Get a paper written by a professional writer
√Unlimited revisions
√AI & Plagiarism free
Join 200 000+ happy customers
LOCAL AREA NETWORK(LAN) technologies
Lan Technologies
TABLE OF CONTENTS
ACKNOWLEGDEMENT…………………………………………………………………1
ABSTARCT…………………………………………………………………………………….2
TOC………………………………………………………………………………………………..3
TYPES OF LAN………………………………………………………………………………4
ADVANTAGES AND DISADVANTAGES OF LAN……………………….6
NETWORK SECURITY…………………………………………………………………..8
DEVICES ASSOCIATED WITH LAN…………………………………………….10
TOPOLOGIES FOR DESIGNING LAN………………………………..12
IMPROVING SECURITY……………………………………………….15
RULES OF ACCESS CONTROL LIST…………………………………18
BIBLIOGRAPHY………………………………………………………..19
Acknowledgement
It is truly said that to attain the prefect knowledge of the task we have to go through it. Similarly it’s not until to know a perfect knowledge of a language until we undertake a project like this to realize the true power of programming language. As some people has tendency of firmly accepting suggestions and from any near or dear we thank god for gifting this quality in us without which we would not be able to accept suggestions from my friends and hence this project would not be much better as it is after development.
Terms and conditions
I declare that the work provided by me is solely authentic and original piece written by me. It satisfies the rules and regulations of the college with regard to collusion and plagiarism. I hereby confirm that i have properly referred to the material prescribed and acknowledged the study material.
Part-1
A network is defined as a group of printers, switches, routers and computers in a specific arrangement in order to communicate with each other over some transmission media. Networks are made with the hardware and software. Networks are of two types : Local Area Network and Wide Area Network
Cable/Media
LAN
LAN is a computer network which is used to connect computers and work stations to share data and the resources such as printers or faxes. LAN is associated with small area such as home, office or college. The devices used in LAN are HUB and switch. Media used for establishing local area network is Unshielded Twisted Pair cables. Any third party is not involved here.Characteristics:–High data transfer speeds -Generally less expensive technologies-Limited geographic area
FIG:1.1Local Area Network
Figure 1.1 shows how all the work stations i.e PC1,PC2,PC3, server and printer are interconnected with the help of the network device.
Commonly used LAN technologies are the following:
LANSare classified into Ethernet, Token Bus, Token Ring and Fiber Distributed Data Interface (FDDI).FollowingFigure shows LAN classification
figure1.2
Advantages of LAN
a). It Provides communication in smaller area networks.b). It is easy to install and configure.c).Many users can share data or network resources simultaneously which results in fast work.
Disadvantages of LAN
a). Only limited number of computers or devices are connected in a Local Area Network.
b). LAN cannot cover large geographical area.
c). As the number of users exceeds, the network performance degrades.
Filters used to protect network from congestion and from unauthorized access are the following: Security filters maintain the integrity of the networks (as well as routers)nto which it is passing traffic. Basically a security filter allows the passage of a limited, well-understood packets and denies the passage of everything else.
Traffic filters disallow unnecessary packets from passing onto limited-bandwidth links. These filters act much like security filters, but the logic of this filter is generally inverse: It denies the passage of a few unwanted packets and permit everything else.
Many tools are available on Cisco routers, such as dialer lists, route filters, route maps, and queuing lists, they must be able to identify certain packets to function properly and accurately. Access lists can be linked to these and other tools to provide this packet identificationfunction.
Figure:1.3
Traffic on the router in a network is comparable to the traffic in the highway. Example: a office who enforces law in the state of Pennsylvania wants to halt the bus moving through the state of Maryland to the state of New York. The halt can be applied at the border of the new York and Pennsylvania (which is out) or even at the border of Pennsylvania and Maryland. There are following four terms when refer to a router:Out—Traffic which passes by the router and exits interface and has origination form the router’s early face up to the face of termination.
In— it originates from interface and destination is router.
Inbound — in case of router getting packet, software is related to checking of list’s criteria for the list to be inbound (matching). In case of permission of packet, it leads to processing and vice versa
Outbound— in case of sotware getting packet, software is related to checking of list’s criteria for the list to be outbound (matching). In case of permission of packet, it leads to processing and vice versa.
figure1.4
To secure a network: we can configure a password in a router as well
There are five types of password available in a router
1. Console Password
router#configure terminal
router(config)#line console 0
router(config-line)#password <word>
router(config-line)#login
router(config-line)#exit
To erase password do all steps with no command.
2. Vty Password
router>enable
router#configure terminal
router(config)#line vty 0 4
router(config-line)#password <word>
router(config-line)#login
router(config-line)#exit
3. Auxiliary Password
router#configure terminal
router(config)#line Aux 0
router(config-line)#password <word>
router(config-line)#login
router(config-line)#exit
4. Enable Password
router>enable
router#configure terminal
router(config)#enable password <word>
router(config)#exit
5. Enable Secret Password
Enable Password is the clear text password. It is stored as clear text in configuration where as enable secret password is the encrypted password.
Router>enable
Router#configure terminal
Router(config)#enable secret <word>
Router(config)#exit
Part-2
devices associated with the LANA number of devices have association with the data and the information flowing through the LAN. When adjoined with one another, it leads to creation of local area network’s infrastructure (which is functional). The devices are as follows:1. Switches.
