What is a Network?

A network consists of two or more computers that are linked in order to share resources (such
as printers and CDs), exchange files, or allow electronic communications. The computers on
a network may be linked through cables, telephone lines, radio waves, satellites, or infrared
light beams.
Two very common types of networks include:
Local Area Network
A Local Area Network (LAN) is a network that is confined to a relatively small area. It is
generally limited to a geographic area such as a writing lab, school, or building.
Computers connected to a network are broadly categorized as servers or workstations.
Servers are generally not used by humans directly, but rather run continuously to provide
"services" to the other computers (and their human users) on the network. Services provided
can include printing and faxing, software hosting, file storage and sharing, messaging, data
storage and retrieval, complete access control (security) for the network's resources, and
many others.
Workstations are called such because they typically do have a human user which interacts
with the network through them. Workstations were traditionally considered a desktop,
consisting of a computer, keyboard, display, and mouse, or a laptop, with with integrated
keyboard, display, and touchpad. With the advent of the tablet computer, and the touch screen
devices such as iPad and iPhone, our definition of workstation is quickly evolving to include
those devices, because of their ability to interact with the network and utilize network
services.
Servers tend to be more powerful than workstations, although configurations are guided by
needs. For example, a group of servers might be located in a secure area, away from humans,
and only accessed through the network. In such cases, it would be common for the servers to
operate without a dedicated display or keyboard. However, the size and speed of the server's
processor(s), hard drive, and main memory might add dramatically to the cost of the system.
On the other hand, a workstation might not need as much storage or working memory, but
might require an expensive display to accommodate the needs of its user. Every computer on
a network should be appropriately configured for its use.
On a single LAN, computers and servers may be connected by cables or wirelessly. Wireless
access to a wired network is made possible by wireless access points (WAPs). These WAP
devices provide a bridge between computers and networks. A typical WAP might have the
theoretical capacity to connect hundreds or even thousands of wireless users to a network,
although practical capacity might be far less.
Nearly always servers will be connected by cables to the network, because the
cable connections remain the fastest. Workstations which are stationary
(desktops) are also usually connected by a cable to the network, although the cost
of wireless adapters has dropped to the point that, when installing workstations
in an existing facility with inadequate wiring, it can be easier and less expensive to
use wireless for a desktop.
Wide Area Network
Wide Area Networks (WANs) connect networks in larger geographic areas, such as Florida,
the United States, or the world. Dedicated transoceanic cabling or satellite uplinks may be
used to connect this type of global network.
Using a WAN, schools in Florida can communicate with places like Tokyo in a matter of
seconds, without paying enormous phone bills. Two users a half-world apart with
workstations equipped with microphones and a webcams might teleconference in real time. A
WAN is complicated. It uses multiplexers, bridges, and routers to connect local and
metropolitan networks to global communications networks like the Internet. To users,
however, a WAN will not appear to be much different than a LAN.
Advantages of Installing a School Network
User access control.
Modern networks almost always have one or more servers which allows
centralized management for users and for network resources to which they
have access. User credentials on a privately-owned and operated network
may be as simple as a user name and password, but with ever-increasing
attention to computing security issues, these servers are critical to ensuring
that sensitive information is only available to authorized users.
Information storing and sharing.
Computers allow users to create and manipulate information. Information
takes on a life of its own on a network. The network provides both a place
to store the information and mechanisms to share that information with
other network users.
Connections.
Administrators, instructors, and even students and guests can be
connected using the campus network.
Services.
The school can provide services, such as registration, school directories,
course schedules, access to research, and email accounts, and many others.
(Remember, network services are generally provided by servers).
Internet.
The school can provide network users with access to the internet, via an
internet gateway.
Computing resources.
The school can provide access to special purpose computing devices which
individual users would not normally own. For example, a school network
 might have high-speed high quality printers strategically located around a
campus for instructor or student use.
Flexible Access.

School networks allow students to access their information from connected devices
throughout the school. Students can begin an assignment in their classroom, save part of it
on a public access area of the network, then go to the media center after school to finish
their work. Students can also work cooperatively through the network.

Workgroup Computing.

Collaborative software allows many users to work on a document or project concurrently.

For example, educators located at various schools within a county could simultaneously
contribute their ideas about new curriculum standards to the same document,
spreadsheets, or website.

Disadvantages of Installing a School Network

Expensive to Install.
Large campus networks can carry hefty price tags. Cabling, network cards,
routers, bridges, firewalls, wireless access points, and software can get
expensive, and the installation would certainly require the services of
technicians. But, with the ease of setup of home networks, a simple
network with internet access can be setup for a small campus in an
afternoon.
Requires Administrative Time.
Proper maintenance of a network requires considerable time and
expertise. Many schools have installed a network, only to find that they did
not budget for the necessary administrative support.
Servers Fail.
Although a network server is no more susceptible to failure than any other
computer, when the files server "goes down" the entire network may come
to a halt. Good network design practices say that critical network services
(provided by servers) should be redundant on the network whenever
possible.
Cables May Break.
The Topology chapter presents information about the various
configurations of cables. Some of the configurations are designed to
minimize the inconvenience of a broken cable; with other configurations,
one broken cable can stop the entire network.
Security and compliance.
Network security is expensive. It is also very important. A school network
would possibly be subject to more stringent security requirements than a
similarly-sized corporate network, because of its likelihood of storing
personal and confidential information of network users, the danger of
which can be compounded if any network users are minors. A great deal of
attention must be paid to network services to ensure all network content is
appropriate for the network community it serves.

Resources ::::

https://fcit.usf.edu/network/chap1/chap1.htm#:~:text=A%20network%20consists%20of
%20two,satellites%2C%20or%20infrared%20light%20beams.

computer network
A computer network, also referred to as a data network, is a series of interconnected nodes that can
transmit, receive and exchange data, voice and video traffic.

A computer network, also referred to as a data network, is a series of

interconnected nodes that can transmit, receive and exchange data, voice and video
traffic. Examples of nodes in a network include servers or modems. Computer networks
commonly help endpoint users share resources and communicate. They commonly
appear all over the place, such as homes, offices and government administrations. The
use of computer networks can overcome geographic barriers and enable the sharing of
information. Computer networks enable the usage and sharing of any number of
applications and services, including emails, video, audio and plenty of other types of
data, over the internet.

Network devices use a variety of protocols and algorithms to specify exactly how

endpoints should transmit and receive data. For example, the Ethernet standard
establishes a common language for wired networks to communicate, and
the 802.11 standard does the same for wireless local area networks (WLANs).
Uses

Computer networks have a variety of uses that many would see as essential today,
including the following:

 file sharing, which enables users to share data files through a network;
 application sharing, which enables users to share applications through a
network;
 hardware sharing, which enables users in a network to share hardware
devices, such as printers and hard drives;
 client-server model, which enables data to be stored on servers, where end-
user devices -- or clients -- can access that data;
 voice over IP (VoIP), which enables users to send voice data through
internet protocols;
 communication, which can include video, text and voice;
 e-commerce, which enables users to sell and buy products over the internet;
and
 gaming, which enables multiple users to play together from various locations.

In addition, program design requires skills and knowledge in both computer network
technologies and program requirements.

How computer networks work

Computer networks operate using a varying set of hardware and software. All packet-
switched networks use Transmission Control Protocol/Internet Protocol (TCP/IP) to
establish a standard means of communication. Each endpoint in a network has a unique
identifier that is used to indicate the source or destination of the transmission. Identifiers
include the node's IP address or Media Access Control (MAC) address. Endpoint nodes,
which are used for routing purposes, include switches and routers, servers, personal
computers, phones, networked printers and other peripheral computing devices, as well
as sensors and actuators. The Open Systems Interconnection (OSI) model defines how
data is transferred between computers.

A network's capacity is how much traffic the network can support at any one time while
still meeting service-level agreements (SLAs). Network capacity is measured in terms
of bandwidth. Bandwidth is quantified by the theoretical maximum number of bits per
second (bps) that can pass through a network device. Throughput is a measure of the
actual speed of a successful transmission after accounting for factors like latency,
processing power and protocol overhead.

Advantages

Advantages of using computer networks include the following:

 file sharing, which enables users to share data between users;

 resource sharing, which enables users to share multiple devices, such as
copiers and printers;
 communication, which enables users to send and receive messages and
data in real time from multiple devices;
 convenience in that data is accessible through an internet connection;
 cost in that there are reduced hardware costs since networked devices can
share resources; and
 storage, which enables users to access data that's stored remotely or on
other network devices.
Types of computer networks

Networks are often categorized by the wired or wireless transmission technology they
support, as well as the scope of their domains. Some examples of computer networks
include the following:

 local area networks (LANs), which interconnect endpoints in a single

domain;
 in contrast, wide area networks (WANs), which interconnect multiple LANs;
 metropolitan area networks (MANs), which interconnect computer
resources in a geographic area;
 storage area networks (SANs), which interconnect storage devices and
resources;
 personal area networks (PANs);
 WLANs;
 campus area networks (CANs);
 virtual private networks (VPNs);
 passive optical networks (PONs); and

Networks may also be divided into subnetworks, also called subnets.

Network access

Networks can be public or private. While anyone can access the public internet, access
to private and virtually private networks requires the end user to be assigned access
credentials.

In the enterprise, network access control (NAC) systems typically use security policies to
control access to the organization's network. This means that network devices are not
allowed to connect unless they meet a predefined business policy, which is enforced by
NAC products. When deployed, NAC systems immediately discover all the devices
connected to a network, categorize them by type and then react to them based on
preconfigured compliance rules implemented by the organization's security team.

NAC products enable device access to a network based on a specific, per-device basis,

with granular controls over what type and level of access is allowed. These controls are
delivered by policies that are defined in a central control system. Most NAC systems can
also integrate with Active Directory (AD) in order to control network access based on
group policy, ensuring users only have the network access required to fulfill their jobs.

Network topologies

A network topology is the physical or logical structure of a network. Network topologies

include the following:

 Full mesh network. All nodes are connected to each other and can

exchange data.
 Partial mesh network. Some nodes are connected to each other in a full
mesh scheme, but others are only connected to one or two other nodes in the
network.
 Point-to-point network. Network connectivity is limited to two endpoints.
 Star network. All network nodes are connected to a common central
computer.
 Tree network. Two or more star networks are connected together.
 Bus network. Network devices are attached directly to a transmission line.
All signals pass through all devices, but each device has a unique identity and
recognizes signals intended for it.
 Ring network. Network devices are connected to each other in a ring format,
where each device is connected to at least two other devices.
Network topology vs. network fabric

Network topologies are the physical or logical structure of a network. The term network
fabric describes the way each topology creates a particular type of crisscross pattern of
connections, such as bus, ring and star topologies. The word fabric is used as an
allusion to threads in a fabric. A good way to remember the difference is that network
fabrics describe a network topology.

Resources::::

https://www.google.com/amp/s/www.techtarget.com/searchnetworking/definition/network
%3famp=1

Alexander S. Gillis, Technical Writer and Editor 2019 Dec 20

Network Design and Best
Practices

Source: Unsplash

With networks at the heart of the most modern business, network design can
have a major impact on business outcomes. Finding the right balance of network
performance, security, redundancy, and cost require a unique mix of project
management and technical skill. To help you nail your next network design
project, we’ll take a deep dive on the topic, provide a basic framework you can
follow, and look at some best practices to keep in mind as you go.
What is network design?
Network design is the practice of planning and designing a communications network.

Network design starts with identifying business and technical requirements and
continues until just before the network implementation stage (when you actually
do the work to deploy and configure what was designed). Network design
includes things like network analysis, IP addressing, hardware selection, and
implementation planning.

