP+WRR, weighted
fair queuing (WFQ), and weighted random early discard (WRED) Traffic policing: supports Committed
Access Rate (CAR) and line rate
Connectivity
Auto-MDIX: automatically adjusts for straight-through or crossover cables on all 10/100/1000 ports
Flow control: provides back pressure using standard IEEE 802.3x, reducing congestion in heavy traffic
situations Jumbo packet support: supports up to 9216-byte frame size to improve the performance of large data
transfers Optional 10 GbE ports: deliver, through the use of optional modules, additional 10GbE connections,
which are available for uplinks or high-bandwidth server connections; flexibly support copper, XFP, SFP+, or
CX4 local connections High-density port connectivity: provides up to 48 fixed 10/100/1000BASE-T or 24 SFP
100/1000BASE-X ports in a Layer 2/Layer 3 stackable switch supporting unique IRF stacking IEEE 802.3at
Power over Ethernet (PoE+) support: simplifies deployment and dramatically reduces installation costs by
helping to eliminate the time and cost involved in supplying local power at each access point location Ethernet
operations, administration and maintenance (OAM): detects data link layer problems that occurred in the "lastmile" using the IEEE 802.3ah OAM standard; monitors the status of the link between two devices High-
bandwidth CX4 and SFP+ local stacking: provide 10 Gb/s SPF+ or 12 Gb/s CX4 local stacking cables; achieve
It doesn't say that a SAN's only purpose is communication between computers and storage. Many
organizations operate perfectly viable SANs that carry occasional administrative and other application
traffic.
It doesn't say that a SAN uses Fibre Channel or Ethernet or any other specific interconnect
technology. A growing number of network technologies have architectural and physical properties that
make them suitable for use in SANs.
It doesn't say what kind of storage devices are interconnected. Disk and tape drives, RAID
subsystems, robotic libraries, and file servers are all being used productively in SAN environments today.
One of the exciting aspects of SAN technology is that it is encouraging the development of new kinds of
storage devices that provide new benefits
to users. Some of these will undoubtedly fail in the market, but those that succeed will make lasting
improvements in the way digital information is stored and processed.
DMZ INTRANET
In computer security, a DMZ or Demilitarized Zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a
larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of
security to an organization'slocal area network (LAN); an external attacker only has direct access to
equipment in the DMZ, rather than any other part of the network. The name is derived from the term
"demilitarized zone", an area between nation states in which military operation is not permitted. In the
military sense, a DMZ is not seen as belonging to either party bordering it. This concept applies to the
computing use of the metaphor in that a DMZ which is, for example, acting as a gateway to the public
Internet, is neither as secure as the internal network, nor as insecure as the public Internet.. In this case,
the hosts most vulnerable to attack are those that provide services to users outside of the local area network,
such as e-mail, web and Domain Name System (DNS) servers. Because of the increased potential of these
hosts suffering an attack, they are placed into this specific sub-network in order to protect the rest of the
network if an intruder were to successfully compromise any of them.
Hosts in the DMZ are permitted to have only limited connectivity to specific hosts in the internal network, as
the content of DMZ is not as secure as the internal network. Similarly communication between hosts in the
DMZ and to the external network is also restricted, to make the DMZ more secure than the Internet, and
suitable for housing these special purpose services. This allows hosts in the DMZ to communicate with both
the internal and external network, while an intervening firewall controls the traffic between the DMZ servers
and the internal network clients, and another firewall would perform some level of control to protect the DMZ
from the external network.
A DMZ configuration provides security from external attacks, but it typically has no bearing on internal attacks
such as sniffing communication via a packet analyzer or spoofingsuch as e-mail spoofing. It is also sometimes
good practice to configure separate Classified Militarized Zone (CMZ), a highly monitored militarized zone
isolation of traffic belonging to different trust levels can be achieved using advanced features such as virtual
systems, virtual LANs, and security zones. The ISG Series Integrated Security Gateways allow multiple,
separate firewall inspection or routing policies to simplify network design. This enables the enforcement of
security policies to traffic streams — even in highly complex environments — without significant impact on the
network itself.The ISG Series with IDP utilizes the same award-winning software found on Juniper Networks
IDP Series Intrusion Detection and Prevention Appliances. The IDP security module supports multi-method
detection, combining eight different detection mechanisms — including stateful signatures and protocol
anomaly detection. In addition to helping businesses defend against security threats such as worms, trojans,
malware, spyware, and hackers, the ISG Series with IDP can provide information on rogue servers as well as
types and versions of the applications and operating systems that may have inadvertently been added to the
network. Application signatures go a step further by enabling administrators to maintain compliance and
enforce corporate business policies with accurate
SG Series Integrated Security Gateways firewall/VPN systems are for securing enterprise, carrier, and datacenter, environments where advanced applications, such as VoIP and streaming media, demand secure,
consistent, scalable performance.
