Showing posts with label networking basics. Show all posts
Showing posts with label networking basics. Show all posts

13.12.12

How Active and Passive FTP mode works.



I have been always wondering whats the easy way to understand how Active & Passive mode FTP connections work.

So, after referring a lot of sites, I came up with this one on how they works briefly, so that you can get to know the basic differences. If you are trying to learn deep into how this works at the packet level, I am sorry this is not the right place for you.

Active mode FTP (please refer diagram for easy understanding)

A user connects from a random port(33372) on a file transfer client to port 21 on the server. It sends the PORT command, specifying what client-side port(33395) the server should connect to. This port will be used later on for the data channel and is different from the port used in this step for the command channel.

The server connects from port 20 to the client port designated for the data channel. Once connection is established, file transfers are then made through these client and server ports.


Passive mode FTP (please refer diagram for easy understanding)

In passive mode, the client still initiates a command channel from port(33372) to server's port 21. However, instead of sending the PORT command, it sends the PASV command, which is basically a request for a server port to connect to for data transmission. When the FTP server replies, it indicates what port number(54321) it has opened for the ensuing data transfer. Summarized steps below.

The client connects from another random port(33395) to the random port specified in the server's response. Once connection is established, data transfers are made through these client and server ports.

Points to be Noted: In an active mode connection, the server will attempt to connect to a random client-side port. So chances are, that port wouldn't be one of those predefined ports. As a result, an attempt to connect to it will be blocked by the firewall and no connection will be established.

Of course, it could be also possible for the server side to have a firewall as well. However, since the server is expected to receive a greater number of connection requests compared to a client, then it would be but logical for the server admin to adapt to the situation and open up a selection of ports to satisfy passive mode configurations.

Let me know if I should correct anything here.

5.12.12

TCP/IP Protocol Suite explained briefly


TCP/IP is based on a four-layer reference model. All protocols that belong to the TCP/IP protocol suite are located in the top three layers of this model.

As shown in the following diagram, each layer of the TCP/IP model corresponds to one or more layers of the seven-layer Open Systems Interconnection (OSI) reference model proposed by the International Organization for Standardization (ISO).

Diagram

The types of services performed and protocols used at each layer within the TCP/IP model are described in more detail below.

Application: Defines TCP/IP application protocols and how host programs interface with transport layer services to use the network. 
  • Protocols: HTTP, Telnet, FTP, TFTP, SNMP, DNS, SMTP, other application protocols

Transport: Provides communication session management between host computers. Defines the level of service and status of the connection used when transporting data. 
  • Protocols: TCP, UDP, RTP, RSVP

Internetwork: Packages data into IP datagrams, which contain source and destination address information that is used to forward the datagrams between hosts and across networks. Performs routing of IP datagrams. 
  • Protocols: IP, ICMP, ARP, RARP

Network Interface: Specifies details of how data is physically sent through the network, including how bits are electrically signaled by hardware devices that interface directly with a network medium, such as coaxial cable, optical fiber, or twisted-pair copper wire. 
  • Protocols: Ethernet, Token Ring, FDDI, X.25, Frame Relay, RS-232, v.35


The TCP/IP model and related protocols are maintained by the Internet Engineering Task Force (IETF).


Src: http://technet.microsoft.com/en-us/library/cc786900(v=ws.10).aspx
Src: http://en.wikipedia.org/wiki/Internet_protocol_suite

If you want to go deep into how each layers function please refer Microsoft's Article


20.6.10

What is Firewall? Understanding the Concepts behind Firewall.

