6장

Data Communications

• Network – Collection of computers

– Communicate with one another over transmission

line

• Basic types of Network Topologies – Local Area Network (LAN)

– Wide Area Network (WAN)

– Internet

6-2

Q1: What Is a Computer Network?

• Computers connected on single company site

• Usually located in small area, such as a home, office building, or group of buildings

• Connects two to several hundred computers

6-3

LAN (Local Area Network)

• Connects computers across metropolitan,

state, regional, national areas

• Uses communication networks from vendors

– Licensed by government

6-4

WAN (Wide Area Network)

• Global network of networks

• Connects LANs, WANs, and other networks

• Public and private networks of networks

• Uses a variety of communication methods and

conventions

– Seamless flow of data provided by

standardized layered protocol

• Protocol: a set of standard rules for data

representation, signaling, authentication, and

error detection required to send information

6-5

Internet

6-6

Q2: What Are the Components of a

LAN?

• Switch/Router – Special purpose computer that receives and

transmits messages

• Network interface card (NIC) – Hardware that connects each device’s circuitry to

the cable

– Onboard NIC or card that fits into an expansion slot

• MAC (media control address)

• UTP (unshielded twisted pair cable)

• Optical fiber cable

Q2: What Are the Components of a

LAN? (cont’d)

6-7

Network Interface Card (NIC)

6-8

• World’s most popular protocol for LANs

• 10/100/1000 Mbps Ethernet

• Protocol specifies hardware characteristics,

cables, and how messages are packaged

and processed

IEEE 802.3 Protocol

(Institute of Electrical and Electronics Engineers)

6-9

• WANs connect computers at separate sites

– Use routers and public communications links between

sites

– Cable connections made through licensed public

telecommunications companies

• Internet service provider (ISP)

– A company that provides customers access to

the Internet

– Provides legitimate Internet address

– Serves as gateway to Internet

– Pay for Internet access

6-10

Q3: What Are the Alternatives for a WAN?

1. Connect to an Internet service provider (ISP)

2. Network of Leased Lines

3. Public Switched Data Networks

4. Virtual Private Network (VPN)

6-11

Q3: What Are the Alternatives for a

WAN? (cont’d)

1. Dial-up Modems

2. DSL Modems

3. Cable Modems

• Modem – a device to produce a signal that can be transmitted easily and decoded to reproduce the original digital data

• Narrowband – less than 56 kbps speed

• Broadband – more than 256 kbps speed

6-12

Connecting the Personal Computer to

an ISP: Modems

– Converts signals between analog and digital so computers can communicate over a regular telephone line

– Connection made by dialing the ISP’s phone number

– Maximum transmission speed of 56 kbps (53 kbps really)

– Modulation standards – V.34, V.90, V.92 specify how digital signals are converted to analog

– Point-to-Point Protocol (PPP) – governs how data (messages) are packaged and handled between modem and ISP

1. Dial-up Modems

6-13

6-14

Personal Computer (PC) Internet Access

Digital Subscriber Line (DSL)

– Operates over telephone lines

– Data signals do not interfere with voice telephone service

– Faster data transmission than dial-up • 256 kbps to 768 kbps

– DSL modems use their own protocols

– Download and upload speeds differ • Asymmetric digital subscriber lines (ADSL)

• Symmetrical digital subscriber lines (SDSL) – 1.544 mbps both directions

6-15

2. DSL Modems

• Provide high-speed data transmission

• Use cable television lines – High-capacity optical fiber cable run to neighborhood

distribution substation

– Television cables connect at distribution substation and runs to subscriber’s house

– Does not interfere with television transmission

– Up to 500 subscribers connected at each substation

• Performance can vary based on number connected

– Download speed up to 10Mbps, upload up to 256 kbps

6-16

3. Cable Modems

• WAN connects computers located at geographically distributed sites

• Access devices connect sites to transmission

– Router or network switch– special-purpose computer to move network traffic from one node to another