Security features include intrusion prevention system (IPS), anti-spam, Web filtering, and Internet Content
Adaptation Protocol (ICAP) antivirus redirection support, and can include integrated Intrusion Detection and
Prevention (IDP) or a General Packet Radio Service (GPRS) firewall/VPN for mobile network environments.
ISG Series architecture enables deployment with a variety of copper and fiber interface options, enabling
segmentation and isolation of traffic for different trust levels and allowing multiple, separate firewall or routing policies without network impact.
The architecture enables a firewall/VPN or an integrated firewall/VPN/IDP solution. The ISG Series with IDPutilizes the software found on IDP Series Intrusion Detection and Prevention Appliances.
Security modules maintain dedicated processing and memory, reducing the number of separate devices for
greater cost savings. In addition to defending against common security threats, the ISG Series with IDP can
provide rogue server information, and types and versions of software that may have been added to the network.
Cisco 7604 Router
The Cisco® 7604 Router is a compact, high-performance router designed in a 4-slot form factor for deployment
at the network edge, where robust performance and IP/Multiprotocol Label Switching (MPLS) services arenecessary to meet the requirements of both enterprises and service providers. It enables Carrier Ethernet
service providers to deploy an advanced network infrastructure that supports a range of IP video and triple-play
(voice, video, and data) system applications in both the residential and business services markets. The Cisco7604 also delivers WAN and metropolitan-area network (MAN) networking solutions at the enterprise edge.
With a powerful combination of speed and services in a compact form factor, the Cisco 7604 is an outstandingchoice for multiple applications. Whether deployed as a mobile Radio Access Network (RAN) preaggregationdevice, as a device for peering, as a residential broadband services aggregator, or as a device for Metro
Ethernet aggregation and uplink, the Cisco 7604 meets requirements for redundancy, high availability, and
rack density. In the point-of-presence (POP) enterprise edge or the metropolitan network edge, the Cisco 7604sets new standards as part of the industry-leading Cisco 7600 Series Routers (Figure 1).
With a forwarding rate of up to 144-Mpps distributed and 320-Gbps total throughput, the Cisco 7604 provides
performance and reliability with options for redundant route processors and power supplies. The inclusion oftwo Gigabit Ethernet ports on the Cisco Catalyst
® 6500 Series Supervisor Engine 720 with the Multilayer
Switch Feature Card 3 (MSFC-3) or the new Cisco Route Switch Processor 720 (RSP 720) with the MSFC-4
used in the Cisco 7604 eliminates the need for a line-card slot for uplink ports. The result of this design is moreefficient use of available line-card slots and increased deployment flexibility. Four Gigabit Ethernet ports are
available for use in dual-route processor configurations.
Shared port adaptors (SPAa) on the SPA interface processors ( SIPs) are available on the Cisco 7600 Series
with interface speeds ranging from OC-3 to OC-192 and from Fast Ethernet to 10 Gigabit Ethernet. The Cisco
7600 Series can also use the Cisco 7600 Series/Catalyst 6500 Series Enhanced FlexWAN Module to take
advantage of most Cisco 7200 and 7500 Port Adapters for terminating DS-0 to OC-3 speeds. By using the
Cisco Catalyst 6000 Series of Ethernet line cards in conjunction with the SIP-based SPAs and the enhancedFlexWAN module, the Cisco 7600 provides a multitude of options to scale WAN connectivity from DS-0 to
OC-192 and LAN connectivity from 10-Mbps Ethernet through 10 Gigabit Ethernet.