Introduction
Access to e-mail and other Internet resources is very much a necessity for conducting business and accessing information. However, along with the convenience that network connectivity brings, it also raises serious security concerns. With always-on connections such as cable modems and DSL lines, Internet users need to be increasingly vigilant of security issues, as network traffic coming into the computer can cause damage to files and programs even when the user is away from the computer and the computer is idle. In a system that is not protected with any security measures,malicious code such as viruses can infect systems and cause damage that may be difficult to repair. Unscrupulous characters on the Internet are always snooping around trying to find open computers from which they can steal personal files, personal information or create other forms of mischief. The loss of financial records, e-mail, customer files, can be devastating to a business or to an individual.
In conjunction with other security measures, firewalls can help to prevent this devastation.
What are Firewalls?
Firewalls are tools that can be used to enhance the security of computers connected to a network, such as a LAN or the Internet. A firewall separates a computer from the Internet, inspecting packetsof data as they arrive at either side of the firewall ? inbound to, or outbound from, your computer ? to determine whether it should be allowed to pass or be blocked.
Firewalls act as guards at the computer?s entry points (which are called ?ports?) where the computer exchanges data with other devices on the network. Firewalls ensure that packets that are requesting permission to enter the computer meet certain rules that are established by the user of the computer. Firewalls operate in two ways, by either denying or accepting all messages based on a list of designated acceptable or unacceptable sources, or by allowing or denying all messages based on a list of designated acceptable or unacceptable destination ports.
Although they sound complex, firewalls are relatively easy to install, setup and operate. This article will provide a brief introduction to firewalls. This is not intended to serve as a review of specific firewall products. Rather, it will serve as an overview of what firewalls are, how they work, the different types of firewall technology and their suitability for small office/ home office and personal computer users.
TCP/IP
In order to understand how firewalls work it is important to understand the basics of TCP/IP, the language or protocol which all computers on the internet use to communicate. If you are not at all familiar with concepts such as packets, ports and IP addresses, please refer to the "Internet for Beginners" article at LINK. If you are, the following section may seem elementary; however, it explains each of the aspects of TCP/IP as it relates specifically to firewalls.
Let?s start by saying that TCP/IP is a ?language? that allows different computers to communicate. On the Internet, this language is spoken and understood by all different types of computers, even those using different operating systems such as Windows, Macintosh, or Unix. In order for a computer to communicate on the Internet, it must ?speak? TCP/IP.
Packets
When messages are sent along the Internet, they are broken up into small ?packets? that take different routes to get to the destination. On reaching the destination, the packets are re-assembled to form the complete original message. This method is similar to writing a letter, except the sentences that make up the letter are each sent in a separate envelope. With the large number of packets travelling the Internet, it is important that the content of the packets are transferred reliably and to the correct destination computer source information in the correct order ? this is where TCP/IP comes in.
TCP/IP ensures that messages arrive at the proper computer in the proper order. Internet Protocol (IP) is used for addressing messages so they can be exchanged between the source computer and the destination computer. Transmission Control Protocol (TCP) is responsible for making sure the entire message is received in the correct format (this will be explained in more detail later in this section). These terms may seem technical but the main thing we have to remember is that TCP/IP makes information exchange over the Internet possible. And what does this have to do with firewalls? Computers identify themselves using an IP address, which is similar to a street address. The IP address is a numerical translation of the web address. For example, the IP address ofwww.securityfocus.com is 207.126.127.69. When the message is in packet form, the destination address and the source address information are carried in the ?head? of the packet.
The IP address is an important concept in the discussion of firewalls because firewalls read the IP addresses in the head of the packets to determine the source of message. They then use part of that information to determine whether or not the message will be allowed access or not.
Ports
We have talked about firewalls guarding the entry points of the computer system ? these entry points are known as ?ports?. Personal computers use TCP/IP ports to communicate with other computers. Simply put, a port is a point at which computers connect to networks and to other computers so that it can exchange information with networks and other computers. Personal computers have various types of ports, each of which provides a specific and unique service. Port numbers that are open indicate which applications or services that computer is currently running.
Each port has a specific number, and each one allows computers to exchange information related to a specific application. For instance, computers typically exchange information with the World Wide Web via port 80. The port number is held in the information in the packet header. This is important for firewalls, because by reading the packet the firewall can tell what application the message is trying to run. Firewalls can be configured to deny certain applications, which they determine by reading the port number of the incoming packet.
For example, one common service is FTP, or file transfer protocol, which allows computers to exchange large files of text and graphics. The FTP server on a computer utilizes port #21. If the recipient computer is open to accepting FTP packets, it will accept packets that indicate that they are FTP packets by the inclusion of port #21 in their header. If, for instance, the recipient computer is not running FTP, it would not be open to receiving information that is addressed for port #21. Thus the firewall should be configured to deny access to any packets that are destined for that port number.
Some common TCP/IP ports and their corresponding numbers are:
·         FTP (File Transfer Protocol) - #21
·         SMTP (Simple Mail Transfer Protocol) - #25
·         Login (Login Host Protocol) - #49
·         HTTP (Hypertext Transfer Protocol) - #80
·         Auth (Authentication service) - #113
·         Audionews (Audio news multistream) - #114

