1 / 29

Network VPN and Test 1 review

Network VPN technology allows secure access to corporate networks, overcoming geo-restrictions, but requires careful planning. Learn about VPN types, protocols, and implementation options for enhanced security and remote connectivity.

jlane
Download Presentation

Network VPN and Test 1 review

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. CIS 375 Network VPN and Test 1 review

  2. Network VPN • A virtual private network (VPN) extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running across the VPN may therefore benefit from the functionality, security, and management of the private network.[1] • VPNs may allow employees to securely access a corporate intranet while located outside the office. They are used to securely connect geographically separated offices of an organization, creating one cohesive network. Individual Internet users may secure their wireless transactions with a VPN, to circumvent geo-restrictions and censorship, or to connect to proxy servers for the purpose of protecting personal identity and location. However, some Internet sites block access to known VPN technology to prevent the circumvention of their geo-restrictions.

  3. Network VPN (continued) • A VPN is created by establishing a virtual point-to-point connection through the use of dedicated connections, virtual tunneling protocols, or traffic encryption. A VPN available from the public Internet can provide some of the benefits of a wide area network(WAN). From a user perspective, the resources available within the private network can be accessed remotely.[2] • Traditional VPNs are characterized by a point-to-point topology, and they do not tend to support or connect broadcast domains, so services such as Microsoft WindowsNetBIOS may not be fully supported or work as they would on a local area network (LAN). Designers have developed VPN variants, such as Virtual Private LAN Service (VPLS), and layer-2 tunneling protocols, to overcome this limitation. • https://en.wikipedia.org/wiki/Virtual_private_network

  4. VPN Pros & Cons • Like many commercialized network technologies, a significant amount of sales and marketing hype surrounds VPN. • In reality, VPNs provide just a few specific potential advantages over more traditional forms of wide-area networking. These advantages can be significant, but they do not come for free. • The potential problems with the VPN outnumber the advantages and are generally more difficult to understand. The disadvantages do not necessarily outweigh the advantages, however. • From security and performance concerns to coping with a wide range of sometimes incompatible vendor products, the decision of whether or not to use a VPN cannot be made without significant planning and preparation. • Read more - Advantages and Disadvantages of VPNs

  5. Types of VPNs • VPN systems may be classified by: • The protocols used to tunnel the traffic • The tunnel's termination point location, e.g., on the customer edge or network-provider edge • The type of topology of connections, such as site-to-site or network-to-network • The levels of security provided • The OSI layer they present to the connecting network, such as Layer 2 circuits or Layer 3 network connectivity • The number of simultaneous connections

  6. Technology of VPNs • Severalnetwork protocols have become popular as a result of VPN developments: • PPTP • L2TP • IPsec • SOCKS • These protocols emphasize authentication and encryption in VPNs. Authentication allows VPN clients and servers to correctly establish the identity of people on the network. Encryption allows potentially sensitive data to be hidden from the general public. • Many vendors have developed VPN hardware and/or software products. Unfortunately, immature VPN standards mean that some of these products remain incompatible with each other. • Read more - VPN Technologies

  7. Creating your own VPN • Software VPN - OpenVPNAccess Server is a full featured secure network tunneling VPN software solution that integrates OpenVPN server capabilities, enterprise management capabilities, simplified OpenVPN Connect UI, and OpenVPN Client software packages that accommodate Windows, MAC, Linux, Android, and iOS environments. OpenVPN Access Server supports a wide range of configurations, including secure and granular remote access to internal network and/ or private cloud network resources and applications with fine-grained access control. • https://openvpn.net/index.php/access-server/overview.html • Hardware VPN - http://searchnetworking.techtarget.com/definition/hardware-VPN • The Future of VPN • Virtual private networks have grown in popularity as businesses to save money on remote network access for employees. Many corporations have also adopted VPNs as a security solution for private Wi-Fi wireless networks. Expect a continued gradual expansion in use of VPN technology to continue in the coming years.

  8. Test 1 Review • General Terms • Analog: Referring to a system or component that uses a system of measurement, response or storage in which values are expressed as a magnitude using a continuous scale of measurement. • Backward Compatible: An upgraded component of a computing system that can be used interchangeably with its previous version. • Band: In analog communications, the range of frequencies over which a communication system operates. • Bandwidth:In analog communications, the difference between the highest and lowest frequencies available in the band. In digital communications, bandwidth is loosely used to refer to the information-carrying capacity of a network or component of a network. (*Only as fast as the slowest connection!)

