Lesson 4 - Conceptions

VPN - Virtual Private Network Definition: A VPN utilizes public telecommunications networks to conduct private data communications. Most VPN implementations use the Internet as the public infrastructure and a variety of specialized protocols to support private communications through the Internet. VPN follows a client and server approach. VPN clients authenticate users, encrypt data, and otherwise manage sessions with VPN servers utilizing a technique called tunneling. VPN clients and VPN servers are typically used in these three scenarios: 1. to support remote access to an intranet, 2. to support connections between multiple intranets within the same organization, and 3. to join networks between two organizations, forming an extranet. The main benefit of a VPN is the lower cost needed to support this technology compared to alternatives like traditional leased lines or remote access servers. VPN users typically interact with simple graphical client programs. These applications support creating tunnels, setting configuration parameters, and connecting to and disconnecting from the VPN server. VPN solutions utilize several different network protocols including PPTP, L2TP, IPsec, and SOCKS. VPN servers can also connect directly to other VPN servers. A VPN server-to-server connection extends the intranet or extranet to span multiple networks. Many vendors have developed VPN hardware and software products. Some of these do not interoperate due to the immaturity of some VPN standards. Protocol (network) Definition: A network protocol defines rules and conventions for communication between network devices. Protocols for computer networking all generally use packet switching techniques to send and receive messages in the form of packets. Network protocols include mechanisms for devices to identify and make connections with each other, as well as formatting rules that specify how data is packaged into messages sent and received. Some protocols also support message acknowledgement and data compression designed for reliable and/or high-performance network communication. Hundreds of different computer network protocols have been developed each designed for specific purposes and environments. Internet Protocols The Internet Protocol family contains a set of related (and among the most widely used network protocols. Besides Internet Protocol (IP) itself, higher-level protocols like TCP, UDP, HTTP, and FTP all integrate with IP to provide additional capabilities. Similarly, lower-level Internet Protocols like ARP and ICMP also co-exist with IP. These higher level protocols interact more closely with applications like Web browsers while lower-level protocols interact with network adapters and other computer hardware. Routing Protocols Routing protocols are special-purpose protocols designed specifically for use by network routers on the Internet. Common routing protocols include EIGRP, OSPF and BGP. How Network Protocols Are Implemented Modern operating systems like Microsoft Windows contain built-in services or daemons that implement support for some network protocols. Applications like Web browsers contain software libraries that support the high level protocols necessary for that application to function. For some lower level TCP/IP and routing protocols, support is implemented in directly hardware (silicon chipsets) for improved performance. Intranet Definition: Intranet is the generic term for a collection of private computer networks within an organization. An intranet uses network technologies as a tool to facilitate communication between people or work groups to improve the data sharing capability and overall knowledge base of an organization's employees. Intranets utilize standard network hardware and software technologies like Ethernet, Wi-Fi, TCP/IP, Web browsers and Web servers. An organization's intranet typically includes Internet access but is firewalled so that its computers cannot be reached directly from the outside. A common extension to intranets, called extranets, opens this firewall to provide controlled access to outsiders. Many schools and non-profit groups have deployed them, but an intranet is still seen primarily as a corporate productivity tool. A simple intranet consists of an internal email system and perhaps a message board service. More sophisticated intranets include Web sites and databases containing company news, forms, and personnel information. Besides email and groupware applications, an intranet generally incorporates internal Web sites, documents, and/or databases. The business value of intranet solutions is generally accepted in larger corporations, but their worth has proven very difficult to quantify in terms of time saved or return on investment. Extranet Most extranets use the Internet as the entry point for outsiders, a firewall configuration to limit access, and a secure protocol for authenticating users. Definition: An extranet is a computer network that allows controlled access from the outside for specific business or educational purposes. Extranets are extensions to, or segments of, private intranet networks that have been built in many corporations for information sharing and ecommerce. IPv6 Definition: IPv6 is the next generation protocol for Internet networking. IPv6 expands on the current Internet Protocol standard known as IPv4. Compared to IPv4, IPv6 offers better addressing, security and other features to support large worldwide networks.  In IPv6, IP addresses change from the current 32-bit standard and dotted decimal notation to a new 128-bit address system. IPv6 addresses remain backward compatible with IPv4 addresses. For example, the IPv4 address "192.168.100.32" may appear in IPv6 notation as "0000:0000:0000:0000:0000:0000:C0A8:6420" or "::C0A8:6420".  The most obvious benefit of IPv6 is the exponentially greater number of IP addresses it can support compared to IPv4. Many countries outside the U.S. suffer from a shortage of IP addresses today. Because IPv6 and IPv4 protocols coexist, those locales with an address shortage can easily deploy new IPv6 networks that work with the rest of the Internet. Experts believe it will take many more years before all networks fully change over to IPv6.  Other benefits of IPv6 are less obvious but equally important. The internals of the IPv6 protocol have been designed with scalability and extensibility in mind. This will allow many different kinds of devices besides PCs, like cell phones and home appliances, to more easily join the Internet in future. Also Known As: IPng (Internet Protocol Next Generation) ARP - Address Resolution Protocol Definition: ARP converts an Internet Protocol (IP) address to its corresponding physical network address. ARP is a low-level network protocol, operating at Layer 2 of the OSI model. ARP usually is implemented in the device drivers of network operating systems. It is most commonly seen on Ethernet networks, but ARP has also been implemented for ATM, Token Ring, and other physical networks. RFC 826 documented the initial design and implementation of ARP. ARP works on Ethernet networks as follows. Ethernet network adapters are produced with a physical address embedded in the hardware called the Media Access Control (MAC) address. Manufacturers take care to ensure these 6-byte (48-bit) addresses are unique, and Ethernet relies on these unique identifiers for message delivery. When any device wishes to send data to another target device over Ethernet, it must first determine the MAC address of that target given its IP address These IP-to-MAC address mappings are derived from an ARP cache maintained on each device. If the given IP address does not appear in a device's cache, that device cannot direct messages to that target until it obtains a new mapping. To do this, the initiating device first sends an ARP request broadcast message on the local subnet. The host with the given IP address sends an ARP reply in response to the broadcast, allowing the initiating device to update its cache and proceed to deliver messages directly to the target. NAT - Network Address Translation Definition: NAT allows an Internet Protocol (IP) network to maintain public IP addresses separately from private IP addresses. NAT is a popular technology for Internet connection sharing. It is also sometimes used in server load balancing applications on corporate networks. In its most common configuration, NAT maps all of the private IP addresses on a home network to the single IP address supplied by an Internet Service Provider (ISP). This allows computers on the home LAN to share a single Internet connection. Additionally, it enhances home network security by limiting the access of external computers into the home IP network space. NAT works by snooping both incoming and outgoing IP datagrams. As needed, it modifies the source or destination address in the IP header (and the affected checksums) to reflect the configured address mapping. NAT technically supports either fixed or dynamic mappings of one or more internal and external IP addresses. NAT functionality is usually found on routers and other gateway devices at the network boundary. NAT can also be implemented entirely in software. Microsoft's Internet Connection Sharing (ICS), for example, adds NAT support to the Windows operating system. By itself, NAT does not provide all the features of a true firewall, but it is often used on servers that feature other firewall and antivirus support. NAT was designed originally to conserve public Internet address space. Internet RFC 1631 contains the basic NAT specification. What Is Packet Switching on Computer Networks? Answer: Packet switching is the approach used by some computer network protocols to deliver data across a local or long distance connection. Examples of packet switching protocols are Frame Relay, IP and X.25. How Packet Switching Works Packet switching entails packaging data in specially formatted units (called packets) that are typically routed from source to destination using network switches and routers. Each packet contains address information that identifies the sending computer and intended recipient. Using these addresses, network switches and routers determine how best to transfer the packet between hops on the path to its destination. Pros and Cons of Packet Switching Packet switching is the alternative to circuit switching protocols used historically for telephone (voice) networks and sometimes with ISDN connections. Compared to circuit switching, packet switching offers the following: ·         More efficient use of overall network bandwidth due to flexibility in routing the smaller packets over shared links. Packet switching networks are often cheaper to build as less equipment is needed given this ability to share. ·         Longer delays in receiving messages due to the time required to package and route packets. For many applications, delays are not long enough to be significant, but for high-performance applications like real-time video, additional data compression and QoS technology is often required to achieve the required performance levels. ·         Potential for network security risks due to the use of shared physical links. Protocols and other related elements on packet switching networks must designed with the appropriate security precautions.

