Network components and

Terminology
-

Data
Node
Client (requests services)
Server (fulfill services)
Peer
Network adapter
Hub (basically spreads data to other devices)
Switch
Router (network utilities used to connect multiple devices together)
Media (cable, wireless, etc )
Transport protocol (set rules to communication)
Bandwidth (to transfer data across the ntw)

LAN (Local Area Network)

-

Group of computers confined to a small geographic area, such as a

single building
Group of computers or devices that share a common communication
medium, such as cabled or wireless connections

Networks
-

Reasons:
o Sharing information
o Communication
o Organizing data
Documentation
o Helps describe, define, and explain the physical and logical
method for connecting devices
o Documentation phase occurs before a network is built, or when
changes are made to the network
o MS Visio is a tool that can be used to document networks

Devices
-

Hub
o
o

Most basic central connecting device

Host sends data to hub who sends to all devices connected to
the hub.

Switch
o Work the same was as a hub, but they can identify the
intended recipient of the data based on MAC addresses.
o Can send & receive data at the same time.
Router
o Enables computers to communicate and allow communication
between two networks such as your home network and the
internet.

Network adapter
-

Known as a network interface card (NIC) HW device that enables to

send & receive from your computer.
RJ45 most common
WAP - Wireless Access point enables wireless devices to connect to
a wired network
o Smartphones
o PDAs
o Tablets
o Laptops
Serial data transfer
o One bit a time
o On the network cable, data travels in a single bit stream
Data transfer rate defines maximum bits per second (bps)
Broadcast sends data to every other host on the network
Unicast sends data to a specific host

IP Addresses
-

Most every computer and many other devices have an Internet

Protocol (IP) address
Uniquely identifies your device and the associated network and allows
each device to send & receive information
IPv4 example: 192.168.1.1
IP address is broken down into two parts by a subnet address
o Network ID 192.168.1
o Host ID 1

VLAN (Virtual LAN)

-

Group of hosts with a common set of requirements that communicate

as if they were connected together in a normal fashion on one switch,
regardless of their physical location.

Topologies
-

Defines the physical connections of hosts in a computer network

Bus
Ring (used by Token Ring and Fiber Distributed Data Interface (FDDI))
o Central connecting device known as a Multistation Access Unit
(MAU or MSAU)
Star (most common)
Mesh (every computer connects to other computer)
Tree
Hybrid

Ethernet
-

Ethernet (IEEE 802.3) that defines how information is sent and

received between network adapters, hubs, switches, and other
devices.
Facto standard and most widely-installed LAN technology
Common types of Ethernet:
o 802.3u (Fast Ethernet 100Mbps)
o 802.3ab (Gigabit Ethernet 1000Mbps)
Frames
o Computers on Ethernet networks communicate via frames
o A frame is a sequence of bits containing a detectable beginning
and end of packet in the stream of bits
o A frame is a data packet residing on Layer 2 of the OSI model
o Preamble source and destination addresses
o Data payload
o CRC (checking)

Centralized Computing
o Computing is done at a central location using terminals that are
attached to this main system.
o Mainframes are powerful and rest of devices connected to this
computers are known as terminals (or dumb terminals).
o Each terminal consisted solely of a keyboard and display with
no processing power.
Client / Server model
o An architecture that distributes applications between server
and client computers.
o Server System that provides services such as Windows 2008
R2.
o Client Device that requests services such as Windows 7.
Peer-to-peer networking

Peer-to-peer networking distributes applications or workloads

between computers.
o Peers are both service providers and service requestors.
Distributed Computing
o Includes both client-server and peer-to-peer networks.
o Every device or workstation has its own processing power.
Remote Desktop Services and Remote Sessions
o Centralized computing has made a comeback of sorts. Remote
Desktop Services and remote sessions to computers are based
off of the centralized computing model.
o Thin-client computers do not have a hard drive and store an
operating system in RAM, to be loaded up every time the
device is turned on.
o All other applications and data are stored centrally, this system
is a blend of centralized and distributive computing.
Servers
o More powerful computers that provide centralized services:
File
Print
Database
Network controller
Messaging/Email
Web
o Client and Server Operating systems
o