Port Scanners
Hackers often use software tools called port scanners to find services, such as the ones we just mentioned. Once the port scanner finds a service or an application that is running, the hacker then determines whether or not that specific service is vulnerable to attack. When they find vulnerable applications, the hacker may exploit them to gain entry into the system. Once inside the system, hackers proceed to attack the target and disrupt services by deleting or transferring critical files or by reading and/or stealing information that is stored on the computer.
There are 65,535 virtual ports on a typical personal computer that can be used to gain entry. The firewall has to keep an eye on each one of these ports. Talk about having a tough job!
Types of Firewalls
We can think of firewalls as being similar to a bouncer in a nightclub. Like a bouncer in a nightclub, firewalls have a set of rules, similar to a guest list or a dress code, that determines if the packet should be allowed entry. Just as the bouncer places himself at the door of the club, the firewall is located at the point of entry where data attempts to enter the computer from the Internet. But, just as different night clubs might have different rules for entry, different firewalls have different methods of inspecting packets for acceptance or rejection.
Packet Filtering
The most common firewall method is known as packet filtering. Maintaining our bouncer analogy, some bouncers may only check ID?s and compare this with the guest list before letting people in. Similarly, when a packet filter firewall receives a packet from the Internet, it checks information held in the IP Address in the header of the packet and checks it against a table of access control rules to determine whether or not the packet is acceptable.
In this case, a set of rules established by the firewall administrator serves as the guest list. These rules may specify certain actions when a particular source or destination IP address or port number is identified. For example, access to a pornographic web site can be blocked by designating the IP address of that site as a non-permitted connection (incoming or outgoing) with the users? computer. When the packet filter firewall encounters a packet from the porn site, it examines the packet. Since IP address of the porn site is contained in the header of the packet, it meets the conditions that specifically deny such a connection and the web traffic is not permitted to go through.
Although packet filters are fast, they are also relatively easy to circumvent. One method of getting around a packet filter firewall is known as IP spoofing, in which hackers adopt the IP address of a trusted source, thereby fooling the firewall into thinking that the packets from the hacker are actually from a trusted source. The second fundamental problem with packet filter firewalls is that they allow a direct connection between source and destination computers. As a result, once an initial connection has been approved by the firewall, the source computer is connected directly to the destination computer, thereby potentially exposing the destination computer and all the computers to which it is connected to attack.
Stateful Packet Inspection
A second method utilized by firewalls is known as stateful packet inspection. Stateful packet inspection is a form of super-charged packet filtering. It examines not just the headers of the packet, but also the contents, to determine more about the packet than just its source and destination information. It is called a ?stateful? packet inspection because it examines the contents of the packet to determine what the state of the communication is ? i.e. it ensures that the stated destination computer has previously requested the current communication. This is a way of ensuring that all communications are initiated by the recipient computer and are taking place only with sources that are known and trusted from previous interactions. In addition to being more rigorous in their inspection of packets, Stateful inspection firewalls also close off ports until connection to the specific port is requested. This allows an added layer of protection from the threat of port scanning.
Application-Level Proxy