• Leased line alternatives

– T1 line (1.544 Mbps), T3 line (44.736 Mbps), OC-768 (40 Gbps)

– Set up as a point-to-point line

– Only predefined sites can use leased lines

– Requires highly trained specialists to set up

– Monthly connection and maintenance costs expensive

– Provide low cost per bit transmitted for high traffic networks

6-17

Networks of Leased Lines

WAN Using Leased Lines

6-18

Public Switched Data Network – Network of computers and leased lines

– Developed and maintained by vendor

– Time leased on network

• Utility that supplies networks for other companies to lease

– Each site leases line to connect to PSDN network at access point

• Point of presence (POP)

• Saves setup and maintenance activities

6-19

Public Switched Data Network (PSDN)

WAN Using PSDN

6-20

• Frame relay

– Process traffic at 56 kbps to 40 Mbps

– Simplest and easiest to support

– Lower cost than ATM

• Asynchronous transfer mode (ATM)

– Process speeds from 1 to 156 Mbps

– Support voice and data communication

• Ethernet

– Operates at speeds of 10 to 40 Gbps

6-21

PSDN Protocols

• Encryption

– Process of transforming clear text into coded text

– Used for secure storage or communication

– Uses algorithms • DES (Data Encryption Standard)

• 3DES (Triple DES)

• AES (Advanced Encryption Standard)

• Key

– Used to encrypt data

– Algorithm applies key to produce coded message • Symmetric encryption – same key encrypts and decrypts

• Asymmetric encryption – different keys are used

– Key used to decrypt message

6-22

Q4: How Does Encryption Work?

• Public key/private key cryptography

– Public key used to encrypt messages

– Public key sent to other party to encode messages to be sent back

– Decrypted with private key

– Complex and slow

• Asymmetric public key encryption — message encrypted using

recipient's public key. Recipient decrypts with own public key.

• HTTPS uses secure socket layer (SSL, a.k.a. TLS) protocol to

encrypt data

– Fast, secure

– See next slide for how it works

6-23

Q4: How Does Encryption Work?

(cont’d)

Figure 6-14

Q4: How Does Encryption Work?

(cont’d)

6-24

• Computer device that prevents unauthorized network access

• May be special-purpose computer or program on a general-purpose computer

• Organizations may have multiple firewalls

– Perimeter firewalls sit outside organizational network

– Internal firewalls are inside network

– Packet-filtering firewalls examine each part of a message (source address, destination address, and other bytes) before allowing message to pass

– May filter both incoming and outgoing messages

• Access control list (ACL)

encodes rules stating which

IP addresses are allowed into

or prohibited from the network

6-25

Q5: What Is the Purpose of a

Firewall?

Virtual private network

– Uses Internet or private network to create appearance of point-to-point connections

– Uses public Internet to create appearance of private network

– Client and server have point-to-point connection called tunnel

• Private pathway over shared network

– Secure, encrypted communications • VPN client software encrypts data and receiving VPN

server decrypts it

• Users and their keys must be registered with VPN server

6-26

Q6: What Is a VPN, and Why Is It

Important?

Remote Access Using VPN:

Actual Connections

6-27

• Dee and salespeople use thin client computers

– Dee creates blog entries on Web pages using Movable

Type

– Salespeople use pages served by Movable Type

• Client computers contain VPN client software

– Interact with VPN server via Internet

– Secure, private connections

– Firewalls stop traffic not addressed to VPN server

– Salespeople know how to use VPN

6-28

How Does the Knowledge in This Chapter

Help Dee and You?

• IT department cannot schedule resources to setup blog server in timely fashion – Will not allow outside person to do setup

• Would then have access to system

• Consultant can create server on unprotected test server – Can be copied onto network server after acceptance

– Requires some internal IT labor

– Consultant could include Trojan horse virus or malware

• Install only software from known sources

• Code should not reside on production server

6-29

How Does the Knowledge in This Chapter

Help Dee and You? (cont’d)