Windows 8
Windows 7

Windows Server 2012

Windows Server 2008
R2 / Windows Server
2008
Windows Server 2003

Windows Vista / Windows

XP
Windows 2000
Windows 2000 Server
Professional
Windows NT 4.0
Windows NT 4.0 Server
Workstation Windows
ME/98/95
P2P (Peer-to-peer) has recently taking on an additional meaning
o It can also refer to file sharing networks (napster, gnutella, g2)
o Other technologies also take advantage of P2P file sharing
(skype, VoIP, Cloud Computing)

Standards
-

Set of rules that ensure hardware and software released from

different companies work together.
Examples of organizations:
o International Organization for Standardization (ISO)
Federation of standards organizations from multiple nations.

American National Standards Institute (ANSI) Responsible for

coordinating and publishing computer and information
technology standards in US.
o International Electrical and Electronics Engineers (IEEE)
Professional electrical and electronic fields.
OSI (Open Systems Interconnection)
o Used to define how data comm occurs btw devices
o Divided into 7 layers, each layer providing services to the
layers above and below.
o

Layer 1 Physical
Defines physical and electrical medium for data transfer
Components:
Cables
Jacks
Patch panels
Punch blocks
Hubs
MAUs
Concepts:
Topologies
Analog vs Digital encoding,
Bit synchronization
Baseband vs broadband
Multiplexing
Serial Data Transfer
PDU: bits
Ethernet standards defined physical and data-link layer
100BASE-T
100 - 100Mbps
Base baseband
T twisted-pair cabling

Baseband devices on the network use digital signaling

over a single frequency.
Broadband systems use analog signaling over a range
of frequencies enabling multiple channels over the same
physical medium.

Layer 2 Data-link layer

Establishes, maintains, and decides how transfer is
accomplished over the physical layer and ensures errorfree transmission over the physical layer
MAC address (Media Access Control) uniquely identify
each hardware device
Components:
Network interface cards (NIC) and bridges
PDU: frames
VLANs
Reduce collisions, organize the network, boost
performance
IEEE 802.1Q
A tag is added to the data frame to identify the VLAN ID

Layer 3 Network layer

Controls operations of routing and switching info to
different networks
Translates logical addresses or names to physical
addresses
IP ntw layer protocol
Devices:
Routers
Layer 3/IP switches
Components:
Ip addresses
subnets
PDU: Packet

Layer 4 Transport layer

Ensures msgs are delivered error-free, in sequence and
with no losses or duplications
Contains both connection oriented (TCP) and
connectionless (UDP) protocols
TCP usage:
Logging on, file and print sharing, replication of
info btw domain controllers, transfer of browse
lists
UDP usage:
One to many communications, commonly
broadcast or multicast example: video live
streaming
PDU: segments or messages

Ports computer uses for data transmission / logical

endpoint for specific program
Range 0-65535
Are defined by Internet Assigned Numbers
Authority (IANA) and divided into categories.

Layer 5 Session layer

Manages session establishment, maintenance and
termination between network devices.
Example: log on / log off
Controls name and address DB for the OS
Ex Protocol: NetBIOS (Network Basic Input Output
System)

Layer 6 Presentation layer

Translates data format from sender to receiver in the
various OSes that may be used
Concepts:
Character code conversion, data compression,
data encryption
Redirectors work on this layer, such as mapped network
drives that enable a computer to access file shares on a
remote computer.

Layer 7 application layer

Window for users and application processes to access

network services
This layer is at message creations begins
Ex protocols: FTP, SMTP, TELNET
This layer is not the application itself, but the protocols
that are initiated by this layer.