In simple networks, like those found in most homes and small offices, network
design is a straightforward process. In large enterprise networks, the network
design process is often very complex and involves multiple stakeholders.

Understanding PPDIOO & other network

lifecycle models
Before we dive into how to design a network, let’s take a moment to review
network lifecycle models. In the context of network design, a network lifecycle
model helps explain where and how network design fits into the broader
lifespan of your network’s components and overall structure.

One of the most popular network lifecycle models is Cisco’s PPDIOO (Prepare,

Plan, Design, Implement, Operate and Optimize) model:

 Prepare. This is where you define high-level requirements and strategy. For

example, your deliverables from this phase may include requirements
documentation and current state surveys.
 Plan. This stage deals with specific network requirements based on information
gathered in the planning stages.
 Design. During the design stage, the information gathered from the previous
two stages is used to create a detailed network design.
 Implement. This is where the work gets done to configure and deploy the
network infrastructure. There is often testing to validate the design in this phase.
 Operate. This is the portion of the lifecycle where the network is in production
use. During this stage, monitoring is an important part of validating that the
network is working as designed and being able to quickly address issues when it
isn’t.
 Optimize. At some point in most networks’ lifecycle, tweaks and optimizations
are needed. This is the stage where those changes are identified. For major
changes, the cycle begins again to plan and implement them.
Source: ictshore
Other network lifecycle models include Cisco’s PBM (plan, build, manage) and
the NDLC (network development life cycle). Regardless of which model you
choose, the general steps — information gathering, design, implementation, and
improvement — and cyclical nature are the same. The important takeaway is
understanding any network lifecycle and where network design fits in.

Designing a network step by step

Now that we understand the basics of a network lifecycle model, let’s take a
step-by-step look at the process of designing a network infrastructure. While the
specifics of your network design will vary based on size and complexity, this
general framework can help you make the right decisions.

1. Identify the requirements

Before you begin any network design project, begin by gathering information
and developing clear business and technical requirements. Without clearly
defined targets, the rest of the design falls apart.
Business requirements help define what you need to do. That means things like:

 Support a new office

 Improve end-user experience
 Cut costs
 Comply with a new regulation
 Improve business continuity
Looking back at the PPDIOO lifecycle model, business requirements align with
the prepare stage. You should work closely with stakeholders when identifying
business requirements.

Once you’ve detailed the business requirements, it’s time to move on to the
technical/functional requirements. Example requirements include:

 Bandwidth
 Security requirements
 Specific protocols the project must implement
 RTO/RPO (recovery time objective/recovery point objective) numbers
 Uptime SLAs (service level agreements)
When you create your requirements, don’t overlook constraints. For example,
business requirements will have a budget constraint. Technical requirements
may have constraints such as the need to continue supporting legacy apps.

2. Assess the current state of the network

Chances are, in most networks you’re not starting with a clean slate. Sometimes
that’s a good thing that makes life easier, other times it can complicate a project.
For example, if all the structured cabling is already in place, that’s one less thing
to worry about. However, if all that’s in place is Cat5 cable and you need Cat6A to
support 10GBaseT, the existing cabling now becomes an issue to deal with.

Whatever the state of the network is, it’s important you know early in the design
process. You need to assess the network’s current state before you make any
specific design recommendations. At the end of this step, you should
understand the network layout, performance, data flows, applications & services
on the network, network security, and physical and logical layout.

Some of this can be achieved by reviewing existing network diagrams, policies,

and monitoring tools. In other cases, you’ll need to use automatic network
mapping tools and security scanners to get the full picture.
3. Design your network topology
Once you know your requirements and understand the current state of your
network, you can begin blocking out the functional components of your network.
During this step, you’ll need to consider both the physical and logical aspects of
your network.

When it comes to physical network design you’ll need to address things like:

 Running copper and fiber cabling

 Number of switch ports required
 WiFi access point positioning
 Rack layout
 Cooling and power
Logical network design deals with things like:

 IP addressing/subnetting
 VLANs
 Data flows
 Network topology
At the end of this step, you should be able to create a static map of the
physical and logical network you’re designing.

Tip: Don’t forget about cloud workloads and cloud networks. Your network
design will need to account for on-premises and cloud data flows.
Before we move on to the next step, let’s take a look at two key network design
concepts: hierarchical network layers and top-down vs bottom-up design.

Hierarchical network design: What are core, distribution, and

access layers?
A traditional hierarchical network design is based on the idea of three basic
network layers. Each layer handles a separate portion of the dataflows on a
network. Those layers are:

 Core layer. This is the layer that routes traffic between different geographical
sites. In other words, it’s the network backbone. The core layer is where high-
throughput, expensive core routers shine.
 Distribution layer. The distribution layer sits between the core and access
layers. It acts as a boundary and implements network policies to restrict or allow
data flows between different subnets within the network. Less expensive routers
and L3 switches are the common workhorses of the distribution layer.
 Access layer. The access layer is the layer for endpoint devices like user PCs,
printers, and VoIP phones. Smaller “access switches” are responsible for
switching packets and routing traffic at this layer.
In some cases, you may not need all three of these layers. For example, many
networks bypass the distribution layer altogether.

Top-down vs bottom-up design

Top-down and bottom-up are two approaches to network design based on
the OSI model. With a top-down approach, you start designing your network at
the application layer and work your way down the model finishing with the
physical layer. The bottom-up design is exactly the opposite.

Top-down is generally considered a better approach when you start with

business requirements and work your way down. However, top-down is also
often more time-consuming. Bottom-up network design starts with the physical
aspect of the network and works upwards.

As a result, bottom-up can be quicker but can often lead to missed requirements
or compromises on desired outcomes, as designing a network from the bottom
up locks you into certain outcomes before you get to the application layer where
users get work done.

4. Choose the hardware and software

This step entails identifying the hardware and software you’ll use. In some cases,
this will happen in parallel with step 3. In others, some of the hardware or
software may be specified early in the project. As a rule, selecting the specific
hardware and software you’ll use after you know what the network needs to do
gives you the most flexibility.

During this stage, you’ll choose specific cables, racks, network devices, servers,
applications, cloud services, etc. to make your design a reality. For custom parts
or large orders, keep in mind potential supply-chain issues. If you can’t get your
structured cabling or access switches in time, you can slow down project
completion.

Not sure what network devices to implement? Take a look at some of the
most popular options in Auvik’s Network Diversity Report for 2020 for free.

5. Plan for implementation and beyond

With your network design and hardware/software selections ready, you can now
plan for the implementation and beyond. This step entails creating a plan to
deploy, configure, and test the network. In some cases (usually larger networks)
this step may include small-scale test deployments to validate the design works
before scaling out.

Tight project management and keeping stakeholders informed are key parts of
getting your plan right. A network deployment has a lot of moving parts and
your plan should account for project milestones, change management, and key
deliverables. Additionally, if the network will be managed by a different team
than those doing the implementation, you’ll need a transition plan. If you’re
responsible for network management going forward, developing a plan for how
you’ll monitor and maintain the network is important as well.

Top 5 network design best practices

Now that we have a framework to follow, let’s take a look at some network
design best practices for making better decisions throughout the process.

1. Integrate security early on

There is a reason the idea of “shifting security left” has become so popular in
the DevOps world: it works. By making security a priority from the beginning of
the project, you’re less likely to have gaps in your security posture. You’re also
more likely to improve your overall network performance because security won’t
be inefficiently shoehorned in after most decisions have been made.

Treat security requirements with just as much priority as performance

requirements and spec them into a project early on. Ideally, we should all have a
“security is everyone’s responsibility” mindset, but in practice that isn’t always
the case. It’s usually a great idea to have a security-focused stakeholder(s)
involved in the project end-to-end.

2. Know when to use top-down vs bottom-up

In most cases where you’re starting from scratch, top-down design is the “better”
choice. By designing top-down, you focus on the business requirements and
maximize your chances of getting it right.

However, there are many network design projects where the resource and time
investment in going top-down just doesn’t make sense. For example, if you’re
already familiar with an organization’s overall business requirements and simply
need to expand a network or increase bandwidth, bottom-up can be much more
efficient.
3. Standardize everything
If it can be standardized, standardize it. It will make troubleshooting, patching,
maintenance, and asset management drastically easier in the long run.

Here are some examples of things you can and should standardize:

 Hostnames (e.g. printer5.office2.lan3)

 Hardware models
 IP address schemes
 Cable colors (e.g. one color for VoIP, one for data, etc)
 Security policies

4. Plan for growth

Network bandwidth consumption today isn’t going to be the same a year from
now. You have to consider how much you expect bandwidth consumption to
increase over the lifecycle of the network, and design with that expectation in
mind.

One answer is obvious: just build in additional bandwidth based on your

expectations. However, making sure the network is flexible and modular enough
to easily accommodate expansion is arguably more important. After all, you
can’t know for certain what your requirements will be in the future, but you can
design with the idea you may need to extend the network in mind.

5. Create and maintain network

documentation
Missing, stale, or incomplete network documentation is a major source of tech
debt, wasted time, and added frustration. Do your future self — or your friendly
neighborhood network administrator — a favor and make sure your network
design and implementation deliverables include layer 1-3 network maps. Then,
once they’re created, be sure to maintain them going forward.

Interested in a deep-dive on network docs? Check out Network

Documentation Best Practices: What to Create & Why!
Considerations for designing computer
networks
Copper vs fiber, logical topologies, IP addressing, VLANs, bandwidth, and WiFi
coverage are some of the most obvious considerations when you’re designing a
network. However, that’s far from an exhaustive list. There is a lot that goes into
designing a network, and it can be easy to overlook things. Here are some key
considerations to keep in mind for your next project.

Regulatory requirements
When you’re designing a network, you need to account for legal regulations that
impact both the physical and logical design of your network. For example, local
building codes may impact how you run structured cabling. Similarly, the
National Electrical Code in the US has requirements relevant to the electrical
power your network devices will require. From a logical perspective, regulations
like HIPAA, PCI DSS, and GDPR can impact both data in transit and data at rest.

During the network design process, you’ll need to keep these requirements in
mind to build a compliant network.

Network resilience and redundancy

Because of the importance of network availability to business operations,
enterprise networks need some level of fault tolerance. To make that happen,
N+1, 2N, or 2N+1 redundancy (or even higher) is often part of modern network
design.

Of course, resilience and redundancy come with a budgetary cost. Your network
design will need to balance resilience and redundancy against the expense.
Reliably achieving five-nines (99.999% uptime) is great if you can do it, but it ain’t
cheap!

A good way to frame this tradeoff is: considering your cost of downtime (i.e. how
many dollars per minute/hour will you lose if the network goes down) and
balancing that against your exposure to downtime with your current redundancy
plan.

Cloud vs. on-prem

It’s no longer a given that on-premises are the best place to run a given
workload. Once you have your business and technical requirements, you should
carefully consider whether or not a cloud network makes sense as a solution.
We won’t rehash the entire cloud vs on-prem debate here, but make sure you
don’t lock yourself into an on-premises solution when the cloud may be a better
fit (or vice versa!).

Cooling and power

It can be easy to overlook the cooling and power requirements of a network.
Don’t make this mistake! If you can’t meet your power requirements, you’ll never
get your deployment off the ground. If you don’t account for all the heat
dissipation of your new network equipment, devices can overheat and
prematurely fail. Here are a few points to consider about power and cooling:

 Make sure your electrical panels and electrical outlets can accommodate your
new equipment.
 Make sure to account for power-over-Ethernet (PoE) loads when sizing UPS
(battery backups) and other power equipment.
 Make sure your server room cooling can handle the additional heat generated by
your new network gear or plan to invest in supplemental cooling.
There’s no one size fits all network design. With the right approach, however,
you can create a design that matches your business requirements. Of course, as
network lifecycle models like PPDIOO demonstrate, it doesn’t stop after the
design stage!