Other types of bouncers have stricter rules: they not only want to know who the guest is, but what he or she will be doing once they are inside the club. In the world of firewalls, this type of bouncer is known as an application-level proxy because it determines if a connection to a requested application is permitted. Only connections for specified purposes, such as Internet access or e-mail, will be permitted. This allows system administrators to control what applications their system?s computers will be used for.
For example, hackers can use the Telnet service (which in the early days of the Internet was developed to allow remote logins to computers) to gain unauthorized access to a network. However, a firewall can be setup to allow only web and e-mail applications to gain access. The firewall can be programmed to stop all packets with the destination port of 23, which is the standard port for Telnet. Any attempt by hackers to telnet into the users? computer will fail because the application level firewall will recognize this telnet connection as a non-web/e-mail application and reject the information trying to enter the users? computer.
This type of firewall is known as an application-level proxy because, in addition to screening packets for the type of application they wan to run on the user?s computer, they also serve as aproxy server. A proxy can be thought of as a computer that sits between a computer and a web server and acts as a middleman between the computer and the web server.
An application-level proxy receives all communications requests from the computers behind it (or inside the firewall.) It then proxies the request; that is, it makes the requests on behalf of its constituent computers. What this does is to effectively hide the individual computers on the network behind the firewall. The targeted computers are protected from view because outside sources never make direct contact with the computers - every communication is conducted through the proxy server.
Network Address Translation (NAT)
Network Address Translation (NAT), serves as a firewall by keeping individual IP addresses hidden from the outside world. Similar to a proxy server, Network Address Translation acts as an intermediary between a group of computers and the Internet. NAT allows an organization to present itself to the Internet with one address. NAT converts the address of each computer and device on a LAN into one IP address for the Internet and vice versa. As a result, people scanning the Internet for addresses cannot identify the computers on the network or capture any details of their location, IP address, etc. And if the bad guys can?t find you, they can?t hurt you.
Drawbacks to Using Firewalls
Although firewalls have their strengths, and are an invaluable information security resource, there are some attacks that the firewalls cannot protect against, such as eavesdropping or interception of e-mail. Furthermore, whereas firewalls provide a single point of security and audit, this also becomes a single point of failure ? which is to say, firewalls are a last line of defense. This means that if an attacker is able to breach the firewall, he or she will have gained access to the system, and may have an opportunity to steal data that is stored in that system, or to create other havoc within the system. Firewalls may keep the bad guys out, but what if the bad guys are inside? In the case of dishonest or disgruntled employees, firewalls will not provide much protection. Finally, as mentioned in the discussion of packet filtering, firewalls are not foolproof - IP spoofing can be an effective means of circumvention, for example.
For optimal protection against the variety of security threats that exist, firewalls should be used in conjunction with other security measures such as anti-virus software and encryption packages. As well, a well-thought out and consistently implemented security policy is vital to attaining optimal effectiveness of any security software.
Selecting Firewalls
Firewall applications vary in sophistication and cost. For the small office or home user, the easiest and least expensive firewall solutions are personal firewalls, which are software programs that install on your computer. When selecting firewalls, the following considerations should be taken into account:
·         Ease of installation/configuration
·         Does the firewall run without user intervention?
·         Are there parameters that have to be set, and is it easy to do?
·         Is there online help or technical support available?
·         Does the firewall provide audit reports identifying time, location and type of attack?
·         Is the cost of the firewall appropriate to the size of your business/office?
·         Are maintenance/ monitoring requirements suitable for the size and type of business?
·         What will be the training requirements for the firewall?
·         Will the firewall have a significant impact on the operation of the system as a whole?
There are a number of firewall products available with varying feature capabilities and costs. Most of the vendors offer a free trial for evaluation purposes and SOHO users should select one based on their needs.

30.4.10

Differences Between WLAN and LAN

Although WLANs and LANs both provide connectivity between the end users, they have some key differences that include both physical and logical differences between the topologies. In WLANs, radio frequencies are used as the physical layer of the network. Differences also exist in the way the frame is formatted and in the transmission methods, detailed as follows:
■ WLANs use carrier sense multiple access with collision avoidance (CSMA/CA) instead of carrier sense multiple access collision detect (CSMA/CD), which is used by Ethernet LANs. Collision detection is not possible in WLANs, because a sending station cannot receive at the same time that it transmits and, therefore, cannot detect a collision. Instead, WLANs use the Ready To Send (RTS) and Clear To Send (CTS) protocols to avoid collisions.
■ WLANs use a different frame format than wired Ethernet LANs use. WLANs require additional information in the Layer 2 header of the frame. Radio waves cause problems not found in LANs, such as the following:
■ Connectivity issues occur because of coverage problems, RF transmission, multipath distortion, and interference from other wireless services or other WLANs.
■ Privacy issues occur because radio frequencies can reach outside the facility. In WLANs, mobile clients connect to the network through an access point, which is the equivalent of a wired Ethernet hub. These connections are characterized as follows:
■ There is no physical connection to the network.
■ The mobile devices are often battery-powered, as opposed to plugged-in LAN devices. WLANs must meet country-specific RF regulations. The aim of standardization is to make WLANs available worldwide. Because WLANs use radio frequencies, they must follow country-specific regulations of RF power and frequencies. This requirement does not apply to wired LANs.