Wired and Wireless networks

-

Twisted-Pair Cable
o Most commonly used type in LAN
o Easy to work, flexible, efficient and fast
o Contains eight wires grouped into four twisted pairs, (typically
blue, orange, green and brown)
o The twisted mode reduces crosstalk and interference
o Categories:
Category 3 (Cat-3) 10Mbps
Category 5 (Cat-5) 100Mbps
Category 5e (Cat-5e) 100Mbps and 1000Mbps+
Category 6 (Cat-6) 1000Mbps+
o Types of patch cables
Straight through
Most common
Pc <> switches
Crossover
Used to connect Similar devices without use of a
hub
o MDI (Medium Dependent Interface)
A type of Ethernet port connection using twisted pair
cabling
For computers to communicate with other devices, the
wires have to cross somewhere
Instead of using crossover cables to connect computers
to a central connecting devices such as switches, these
central connecting devices are equipped with MDI-X
ports (Medium Dependent Interface Crossover), which
take care of the cross.
o Patch Panel and RJ45 Wall Jack
o Attenuation
Measured in dB (Decibels)
According to IEEE 802.3, twisted-pair cable can be run
100 meters. Beyond this the signal attenuates and
cannot be interpreted by the remote end.
A repeater, switch or a hub can be used in this above
case to avoid attenuation and repower the signal.
o Interference
Anything that disrupts or modify the signaling travelling
in a wire

Electrical sources:
Lights
Electrical outlets
Motors
Appliances
Copper-based cables and network devices should be
kept away from these devices.
Electromagnetic interference (EMI)
This disturbance can affect electrical circuits, devices
and cables due to electromagnetic conduction and
possibly radiation
Any type of electrical device use causes EMI: TVs, air
conditioning units, motors, unshielded electrical cables
(Romex)
Copper-based cables and devices should be kept away
from these electrical devices and cables to prevent
network communication issues.
Radio Frequency Interference (RFI)
Comes from AM/FM transmissions and cell phone towers
Often considered part of EMI family and sometimes even
referred to as EMI
Filters can be installed for avoidance but usually this
doesnt affect wired Ethernet networks.
Crosstalk
When a signal that is transmitted on one copper pair
cable creates an undesired effect on another pair.
For twisted-pairs, there are two categories:
Near end crosstalk (NEXT) nearest to transmitter
Far end crosstalk (FEXT) farthest from the
transmitter
Shielded Twisted-Pair cables (STP)
Have an aluminum shield inside the plastic jacket that
surrounds the pair of wires
Plenum-Rated
Cables installed inside walls or above drop ceilings
where they cannot be accessed by sprinkler systems in
case of a fire should be plenum-rated or low-smoke rated
Have a Teflon coating that makes them more impervious
to fire.
Standard twisted-pair cables have PVC jacket, which can
emit deadly gas into the air.
Optical fiber cable
Transmits lights (photos) over a plastic or glass wiring
Very good for high speeds, high capacity, data
transmission due to lack of attenuation
No interference
Single-mode
Meant to carry a single ray of light
Normally used for higher BW, long distance,
generally 10-80km

More expensive
Multimode
Larger fiber core, capable of carrying multiple rays
of light
Short distance up to 600 meters
Though much shorter than single more
Less expensive
Wireless Networks
Enables connection to ntw without using a wired
connection
Provide a degree of portability
Extend connectivity to a pre-existing wireless ntw and
could be used to connect entire LAN to internet
Some wireless devices can be connected directly to each
other in a p2p fashion
Wireless Network Adapters
Enable connectivity btw a desktop computer or a laptop
and the wireless access point
Adapters come in a variety of shapes and sizes,
including USB, PC Card, internal PCI or PCI express.
Wireless LAN (WLAN)
Is a ntw composed of at least one WAP and a computer
od handheld device that connect to the WAP
Usually are Ethernet based but can run over another
protocols
For compatibility, the WAP and other wireless devices
must all use the same IEEE 802.11 WLAN standard
Wireless fidelity (WiFi) is a trademark to brand products
that belong to category of WLAN devices.
Wireless Standards

Wireless Security Options

SSI Service Set Identifier

When utilizing infrastructure mode, the base unit

(normally a WAP) will be configured with a service set
identifier (SSID).
SSID is the name of the wireless network, and it is a
broadcast over the airwaves.
When clients want to connect to the WAP, they can
identify it by the SSID.
For security, the SSID can be hidden from public
discovery.

