1 / 52

ISA 3200 Network Security

ISA 3200 Network Security . Chapter 2: An Introduction to Networking. Learning Objectives. Upon completion of this chapter, you should be able to: Describe the basic elements of computer-based data communication

hashim
Download Presentation

ISA 3200 Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ISA 3200Network Security Chapter 2: An Introduction to Networking

  2. Learning Objectives Upon completion of this chapter, you should be able to: • Describe the basic elements of computer-based data communication • Know the key entities and organizations behind current networking standards, as well as the purpose of and intent behind the more widely used standards • Explain the nature and intent of the OSI reference model and list and describe each of the model’s seven layers • Describe the nature of the Internet and the relationship between the TCP/IP protocol and the Internet ISA 3200---Summer 2010

  3. Networking Fundamentals • Fundamental exchange of information: sender communicates message to receiver over some medium • Communication only occurs when recipient is able to receive, process, and comprehend message • One-way flow of information is called a channel • When recipient becomes a sender, for example by responding to original sender’s message, this two-way flow is called a circuit ISA 3200---Summer 2010

  4. Networking Fundamentals (continued) • Any medium may be subject to interference, called noise, which occurs in variety of forms • Attenuation: loss of signal strength as signal moves across media • Crosstalk: occurs when one transmission “bleeds” over to another • Distortion: unintentional variation of communication over media ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 4

  5. Networking Fundamentals (continued) • Any medium may be subject to interference, called noise, which occurs in variety of forms (continued) • Echo: reflection of a signal due to equipment malfunction or poor design • Impulse: sudden, short-lived increase in signal frequency or amplitude, also known as a spike • Jitter: signal modification caused by malfunctioning equipment • White noise: unwanted noise due to signal coming across medium at multiple frequencies ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 5

  6. Reasons to Network • Data communications: exchange of messages across a medium • Networking: interconnection of groups or systems with purpose of exchanging information • Some reasons to build a network: • To exchange information • To share scarce or expensive resources • To allow distributed organizations to act as if centrally located ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 6

  7. Types of Networks • Networks can be categorized by: • Components: peer-to-peer (P2P), server-based, distributed multi-server • Size: local area network (LAN), metropolitan area network (MAN), wide area network (WAN) • Layout or topology: physical (ring, bus, star, hierarchy, mesh, hybrid), logical (bus, star) • Media: guided (wired), unguided (wireless) ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 7

  8. Network Standards • Among the agencies that work on data communications standards are: • Internet Society (ISOC) • Internet Assigned Numbers Authority (IANA) • American National Standards Institute (ANSI) • International Telecommunication Union (ITU) • Institute of Electrical and Electronics Engineers (IEEE) • Telecommunications Industry Association (TIA) • International Organization for Standardization (ISO) ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 8

  9. Layered Schemes • Communication is so complex that it is very helpful to modularize the systems involved • The scheme generally used is a layered scheme • Each layer in a communication ‘stack’ handles one aspect of communication over a network ISA 3200---Summer 2010

  10. Logical vs. Actual • A layer operates by • Receiving data from a higher layer • Sending data to a lower layer • Logically, a layer acts as if it is communicating with the associated layer on a different system ISA 3200---Summer 2010

  11. Host A Host B Logical Channels Layer 1 Layer 1 Layer 2 Layer 2 Layer 3 Layer 3 ISA 3200---Summer 2010

  12. Hops • Connecting one network to another • Some hosts belong to two or more networks • Communication can move from physical network to physical network ISA 3200---Summer 2010

  13. OSI Reference Model and Security • OSI reference model allocates functions of network communications into seven distinct layers, each with its own functions and protocols • Premise of model is information sent from one host is translated and encoded through various layers, from Application layer to Physical layer • Physical layer initiates transmission to receiver • Receiver translates and decodes message by processing information through each layer in reverse order ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 13