2. Repeaters.
3. Hubs.
4. Bridges.
Repeaters
Repeaters are situated in the first (physical) layer of a network. It assists in propogation and regeneration of signals (one after other). There is no filtering and alteration of information during the transmission. Repeaters assist in boosting signals which are weak and thus increasing distance.
Bridges
Bridges are called intelligent repeaters. They regenerate the transmitted signals, but unlikerepeaters, they can also determine the destinations.
Hubshubs assist in connection of the local area networks’ of all computers in a single device. These are known as repeaters which are multi-port. Hubs are unable to assure the destinations like bridges but they are unable to lead to transmission in each line in the method of half duplex.
RoutersThey route traffic and filter information to all the networks in an internetwork communication.. Some routers can assist in the detection of problems thus leading to redirection of information so that it can be troubleshooted. These are called “intelligent routers. To be able to route packets, a router must have the following information:
Destination address
Neighbour routers from which it can learn about remote networks
Possible routes to all remote networks
The best route to each remote network
How to maintain and verify routing information
SwitchesSwitches connect all the computers in a local area network (connections)for the communication or sharing of resources (way is similar to that of hubs). The only difference from hub: the switches are able to filter and direct information fro and to the certain terminus and they are able to run in the way of full duplex.
Common topologies used for designing a LAN infrastructure are: Bus architecture:
Bus topology
-There is a single cable which connects each workstation in a linear way as shown in figure 2.1
-The signals are broadcasted to all stations, but stations only act on the workstation frame addressed to them.
Figure 2.1 Ring Architecture: In a ring topology:
-Unidirectional links connect the transmit side of one device to the receive side of another device as shown in figure 2.2. -Devices transmit frames to the next device (downstream member) in the ring.
Figure 2.2
STAR TOPOLOGY
In a star topology each station is connected to a centrally located hub or concentrator which functions as a multi-port repeater. Each station can broadcast to all of the devices connected to the central hub.
Figure 2.3
Part-3
A well secured and password protected LAN network is established using Software “CISCO PACKET TRACER”.The project is attached along with this file.Thename of file type is SECUREDLAN.pkt.This LAN network is secured using network filters, and configured with special servicesto avoidtraffic which lead to congestion in a network.
Part-4Improving security, reliability and performance using Access Control List
An access list is a series of filters arranged in a sequential manner in which each filter comprises a specific matching criteria and an action. The action can be either permit or deny. The matching criteria may be simple as the address of source or they may be a more complex combination of addresses of source and destination, protocol type, sockets or ports, and specifications of the state of a certain flags, such as the TCP ACK bit. A packet is “dropped into” the top of the stack of filters as shown in Figure 4.1
Figure 4.1
In above Figure 4.1Permit action allows the packet to exit on interface E0; a deny action shows that the packet will be dropped. As shown it is the packet having some address from the source of HOST A will be dropped at the first filter. Suppose the packet’s source address is HOST D of SUBNET 2 of NETWORK 5. Firstly, the first filter specifies match criteria of HOST A, so the packet will not match and will drop to the second layer. The second filter specifies SUBNET 3—again, no match. Then the packet drops to the third filter, which specifies NETWORK 5. This matches and the action at layer three is permit, so the packet is allowed to exit interface E0.
Implicit Deny Any
The router has to know what to do with a packet if it drops through all the filters and a match never occurs. There must be a default action for this situation. The default action may be either to permit all packets that don’t match or to deny them. The Cisco routers chose to deny them. Any packet which follows an access list and does not find a match is automatically dropped. This approach isa correct engineering choice, specially list (refers to access) is being used for security. It is better to drop some packets that shouldn’t have been dropped than to permit packets. This last filter is called an implicit deny any (Figure 4.2). Understood from the name, the line does not show up in any access list you build. It’s simply a default action, and it exists at the termination of all access lists.
Figure 4.2.
Figure 4.2 All access lists end with an implicit deny any, which discards all packets that do not match a line in the list.
This default can be overridden by making the last line of the list an explicit permit any. The implication here is that packets dropping through all the other filters will match the permit any before they get to the default deny any, therefore, all packets not matching anything else will be permitted—nothing will ever reach the implicit deny.
SequentialityAccess lists are executed in sequential way, from the top down
Figure 4.3
In Figure 3, subnet 10.23.147.0/24 is denied and the rest of network 10.0.0.0 is permitted. The list on the left is out of sequence; network 10.0.0.0, including its subnet 10.23.147.0 match the first line and so is permitted. Packets with the subnet to be denied never reach the second line.
Figure 3. The individual filter layers of an access list should be configured in the correct sequence, the for access list to function correctly.
Rules of Access Control List
List is read from top to bottom
The list will be stop executing after first match is found in the list
If a packet is not matched with any in-listed statement of the list then the packet will with match with either implicit deny statement or permit any statement
Bibliography
Behrouz A ForouzanAndrew Mason, Mark J. Newcomb; Cisco secure internet security solutions
John E Canavan ; the fundamentals of network security
Rick Lehtinen and G.T Gangemi; computer security basicsRichard Deal; CCNA Study Guide
Get a paper written by a professional writer
√Unlimited revisions
√AI & Plagiarism free
Join 200 000+ happy customers
Leave a Reply