  9. Test 1 Review • Binary: 1. A numerical system using “2” as its base. 2. Data that is encoded or presented in machine-readable form (1’s & 0’s). • Bit Rate: The rate at which bits are transmitted or received during communication, expressed as the number bits in a given amount of time, usually one second. • Byte:A group of 8 bits. • Checksum: The result of a mathematical operation that uses the binary representation of a group of data as its basis, usually to check the integrity of the data. • Half Duplex: Capability for data transmission in only one direction at a time between a sending station and a receiving station. Compare with full duplex(simultaneous bidirectional)and simplex (One Direction Only). • Dual Band: equipment is capable of transmitting in either of two different standard frequency ranges.(https://www.lifewire.com/dual-band-wireless-networking-explained-818279)

  10. Test 1 Review • Encryption: The application of a specific algorithm to data so as to alter the appearance of the data making it incomprehensible to those who are not authorized to see the information. • Ethernet: is a family of computer networking technologies commonly used in local area networks (LAN), metropolitan area networks (MAN) and wide area networks (WAN).[1] It was commercially introduced in 1980 and first standardized in 1983 as IEEE 802.3,[2] and has since been refined to support higher bit rates and longer link distances. Over time, Ethernet has largely replaced competing wired LAN technologies such as token ring, FDDI and ARCNET. • Wi-Fi or WiFi (/ˈwaɪfaɪ/) is a technology for wireless local area networking with devices based on the IEEE 802.11 standards. Wi-Fi is a trademark of the Wi-Fi Alliance, which restricts the use of the term Wi-Fi Certified to products that successfully complete interoperability certification testing.[1]Access point (or hotspot) and adapters have a range of about 20 meters* (66 feet) indoors and a greater range outdoors. Hotspot coverage can be as small as a single room with walls that block radio waves, or as large as many square kilometres achieved by using multiple overlapping access points.(*depending on the version/spec of wifi – ex. G, N, AC, MIMO)

  11. Test 1 Review • IP Address: An Internet Protocol address (IP address) is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.[1] An IP address serves two principal functions: host or network interface identification and location addressing.Version 4 of the Internet Protocol (IPv4) defines an IP address as a 32-bit number.[1] Anew version of IP (IPv6), using 128 bits for the IP address, was developed in 1995,[2] and standardized as RFC 2460 in 1998IP addresses are usually written and displayed in human-readable notations, such as 172.16.254.1 in IPv4, and 2001:db8:0:1234:0:567:8:1 in IPv6.The IP address space is managed globally by the Internet Assigned Numbers Authority (IANA), and by five regional Internet registries (RIR) responsible in their designated territories for assignment to end users and local Internet registries, such as Internet service providers. IPv4 addresses have been distributed by IANA to the RIRs in blocks of approximately 16.8 million addresses each. Each ISP or private network administrator assigns an IP address to each device connected to its network. Such assignments may be on a static (fixed or permanent) or dynamic basis (DHCP), depending on its software and practices.DHCP: The Dynamic Host Configuration Protocol (DHCP) is a standardized network protocol used on Internet Protocol (IP) networks. The DHCP is controlled by a DHCP server that dynamically distributes network configuration parameters, such as IP addresses, for interfaces and services. A router or a residential gatewaycan be enabled to act as a DHCP server. A DHCP server enables computers to request IP addresses and networking parameters automatically, reducing the need for a network administrator or a user to configure these settings manually. In the absence of a DHCP server, each computer or other device (e.g., a printer) on the network needs to be statically (i.e., manually) assigned to an IP address. (*Restarting your Modem/Router) *IPconfig

  12. Test 1 Review • MAC Address: A media access control address (MAC address) of a computer is a unique identifier assigned to network interfaces for communications at the data link layer of a network segment. MAC addresses are used as a network address for most IEEE 802 network technologies, including Ethernet and Wi-Fi. Logically, MAC addresses are used in the media access control protocol sublayer of the OSI reference model.MAC addresses are most often assigned by the manufacturer of a network interface controller (NIC) and are stored in its hardware, such as the card's read-only memoryor some other firmware mechanism. • Network gateway is an internetworking system capable of joining together two networks that use different base protocols. A network gateway can be implemented completely in software, completely in hardware, or as a combination of both. Depending on the types of protocols they support, network gateways can operate at any level of the OSI model.Because a network gateway, by definition, appears at the edge of a network, related capabilities like firewalls tend to be integrated with it.

  13. Test 1 Review • Infrared (IR): A means of short distance wireless networking that depends on an unobstructed line of sight path. • Integrity: In networking, a desirable condition where the information received is exactly equal to the information sent. (Checksum) • Interface: Connection between two systems or devices. In routing terminology, a network connection. • I/O: input/output. • Multicast: Routing technique that allows IP traffic to be propagated from one source to a number of destinations or from many sources to many destinations. • Packet: A discrete chunk of communication in a pre-defined format.