16.4.10

Understanding Static and Default Routes

Static routes are useful in stub networks in which we want to control the routing behavior by manually configuring destination networks into the routing table:
Router(config)#ip route 10.0.0.0 255.0.0.0 192.168.2.5

A floating static route can be configured when redundant connections exist and you want to use the redundant link if the primary fails. This is configured by adding a higher administrative distance at the end of a static route:
Router(config)#ip route 10.0.0.0 255.0.0.0 192.168.2.9 2

A default route is a gateway of last resort for a router when there isn’t a specific match for an IP destination network in the routing table (such as packets destined for the Internet):
Router(config)#ip route 0.0.0.0 0.0.0.0 serial 0/0

With routing protocols, you can specify a default network, which is a network in the routing table that routing devices consider to be the gateway of last resort. Using their routing protocols, they determine the best path to the default network:
Router(config)#ip default-network 192.168.1.0

11.4.10

Static Routes

Static routes are commonly used when you are routing from a network to a stub network. A stub network (sometimes called a leaf node) is a network accessed by a single route. Static routes can also be useful for specifying a “gateway of last resort” to which all packets with an unknown destination address are sent. Following is the syntax for configuring a static route:

RouterX(config)# ip route network [mask] {address | interface}[distance] [permanent]

Summary of Static Routing

Routing is the process by which items get from one location to another. In networking, a router is the device used to route traffic. Routers can forward packets over static routes or dynamic routes based on the router configuration.
■ Static routers use a route that a network administrator enters into the router manually. Dynamic routes use a router that a network routing protocol adjusts automatically for topology or traffic changes.
■ Unidirectional static routes must be configured to and from a stub network to allow communications to occur.
■ The ip route command can be used to configure default route forwarding.
■ The show ip route command verifies that static routing is properly configured. Static routes are signified in the command output by “S.”

Static and Dynamic Route Comparison

Routers can forward packets over static routes or dynamic routes based on the router configuration. The two ways to tell the router where to forward packets to destination networks that are not directly connected are as follows:

Static route: The router learns routes when an administrator manually configures the static route. The administrator must manually update this static route entry whenever an internetwork topology change requires an update. Static routes are user-defined routes that specify the path that packets take when moving between a source and a destination. These administrator-defined routes allow very precise control over the
routing behavior of the IP internetwork.

Dynamic route: The router dynamically learns routes after an administrator configures a routing protocol that helps determine routes. Unlike the situation with static routes, after the network administrator enables dynamic routing, the routing process automatically updates route knowledge whenever new topology information is received. The router learns and maintains routes to the remote destinations by exchanging routing updates with other routers in the internetwork.

3.4.10

Cisco IOS Software Features and Functions

Cisco IOS Software is the industry-leading and is the most widely deployed network system software. This topic describes the features and functions of Cisco IOS Software. The Cisco IOS Software platform is implemented on most Cisco hardware platforms, including switches, routers, and similar Cisco IOS–based network devices. It is the embedded software architecture in all Cisco devices and is also the operating system of Cisco Catalyst switches.
Cisco IOS Software enables the following network services in Cisco products:
■ Features to carry the chosen network protocols and functions.
■ Connectivity enables high-speed traffic between devices.
■ Security controls access and prohibit unauthorized network use.
■ Scalability adds interfaces and capability as needed for network growth.
■ Reliability ensures dependable access to networked resources.
The Cisco IOS Software command-line interface (CLI) is accessed through a console connection, a modem connection, or a Telnet session. Regardless of which connection method is used, access to the Cisco IOS software CLI is generally referred to as an EXEC session.

SUMMARY of Cisco IOS


■ Cisco IOS Software is embedded software architecture in all the Cisco IOS devices and 
is also the operating system of Catalyst switches. Its functions include carrying the 
chosen network protocols, connectivity, security, scalability, and reliability.

■ A switch or IOS device can be configured from a local terminal connected to the 
console (CON) port, from a remote terminal connected through a modem connection 
to the auxiliary (AUX) port, or through a Telnet (VTY) connection.