IP Addressing
o

Public and Private addresses

IPv4 are classified as public or private
Public are exposed to internet
Private are hidden from internet or any other ntw
Static or dynamic addresses
Static IP add are addresses that are manually assigned
to a host
Dynamic are more common than static IP add whereas
they automatically obtain an IP add.
APIPA
Acronym for Automatic Private IP Addressing
Uses single class B ntw 169.254.0.0
If a windows client cannot get IP add from DHCP server
and has not been configured statically, it will auto assign
a number on this network range.
Default gateway and DNS
For a device to communicate on the internet, a default
gateway and DNS server must be assigned
Default gateway provides router for TCP/IP host to use
when communicating with a host in a remote network.
DNS Server the server that provides the resolution of
domain names to IP addresses.
NAT (Network Address Translation)
Provides a method for translating IPv4 addresses of
devices on one network into IPv4 addresses of devices
on a different network.
NAT was developed to provide temporary solution to the
IPv4 address issue.
Enables one address space (private) to be re-mapped to
another address space, or perhaps re-mapped to a single
public IP add.

TCP/IP tools and commands

o

Command prompt
Running the cmd as an admin is also known as running it
in elevated mode.
Ipconfig
Displays the current config of the installed IP stack on a
networked computer using TCP/IP.
The /all switch can be used to view additional details
about each adapter.
Can be used to refresh Dynamic Host Configuration
Protocol (DHCP) and Domain Name System (DNS)
settings.
Ping
Verifies IP-level connectivity to another TCP/IP device by
sending Internet Control Message Protocol (ICMP) Echo
Request messages.
A number of switches can accommodate different testing
scenarios.
Tracert
Determine the path taken to a destination by sending
ICMP Echo Request messages to the destination with
incrementally increasing Time To Live (TTL) field values.
Used to trace a network path from sending to receiving
device
Netstat
Displays active TCP connections, ports on which the
computer is listening, Ethernet stats, IP routing table,
IPv4 stats, and IPv6 stats.
Used without parameters, netstats displays active TCP
connections.
NbtStat
Displays NetBIOS over TCP/IP stats for local and remote
computers, name tables and name cache.
NetBIOS was developed in 1980s to allow applications to
communicate over a ntw using the session layer of the
OSI model.
NetBIOS establishes logical names on the network,
establishes sessions between two logical names on the
network, and supports reliable data transfer between
computers that have established a session.
Sent through both UDP and TCP.
PathPing
A cmd line route tracing tool that combines features of
the tools Ping and Tracert
Sends packets to each hop on the way of the final
destination and calculates values of packets returned
from each hop.
Nslookup

Displays info that you can use to diagnose DNS

Is available only if you have installed TCP/IP protocol
Netsh
A cmd line scripting that enables you to display or
modify the network configuration of a computer
currently running.
Works on local and remote computers.
Provides a scripting feature that allows you to run a
group of commands in batch mode against a specific
coputer.
Enables you to save a config script in a text file for
archival purposes or to help you configure other servers.
Route (-print)
Displays and modifies the entries in the local IP routing
table
Can be used to display routing table for a windows
machine.
Telnet
Enables you to communicate with a remote computer
that is using the Telnet protocol
You can use without parameters to run the telnet prompt
(telnet>)
Used to manage remote computers or hosts
Older, out-of-date protocol, and as such, it should be
replaced with a more secure program such as SSH.
It can be used for troubleshooting by adding a port
number.

Network services
o

DHCP (Dynamic Host Configuration Protocol)

Client / server protocol that enables configured client
computers to obtain IP addresses automatically.
The obtained information might include:
IP add
Subnet mask
Gateway add
DNS server add
Other advanced options
Benefits:
Reliable IP add
Reduced ntw administration
Uses a four-step process known as DORA
Discovery: client sends a broadcast to ntw to find a
DHCP server

Offer: DHCP server sends a unicast offering of an IP

add to the client
Request: Client broadcasts to all servers that it has
accepted the offer
Acknowledge: The DHCP server sends a final unicast to
the client that includes the IP info the client will use.
DHCP uses ports 67 and 68
Scope options override server options on DHCP
configuration (win2008/2012). If scope options is blank,
server options will take place.