  14. The Physical Layer • The primary function of the Physical layer is to place the transmission signal carrying the message onto the communications media—that is, to put “bits on a wire” • The functions of the Physical layer are: • Establish and terminate the physical and logical connection to the media • Manage the flow and communication on the media • Embed the message onto the signal carried across the physical media ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 14

  15. Network Media • Dominant media types and standards include: • Coaxial cable • Fiber-Optic cable • Twisted-pair wire • Wireless LAN • Bluetooth • Infrared ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 15

  16. Embedding the Message • Method used to embed message on signal depends on type of message and type of signal • Two types of message (or information): • Analog information: continuously varying source (such as voice communications) • Digital information: discrete, between a few values (such as computer communications) ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 16

  17. Embedding the Message (continued) • Multiplexing combines several circuits to create high-bandwidth stream to carry multiple signals long distances • Three dominant multiplexing methods are: • Frequency division multiplexing (FDM): combines voice channels • Time division multiplexing (TDM): assigns a time block to each client • Wave division multiplexing (WDM): uses different frequencies of light so multiple signals can travel on same fiber-optic cable ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 17

  18. Managing Communication • Bit (or signal) flow conducted in several ways: • Simplex transmissions: flow one way through a medium • Half-duplex transmissions: flow either way, but in only one direction at a time • Full-duplex transmissions: can flow both ways at the same time • Serial transmissions: flow one bit at a time down a single communications channel • Parallel transmissions: flow multiple bits at a time down multiple channels ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 18

  19. Managing Communication (continued) • Asynchronous (or timing-independent) • Formulate data flow so each byte or character has its own start and stop bit • Used in older modem-based data transfers to send individual characters between systems • Synchronous (or timing-dependent) • Use computer clocking to transmit data in continuous stream between two systems • Clock synchronization makes it possible for end nodes to identify start and end of data flow • This protocol is much more efficient ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 19

  20. Data Link Layer • Primary networking support layer • Referred to as first “subnet” layer because it provides addressing, packetizing, media access control, error control, and some flow control for local network • In LANs, it handles client-to-client and client-to-server communications ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 20

  21. Data Link Layer (continued) • DLL is further divided into two sublayers: • Logical Link Control (LLC) sublayer • Primarily designed to support multiplexing and demultiplexing protocols transmitted over MAC layer • Also provides flow control and error detection and retransmission • Media Access Control (MAC) sublayer • Designed to manage access to communications media—in other words, to regulate which clients are allowed to transmit and when ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 21

  22. DLL Protocols • Dominant protocol for local area networking is Ethernet for wired networks and Wi-Fi for wireless networks • Other DLL LAN protocols include: • Token ring • Fiber Distributed Data Interface (FDDI) • Point-to-Point Protocol (PPP) • Point-to-Point Tunneling Protocol (PPTP) • Layer Two Tunneling Protocol (L2TP) • WANs typically use ATM and frame relay ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 22

  23. Forming Packets and Addressing • First responsibility of DLL is converting Network layer packet into DLL frame • DLL adds not only a header but also a trailer • When necessary, packet is fragmented into frames, with corresponding information embedded into each frame header • Addressing is accomplished with a number embedded in network interface card (NIC) • This MAC address allows packets to be delivered to an endpoint; typically shown in hexadecimal format (e.g., 00-00-A3-6A-B2-1A) ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 23

  24. Media Access Control • A primary function of DLL is controlling flow of traffic—that is, determining which station is allowed to transmit when • Two general approaches: • Control • Contention ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 24

  25. Media Access Control (continued) • Control (deterministic) • Well-regulated network: traffic transmitted in orderly fashion, maintaining optimal data rate • Facilitate priority system: key clients or servers can be polled more frequently than others • Contention (stochastic) • Clients listen to determine if channel is free and then transmit • Must have mechanisms to deal with collisions • Collision avoidance vs. collision detection ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 25