■ The CLI is used by network administrators to monitor and configure various Cisco IOS 
devices. The CLI also offers a help facility to aid network administrators with the 
verification and configuration of commands.

■ The CLI supports two EXEC modes: user EXEC mode and privileged EXEC mode. 
The privileged EXEC mode provides more functionality than the user EXEC mode, 
and privileged EXEC mode is also sometimes called enable mode.

■ Cisco IOS devices use Cisco IOS Software with extensive command-line input help 
facilities, including context-sensitive help.

■ The Cisco IOS CLI includes an enhanced editing mode that provides a set of editing 
key functions.

■ A Cisco IOS device's CLI provides a history or record of the commands that have been 
entered.


2.4.10

Layer 1/2/3 Devices and their Function

Layer 1 - Devices and Their Functions
Layer 1 defines the electrical, mechanical, procedural, and functional specifications for activating, maintaining, and deactivating the physical link between end systems. Some common examples are Ethernet segments and serial links like Frame Relay and T1.
Repeaters that provide signal amplification are also considered Layer 1 devices.
The physical interface on the NIC can also be considered part of Layer 1.


Layer 2 Devices and Their Functions
Layer 2 defines how data is formatted for transmission and how access to the physical media is controlled. These devices also provide an interface between the Layer 2 device and the physical media. Some common examples are a NIC installed in a host, bridge, or switch.


Layer 3 Devices and Their Functions
The network layer provides connectivity and path selection between two host systems that might be located on geographically separated networks. In the case of a host, this is the path between the data link layer and the upper layers of the NOS. In the case of a router, it is the actual path across the network.

Domain Name System

DNS is a mechanism for converting symbolic names into IP addresses. The DNS application frees users of IP networks from the burden of having to remember IP addresses. Without this freedom, the Internet would
not be as popular or as usable as it is. The DNS address is a server that provides the DNS services. The address is typically assigned during the DCHP address assignment or can be assigned manually.


To determine the actual address of the device, the command ipconfig can be used from the command line to display all current TCP/IP network configuration values and refresh DHCP and DNS settings. Used without parameters, ipconfig displays the IP address, subnet mask, and default gateway for all adapters. Figure 1-40 shows an example of an IPCONFIG output.

IPCONFIG Output

You can run ipconfig with various flags to determine exactly what output should be displayed. The syntax flags are as follows:
ipconfig [/all] [/renew [Adapter]] [/release [Adapter]] [/flushdns] [/displaydns] [/registerdns] [/showclassid Adapter] [/setclassid Adapter [ClassID]]
The parameters are as follows:
■ /all: Displays the full TCP/IP configuration for all adapters. Without this parameter, ipconfig displays only the IP address, subnet mask, and default gateway values for each adapter. Adapters can represent physical interfaces, such as installed network adapters, or logical interfaces, such as dialup connections.
■ /renew [Adapter]: Renews DHCP configuration for all adapters (if an adapter is not specified) or for a specific adapter if the Adapter parameter is included. This parameter is available only on computers with adapters that are configured to obtain an IP address automatically. To specify an adapter name, type the adapter name that appears when you use ipconfig without parameters.
■ /release [Adapter]: Sends a DHCPRELEASE message to the DHCP server to release the current DHCP configuration and discard the IP address configuration for either all adapters (if an adapter is not specified) or for a specific adapter if the Adapter parameter is included. This parameter disables TCP/IP for adapters configured to obtain an IP address automatically. To specify an adapter name, type the adapter name that appears when you use ipconfig without parameters.
■ /flushdns: Flushes and resets the contents of the DNS client resolver cache. During DNS troubleshooting, you can use this procedure to discard negative cache entries from the cache, as well as any other entries that have been added dynamically.
■ /displaydns: Displays the contents of the DNS client resolver cache, which includes both entries preloaded from the local hosts file and any recently obtained resource records for name queries resolved by the computer. The DNS client service uses this information to resolve frequently queried names quickly, before querying its configured DNS servers.
■ /registerdns: Initiates manual dynamic registration for the DNS names and IP addresses that are configured at a computer. You can use this parameter to troubleshoot a failed DNS name registration or resolve a dynamic update problem between a client and the DNS server without rebooting the client computer. The DNS settings in the advanced properties of the TCP/IP protocol determine which names are registered in DNS.