APIPA
Is a service for assigning unique IP add on small
office/home (SOHO) network without deploying the DHCP
service.
Can get in the way of a client obtaining an IP add
properly. (ex.: when a client tries to obtain an IP from
DHCP server but its too busy)
How to disable:
1/Open Registry Editor
2/ In Registry Editor, navigate to the following
registry key:
KEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\S
ervices\tcpip\Parameters
3/ Create the following entry: REG_DWORD
4/ Assign a value of 0 to disable APIPA support
5/ Close Registry Editor

Remote Desktop Services (RDS)

Formerly known as Terminal Services, is a type of thinclient terminal server computing
RDS enables virtual desktop infrastructure (VDI),
session-based desktops, and applications, allowing users
to work anywhere.
Thin-client computers and PCs can connect to servers
running RDS.
Routing and Remote Access Service (RRAS)
Supports remote user or site-to-site connectivity by
using virtual private network (VPN) or dial-up
connections
Components:
Remote Access: VPN connections which provide
remote access to your ntw.
Routing:
Formerly known as Remote Access Service (RAS)
How to implement (win server 2012)
Add role
Add remote access role (additional roles and
features should be installed)
Internet Protocol Security (IPSEC)
Encrypts and authenticates IP packets

Ensures private, secure communications over

Internet Protocol (IP) networks, through the use of
cryptographic security services.
Designed to secure any application traffic because
it resides on the network layer (or Internet layer
for TCP/IP reference model)
Used in conjunction with virtual private networks
and is an integral part of IPv6.
IPSEC has been defined to work in two different
modes:
o Tunnel mode most used for site-to-site
VPN connections
o Transport mode most used for securing IP
traffic on private networks.
Protocol types:

Domain Name System (DNS)

Is a worldwide service that resolves host names to IP
addresses
Its architecture is a hierarchical distributed database and
an associated set of protocols that define:
A mechanism for querying and updating the
database
A mechanism for replicating the information in the
database among servers
A schema of the database
Part of application layer of TCP/IP ref model.
Uses port 53 to accept name resolution requests.
Windows Internet Name Service (WINS)
Resolves NetBIOS names to IP add.
Required for any environment in which users access
resources that have NetBIOS names.
Its Microsofts version of the NetBIOS Name Service
(NBNS) combined with a name server.
If you do not use WINS in such a network, you cannot
connect to a remote network resource by using its
NetBIOS name unless you use Lmhosts files, and you
might be unable to establish file and print sharing
connections.

WINS and DNS are both name resolution services for

TCP/IP.

WAN (Wide Area Networks)

o
o
o
o
o

Process of managing the flow of data between network

segments and between hosts or routers
Router is a network device that maintains tables of information
about other routers on the network or internetwork
Static route: a path that is manually configured and remains
constant throughout the routers operation
A dynamic route is a path that is generated dynamically by
using special routing protocols
There are two conceptual parts for dynamic routing:
Routing protocol used to convey information about the
ntw environment
Routing algorithm that determines paths through the ntw
Common dynamic routing protocols:
Distance vector protocols: advertise the number of hops
to a ntw destination (distance) and the direction a packet
can reach a network destination (vector). Sends updates
at regularly scheduled intervals, and can take time for
route changes to be updated. Ex.: RIP
Link state routing protocols: Provides updates only when
a network link changes state. Ex.: OSPF
Interior Gateway Protocols (IGP)
Protocols that enable elements that comprise an
autonomous system (AS) to exchange routing
information.
For very large networks it is necessary to divide the
internetwork into entities known as autonomous systems
(AS)
IGPs exchange information within a single AS that
operates common routing protocols.
RIP and OSPF are examples of IGPs.
Routing Information Protocol (RIP)
Dist Vector protocol that enables the exchange of IP
routing information.
Calculates the direction or interface that packets should
be forwarded to, as well as the distance from the
destination.
Each routers maintains a database of the number of
hops to a network destination (distance) and the
direction a packet can reach a network destination
(vector).
RIP is easy to implement and has large installed base.
Updates are sent periodically.
Open Shortest Protocol First (OSPF)