  26. Switches and Bridges • Specific technologies used to connect networks at Data Link layer • While hub connects networks at Physical layer, connecting two networks with hub results in one large network (or collision domain) • Connection via Layer 2 switch, capable of bridging, maintains separate collision domains • Bridging: process of connecting networks with DLL protocols while maintaining integrity of each network, only passing messages that need to be transmitted between the two ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 26

  27. Network Layer and Packetizing • Network layer is primary layer for communications between networks • Three key functions: • Packetizing • Addressing • Routing • During packetizing, Network layer takes segments sent from Transport layer and organizes them into packets for transmission across a network ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 27

  28. Addressing • Network layer uses network-layer address to uniquely identify destination across multiple networks • Typical address consists of the network ID and the host ID • In TCP/IP, IP address is network-layer address • IP address contains source and destination IP address along with additional packet information ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 28

  29. Addressing (continued) • Addresses maintained and issued by Internet Assigned Numbers Authority (IANA) • In early years, addresses distributed as follows: • Class A: consists of primary octet (the netid) with three octets providing host ID portion; allows up to 16,777,214 hosts on network • Class B: consists of two octets in netid with two octets providing 65534 host IDs • Class C: consists of three octets in netid with one octet providing 254 host IDs • Class D and Class E addresses are reserved ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 29

  30. Addressing (continued) • This address assignment method proves inefficient • Internet moving to new version of IP, IPv6, which uses 128-bit address instead of 32-bit • Increases available addresses by factor of 2128 • Network Address Translation (NAT): uses device, like a router, to segregate external Internet from internal network • Device maps organizational addresses to different addresses inside the intranet ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 30

  31. Routing • Moving Network layer packets across networks • Routing protocols include static and dynamic • Internal routing protocols: • Used inside autonomous system (AS) • Distance-vector routing protocols and link-state routing protocols • External routing protocols: • Communicate between autonomous systems • Translate different internal routing protocols • Border Gateway Protocol (BGP) ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 31

  32. Transport Layer • Primary function of Transport layer is to provide reliable end-to-end transfer of data between user applications • Lower layers focus on networking and connectivity while upper layers, beginning with Transport layer, focus on application-specific services • Transport layer also responsible for end-to-end error control, flow control, and several other functions ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 32

  33. Error Control • Process of handling problems with transfer process, which may result in modified or corrupted segments • Broken into two components: error detection and error correction • Errors are typically single-bit or multiple-bit • Bit errors are most likely the result of noise interference ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 33

  34. Error Control (continued) • Errors detected using one of several schemes: • Repetition: data transmitted redundantly • Parity: “check bits” at end of each byte of data • Redundancy: parity calculated for blocks of data rather than individual byte (LRC, VRC, CRC) • Errors typically corrected by retransmission of damaged segment • Dominant error correction techniques are automatic repeat requests (ARQs) • Three most common ARQs are Stop-And-Wait, Go-Back-N, and Selective Repeat ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 34

  35. Flow Control • Purpose is to prevent receiver from being overwhelmed with segments, preventing effective processing of each received segment • Some error correction techniques have built-in flow control • Dominant technique is sliding window protocol, which provides mechanism by which receiver can specify number of segments (or bytes) it can receive before sender must wait • Receiver enlarges or reduces window size as necessary ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 35

  36. Other Functions of the Transport Layer • Assignment of ports, which identify the service requested by a user • Combination of Network layer address and port is referred to as a socket • Tunneling protocols also work at Transport layer • These protocols work with Data Link layer protocols to provide secure connections ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 36

  37. Session Layer • Responsible for establishing, maintaining, and terminating communications sessions between two systems • Regulates whether communications are simplex (one way only), half-duplex (one way at a time), or full-duplex (bidirectional) ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 37

  38. Presentation Layer • Responsible for data translation and encryption functions • For example, if one system is using standard ASCII and another is using EBCDIC, the Presentation layer performs the translation • Encryption can also be part of operations performed at this level • Presentation layer encapsulates Application layer messages prior to passing them down to Transport layer ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 38