===

Network design and implementation are only the beginning. Once a network
goes live, that’s when the real work begins. Proactive network
monitoring helps you ensure the network is working as it should and can
inform your decisions when it comes time to expand or refresh the network.

Resources:::

https://www.auvik.com/franklyit/blog/network-design-best-practices/

What is Network Topology?

Network topology refers to the manner in which the links and nodes of a network are
arranged to relate to each other. Topologies are categorized as either physical
network topology, which is the physical signal transmission medium, or logical
network topology, which refers to the manner in which data travels through the
network between devices, independent of physical connection of the devices. Logical
network topology examples include twisted pair Ethernet, which is categorized as a
logical bus topology, and token ring, which is categorized as a logical ring topology.
Physical network topology examples include star, mesh, tree, ring, point-to-point,
circular, hybrid, and bus topology networks, each consisting of different
configurations of nodes and links. The ideal network topology depends on each
business’s size, scale, goals, and budget. A network topology diagram helps
visualize the communicating devices, which are modeled as nodes, and the
connections between the devices, which are modeled as links between the nodes.
‍

Types of Network Topology

There are several different logical and physical network topologies from which
administrators can choose to build a secure, robust, and easily maintainable
topology. The most popular configurations include:
 Bus network topology -- Also known as backbone network topology, this
configuration connects all devices to a main cable via drop lines. The advantages of
bus network topology lie in its simplicity, as there is less cable required than in
alternative topologies, which makes for easy installation.
 Mesh network topology -- A dedicated point-to-point link connects each device on the
network to another device on the network, only carrying data between two devices. 
 Ring network topology -- Two dedicated point-to-point links connect a device to the
two devices located on either side of it, creating a ring of devices through which data
is forwarded via repeaters until it reaches the target device. 
 Star network topology -- The most common network topology, star topology connects
each device in the network to a central hub. Devices can only communicate with
each other indirectly through the central hub. 
 Hybrid network topology -- Any combination of two or more topologies is a hybrid
topology. 
 Tree network topology -- This topology consists of a parent-child hierarchy in which
star networks are interconnected via bus networks. Nodes branch out linearly from
one root node, and two connected nodes only share one mutual connection.
 Multi-access network topology, also known as a non-broadcast multiple
access network (NBMA), consists of multiple linked hosts in which data is
transferred directly from one computer to another single host across a
switched fabric or over a virtual circuit. 
 Smart grid network topology refers to the network configurations that are
necessary to facilitate system operations in a smart grid. A smart grid is an
electrical network of smart meters, smart appliances, renewable energy
resources, and energy efficient resources that condition and control the
production and distribution of electricity.
 Edge computing is a type of decentralized computing that is conducted at or
in close proximity to remote sources of generated data, reducing travel time
 from client to server and time to insight. Edge network topology consists of the
cloud or a data center, which connects to edge gateway servers or edge
nodes, which then connect to the sensors and controls in IoT devices, such as
connected wind turbines and connected oil platforms.

Network Topology Software

In determining how to design network topology that is ideal for the needs and usage
requirements of a network, it is crucial to first develop a comprehensive
understanding of the network’s functionality. Network topology mapper software is a
valuable network topology tool that creates network topology diagrams, which
illustrate a visual overview of the network infrastructure. Network topology mapping
software visualizes how devices connect and aids in identifying the most efficient
topology.
Once a configuration is selected, network topology design software, network
configuration management tools, and network management software solutions aid
not only in building network topology, but also in automating configuration,
continuously monitoring performance, and troubleshooting network issues. There are
both proprietary and free network topology software solutions on the market, such as
Microsoft Visio and LibreOffice Draw.

What is the Importance of Network Topology?

The layout of a network has a direct impact on network functionality. Selecting the
right topology can improve performance and data efficiency, optimize allocation of
resources, and reduce operational costs. Software-created network topology
diagrams are important references for diagnosing network connectivity problems,
investigating network slowdowns, and generally troubleshooting issues. One of the
primary uses of network topology is to define the configuration of
various telecommunication networks, including computer networks, command and
control radio networks, and industrial fieldbusses.

Does HEAVY.AI Offer a Network Topology Solution?

Telecommunication network operators and data scientists can use the HEAVY.AI
platform to design and visualize network topologies in a variety of use cases,
including 5G network architecture, special event performance and network
monitoring, and customer churn analysis. HEAVY.AIi can rapidly visualize billions of
records of spatiotemporal data and rapidly run millions of complex calculations,
empowering network operators and data scientists to plan networks efficiently,
reduce interference between networks, monitor networks in real-time, derive real-
time insights from real-time events, identify anomalies before they become problems,
and maximize overall network performance.

Resources:::::

https://www.heavy.ai/technical-glossary/network-topology

What is Internet Protocol (IP)?

Internet Protocol (IP) is the method or protocol by which data is sent from one computer
to another on the internet. Each computer -- known as a host -- on the internet has at
least one IP address that uniquely identifies it from all other computers on the internet.

IP is the defining set of protocols that enable the modern internet. It was initially defined
in May 1974 in a paper titled, "A Protocol for Packet Network Intercommunication,"
published by the Institute of Electrical and Electronics Engineers and authored by Vinton
Cerf and Robert Kahn.

At the core of what is commonly referred to as IP are additional transport protocols that
enable the actual communication between different hosts. One of the core protocols that
runs on top of IP is the Transmission Control Protocol (TCP), which is often why IP is
also referred to as TCP/IP. However, TCP isn't the only protocol that is part of IP.

How does IP routing work?

When data is received or sent -- such as an email or a webpage -- the message is

divided into chunks called packets. Each packet contains both the sender's internet
address and the receiver's address. Any packet is sent first to a gateway computer that
understands a small part of the internet. The gateway computer reads the destination
address and forwards the packet to an adjacent gateway that in turn reads the
destination address and so forth until one gateway recognizes the packet as belonging
to a computer within its immediate neighborhood -- or domain. That gateway then
forwards the packet directly to the computer whose address is specified.
Because a message is divided into a number of packets, each packet can, if necessary,
be sent by a different route across the internet. Packets can arrive in a different order
than the order they were sent. The Internet Protocol just delivers them. It's up to another
protocol -- the Transmission Control Protocol -- to put them back in the right order.

IP packets

While IP defines the protocol by which data moves around the internet, the unit that does
the actual moving is the IP packet.

An IP packet is like a physical parcel or a letter with an envelope indicating address

information and the data contained within.

An IP packet's envelope is called the header. The packet header provides the
information needed to route the packet to its destination. An IP packet header is up to 24
bytes long and includes the source IP address, the destination IP address and
information about the size of the whole packet.

The other key part of an IP packet is the data component, which can vary in size. Data
inside an IP packet is the content that is being transmitted.

What is an IP address?

IP provides mechanisms that enable different systems to connect to each other to

transfer data. Identifying each machine in an IP network is enabled with an IP address.

Similar to the way a street address identifies the location of a home or business, an IP
address provides an address that identifies a specific system so data can be sent to it or
received from it.

An IP address is typically assigned via the DHCP (Dynamic Host Configuration

Protocol). DHCP can be run at an internet service provider, which will assign a public IP
address to a particular device. A public IP address is one that is accessible via the public
internet.
A local IP address can be generated via DHCP running on a local network router,
providing an address that can only be accessed by users on the same local area
network.

Differences between IPv4 and IPv6

The most widely used version of IP for most of the internet's existence has been Internet
Protocol Version 4 (IPv4).

IPv4 provides a 32-bit IP addressing system that has four sections. For example, a
sample IPv4 address might look like 192.168.0.1, which coincidentally is also commonly
the default IPv4 address for a consumer router. IPv4 supports a total of 4,294,967,296
addresses.

A key benefit of IPv4 is its ease of deployment and its ubiquity, so it is the default
protocol. A drawback of IPv4 is the limited address space and a problem commonly
referred to as IPv4 address exhaustion. There aren't enough IPv4 addresses available
for all IP use cases. Since 2011, IANA (Internet Assigned Numbers Authority) hasn't had
any new IPv4 address blocks to allocate. As such, Regional Internet Registries (RIRs)
have had limited ability to provide new public IPv4 addresses.

In contrast, IPv6 defines a 128-bit address space, which provides substantially more

space than IPv4, with 340 trillion IP addresses. An IPv6 address has eight sections. The
text form of the IPv6 address is xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx, where
each x is a hexadecimal digit, representing 4 bits.

The massive availability of address space is the primary benefit of IPv6 and its most
obvious impact. The challenges of IPv6, however, are that it is complex due to its large
address space and is often challenging for network administrators to monitor and
manage.

IP network protocols

IP is a connectionless protocol, which means that there is no continuing connection

between the end points that are communicating. Each packet that travels through the
internet is treated as an independent unit of data without any relation to any other unit of
data. The reason the packets are reassembled in the right order is because of TCP, the
connection-oriented protocol that keeps track of the packet sequence in a message.
In the OSI model (Open Systems Interconnection), IP is in layer 3, the networking layer.

There are several commonly used network protocols that run on top of IP, including:

1. TCP. Transmission Control Protocol enables the flow of data across IP

address connections.
2. UDP. User Datagram Protocol provides a way to transfer low-latency process
communication that is widely used on the internet for DNS lookup and voice over
Internet Protocol.
3. FTP. File Transfer Protocol is a specification that is purpose-built for accessing,
managing, loading, copying and deleting files across connected IP hosts.
4. HTTP. Hypertext Transfer Protocol is the specification that enables the modern
web. HTTP enables websites and web browsers to view content. It typically runs
over port 80.
5. HTTPS. Hypertext Transfer Protocol Secure is HTTP that runs with encryption via
Secure Sockets Layer or Transport Layer Security. HTTPS typically is served
over port 443.
Resources::::
https://www.networkworld.com/article/3588315/what-is-an-ip-address-and-what-
is-your-ip-address.amp.html
By Josh Fruhlinger
Contributing writer, Network World
MAY 25, 2022 9:00 PM PT

The benefits of WiFi networks are accompanied by some additional concerns that
must be addressed from an administrator’s point of view. It’s not just a matter of
supplying enough connections for all of your users. You need to be aware of aspects
of your network such as coverage area and channel overlap.
For those of us with home WiFi networks, we are our own network admins. If you are
in this situation or are just a curious end user, one of the characteristics of your
network that you need to understand is the WiFi signal strength. This value will be a
determining factor in the activities for which your network can be used. Let’s take a
deeper look at WiFi signals and how they can impact your wireless network usage.
What is a WiFi Signal?
A WiFi network employs radio waves to establish communication between devices.
These devices may include computers, mobile phones, tablets or network routers.
The wireless network router is the interface between a wired connection to the
Internet or other Ethernet network and the wirelessly connected devices.
The router decodes radio signals received from the users of the WiFi network and
transmits them to the Internet. Conversely, data received from the Internet is
converted from binary data into radio waves for distribution to the devices that are
using the network.
The radio waves which comprise WiFi signals make use of the 2.4 GHz and 5 GHz
frequency bands. These are higher than the frequencies used for televisions or cell
phones and allow more data to be carried than do the lower frequencies.