The Cisco 7604 chassis accommodates a broad selection of line cards supporting numerous applications,
including:
● SPAs and SIPs (Cisco 7600 Series SPA Interface Processor-200 [SIP-200], SIP-400, and SIP-600):
- Channelized T1/E1, Channelized T3, and Channelized OC-3/STM-1
- OC-3/STM-1, OC-12/STM-4, OC-48/STM-16 Packet over SONET/SDH (PoS), and OC-192/STM-64 PoS
- OC-3/STM-1 ATM, OC-12/STM-4 ATM, and OC-48/STM-16 ATM
- Fast Ethernet, Gigabit Ethernet, and 10 Gigabit Ethernet
● Enhanced FlexWAN module: Supporting Cisco 7200 and 7500 WAN Port Adapters from DS-0 to OC-3
for channelized and ATM interfaces and also Fast Ethernet port adapters
● Services modules: IP Security (IPsec), firewall, distributed denial of service, intrusion detection, networkanalysis, and content switching commonly used, for example, in the Cisco Mobile Exchange solution
3B), Cisco Catalyst 6500 Supervisor Engine 720 (WS-SUP720-3B and WS-SUP720-3BXL), and the new
Cisco Route Switch Processor 720 (RSP720-3C and RSP720-3CXL)
The Cisco 7604 can be configured two ways: with a single supervisor engine and up to three line cards, or withdual supervisor engines and up to two line cards for high availability and redundancy. The Cisco 7604 also
supports redundant 2700W (AC/DC) power supplies for increased availability. Understanding the need to use
rack space efficiently, Cisco designed this router to be 8.75 inches tall (5 rack units [RUs]), with single-sideconnection management for both interface and power terminations. This setup allows placement of up to nineCisco 7604 units per standard 7-foot rack.
Applications
The flexible Cisco 7604 Router is ideal for addressing high-performance applications such as:
● IP/MPLS provider edge
● Metro Ethernet access
● Enterprise WAN aggregation● Mobile RAN preaggregation
● Residential subscriber aggregation
● Customer premises equipment (CPE)
● Leased line
CISCO 3935 ROUTER
The Cisco 3925 Integrated Services Router (ISR) delivers highly secure data, voice, video, and application
services to small branch offices. Key features include:
Modular Services Performance Engine (SPE) 100, which can be upgraded for even higher performance
as next-generation WAN environments evolve
3 integrated 10/100/1000 Ethernet ports with 2 ports capable of RJ-45 or SFP connectivity
2 service module slots
4 Enhanced High-Speed WAN Interface Card (EHWIC) slots
4 onboard digital signal processor (DSP) slots
1 Internal Services Module slot
Dual integrated power supplies
Fully integrated power distribution to modules supporting 802.3af Power over Ethernet
A universal IOS image that lets you deploy new IOS services quickly
Security
o Embedded hardware-accelerated VPN encryption for secure collaboration
o Integrated threat control using Cisco IOS Firewall, Cisco IOS Zone-Based Firewall, Cisco IOS
IPS, and Cisco IOS Content Filtering
o Identity management using authentication, authorization, and accounting (AAA) and public key
infrastructure
Unified Communications
o High-density-packet voice DSP module, optimized for voice and video support
o
Standards-certified VoiceXML browser services
o Cisco Unified Border Element capabilities for up to 800 sessions
o Cisco Unity Express voicemail support
o Support for Cisco Communications Manager Express and Survivable Remote Site Telephony
BULK ENCRYPTOR UNIT
Bulk Encryptor is a powerful, networkattachedencryption device designed for broadcast and
on-demand applications in systems that use MPEGtransport over UDP, IP, and Ethernet.
The Netcrypt Bulk Encryptor has a maximum
throughput of four gigabits per second (4 Gbps) in a compact, two rack-unit high chassis.It is capable of encrypting as many as 4,000 input programs into a maximum of 4,000
transport streams suitable for distribution as digital broadcast or as IP multicast sessions.
The Netcrypt Bulk Encryptor is designed to be connected to a switch or router network
using four Gigabit Ethernet ports in bi-directional mode. In this application, QAMmodulator edge devices are connected to ports on the Gigabit Ethernet switch either
directly or remotely through network transport equipment. The Netcrypt Bulk Encryptorreceives clear data to be encrypted and sends the data to the edge device’s Gigabit
Ethernet switch for distribution through other porY.
Features• Ideal for encryption of switched digital video (SDV) streams
• Maximum throughput of 4 Gbps
• Capable of encrypting up to 4,000 input programs into a maximum of 4,000 transport streams suitable for digital broadcast or multicast sessions
• Four Gigabit Ethernet ports for MPEG data (duplex multimode fiber optic cables or
The FIP (FCoE Initialization Protocol) is an integral part of FCoE. Its main goal is to discover and initialize
FCoE capable entities connected to an Ethernet cloud. FIP uses a dedicated Ethertype of 0x8914.
SYNCHRONOUS TRANSFER MODE
Data transfer method in which a continuous stream of data signals is accompanied by timing signals (generated
by an electronic clock) to ensure that the transmitter and the receiver are in step (synchronized) with oneanother. The data is sent in blocks (called frames or packets) spaced by fixed time intervals. In
contrast,asynchronous transmission works in spurts and must insert a start bit before each data character and a
stop bit at its termination to inform the receiver where it begins and ends. Most network protocols (such
as Ethernet, SONET, Token Ring) use synchronous transmission whereas asynchronous transmission is used