Additional Reading

Windows Internet Connection Sharing Windows ICS allows you to set up one of your computers as a DHCP server, and your other computers to use dynamic private IP addressing managed by the server. ICS - Internet Connection Sharing Definition: ICS allows a local network of Windows computers to share a single Internet connection. Microsoft developed ICS as part of Windows 98 Second Edition. The feature has been included as part of all subsequent Windows releases, but it is not available as a separate installable program. ICS follows a client/server model. To set up ICS, one computer must be chosen as the server. The designated computer must support two network interfaces, one directly connected to the Internet and the other connected to the remainder of the LAN. In a traditional home dial-up network, for example, the server computer is directly connected to the modem. When configured through Windows, the ICS server behaves as a NAT router, directing messages on behalf of multiple computers. ICS incorporates a DHCP server that allows clients to obtain their local addresses automatically rather than needing to be set manually. Compared to hardware routers, ICS has the advantage of being included with the operating system so no additional purchase is required. On the other hand, ICS lacks many of the configuration options that hardware routers possess. OSI (model) - Open Systems Interconnection Definition: The OSI model defines internetworking in terms of a vertical stack of seven layers. The upper layers of the OSI model represent software that implements network services like encryption and connection management. The lower layers of the OSI model implement more primitive, hardware-oriented functions like routing, addressing, and flow control. Layers of the OSI Model In the OSI model, data communication starts with the top layer at the sending side, travels down the OSI model stack to the bottom layer, then traveses the network connection to the bottom layer on the receiving side, and up its OSI model stack. The OSI model was introduced in 1984. Although it was designed to be an abstract model, the OSI model remains a practical framework for today's key network technologies like Ethernet and protocols like IP. Also Known As: Open Systems Interconnection (OSI) reference model, OSI seven layer model Examples: Internet Protocol (IP) corresponds to the Network layer of the OSI model, layer three. TCP and UDP correspond to OSI model layer four, the Transport layer. Lower layers of the OSI model are represented by technologies like Ethernet. Higher layers of the OSI model are represented by application protocols like TCP and UDP.