WiFi signals use the 802.11 networking standards when transmitting data. There are
a number of different varieties of the protocol that are used in WiFi networking. Some
of the more common ones you will see are 802.11n which is used on the 2.4GHz
band and 802.11ac primarily used for 5GHz transmission. Others you might see are
802.11b which is the slowest standard and 802.11g.
What is a Good Wifi Signal Strength?
The strength of the WiFi signal throughout the network’s coverage area directly
impacts the ability of users to perform various activities in a timely manner. Before
delving into which signal strengths are appropriate for certain uses of your WiFi
network, let’s discuss how WiFi signals strengths are measured.
The most consistent method of indicating signal strength is with a quantity known as
a dBm. This term stands for decibels relative to a milliwatt and is expressed as a
negative number from 0 to -100. Therefore, a signal of -40 is more powerful than a
signal of -80 since -80 is further from 0 and therefore a smaller number.

The dBm scale is logarithmic rather than linear, which means that the changes
between signal strengths do not scale in a smooth and gradual manner. On this
scale a difference of 3 dBm leads to a halving or doubling of the previous signal’s
strength.

Background noise levels that can impact your WiFi performance are also expressed
in dBms. In the case of noise levels, a value close to zero indicates high levels of
noise. Noise measured at -10 is greater than that of -40.

WiFi signal strength is also sometimes indicated by the Received Signal Strength
Indicator (RSSI level), which is a measurement that represents the relative quality of
a received signal on a device. What’s interesting about this measurement is the fact
that it has no standardized relationship to any particular physical parameter, so it’s
up to vendors to provide their own range of RSSI values.
The most typical RSSI range goes from approximately -30 to -100, and the lower the
number is, the weaker the signal. This range roughly corresponds to the dBm scale,
which is why the measurements of WiFi signal strength are sometimes used
interchangeably. That said, there are some vendors who use a positive scale. For
example, Cisco uses 0-100 scale, and Atheros uses 0-60.
What Is a Good WiFi Signal Strength in dBm?
Do you want to know what is a good signal strength for WiFi in dBm? The
following table indicates the minimum signal strengths that you should strive
for in order to use your WiFi network for various purposes.

Signal
Qualifier Suitable Uses
Strength

This is the maximum achievable

-30 signal strength and will be
Excellent
dBm appropriate for any usage
scenario.

-50 This excellent signal level is

Excellent
dBm suitable for all network uses.

-65 Recommended for supporting

Very Good
dBm smartphones and tablets.

This signal strength will be

-67
Very Good sufficient for voice over IP and
dBm
streaming video.

This level is the minimum signal

strength required to ensure
-70
Acceptable reliable packet delivery and will
dBm
allow you to surf the web and
exchange emails.

-80 Enables basic connectivity but

Bad
dBm packet delivery is unreliable.

-90 Mostly noise that will inhibit

Very bad
dBm most functionality.

-100
Worst Total noise.
dBm
What Factors Can Impact WiFi Signal Strength?
There are a number of factors that can impact the strength of your network’s
WiFi signal. Some of them are:
Router location
There are several different aspects of your router’s location that can impact its
ability to deliver a good signal throughout your intended coverage area. These
include:

 The height of the router — You should locate your router as high as
possible. Placing it on the floor or on low shelves will impede its ability
to provide a strong signal.

 Central location — You will obtain the best WiFi coverage if your router
is located centrally in your home or office. Placing it in a corner of the
house will result in WiFi leakage and reduced signal in your coverage
area.
 Interference from other devices — Microwaves and cordless phones
may use the same frequency band as your WiFi router and contribute
background noise that impacts the signal level.

 Walls and floors — The best WiFi signal will be obtained if the devices
that will be using the router have a clear line of sight to it. Signals that
travel through walls and floors will have their strength negatively
affected.

Keep Your Router up to Date

WiFi routers from reputable vendors that care about their customers receive software
upgrades that patch known security vulnerabilities, fix software bugs, and add new
features. If you never update your router, you risk experiencing major performance
issues. WiFi routers with outdated firmware are also frequently targeted by
cybercriminals, who hijack them to steal sensitive information or launch coordinated
cyberattacks.

Keeping your router up to date isn’t difficult since all you need to do is log in to
its admin interface from time to time and install any available updates. If
possible, we highly recommend you configure your router to install firmware
updates automatically as soon as they become available. That way, your
router will always keep operating at peak efficiency without you having to
constantly check for updates.

Distance From the Router

Devices that require strong signals such as those that will be used for gaming or
streaming may obtain better performance by being located close to the router. In
some cases, you may need to boost the WiFi signal by employing additional
equipment such as a second WiFi router or a WiFi range extender extend your
WiFi’s range.
If you don’t want to spend money on additional equipment, you can decrease the
distance between your WiFi router and your devices by placing the router in a more
suitable location.
The last thing you want is to tuck the router in a remote corner. Instead, place
it in a central location so that it’s an equal distance away from all your wireless
devices. If that doesn’t help, it might really be time to extend your WiFi’s range
by installing a second WiFi router or a WiFi range extender to boost areas with
the weakest signal.

Wireless Settings
Your wireless settings can have a dramatic impact on WiFi signal strength. In
densely populated areas with many overlapping WiFi networks, it’s a good idea to
take advantage of the 5 GHz band, which provides faster data transfer speeds
compared with the much more commonly used 2.4 GHz band.
If that’s not possible because your router or your devices don’t support the 5
GHz band, then at least make sure that you’re using the right channel in the
2.4 GHz band. Read more on to How find the best WiFi channel.
In North America, you have 11 channels to choose from, but only three of these channels
are non-overlapping (1, 6, and 11), and these are the channels you should use because
they don’t suffer from the so-called co-channel signal interference.

Other WiFi Networks

Just like it takes more time to reach your destination when there are many cars on
the highway, it takes data packets more time to get to where they’re going when
many other WiFi networks are transmitting in the same area. That’s because your
WiFi signal can be drowned out by stronger signals similar to how faster and more
aggressive drivers can overtake you.

To prevent this from happening, you can optimize your wireless settings, but there’s
only so much you can do if your router is too old or too weak. If that’s really the case,
we recommend you bite the bullet and get a new router, preferably one that supports
WiFi 802.11ac as well as WiFi 6. Such router will serve you well for many years, and
you’ll appreciate the performance boost provided by it.
How to Test Your WiFi Signal Strength
In order to determine your WiFi signal strength, your best course of action is to
use a WiFi signal strength app like NetSpot. Installing this excellent WiFi
analyzer on a laptop or mobile device will allow you to test the strength of the
WiFi signal throughout your coverage area. Here’s how to do it.
1. Download and install the NetSpot application on your Windows laptop,
Android device or MacBook. The free version is sufficient to get your
WiFi signal strength.
2. Launch the application and select Discover from the top of the app’s
main window.

3. Identify your WiFi network from among those that the app discovers.
4. You will be presented with a number of statistics regarding your network
and among them is the signal strength.
5. Take note of the strength in your current location and proceed to move
around your coverage area with the device that is running NetSpot.
6. Perform a systematic survey of your coverage area while noting the
WiFi signal strength to alert you to problem areas that may need to be
addressed in order to use your network as you intended.
In Windows, you can find your current signal strength from the Command
Prompt. This is what you need to do:
 Open the Start menu, type “CMD”, and hit Enter.
  Enter the following command and hit Enter: netsh wlan show interfaces.
 Look for the “Signal” line. The percentage indicates your signal strength.
What is a good WiFi signal strength percentage? That depends on the
intended use case. For high-definition streaming, online gaming, large file
transfers, and video chatting, you want to be as close to 100% as possible.
For email, casual web browsing, and other activities that don’t require too
much bandwidth, even 50% may be acceptable.

You can, of course, simply click on the WiFi indicator icon to see the
approximate strength of your WiFi, but we don’t recommend you rely on this
information too much.

Resources :::::

https://www.netspotapp.com/wifi-signal-strength/wifi-signal-strength-and-its-
impact.html

A Complete Guide To
Wireless (Wi-Fi) Security
In the modern world, it seems as though it would be nearly impossible to function
without access to the wireless internet. People everywhere rely on Wi-Fi for
everything from entertainment to achieving their goals. But with the ubiquity of the
internet comes an underlying danger in the form of hackers who look to exploit
security flaws to gain access to your private data and information.
As we continue into a future in which everything from our phone to our refrigerator
operates using a wireless internet connection, it is becoming increasingly important
to understand how to keep our Wi-Fi safe and secure.

In this article, we will provide you with everything you need to understand the basics
of Wi-Fi security and what wireless security you should use. If you want a more
personal take, book a free consultation call with our Wi-Fi security engineers here at
SecureW2.

How Does Wireless Security Work?

Wireless Security Protocols such as Wired Equivalent Privacy (WEP) and Wi-Fi
Protected Access (WPA) is the authentication security protocols created by the
Wireless Alliance used to ensure wireless security. There are four wireless security
protocols currently available.

 Wired Equivalent Privacy (WEP)

 Wi-Fi Protected Access (WPA)
 Wi-Fi Protected Access 2 (WPA 2)
 Wi-Fi Protected Access 3 (WPA 3)
To be sure your network is secure, you must first identify which network yours falls
under.

What Are The Types Of Wireless Security?

As previously mentioned, there are four main types of wireless security protocols.
Each of these varies in utility and strength.

WIRED EQUIVALENT PRIVACY (WEP)

Wired Equivalent Privacy (WEP) is the first security protocol ever put in practice.
Designed in 1997, it has become obsolete but is still used in modern times with older
devices.

WEP uses a data encryption scheme that is based on a combination of user- and
system-generated key values. However, it is widely known that WEP is the least
secure network type as hackers have developed tactics of reverse-engineering and
cracking the encryption system.
WI-FI PROTECTED ACCESS (WPA)

Wi-Fi Protected Access (WPA) was developed to deal with the flaws that were found
with the WEP protocol. WPA offers features such as the Temporal Key Integrity
Protocol (TKIP) which was a dynamic 128-bit key that was harder to break into than
WEP’s static, unchanging key.

It also introduced the Message Integrity Check, which scanned for any altered
packets sent by hackers, the Temporal Key Integrity Protocol (TKIP), and the pre-
shared key (PSK), among others, for encryption.

WI-FI PROTECTED ACCESS 2 (WPA2)

In 2004, WPA2 brought significant changes and more features to the wireless
security gambit. WPA2 replaced TKIP with the Counter Mode Cipher Block Chaining
Message Authentication Code Protocol (CCMP) which is a far superior encryption
tool.

WPA2 has been the industry standard since its inception, on March 13, 2006, the Wi-
Fi Alliance stated that all future devices with the Wi-Fi trademark had to use WPA2.

WPA2-PSK
WPA2-PSK (Pre-Shared Key) requires a single password to get on the wireless
network. It’s generally accepted that a single password to access Wi-Fi is safe but
only as much as you trust those using it. A major vulnerability comes from the
potential damage done when login credentials get placed in the wrong hands. That is
why this protocol is most often used for a residential or open Wi-Fi network.

To encrypt a network with WPA2-PSK you provide your router not with an encryption
key, but rather with a plain-English passphrase between 8 and 63 characters long.
Using CCMP, that passphrase, along with the network SSID, is used to generate
unique encryption keys for each wireless client. And those encryption keys are
constantly changed. Although WEP also supports passphrases, it does so only as a
way to more easily create static keys, which are usually composed of the hex
characters 0-9 and A-F.
WPA2-Enterprise
WPA2-Enterprise requires a RADIUS server, which handles the task of authenticating
network user’s access. The actual authentication process is based on the 802.1X
policy and comes in several different systems labeled EAP.

There are just a few components that are needed to make WPA2-Enterprise work.
Realistically, if you already have access points and some spare server space, you
possess all the hardware needed to make it happen.

Because each device is authenticated before it connects, a personal, encrypted

tunnel is effectively created between the device and the network. The security
benefits of a properly configured WPA2-Enterprise grant a near-impenetrable
network. This protocol is most often used by businesses and governments due to its
heightened security measures.