  14. Test 1 Review • Peer: In networking, a device to which a computer has a network connection that is relatively symmetrical, i.e. where both devices can initiate or respond to a similar set of requests. • Ping: A network diagnostic utility on Unix systems that sends an ICMP Echo Request to a distant node which must then immediately return an ICMP Echo Reply packet back to the originating node • Port: On a network hub, bridge or router, a physically distinct and individually controllable set of transmission hardware. Each such port is connected to the devices other ports through the device’s internal electronic structures. • Protocol: In networking, a specification of the data structures and algorithms necessary to accomplish a particular network function. • Session: An on-going relationship between two computing devices involving the allocation of resources and sustained date flow. (Time-out – session stall/hangs)

  15. Test 1 Review • Types of Networks • Based on Host Roles • Peer-to-Peer – provide & consume services • Easy to set-up and share resources • Difficult to manage/Scale • Client/Server – clients consume services from servers • *Server – Software/Hardware that provides services • Easy to manage/scale • More expensive and planning/configuration • Based on Geography • LAN – Local Area Network • Small Geographic Area: local office, home, site • Internetwork – connected LANs (locally) • WAN – Wide Area Network • Large Geographic Area - connected LANs at Multiple sites • Based on Signaling • Baseband • 1 signal (packet) at a time with full transmission speed • Broadband • Transmission medium (cable) divided into “channels” with multiple signals at the same time (one per channel)

  16. Test 1 Review • Types of Media • Bounded(Wires) • Coaxial (Cable wire) (RG-6, 10Mbps, BNC) • Twisted Pair (Phone wire) • Cat-5 – (100Mbps, RJ-45) Shielded/Unshielded (STP/UTP) • Cat-5e - (1Gbps, RJ-45) • Cat-6 - (10Gbps, RJ-45) • Plenum Cable: cable that is laid in theplenum spaces of buildings. (between floors/roof – safety/fire codes) • Fiber Optic Cable (no cross-talk, fast, secure, expensive) • Single/Multi-mode fiber (ST/SC/LC/MT-RJ Connector)

  17. Network Wiring • Standard Network Wiring Convention – Patch Cable (Cat5/Cat5e)

  18. Network Wiring (continued) • Crossover Cable Wiring (Used to connect 2 computers directly)

  19. Test 1 Review • Types of media (continued) • Unbounded(Wireless) • Wi-Fi (Wireless Fidelity) 802.112.4/5Ghz Spectrum (2.4 – Hospital/Medical Band) Radio Signal • 100ft indoor, 300ft outdoor range • Wireless Routers, Repeaters, Adapters – Signal issues • Mimo - (multiple input, multiple output) is an antenna technology for wireless communications in which multiple antennas are used at both the source (transmitter) and the destination (receiver). The antennas at each end of the communications circuit are combined to minimize errors and optimize data speed.

  20. Modems • A modem (modulator-demodulator) is a network hardware device that modulates one or more carrier wave signals to encode digital information for transmission and demodulates signals to decode the transmitted information. The goal is to produce a signal that can be transmitted easily and decoded to reproduce the original digital data. Modems can be used with any means of transmitting analog signals, from light emitting diodes to radio. A common type of modem is one that turns the digital dataof a computer into modulated electrical signal for transmission over telephone lines and demodulated by another modem at the receiver side to recover the digital data. (https://en.wikipedia.org/wiki/Modem) • Types of Modems: • Docsis - Data Over Cable Service Interface Specification (DOCSIS/ˈdɒksɪs/) - https://en.wikipedia.org/wiki/DOCSIS • Satelite - https://en.wikipedia.org/wiki/Satellite_modem • DSL – Digital Subscriber line • Phone Modem/ISDN - https://hackaday.com/2013/01/31/how-a-dial-up-modem-handshake-works/ (https://www.youtube.com/watch?v=abapFJN6glo)

  21. Network Backbone/Connection Devices • This class of devices connect computers/networks together and form the “glue” that connects everything together and facilitates the connection of the devices/media on the network • Types of Network Backbone/Connection Devices • Routers:A router is a network device with interfaces in multiple networks whose task is to copy packets from one network to another.*Routers operate at Layer 3 of the OSI Model, the Network Layer.A router will utilize one or more routing protocols to create a routing table.The router will then use the information in its routing table to make intelligent decisions about what packets to copy to which interface.This process is known as routing.*Routers are available with many interface types, such as Ethernet and DSL. Wireless routers support wireless interfaces, such as 802.11 (Wi-Fi). (Wireless Access Point)*Not all routers clearly fall into the category of network hardware. Routing softwaremakes it possible to build a fully functional router out of a normal computer.