A link-state protocol that monitors the network for

routers that have a change in their link state.
Each router maintains a database of router
advertisements called link state advertisement (LSAs).
An LSA consists of a router, attached networks, and their
configured costs.
Updates are sent when the status of a route is updated.
Exterior Gateway Protocols (EGPs)
A routing protocol that was designed and intended for
use between autonomous systems.
Border Gateway Protocol (BGP) is an EGP that enables
autonomous systems (AS) to exchange routing
information.
BGP is used to enable routing on the internet.
WAN
Connects multiple LANs together.
Enable ntw to function without concern to a location.
WAN technologies include:
Packet Switching: Devices transport packets via
shared links
o X.25
One of the first implementation of a
PS
DTE or a ntw device, connect to DCE,
a modem is a DCE enabling
communication to the X.25 ntw.
o Frame-relay
Advancement of X.25 which uses
virtual circuits along the cloud.
Leased lines: Dedicated p2p connection.
Circuit switching: Dedicated circuit path is created
btw end points.
Cell Relay: Similar to packet switching but uses
fixed packet lengths.
Hops
There could be several PSE stops along the way
PSEs assemble and reassemble the packets
At the receiving office, the packet is reassembled
and the overhead (header and trailer) is
discarded.
T-Systems
Telecom carrier system is a cabling and interface system
desgined to carry data at high speeds.
Basic data transfer rate of t-system is 64kbps, which is
known as DS0, which is the digital signaling scheme.
DS1 is the digital signaling scheme for the T1-carrier.

ISDN
A digital technology developed to offer faster
communication speed than an analog telephone line
Set of communication standards enabling simultaneous
digital transmission of data, fax, voice and video.
Can be broken into:
Basic Rate ISDN (BRI)
o 128kbps two equal B channels at 64kbps
each
o Generally connected to BRI lines can handle
eight simultaneous connections to the
internet
Primary Rate ISDN (PRI)
o 1536kbps runs on a T1 circuit
o 24 equals 64kbps B channels for data
Asynchronous Transfer Mode (ATM)
Cell based switching technology as opposed to packet
switching.
High-speed ntw technology used to transmit data in cells
of a fixed length containing 53 bytes of information
Is a native connection-oriented protocol comprised of a
number of technologies for software, hardware and
connection-oriented matter.
Synchronous Optical Networking (SONET)
Standardized protocol allowing for the transmission of
signals over optical fiber in NAM.
SDH is the standard in Europe.
Represents a transport vehicle capable of supporting
data rates in the gigabit range, optical interfaces,
network management and testing methods.
Before this standard was released, each manufacturer
designed its fiber terminal to its own optical signal
interface.

Fiber Distributed Data Interface (FDDI)

Standard for transmitting data on fiber optic cables at a
rate of around 100Mbps
Supports transmission distances beyond 50Miles
Original FDDI standard called for a physical double ring
topology
Primarily a protocol used on backbone networks.
Digial Subscriber Line (DSL)
Family of technologies that provides data transmissions
over the local telephone networks.
Allows for voice (analog) and data to be run over the
same line.
Uses higher frequency bands to transmit data.
xDSL is the standard for the various digital subscriber
lines.
ADSL (Asymmetric Digital Subscriber Lines) The upload
and download speed are the different or asymmetrical.
SDSL (Symmetrical Digital Subscriber Line) The upload
and download speed are the same.
Broadband cable is used for cable Internet and cable
television using the cable television network.
It operates at higher speed than DSL and rates can
range from 384kbps to 20Mbps +
POTS/PSTN
Plain Old Telephone System / Public Switching Telephone
Network
What we use for regular phone lines, and it has been
around since the 1940s.
Is now digital at the switching office and some central
offices, but there analog lines run to peoples homes.

Network Infrastructure and

Security
o

Internet
Is a worldwide system of connected computer networks.
Devices that connect to internet use TCP/IP.