SecureW2 is an industry leader in WPA2-Enterprise security solutions – everything

from certificate-based authentication to device onboarding. See how we can
strengthen your network security today.

WI-FI PROTECTED ACCESS 3 (WPA3)

WP3 is introducing the first major changes to wireless security in 14 years. Some
notable additions for the security protocol are:
Greater protection for passwords
Individualized encryption for personal and open networks
More security for enterprise networks.

WPA3-PSK
To improve the effectiveness of PSK updates to WPA3-PSK offer greater protection
by improving the authentication process.

A strategy to do this uses Simultaneous Authentication of Equals (SAE) to make

brute-force dictionary attacks far more difficult for a hacker. This protocol requires
interaction from the user on each authentication attempt, causing a significant
slowdown for those attempting to brute-force through the authentication process.

WPA3-Enterprise
WPA3-Enterprise offers some added benefits but overall little changes in terms of
security with the jump from WPA2-Enterprise.

A significant improvement that WPA3-Enterprise offers is a requirement for server

certificate validation to be configured to confirm the identity of the server to which
the device is connecting. However, due to the lack of major improvements, it’s not
likely to be a quick transition to WPA3. WPA2 became a standard in 2004, and even
today organizations have a difficult time supporting it on their network. That’s why
we came up with a solution that provides everything you need for 802.1x.

What are the Main Threats to Wi-Fi Security?

As the internet is becoming more accessible, via mobile devices and gadgets, data
security is becoming a top concern from the public, as it should be. Data breaches
and security malfunctions can cost individuals and businesses thousands of dollars.

It is important to know the threats that are most prevalent in order to be able to
implement the proper security measures.

MAN-IN-THE-MIDDLE ATTACKS

A man-in-the-middle (MITM) attack is an incredibly dangerous type of cyber attack

that involves a hacker infiltrating a private network by impersonating a rogue access
point and acquiring login credentials.
The attacker sets up hardware pretending to be a trusted network, namely Wi-Fi, in
order to trick unsuspecting victims into connecting to it and sending over their
credentials. MITM attacks can happen anywhere, as devices connect to the network
with the strongest signal, and will connect to any SSID name they remember.

CRACKING AND DECRYPTING PASSWORDS

Cracking and decrypting passwords is an old method that consists of what is known
as “A brute force attack.” This attack consists of using a trial and error approach and
hoping to eventually guess correctly. However, there are many tools that hackers can
use to expedite the process.

Luckily, you can use these same tools to try and test your own network’s security.
Software like John the Ripper, Nessus, and Hydra are a good place to start.

PACKET SNIFFERS

Packet sniffers are computer programs that can monitor traffic on a wireless
network. They can also intercept some data packages and provide a user with their
contents. They can be used to harmlessly gather data about traffic, but in the wrong
hands can introduce errors and break down a network.

How Do I Make My Home Wi-Fi Secure?

For your wireless network at home, it is first essential that you choose the network
security type that is most useful. For home wireless, it is recommended that WPA2-
PSK be implemented as WPA2-Enterprise is really only needed for organizations or
universities with a lot of network traffic.

Other things to consider are for your home Wi-Fi:

 Changing the default password and SSID

o Make sure your password is at least 10 characters long and contains
non-alphanumeric characters
 Enable the router’s firewall
 Enable MAC address filtering
 Disable remote administration
Managing Wi-Fi with Digital Certificates
A ton of security issues that wireless networks face stem from a common source,
passwords. Passwords introduce the human error element to your network.
Passwords can be stolen, lost, or even hacked through MITM or brute force attacks.

Luckily, there is an alternative through the use of certificate-based authentication.

Passwords rely on keywords or phrases created by the end-user. Certificates utilize
public-private key encryption to encrypt information sent over-the-air and are
authenticated with EAP-TLS, the most secure authentication protocol.

While the costs of maintaining and implementing a PKI infrastructure to allow for
certificate authentication may seem daunting, SecureW2 can offer an easy
configuration to allow you to easily maintain the most secure network possible

How Do I Protect My Business Wi-Fi

Network
WPA2-Enterprise has been around since 2004 and is still considered the gold
standard for wireless network security for organizations and universities, delivering
over-the-air encryption and a high level of security. In conjunction with the effective
authentication method known as 802.1X, users have been successfully authorized
for secure network access for many years.

However, when using WPA2-Enterprise in a large-scale setting, it can often be

difficult to configure and onboard new users.

Onboarding software, such as those offered by SecureW2, eliminates the confusion

for users by prompting them with simple steps designed to be completed by anyone
regardless of technical skills. SecureW2 has the tools to make your WPA2-Enterprise
network as safe as possible.

Resources:::::

https://www.securew2.com/blog/complete-guide-wi-fi-security
What Does Network Security Protocols Mean?
Network security protocols are a type network protocol that ensures the
security and integrity of data in transit over a network connection.
Network security protocols define the processes and methodology to
secure network data from any illegitimate attempt to review or extract
the contents of data.

Network Security Protocols

Network security protocols are primarily designed to prevent any
unauthorized user, application, service or device from accessing network
data. This applies to virtually all data types regardless of the network
medium used.

Network security protocols generally implement cryptography and

encryption techniques to secure the data so that it can only be decrypted
with a special algorithm, logical key, mathematical formula and/or a
combination of all of them. Some of the popular network security
protocols include Secure File Transfer Protocol (SFTP), Secure Hypertext
Transfer Protocol (HTTPS) and Secure Socket Layer (SSL).

Resources::::

https://www.techopedia.com/definition/29036/network-security-
protocols#:~:text=Network%20security%20protocols%20are%20a,extract%20the
%20contents%20of%20data.

What are Network Security

Protocols?
Related Topics
 Wireless Protocol
 Network Security Protocols
 Network Security Architecture
 Wireless Security Protocols
 Network Security Layers
 Protocol Map
 Network Management Protocols
Join the Community
Subscribe to our newsletter and learn something new every day.
  

Michael Linn
Last Modified Date: June 28, 2022
Network security protocols are used to protect computer data and
communication in transit. The primary tool used to protect information as
it travels across a network is cryptography. Cryptography uses
algorithms to encrypt data so that it is not readable by unauthorized
users. Generally, cryptography works with a set of procedures or
protocols that manage the exchange of data between devices and
networks. Together, these cryptographic protocols enhance secure data
transfer.

Secure networks have extra security, evidenced by "https" in the address.

Without cryptographic network security protocols, Internet functions such
as e-commerce would not be possible. Secure communication is
necessary because attackers try to eavesdrop on communications,
modify messages in transit, and hijack exchanges between systems.
Some of the tasks networks security protocols are commonly used to
protect are file transfers, Web communication, and Virtual Private
Networks (VPN).
The most common method of transferring files is using File
Transfer Protocol (FTP). A problem with FTP is that the files are sent in
cleartext, meaning that they are sent unencrypted and therefore able to
be compromised. For example, many webmasters update their sites
using FTP; an attacker using a packet sniffer and the website’s IP
address can intercept all communications between the webmaster and
the site’s server.
As an alternative, Secure File Transfer Protocol (SFTP) offers a more
secure way to transfer files. SFTP is usually built upon Secure Shell
(SSH) and is able to encrypt commands and data transfers over a
network, thereby reducing the likelihood of interception attacks. The SSH
cryptographic protocol is also resilient to impersonation attacks because
the client and server are authenticated using digital certificates.

In addition to SSH, Secure Sockets Layer/Transport Layer Security

(SSL/TLS) can be used as the underlying protocol for SFTP. Like SSH,
SSL/TLS authenticates the identity of both the server and the client, as
well as encrypts communications between the two. In addition to
securing SFTP file transfers, SSL/TLS is used for securing e-mail
communication.
SSL is also used in combination with Hypertext Transfer Protocol
(HTTP) to encrypt communications between a browser and a web
server in the form of HTTP over Secure Sockets Layer (HTTPS). HTTPS
encrypts communications and verifies the identity of a web server. When
performing private transactions over the Internet, such as online
banking, it generally is good practice for a person to check the
browser’s address bar to make sure that the website’s address begins
with https:// and not just http://.
Another area where cryptographic network security protocols play an
important role, especially for modern businesses, is in exchanging
documents between private networks over a public Internet connection.
These so-called Virtual Private Networks (VPNs) are critical for business
because they securely connect remote workers and offices across the
world. Some commonly used network security protocols that are used to
facilitate VPNs are Point-to-Point Tunneling Protocol (PPTP), Layer 2
Tunneling Protocol (L2TP), IP Security (IPsec), and SSH. Not only do
these network security protocols create a safe connection but they also
greatly reduce the costs associated with creating an alternate solution,
such as building or leasing lines to create a private network.

Resources:::::

https://www.easytechjunkie.com/what-are-network-security-protocols.htm
What is a Server?
A server is a computer program or device that provides a service to another computer program and its
user, also known as the client.

A server is a computer program or device that provides a service to another computer

program and its user, also known as the client. In a data center, the physical computer
that a server program runs on is also frequently referred to as a server. That
machine might be a dedicated server or it might be used for other purposes.

In the client/server programming model, a server program awaits and fulfills requests

from client programs, which might be running in the same, or other computers. A given
application in a computer might function as a client with requests for services from other
programs and as a server of requests from other programs.

How servers work

The term server can refer to a physical machine, a virtual machine or to software that is

performing server services. The way that a server works varies considerably depending
on how the word server is being used.

Physical and virtual servers

A physical server is simply a computer that is used to run server software. 

A virtual server is a virtual representation of a physical server. Like a physical server, a

virtual server includes its own operating system and applications. These are kept
separate from any other virtual servers that might be running on the physical server.

The process of creating virtual machines involves installing a lightweight software

component called a hypervisor onto a physical server. The hypervisor's job is to enable
the physical server to function as a virtualization host. The virtualization host makes the
physical server's hardware resources -- such as CPU time, memory, storage and
network bandwidth -- available to one or more virtual machines.

An administrative console gives administrators the ability to allocate specific hardware

resources to each virtual server. This helps  dramatically drive down hardware
costs because a single physical server can run multiple virtual servers, as opposed to
each workload needing its own physical server.
Server software

At a minimum, a server requires two software components: an operating system and an

application. The operating system acts as a platform for running the server application. It
provides access to the underlying hardware resources and provides the dependency
services that the application depends on.

The operating system also provides the means for clients to communicate with the
server application. The server's IP address and fully qualified domain name, for
example, are assigned at the operating system level.

Desktop computers vs. servers

There are both similarities and differences between desktop computers and servers.
Most servers are based on X86/X64 CPUs and can run the same code as an X86/X64
desktop computer. Unlike most desktop computers, however, physical servers often
include multiple CPU sockets and error correcting memory. Servers also generally
support a far greater quantity of memory than most desktop computers.

Because server hardware typically runs mission-critical workloads, server hardware

manufacturers design servers to support redundant components. A server might be
equipped with redundant power supplies and redundant network interfaces. These
redundant components allow a server to continue to function even if a key component
fails.

Server hardware also differs from desktop hardware in terms of its form factor. Modern
desktop computers often exist as mini towers, designed to be placed under a desk.
Although there are still some vendors that offer tower servers, most servers are
designed to be rack mounted. These rack mount systems are described as having a 1U,
2U or 4U form factor, depending on how much rack space they occupy -- a 2U server
takes up twice as much rack space as a 1U server.