  22. Network Backbone/Connection Devices (continued) • Types of Network Backbone/Connection Devices (continued) • Switches:A switch is a network device with multiple ports in one network whose task is to copy frames from one port to another.Switches operate at Layer 2 of the OSI Model, the Data-Link Layer.A switch stores the MAC Address of every device which is connected to it.The switch will then evaluate every frame that passes through it. The switch will examine the destination MAC Address in each frame.Basedupon the destination MAC Address, the switch will then decide which port to copy the frame to.Ifthe switch does not recognize the MAC Address, it will not know which port to copy the frame to. When that happens, the switch will broadcast the frame to all of its ports.

  23. Network Backbone/Connection Devices (continued) • Network Adapters (NIC, Wireless Adapters) • NIC:A network interface controller (NIC, also known as a network interface card, network adapter, LAN adapter or physical network interface,[1] and by similar terms) is a computer hardware component that connects a computer to a computer network.[2] • Wireless Adapters: A wireless network interface controller (WNIC) is a network interface controller which connects to a wirelessradio-based computer network, rather than a wired network, such as Token Ring or Ethernet. A WNIC, just like other NICs, works on the Layer 1 and Layer 2 of the OSI Model. This card uses an antenna to communicate via microwaveradiation. A WNIC in a desktop computer is traditionally connected using the PCI bus. Other connectivity options are USB and PC card. Integrated WNICs are also available, (typically in Mini PCI/PCI Express Mini Card form).*Often built into the motherboard

  24. Network Reference https://alln-extcloud-storage.cisco.com/ciscoblogs/osi-550x425.gif http://csharpcorner.mindcrackerinc.netdna-cdn.com/UploadFile/898089/concept-of-open-systems-interconnection-osi-model-in-netwo/Images/Clipboard01.jpg • OSI Data Model

  25. Network Reference (continued) http://www.unixwiz.net/techtips/netmask-ref.html • IP Address Reference • All devices on a local network have a unique IP address, but each address is inherently divided into two parts, a shared network part, and a unique host part, and this information is used by the TCP/IP stack for routing. When sending traffic to a machine with a different network part, it must be sent through a router for final delivery. • The dividing line between the network and host parts is determined by the subnet mask, and it's often seen in 255.255.255.0 notation. It looks like an IP address, and it uses a "1" bit to select, or "mask" the network part.

  26. Network Reference (continued) • IP Address Reference (continued) • *Reserved IP Addresses – (127.0.0.1) https://en.wikipedia.org/wiki/Reserved_IP_addresses • Local/Internal IP Addresses – (Class A – 10.x.x.x) • *What is my IP Address vs IPConfig

  27. Network Reference (continued) • Port: In the internet protocol suite, a port is an endpoint of communication in an operating system. While the term is also used for female connectors on hardware devices (see computer port), in software it is a logical construct that identifies a specific process or a type of network service. • A port is always associated with an IP address of a host and the protocol type of the communication, and thus completes the destination or origination network address of a communication session. A port is identified for each address and protocol by a 16-bit number, commonly known as the port number. For example, an address may be "protocol: TCP, IP address: 1.2.3.4, port number: 80", which may be written 1.2.3.4:80 when the protocol is known from context. • Specific port numbers are often used to identify specific services. Of the thousands of enumerated ports, 1024 well-known port numbers are reserved by convention to identify specific service types on a host. In the client–server model of application architecture, the ports that network clients connect to for service initiation provide a multiplexing service. After initial communication binds to the well-known port number, this port is freed by switching each instance of service requests to a dedicated, connection-specific port number, so that additional clients can be serviced. The protocols that primarily use ports are the transport layer protocols, such as the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP).https://en.wikipedia.org/wiki/Port_(computer_networking)

  28. Network Reference (continued) • Common TCP/UDP Ports Full list of *common port assignments:https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

  29. Additional Resources/Review • VPN Apps and Resources • https://www.pcmag.com/roundup/354059/the-best-vpn-apps-for-the-iphone • https://www.pcmag.com/roundup/348411/the-best-android-vpn-apps • https://www.techhive.com/article/3158192/privacy/howand-whyyou-should-use-a-vpn-any-time-you-hop-on-the-internet.html • Port Assignments and Reference (Certification)http://www.pearsonitcertification.com/articles/article.aspx?p=1868080 • Understanding IP Addresseshttps://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13788-3.html • Additional Hardware/Networking resources/info • https://www.youtube.com/user/LinusTechTips

More Related