  39. Application Layer • At Application layer, user is provided with a number of services, most aptly called application protocols • TCP/IP protocol suite includes applications such as e-mail (SMTP and POP), World Wide Web (HTTP and HTTPS), file transfer (FTP and SFTP), and others ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 39

  40. The Internet and TCP/IP • The Internet incorporates millions of small, independent networks, connected by most of the major common carriers • Most services we associate with the Internet are based on Application layer protocols • The Internet is a physical set of networks, while the World Wide Web (WWW) is a set of applications that run on top of the Internet • Web uses domain name-based Uniform Resource Identifiers (URIs), Uniform Resource Locator (URL) being best-known type ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 40

  41. TCP/IP • TCP/IP actually suite of protocols used to facilitate communications across the Internet • Developed before OSI reference model, it is similar in concept but different in detail • TCP/IP model is less formal than OSI reference model • Each of the four layers of TCP/IP model represents a section of one or more layers of OSI model ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 41

  42. Application Layer • TCP/IP Application layer consists of utility protocols that provide value to end user • Data from users and utilities are passed down to Transport layer for processing • Wide variety of Application layer protocols that support Internet users: SMTP, POP for e-mail, FTP for data transfer, HTTP for Web content • Application layers on each host interact directly with corresponding applications on other hosts to provide requisite communications support ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 42

  43. Transport Layer • Responsible for transferring of messages, including resolution of errors, managing necessary fragmentation, and control of message flow, regardless of underlying network • Connection or connectionless messages • Connects applications through use of ports • Lowest layer of TCP/IP stack to offer any form of reliability • TCP: connected, reliable protocol • UDP: connectionless, unreliable protocol ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 43

  44. Internetwork Layer • Handles moving packets in a single network • Examples of protocols are X.25 and ARPANET’s Host/IMP Protocol • Internet Protocol (IP) performs task of moving packets from source host to destination host • IP carries data for many different upper-layer protocols ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 44

  45. Internetwork Layer (continued) • Some protocols carried by IP function on top of IP but perform other Internetwork layer functions • All routing protocols are also part of Network layer ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 45

  46. Subnet Layers • TCP/IP Subnet layers include Data Link and Physical layers • TCP/IP relies on whatever native network subnet layers are present • For example, if user’s network is Ethernet then IP packets are encapsulated into Ethernet frames • No specification for Data Link layer or Physical layer ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 46

  47. Chapter Summary • Fundamental exchange of information: sender communicates message to receiver over some medium • Communication only occurs when recipient is able to receive, process, and comprehend message • Any medium may be subject to interference: attenuation, crosstalk, distortion, echo, impulse, jitter, white noise ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 47

  48. Chapter Summary (continued) • Some reasons to build a network: • To exchange information • To share scarce or expensive resources • To allow distributed organizations to act as if centrally located • Networks can be categorized by: components, size, layout or topology, media • OSI reference model allocates functions of network communications into seven distinct layers, each with its own functions and protocols ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 48

  49. Chapter Summary (continued) • OSI reference model layers: • Physical: puts transmissions onto media • Data Link: primary networking support layer • Network: primary layer for communications between networks • Transport: provides reliable end-to-end transfer of data between user applications • Session: establishes, maintains, terminates communications sessions between two systems • Presentation: data translation and encryption • Application: provides application protocols ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 49

  50. Chapter Summary (continued) • Each of four layers of TCP/IP model represents a section of one or more layers of OSI model • Application: consists of utility protocols that provide value to end user • Transport: responsible for transferring messages, regardless of underlying network • Internetwork: handles moving packets in a single network • Subnet: includes Data Link and Physical layers, relying on whatever native network subnet layers are present for signal transmission ISA 3200---Summer 2010 Firewalls & Network Security, 2nd ed. - Chapter 2 Slide 50

More Related