Another key difference between a desktop computer and a server is the operating
system. A desktop operating system might be able to perform some server-like
functionality but isn't designed or licensed to take the place of a server operating
system. Windows 10, for example, is a desktop operating system.
Some Windows 10 editions include Hyper-V, Microsoft's virtual machine platform. Even
though both Windows 10 and Windows Server can run Hyper-V, Windows 10's
hypervisor is intended to be primarily used for development purposes, whereas the
version of Hyper-V included with Windows Server is designed for running production
virtual servers.

Although an organization could conceivably run a virtual server on top of Windows 10

Hyper-V, there are licensing issues to consider. Additionally, Windows Server Hyper-V
includes resiliency features that aren't found in the Windows 10 version. For example,
Windows Server supports failover clustering and virtual machine replication.

Similarly, the Windows 10 operating system can make files available to devices on a
local network. However, Windows 10 was never designed for large-scale file sharing.
Windows Server, however, can be configured to act as a fully featured file server. In
large organizations, a distributed file system can be created across an entire server farm
for the purpose of providing better performance, scalability and resiliency than what one
physical server would be able to provide by itself.

Types of servers

Servers are often categorized in terms of their purpose. A few examples of the types of
servers available are as follows:

 Web server: a computer program that serves requested HTML pages or files.

In this case, a web browser acts as the client.
 Application server: a program in a computer in a distributed network that
provides the business logic for an application program.
 Proxy server: software that acts as an intermediary between an endpoint
device, such as a computer, and another server from which a user or client is
requesting a service.
 Mail server: an application that receives incoming emails from local users --
people within the same domain -- and remote senders and forwards outgoing
emails for delivery.
 Virtual server: a program running on a shared server that is configured in
such a way that it seems to each user that they have complete control of a
server.
 Blade server: a server chassis housing multiple thin, modular electronic
circuit boards, known as server blades. Each blade is a server in its own right,
often dedicated to a single application
  File server: a computer responsible for the central storage and management
of data files so that other computers on the same network can access them.
 Policy server: a security component of a policy-based network that
provides authorization services and facilitates tracking and control of files. 
 Database server: this server is responsible for hosting one or more
databases. Client applications perform database queries that retrieve data
from or write data to the database that is hosted on the server.
 Print server: this server provides users with access to one or more network-
attached printers -- or print devices as some server vendors call them. The
print server acts as a queue for the print jobs that users submit. Some print
servers can prioritize the jobs in the print queue based on the job type or on
who submitted the print job.
Server components

Hardware

Servers are made up of several different components and subcomponents. At the

hardware level, servers are typically made up of a rack mount chassis containing a
power supply, a system board, one or more CPUs, memory, storage, a network interface
and a power supply.

Most server hardware supports out-of-band management through a dedicated network

port. Out-of-band management enables low-level management and monitoring of the
server, independently of the operating system. Out-of-band management systems can
be used to remotely power the server on or off, to install an operating system, and to
perform health monitoring.

Operating systems

Another component is the server operating system. A server operating system, such as
Windows Server or Linux, acts as the platform that enables applications to run. The
operating system provides applications access to the hardware resources that they need
and enables network connectivity.

The application is what enables the server to do its job. For example, a database server
would run a database application. Likewise, an email server would need to run a mail
application.
Choosing the right server 

There are many factors to consider in the midst of a server selection, including virtual
machine and container consolidation. When choosing a server, evaluate the importance
of certain features based on the use cases.

Security capabilities are also important and there are a number of protection, detection
and recovery features to consider, including native data encryption to protect data in
flight and data at rest, as well as persistent event logging to provide an indelible record
of all activity. 

If the server will rely on internal storage, the choice of disk types and capacity is also
important because it can have a significant influence on input/output (I/O) and
resilience. 

Many organizations are shrinking the number of physical servers in their data centers as
virtualization enables fewer servers to host more workloads. The advent of cloud
computing has also changed the number of servers an organization needs to host on
premises. 

Packing more capability into fewer boxes can reduce overall capital expenses, data
center floor space and power and cooling demands. Hosting more workloads on fewer
boxes, however, can also pose an increased risk to the business because more
workloads will be affected if the server fails or needs to be offline for routine
maintenance.

A server maintenance checklist should cover physical elements, as well as the system's
critical configuration.

Resources::::

https://www.techtarget.com/whatis/definition/server?amp=1
 1. Dictionary
2. Networking
3. Switch
Switch
Last updated: August 26, 2020

TABLE OF CONTENTS
What Does Switch Mean?
A switch, in the context of networking, is a high-speed device that receives incoming data
packets and redirects them to their destination on a local area network (LAN).
A LAN switch operates at the data link layer (Layer 2) or the network layer of the OSI Model
and, as such it can support all types of packet protocols. The layer 2 switch is also sometimes
called a bridge: its function is to send frames containing data packets between nodes or
segments of a network.
Essentially, switches are the traffic cops of a simple local area network. Switching establishes
the trajectory for the frames as the data units, and how the data moves from one area of a
network to another.
By contrast, routing takes place at layer 3, there data gets sent between networks or from one
network to another.
Switch
A switch in an Ethernet-based LAN reads incoming TCP/IP data
packets/frames containing destination information as they pass into one
or more input ports. The destination information in the packets is used to
determine which output ports will be used to send the data on to its
intended destination. Again, the thing to remember is that the switch is
operating at the data link layer, layer 2, sending a frame that contains a
single data packet.
Switches are similar to hubs, only smarter. A hub simply connects all the
nodes on the network – without switching, communication happens in a
haphazard manner, with any device trying to communicate at any given
time, resulting in many collisions. A switch, on the other hand, creates an
electronic tunnel between source and destination ports for a split second,
that no other traffic can enter. This results in communication without
collisions.
Switches are similar to routers as well, but a router has the additional
ability to forward packets between different networks, whereas a switch is
limited to node-to-node communication on the same network. Other types
of activity take place in successive layers of the OSI model: at layer 4
(the transport layer,) layer 5 (the session layer,) layer 6 (the presentation
layer,) and layer 7 (the application layer) governing the level closest to
the end user.
Like other aspects of networking in the OSI model, switching has evolved
due to the emergence of virtualization and logical advancements in
networking. For example, now, the hardware components, be they
bridges or switches or routers or other gear, are partitioned in a virtual
machine (VM) instead of being composed of discrete hardware units “on
bare metal.”
The development of the virtual LAN or VLAN means that packets/frames
may be moving between nodes as part of multiple LAN setups, where
traffic is walled off logically according to its given LAN designation.
Resources like CPU and RAM are parceled out by virtual system
administrators.
Although virtualization has brought much more versatility to systems,
problems like VM sprawl can result if systems are not well ordered. So the
layer 2 switch or bridge serves its designated function to keep network
activity consistent and transparent.

Resources::::

https://www.techopedia.com/definition/2306/switch-networking

What is a router?
A router is a device that connects two or more packet-switched networks or
subnetworks. It serves two primary functions: managing traffic between these
networks by forwarding data packets to their intended IP addresses, and allowing
multiple devices to use the same Internet connection.
There are several types of routers, but most routers pass data between LANs (local
area networks) and WANs (wide area networks). A LAN is a group of connected
devices restricted to a specific geographic area. A LAN usually requires a single
router.
A WAN, by contrast, is a large network spread out over a vast geographic area. Large
organizations and companies that operate in multiple locations across the country,
for instance, will need separate LANs for each location, which then connect to the
other LANs to form a WAN. Because a WAN is distributed over a large area, it often
necessitates multiple routers and switches*.
*A  network switch  forwards data packets between groups of devices in the same
network, whereas a router forwards data between different networks.

How does a router work?

Think of a router as an air traffic controller and data packets as aircraft headed to
different airports (or networks). Just as each plane has a unique destination and
follows a unique route, each packet needs to be guided to its destination as
efficiently as possible. In the same way that an air traffic controller ensures that
planes reach their destinations without getting lost or suffering a major disruption
along the way, a router helps direct data packets to their destination IP address.
In order to direct packets effectively, a router uses an internal routing table — a list
of paths to various network destinations. The router reads a packet's header to
determine where it is going, then consults the routing table to figure out the most
efficient path to that destination. It then forwards the packet to the next network in
the path.
To learn more about IP routing and the protocols that are used during this process,
read What is routing?

What is the difference between a router

and a modem?
Although some Internet service providers (ISPs) may combine a router and a modem
within a single device, they are not the same. Each plays a different but equally
important role in connecting networks to each other and to the Internet.
A router forms networks and manages the flow of data within and between those
networks, while a modem connects those networks to the Internet. Modems forge a
connection to the Internet by converting signals from an ISP into a digital signal that
can be interpreted by any connected device. A single device may plug into a modem
in order to connect to the Internet; alternately, a router can help distribute this signal
to multiple devices within an established network, allowing all of them to connect to
the Internet simultaneously.
Think of it like this: If Bob has a router, but no modem, he will be able to create a
LAN and send data between the devices on that network. However, he will not be
able to connect that network to the Internet. Alice, on the other hand, has a modem,
but no router. She will be able to connect a single device to the Internet (for
example, her work laptop), but cannot distribute that Internet connection to multiple
devices (say, her laptop and her smartphone). Carol, meanwhile, has a router and a
modem. Using both devices, she can form a LAN with her desktop computer, tablet,
and smartphone and connect them all to the Internet at the same time.

What are the different types of routers?

In order to connect a LAN to the Internet, a router first needs to communicate with a
modem. There are two primary ways to do this:
 Wireless router: A wireless router uses an Ethernet cable to connect to a modem.
It distributes data by converting packets from binary code into radio signals, then
wirelessly broadcasts them using antennae. Wireless routers do not establish
LANs; instead, they create WLANs (wireless local area networks), which connect
multiple devices using wireless communication.

 Wired router: Like a wireless router, a wired router also uses an Ethernet cable to
connect to a modem. It then uses separate cables to connect to one or more
devices within the network, create a LAN, and link the devices within that network
to the Internet.

In addition to wireless and wired routers for small LANs, there are many specialized
types of routers that serve specific functions:
 Core router: Unlike the routers used within a home or small business LAN, a core
router is used by large corporations and businesses that transmit a high volume
of data packets within their network. Core routers operate at the "core" of a
network and do not communicate with external networks.

 Edge router: While a core router exclusively manages data traffic within a large-
scale network, an edge router communicates with both core routers and external
networks. Edge routers live at the "edge" of a network and use the BGP (Border
Gateway Protocol) to send and receive data from other LANs and WANs.
  Virtual router: A virtual router is a software application that performs the same
function as a standard hardware router. It may use the Virtual Router Redundancy
Protocol (VRRP) to establish primary and backup virtual routers, should one fail.

What are some of the security challenges

associated with routers?
Vulnerability exploits: All hardware-based routers come with automatically installed
software known as firmware that helps the router perform its functions. Like any
other piece of software, router firmware often contains vulnerabilities that cyber
attackers can exploit (one example), and router vendors periodically issue updates to
patch these vulnerabilities. For this reason, router firmware needs to be updated
regularly. Unpatched routers can be compromised by attackers, enabling them to
monitor traffic or use the router as part of a botnet.
DDoS attacks: Small and large organizations often are the targets of distributed
denial-of-service (DDoS) attacks directed at their network infrastructure.
Unmitigated network layer DDoS attacks can overwhelm routers or cause them to
crash, resulting in network downtime. Cloudflare Magic Transit is one solution for
protecting routers and networks from these kinds of DDoS attacks.
Administrative credentials: All routers come with a set of admin credentials for
performing administrative functions. These credentials are set to default values, such
as "admin" as the username and "admin" as the password. The username and
password should be reset to something more secure as soon as possible: attackers
are aware of the common default values for these credentials and can use them to
gain control of the router remotely if they are not reset.