The internet contains a lot of information, resources and

services.
WWW World Wide Web servers hosting content.
Supporting infrastructure for email.
Connectivity for peer-to-peer networks.
WWW is an enormous system of interlinked hypertext
documents that can be accessed by using a web
browser.
Currently its in a stage known as WEB2.0
Web 2.0 is an interactive type of web experience
compared to the previous version 1.0.
Intranet
Is a private computer network or single web site that an
organization implements in order to share data with
employees around the world.
User authentication is necessary before a person can
access the information in an intranet.
Extranet
Similar to intranet except that it extends to users outside
the company, and possibly to entire organizations that
are separate from or lateral to the company.
User authentication is still necessary, and an extranet it
not open to the general public.
VPN (Virtual Private Network)
Is a connx between two or more computers or devices
that are not in the same private network.
In order to ensure that only the proper users and data
sessions cross to a VPN device, data encapsulation and
encryption are used.
A tunnel is created, through the LANs and WANs that
are being used.
Popular VPN protocols
PPTP (Point-to-point Tunneling Protocol)
Encapsulates PPP frames into IP datagrams for
transmission over an IP-based network (data isnt
encrypted by default)
Allows
multiprotocol traffic to be encrypted
and then encapsulated in an IP header to be sent
across an IP network or a public IP network.
Can be used for remote access and site-to-site
VPN connections.
Encapsulates PPP frames in IP datagrams for
transmission.
Uses a TCP connection for tunnel management
and a modified version of Generic Routing
Encapsulation (GRE) to encapsulate PPP frames.
The payload of the encapsulated PPP frame can be
encrypted, compressed or both.

L2TP/IPSec (Layer 2 Tunneling Protocol with Internet

Protocol Security)
Combination of PPTP and Layer 2 Forwarding (L2F)
a technology from Cisco systems, Inc, IPSec is
used to encrypt the message.
Allows multiprotocol traffic to be encrypted and
then sent over any medium that supports point-topoint datagram delivery.
L2TP relies on IPSec in Transport Mode for
encryption services.
Encapsulation for L2TP/IPSec packets consists of
two layers:
o L2TP Encapsulation: PPP frame is wrapped
with an L2TP and UDP header.
o IPSec Encapsulation: The L2TP message is
wrapped with an IPSec Encapsulating
Security Payload (ESP) header and trailer,
and an IPSec Authentication Trailer.
Firewalls
Used to help protect a network from malicious attack
and unwanted intrusion.
They are the most commonly used type of security
device in an organizations perimeter.
Security devices and Zonez
Main defense for companys networks, whether
they are LANs, WANs, intranets or extranets.
Perimeter networks help keep certain information
open to specific users or to the public while
keeping the rest of an organizations data sheet.
Packet filtering
Inspects each packet that passes through the FW
and accepts or rejects it based on a set of rules.
Stateless packet inspection does not retain
memory of packets that have passed through the
firewall.
Stateful packet inspection (SPI) maintain context
about active sessions.
NAT Filtering
Also known as NAT endpoint filtering, filters according to
ports on three ways:
Using basic endpoint connections.
Matching incoming traffic to the corresponding
outbound IP address.

Matching incoming traffic to the corresponding IP

address and port.
ALG (Application Level Gateway)
Supports address and port translation and checks
whether the type of application traffic is allowed.
It adds a layer of security; however, it is resource
intensive.
Circuit Level Gateway
Works at session layer of the OSI model when a TCP or
UDP connection is established.
Circuit-level filtering inspects sessions rather than
connections or packets.
Once the connection has been made, packets can flow
between the hosts without further checking.
Circuit-level gateways hide information about the private
network, but they do not filter individual packets.
Proxy server
Acts as an intermediary between a LAN and the Internet
By definition, proxy means go-between, acting as such
as mediator between a private and a public network.
The proxy server evaluates requests from clients, and if
they meet certain criteria, forwards them to the
appropriate server.
Caching proxy
Attempts to serve client requests without actually
contacting the remote server.
Although there are FTP and SMTP proxies among others,
the most common caching proxy is HTTP proxy, also
known as a web proxy, which caches web pages from
servers on the Internet for a set amount of time.
This is done to save bandwidth on the companys
Internet connection and to increase the speed at which
client requests are carried out.
IP Proxy
Secures a network by keeping machines behind it
anonymous
It does this through the use of NAT
Internet Content Filter
Usually applied as software at the application layer and
it can filter out various types of Internet activities, such
as access to certain Web sites, email, instant messaging,
and so on.
IDS/IPS (Intrusion Detection System / Intrusion Prevention
System)
IDS detects malicious activities
IPS inspects, and can remove, detain or redirect
malicious traffic in addition to simply detecting it.