23.3.10

OSI - Open System Interconnect Reference Model

The OSI reference model is the primary model for network communications. The early development of LANs, MANs, and WANs was chaotic in many ways. The OSI reference model, released in 1984, was the descriptive scheme that the ISO created. It provided vendors with a set of standards that ensured greater compatibility and
interoperability between the various types of network technologies produced by companies around the world. Although other models exist, most network vendors today relate their products to the OSI reference model, especially when they want to educate customers on the use of their products. The OSI model is considered the best tool available for teaching people about sending and receiving data on a network.

The OSI reference model has seven layers each illustrating a particular network function.


Each OSI layer contains a set of functions performed by programs to enable data to travel from a source to a destination on a network. The following sections provide brief descriptions of each layer in the OSI reference model.
Layer 7: The Application Layer
The application layer is the OSI layer that is closest to the user. This layer provides network services to the user’s applications. It differs from the other layers in that it does not provide services to any other OSI layer, but only to applications outside the OSI reference model. The application layer establishes the availability of intended communication partners and synchronizes and establishes agreement on procedures for error recovery and control of data integrity.
Layer 6: The Presentation Layer
The presentation layer ensures the information that the application layer of one system sends out is readable by the application layer of another system. For example, a PC program communicates with another computer, one using extended binary coded decimal interchange code (EBCDIC) and the other using ASCII to represent the same characters. If necessary, the presentation layer might be able to translate between multiple data formats by using a common format.
Layer 5: The Session Layer
The session layer establishes, manages, and terminates sessions between two communicating hosts. It provides its services to the presentation layer. The session layer also synchronizes dialogue between the presentation layers of the two hosts and manages their data exchange. For example, web servers have many users, so many communication processes are open at a given time. Therefore, keeping track of which user communicates on which path is important. In addition to session regulation, the session layer offers provisions for efficient data transfer, class of service, and exception reporting of session layer, presentation layer, and application layer problems.
Layer 4: The Transport Layer
The transport layer segments data from the sending host’s system and reassembles the data into a data stream on the receiving host’s system. For example, business users in large corporations often transfer large files from field locations to a corporate site. Reliable delivery of the files is important, so the transport layer breaks down large files into smaller segments that are less likely to incur transmission problems. The boundary between the transport layer and the session layer can be thought of as the boundary between application protocols and data-flow protocols. Whereas the application, presentation, and session layers are concerned with application issues, the lower four layers are concerned with data-transport issues. The transport layer attempts to provide a data-transport service that shields the upper layers from transport implementation details. Specifically, issues such as reliability of transport between two hosts are the concern of the transport layer. In providing communication service, the transport layer establishes, maintains, and properly terminates virtual circuits. Transport error detection and recovery and information flow control provide reliable
service.
Layer 3: The Network Layer
The network layer provides connectivity and path selection between two host systems that might be located on geographically separated networks. The growth of the Internet has increased the number of users accessing information from sites around the world, and the network layer manages this connectivity.
Layer 2: The Data Link Layer
The data link layer defines how data is formatted for transmission and how access to the network is controlled. This layer is responsible for defining how devices on a common media communicate with one another, including addressing and control signaling between devices.
Layer 1: The Physical Layer
The physical layer defines the electrical, mechanical, procedural, and functional specifications for activating, maintaining, and deactivating the physical link between end systems. Characteristics such as voltage levels, timing of voltage changes, physical data rates, maximum transmission distances, physical connectors, and other similar attributes are defined by physical layer specifications.