Resources::::
https://www.cloudflare.com/en-gb/learning/network-layer/what-is-a-router/

 What is an Access Point?

 Types of Access Points
Contact Cisco
What is a wireless access point?
A wireless access point (WAP) is a networking device that allows wireless-capable devices to
connect to a wired network. It is simpler and easier to install WAPs to connect all the
computers or devices in your network than to use wires and cables.
Why use a WAP to set up a wireless network?
Using a WAP lets you create a wireless network within your existing wired network, so you
can accommodate wireless devices.
You can also use a WAP or mesh extenders to extend the signal range and strength of your
wireless network to provide complete wireless coverage and get rid of "dead spots,"
especially in larger office spaces or buildings. Additionally, you can configure the settings of
your WAPs using a single device.
Common types of access point configurations
Root access point
In this configuration, an access point is connected directly to a wired LAN, providing
a connection point for wireless users. If more than one access point is connected to
the LAN, users can roam from one area of a facility to another without losing their
network connection.

Repeater access point

An access point or mesh extender can be configured as a standalone repeater to
extend the range of your infrastructure or overcome an obstacle that blocks radio
communication.

The repeater forwards traffic between wireless users and the wired network by
sending data to either another repeater or an access point that is connected to the
wired network. The data is sent through the route that provides the best performance
for the client.

Bridges
Access points can be configured as root or non-root bridges to join multiple
networks. An access point in this role will establish a wireless link with a non-root
bridge. Traffic is then passed over the wireless link to the wired network.

Workgroup bridge
Access points that are in workgroup bridge mode can "associate" to other access
points as clients and provide network connections for devices connected to Ethernet
ports.

For example, if your business needs wireless connectivity for a group of network
printers, you can connect the printers to a hub or a switch, connect the hub or switch
to the access point Ethernet port, and configure the access point as a workgroup
bridge. The workgroup bridge will then "associate" to an access point on your
network.

Central unit in an all-wireless network

In an all-wireless network, an access point acts as a standalone root unit. It is not
attached to a wired LAN. Instead, the access point functions as a hub that links all
stations together. It serves as the focal point for communications, increasing the
communication range of wireless users.

Key benefits of upgrading to WAPs

WAPs are a more convenient, secure, and cost-efficient alternative to using wires
and cables to connect every computer or device in your network. And using WAPs to
set up a wireless network can provide many advantages and benefits for your small
business.

For one, a wireless network is more convenient to access. Adding new users is a lot
less complicated, too. And you can easily provide Internet access to guest users by
giving them a password to access your wireless network securely.

Also you can easily segment users, including guests, to help protect your network
resources and assets.

Preparation for the future

When you invest in WAPs that feature future-ready modularity, you are helping to
ready your IT infrastructure to support next-generation technologies.

WAPs that meet the new Wi-Fi 6 (802.11ax) standard, for example, can help you
build a reliable, scalable, and secure wireless network to handle the rapidly growing
number of Internet of Things (IoT) devices—and the data that those devices will
create.

Resources :::::
https://www.cisco.com/c/en/us/solutions/small-business/resource-center/
networking/what-is-access-point.html#~types-of-access-points

What Does Bridge Mean?

A bridge is a type of computer network device that provides
interconnection with other bridge networks that use the same protocol.
Bridge devices work at the data link layer of the Open System
Interconnect (OSI) model, connecting two different networks together
and providing communication between them. Bridges are similar to
repeaters and hubs in that they broadcast data to every node. However,
bridges maintain the media access control (MAC) address table as soon as
they discover new segments, so subsequent transmissions are sent to
only to the desired recipient.
Bridges are also known as Layer 2 switches.
Bridge
A network bridge device is primarily used in local area networks because
they can potentially flood and clog a large network thanks to their ability
to broadcast data to all the nodes if they don’t know the destination
node's MAC address.
A bridge uses a database to ascertain where to pass, transmit or discard
the data frame.
1. If the frame received by the bridge is meant for a segment that resides on
the same host network, it will pass the frame to that node and the
receiving bridge will then discard it.
2. If the bridge receives a frame whose node MAC address is of the
connected network, it will forward the frame toward it.

Resources::::::
https://www.techopedia.com/definition/3160/bridge

Networking cables are networking hardware used to connect one network device to

other network devices or to connect two or more computers to
share printers, scanners etc. Different types of network cables, such as coaxial
cable, optical fiber cable, and twisted pair cables, are used depending on the
network's topology, protocol, and size. The devices can be separated by a few meters
(e.g. via Ethernet) or nearly unlimited distances (e.g. via the interconnections of
the Internet).
While wireless networks are more easily deployed when total throughput is not an
issue, most permanent larger computer networks utilize cables to transfer signals from
one point to another.[1]
There are several technologies used for network connections. Patch cables are used
for short distances in offices and wiring closets. Electrical connections using twisted
pair or coaxial cable are used within a building. Optical fiber cable is used for long
distances or for applications requiring high bandwidth or electrical isolation. Many
installations use structured cabling practices to improve reliability and maintainability.
In some home and industrial applications power lines are used as network cabling.

A twisted pair cable with shielding

Main article:  Twisted pair

Twisted pair cabling is a form of wiring in which pairs of wires (the forward and return
conductors of a single circuit) are twisted together for the purposes of canceling
out electromagnetic interference (EMI) from other wire pairs and from external sources. This
type of cable is used for home and corporate Ethernet networks. Twisted pair cabling is used
in short patch cables and in the longer runs in structured cabling.
There are two types of twisted pair cables: shielded and unshielded.

Ethernet crossover cableEdit

Main article:  Ethernet crossover cable

An Ethernet crossover cable is a type of twisted pair Ethernet cable used to connect

computing devices together directly that would normally be connected via a network
switch, Ethernet hub or router, such as directly connecting two personal computers via
their network adapters. Most current Ethernet devices support Auto MDI-X, so it does not
matter whether crossover or straight cables are used.[2]
Fiber optic cableEdit

Multi-mode fiber cables with LC (top) and ST (bottom) optical fiber connectors, both with protective
caps in place.
Main article:  Optical fiber cable

An optical fiber cable consists of a center glass core surrounded by several layers of

protective material. The outer insulating jacket is made of Teflon or PVC to prevent
interference. It is expensive but has higher bandwidth and can transmit data over longer
distances.[3] There are two major types of optical fiber cables: shorter-range multi-mode
fiber and long-range single-mode fiber.
Coaxial cableEdit

A coaxial cable has a central conductor surrounded by a sheath of conductor with insulation in

between.

Coaxial cables form a transmission line and confine the electromagnetic wave to an area

inside the cable between the center conductor and the shield. The transmission of energy in
the line occurs totally through the dielectric inside the cable between the conductors. Coaxial
lines can therefore be bent and twisted (subject to limits) without negative effects, and they
can be strapped to conductive supports without inducing unwanted currents in them.
Early Ethernet, 10BASE5 and 10BASE2, used baseband signaling over coaxial cables.
The most common use for coaxial cables is for television and other signals with bandwidth of
multiple megahertz. Although in most homes coaxial cables have been installed for
transmission of TV signals, new technologies (such as the ITU-T G.hn standard) open the
possibility of using home coaxial cable for high-speed home networking applications
(Ethernet over coax).
Patch cableEdit
A patch cable is an electrical or optical cable used to connect one electronic or optical device
to another for signal routing. Devices of different types (e.g. a switch connected to a
computer, or a switch connected to a router) are connected with patch cables. Patch cables are
usually produced in many different colors so as to be easily distinguishable,[2] and most are
relatively short, no longer than a few meters.[citation needed] In contrast to structured cabling,
patch cables are more flexible.
Power linesEdit
Although power wires are not designed for networking applications, power line
communication (PLC) allows these wires to also be used to interconnect home computers,
peripherals or other networked consumer products. The HomePlug protocol family was an
early PLC technology. In December 2008, the ITU-T adopted
Recommendation G.hn/G.9960 as the first worldwide standard for high-speed powerline
communications.[4] G.hn also specifies techniques for communications over the
existing category 3 cable used by phones and coaxial cable used by cable television in the
home.

Resources ::::
https://en.m.wikipedia.org/wiki/Networking_cables

1. Network Cables". Networktutorials.info. Archived from the original on 2010-12-24.

Retrieved 2012-10-16.
2. ^ a b "Ethernet Cable Identification". Donutey.com. Archived from the original on 2016-03-
06.
3. ^ "Data Cabling - Total Solution Computing". Retrieved 2017-04-30.[permanent dead link]
4. ^ "New global standard for fully networked home" (Press release). International
Telecommunication Union. 2008-12-12. Archived from the original on 2015-03-13.
Retrieved 2018-02-16.

An Internet Protocol address (IP address) is a numerical label such as 192.0.2.1 that is

connected to a computer network that uses the Internet Protocol for communication.[1]
[2] An IP address serves two main functions: network interface identification and
location addressing.
Internet Protocol version 4 (IPv4) defines an IP address as a 32-bit number.[2] However,
because of the growth of the Internet and the depletion of available IPv4 addresses, a
new version of IP (IPv6), using 128 bits for the IP address, was standardized in 1998.
[3][4][5] IPv6 deployment has been ongoing since the mid-2000s.
IP addresses are written and displayed in human-readable notations, such
as 192.0.2.1 in IPv4, and 2001:db8:0:1234:0:567:8:1 in IPv6. The size of the routing
prefix of the address is designated in CIDR notation by suffixing the address with the
number of significant bits, e.g., 192.0.2.1/24, which is equivalent to the historically
used subnet mask 255.255.255.0.
The IP address space is managed globally by the Internet Assigned Numbers
Authority (IANA), and by five regional Internet registries (RIRs) responsible in their
designated territories for assignment to local Internet registries, such as Internet service
providers (ISPs), and other end users. IPv4 addresses were distributed by IANA to the
RIRs in blocks of approximately 16.8 million addresses each, but have been
exhausted at the IANA level since 2011. Only one of the RIRs still has a supply for
local assignments in Africa.[6] Some IPv4 addresses are reserved for private
networks and are not globally unique.
Network administrators assign an IP address to each device connected to a network.
Such assignments may be on a static (fixed or permanent) or dynamic basis,
depending on network practices and software features.
IP addresses are assigned to a host either dynamically as they join the network, or
persistently by configuration of the host hardware or software. Persistent
configuration is also known as using a static IP address. In contrast, when a
computer's IP address is assigned each time it restarts, this is known as using
a dynamic IP address.
Dynamic IP addresses are assigned by network using Dynamic Host Configuration
Protocol (DHCP). DHCP is the most frequently used technology for assigning
addresses. It avoids the administrative burden of assigning specific static addresses
to each device on a network. It also allows devices to share the limited address space
on a network if only some of them are online at a particular time. Typically, dynamic
IP configuration is enabled by default in modern desktop operating systems.
The address assigned with DHCP is associated with a lease and usually has an
expiration period. If the lease is not renewed by the host before expiry, the address
may be assigned to another device. Some DHCP implementations attempt to
reassign the same IP address to a host, based on its MAC address, each time it joins
the network. A network administrator may configure DHCP by allocating specific IP
addresses based on MAC address.
DHCP is not the only technology used to assign IP addresses dynamically. Bootstrap
Protocol is a similar protocol and predecessor to DHCP. Dialup and some broadband
networks use dynamic address features of the Point-to-Point Protocol.
Computers and equipment used for the network infrastructure, such as routers and
mail servers, are typically configured with static addressing.