21.3.10

Characteristics of a Network

Many characteristics are commonly used to describe and compare various network designs. When you are determining how to build a network, each of these characteristics must be considered along with the applications that will be running on the network. The key to building the best network is to achieve a balance of these characteristics. Networks can be described and compared according to network performance and structure, as follows:

Speed: Speed is a measure of how fast data is transmitted over the network. A more precise term would be data rate.
Cost: Cost indicates the general cost of components, installation, and maintenance of the network.
Security: Security indicates how secure the network is, including the data that is transmitted over the network. The subject of security is important and constantly evolving. You should consider security whenever you take actions that affect the network.
Availability: Availability is a measure of the probability that the network will be available for use when required. For networks that are meant to be used 24 hours a day, 7 days a week, 365 days a year, availability is calculated by dividing the time it is actually available by the total time in a year and then multiplying by 100 to get a percentage.
For example, if a network is unavailable for 15 minutes a year because of network outages, its percentage availability can be calculated as follows:
([Number of minutes in a year – downtime] / [Number of minutes in a year]) * 100 = Percentage availability
([525600 – 15] / [525600]) * 100 = 99.9971
Scalability: Scalability indicates how well the network can accommodate more users and data transmission requirements. If a network is designed and optimized for just the current requirements, it can be very expensive and difficult to meet new needs when the network grows.
Reliability: Reliability indicates the dependability of the components (routers, switches, PCs, and so on) that make up the network. Reliability is often measured as a probability of failure, or mean time between failures (MTBF).
Topology: Networks have two types of topologies: the physical topology, which is the arrangement of the cable, network devices, and end systems (PCs and servers), and the logical topology, which is the path that the data signals take through the physical topology.

These characteristics and attributes provide a means to compare different networking solutions. Increasingly, features such as security, availability, scalability, and reliability have become the focus of many network designs because of the importance of the network to the business process.

Network User Applications

The key to utilizing multiple resources on a data network is having applications that are aware of these communication mechanisms. Although many applications are available for users in a network environment, some applications are common to nearly all users.

The most common network user applications include the following:
E-mail: E-mail is a valuable application for most network users. Users can communicate information (messages and files) electronically in a timely manner, to not only other users in the same network but also other users outside the network (suppliers, information resources, and customers, for example). Examples of e-mail programs include Microsoft Outlook and Eudora by Qualcomm.
Web browser: A web browser enables access to the Internet through a common interface. The Internet provides a wealth of information and has become vital to the productivity of both home and business users. Communicating with suppliers and customers, handling orders and fulfillment, and locating information are now routinely done electronically over the Internet, which saves time and increases overall productivity. The most commonly used browsers are Microsoft Internet Explorer,
Netscape Navigator, Mozilla, and Firefox.
Instant messaging: Instant messaging started in the personal user-to-user space; however, it soon provided considerable benefit in the corporate world. Now many instant messaging applications, such as those provided by AOL and Yahoo!, provide data encryption and logging, features essential for corporate use.
Collaboration: Working together as individuals or groups is greatly facilitated when the collaborators are on a network. Individuals creating separate parts of an annual report or a business plan, for example, can either transmit their data files to a central resource for compilation or use a workgroup software application to create and modify the entire document, without any exchange of paper. One of the best-known traditional collaboration software programs is Lotus Notes. A more modern web-based
collaboration application is a wiki.
Database: This type of application enables users on a network to store information in central locations (such as storage devices) so that others on the network can easily retrieve selected information in the formats that are most useful to them. Some of the most common databases used in enterprises today are Oracle and Microsoft SQL Server.

What is a Network, I mean computer Network?

The first task in understanding how to build a computer network is defining what a network is and understanding how it is used to help a business meet its objectives. A network is a connected collection of devices and end systems, such as computers and servers, that can communicate with each other.
Networks carry data in many types of environments, including homes, small businesses, and large enterprises. In a large enterprise, a number of locations might need to communicate with each other, and you can describe those locations as follows:

Main office: A main office is a site where everyone is connected via a network and where the bulk of corporate information is located. A main office can have hundreds or even thousands of people who depend on network access to do their jobs. A main office might use several connected networks, which can span many floors in an office building or cover a campus that contains several buildings.

Remote locations: A variety of remote access locations use networks to connect to the main office or to each other.
Branch offices: In branch offices, smaller groups of people work and communicate with each other via a network. Although some corporate information might be stored at a branch office, it is more likely that branch offices have local network resources, such as printers, but must access information directly from the main office.
Home offices: When individuals work from home, the location is called a home office. Home office workers often require on-demand connections to the main or branch offices to access information or to use network resources such as file servers.
Mobile users: Mobile users connect to the main office network while at the main office, at the branch office, or traveling. The network access needs of mobile users are based on where the mobile users are located.