In the absence or failure of static or dynamic address configurations, an operating

system may assign a link-local address to a host using stateless address
autoconfiguration.
Sticky dynamic IP address
This section does not cite any sources. (January 2021)

Sticky is an informal term used to describe a dynamically assigned IP address that

seldom changes. IPv4 addresses, for example, are usually assigned with DHCP, and a
DHCP service can use rules that maximize the chance of assigning the same address
each time a client asks for an assignment. In IPv6, a prefix delegation can be handled
similarly, to make changes as rare as feasible. In a typical home or small-office setup,
a single router is the only device visible to an Internet service provider (ISP), and the ISP
may try to provide a configuration that is as stable as feasible, i.e. sticky. On the local
network of the home or business, a local DHCP server may be designed to provide
sticky IPv4 configurations, and the ISP may provide a sticky IPv6 prefix delegation,
giving clients the option to use sticky IPv6 addresses. Sticky should not be confused
with static; sticky configurations have no guarantee of stability, while static
configurations are used indefinitely and only changed deliberately.
Address autoconfiguration
Address block 169.254.0.0/16 is defined for the special use of link-local addressing for
IPv4 networks.[13] In IPv6, every interface, whether using static or dynamic addresses,
also receives a link-local address automatically in the block fe80::/10.[13] These
addresses are only valid on the link, such as a local network segment or point-to-
point connection, to which a host is connected. These addresses are not routable
and, like private addresses, cannot be the source or destination of packets traversing
the Internet.
When the link-local IPv4 address block was reserved, no standards existed for
mechanisms of address autoconfiguration. Filling the void, Microsoft developed a
protocol called Automatic Private IP Addressing (APIPA), whose first public
implementation appeared in Windows 98.[14] APIPA has been deployed on millions of
machines and became a de facto standard in the industry. In May 2005,
the IETF defined a formal standard for it.[15]
Addressing conflicts
An IP address conflict occurs when two devices on the same local physical or wireless
network claim to have the same IP address. A second assignment of an address
generally stops the IP functionality of one or both of the devices. Many
modern operating systems notify the administrator of IP address conflicts. [16][17] When
IP addresses are assigned by multiple people and systems with differing methods,
any of them may be at fault.[18][19][20][21][22] If one of the devices involved in the
conflict is the default gateway access beyond the LAN for all devices on the LAN, all
devices may be impaired.
Resources::::

https://en.m.wikipedia.org/wiki/IP_address
Manual:Winbox
Winbox is a small utility that allows administration of MikroTik RouterOS using a fast
and simple GUI. It is a native Win32 binary, but can be run on Linux and MacOS
(OSX) using Wine. All Winbox interface functions are as close as possible mirroring
the console functions, that is why there are no Winbox sections in the manual. Some
of advanced and system critical configurations are not possible from winbox, like
MAC address change on an interface Winbox changelog
From Winbox v3.14, the following security features are used:
 Winbox.exe is signed with an Extended Validation certificate, issued by SIA Mikrotīkls (MikroTik).
 WinBox uses ECSRP for key exchange and authentication (requires new winbox version).
 Both sides verify that other side knows password (no man in the middle attack is possible).
 Winbox in RoMON mode requires that agent is the latest version to be able to connect to latest
version routers.
 Winbox uses AES128-CBC-SHA as encryption algorithm (requires winbox version 3.14 or above).

Starting Winbox
Winbox loader can be downloaded from the mikrotik download page. When
winbox.exe is downloaded, double click on it and winbox loader window will pop up:

To connect to the router enter IP or MAC address of the router, specify username
and password (if any) and click on Connect button. You can also enter the port
number after the IP address, separating them with a colon, like this
192.168.88.1:9999. The port can be changed in RouterOS services menu.
You can also use neighbor discovery, to list available routers use Neighbors tab:
From list of discovered routers you can click on IP or MAC address column to
connect to that router. If you click on IP address then IP will be used to connect, but
if you click on MAC Address then MAC address will be used to connect to the router.

Note: Neighbor discovery will show also devices which are not compatible with
Winbox, like Cisco routers or any other device that uses CDP (Cisco Discovery
Protocol). If you will try to connect to SwOS device, then connection will be
established through web browser

Description of buttons and fields of loader screen

 Simple mode:

-- Buttons/check-boxes
 Connect - Connect to the router
 Connect To RoMON - Connect to RoMON Agent
 Add/set - Save/Edit any of saved router entries in Managed tab.
 Open In New Window - Leaves loader open in background and opens new windows for each
device to which connection is made.

-- Fields
 Connect To: - destination IP or MAC address of the router
 Login - username used for authentication
 Password - password used for authentication
 Keep Password - if unchecked, password is not saved to the list

 Advanced mode:
-- Buttons/check-boxes
 Browse - Browse file directory for some specific session
 Keep Password - if unchecked, password is not saved to the list
 Secure mode - if checked, winbox will use DH-1984 for key exchange and modified and
hardened RC4-drop3072 encryption to secure session.
 Autosave session - Saves sessions automatically for devices to which connection are made.

-- Fields:
 Session - Saved router session.
 Note - Note that is assigned to save router entry.
 Group - Group to which saved router entry is assigned.
 RoMON Agent - Select RoMON Agent from available device list

Description of menu items in loader screen

-- File
 New - Create new managed router list in specified location
 Open - Open managed router list file
 Save As - Save current managed router list to file
 Exit - Exit Winbox loader

-- Tools
 Advanced Mode - Enables/Disables advanced mode view
 Import - Imports saved session file
 Export - Exports saved session file
 Move Session Folder - Change path where session files are stored
 Clear cache - Clear winbox cache
 Check For Updates - Check for updates for Winbox loader

Warning: Managed routers list is not encrypted by default. To encrypt it, set

the master password!

It is possible to use command line to pass connect to, user and password
parameters automatically:

winbox.exe [<connect-to> [<login> [<password>]]]

For example (with no password):

winbox.exe 10.5.101.1 admin ""

Will connect to router 10.5.101.1 with user "admin"without password.

It is possible to use command line to pass connect to, user and password
parameters automatically to conenct to router through RoMON. In this case RoMON
Agent must be saved on Managed routers list so Winbox would know user and
password for this device:
 winbox.exe --romon [<romon-agent> [<connect-to> [<login> [<password>]]]]

For example (with no password):

winbox.exe --romon 10.5.101.1 D4:CA:6D:E1:B5:7D admin ""

Will connect to router D4:CA:6D:E1:B5:7D through 10.5.101.1 RoMON Agent with

user "admin" without password.
IPv6 connectivity
Winbox supports IPv6 connectivity. To connect to the routers IPv6 address, it must
be placed in square braces the same as in web browsers when connecting to IPv6
server. Example:

Winbox neighbor discovery is now capable of discovering IPv6 enabled routers. As

you can see from the image below, there are two entries for each IPv6 enabled
router, one entry is with IPv4 address and another one with IPv6 link-local address.
You can easily choose to which one you want to connect:
Run Winbox on macOS
Wine

Wine is a software that allows you to run Windows executable files on macOS. Install
latest Wine software from the official Wine HQ homepage, during installation you
must check the "64 bit" checkbox, so that it can operate in macOS Catalina and
newer. Then, you will have to launch Winbox 64bit version using this command line:

/Applications/Wine\ Staging.app/Contents/Resources/wine/bin/wine64
/Applications/winbox64.exe

Change the command according to where you installed Wine and where you have
put the Winbox64 executable. This is the easiest and most reliable way to run
Winbox on new macOS versions.

Wine bottler

For older macOS versions, It is possible to use Winbox in Apple macOS operating
system by using Wine emulation software. For easier use it can be combined
with WineBottler software to create a more convenient executable.
Homebrew

Also for older macOS versions, If the bottled version does not work, you can use
Homebrew to install Wine and then launch the regular Winbox.exe file from our
download page
Requirements:
1. Xcode latest version. If you have Xcode 9-beta, delete Xcode 8 first, then rename the Beta to
"Xcode".
2. Homebrew

Then just follow these steps:

brew cask install xquartz

brew install wine

If you'd like to create a launcher in MacOS, to avoid launching Wine from the
Terminal, you can do it with Automator and save the result as a service or as an app.
This is an example setup:
Interface Overview
Winbox interface has been designed to be intuitive for most of the users. Interface
consists of:
 Main toolbar at the top where users can add various info fields, like CPU and memory usage.
 Menu bar on the left - list of all available menus and sub-menus. This list changes depending on
what packages are installed. For example if IPv6 package is disabled, then IPv6 menu and all it's
sub-menus will not be displayed.
 Work area - area where all menu windows are opened.
Title bar shows information to identify with which router Winbox session is opened.
Information is displayed in following format:

[username]@[Router's IP or MAC] ( [RouterID] ) - Winbox [ROS version] on [RB

model] ([platform])

From screenshot above we can see that user krisjanis is logged into router with
IPv4/IPv6 address [fe80::4e5e:cff:fef6:c0ab%3]. Router's ID is 3C18-
Krisjanis_GW, currently installed RouterOS version is v6.36rc6, RouterBoard
is CCR1036-12G-4S and platform is tile.
On the Main toolbar's left side is located undo and redo buttons to quickly undo any
changes made to configuration. On the right side is located:
 winbox traffic indicator displayed as a green bar,
 indicator that shows whether winbox session uses encryption
Work Area and child windows
Winbox has MDI interface meaning that all menu configuration (child) widows are
attached to main (parent) Winbox window and are showed in work area.

Child windows can not be dragged out of working area. Notice in screenshot above
that Interface window is dragged out of visible working area and horizontal scroll bar
appeared at the bottom. If any window is outside visible work area boundaries the
vertical or/and horizontal scrollbars will appear.
Child window menu bar
Each child window has its own toolbar. Most of the windows have the same set of
toolbar buttons:

  Add - add new item to the list

  Remove - remove selected item from the list

  Enable - enable selected item (the same as enable command from console)

   Disable - disable selected item (the same as disable command from console)

  Comment - add or edit comment

  Sort - allows to sort out items depending on various parameters.  Read more >>

Almost all windows have quick search input field at the right side of the toolbar. Any
text entered in this field is searched through all the items and highlighted as
illustrated in screenshot below

Resources:::::

https://wiki.mikrotik.com/wiki/Manual:Winbox

What Does Windows Server Mean?

Windows Server refers to any type of server instance that is installed,
operated and managed by any of the Windows Server family of operating
systems.

Windows Server exhibits and provides the same capability, features and
operating mechanism of a standard server operating system and is based
on the Windows NT architecture.

1. Dictionary
2. Privacy and Compliance
3. Windows Server
Windows Server
Last updated: April 16, 2012

TABLE OF CONTENTS
What Does Windows Server Mean?
Windows Server refers to any type of server instance that is installed, operated and managed by any
of the Windows Server family of operating systems.

Windows Server exhibits and provides the same capability, features and operating mechanism of a
standard server operating system and is based on the Windows NT architecture.

Advertisement

Techopedia Explains Windows Server

Windows Server is generally capable of providing server-oriented services, such as the ability to host
a website, user management, resource management across users and applications, messaging,
security and authorization and many other server-focused services.
Windows Server software includes:

 Windows 2000 Server

 Windows Server 2003
 Windows Server 2008
 Windows HPC Server 2008
 Windows Server 2008 R2
 Windows Server 8
Windows Server is a group of operating systems designed by Microsoft that supports
enterprise-level management, data storage, applications, and communications.
Previous versions of Windows Server have focused on stability, security, networking,
and various improvements to the file system. Other improvements also have included
improvements to deployment technologies, as well as increased hardware support.
Microsoft has also created specialized SKUs of Windows Server that focus on the
home and small business markets. Windows Server 2012 R2 is the latest release of
Windows Server, and focuses on cloud computing

Resources:::::

https://docs.microsoft.com/en-us/windows/win32/srvnodes/windows-server