Download Essential Elements of Medical Networks

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
Document related concepts

Net bias wikipedia , lookup

IEEE 1355 wikipedia , lookup

Multiprotocol Label Switching wikipedia , lookup

Asynchronous Transfer Mode wikipedia , lookup

Point-to-Point Protocol over Ethernet wikipedia , lookup

Parallel port wikipedia , lookup

Zigbee wikipedia , lookup

CAN bus wikipedia , lookup

Wireless security wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Distributed firewall wikipedia , lookup

IEEE 802.1aq wikipedia , lookup

Airborne Networking wikipedia , lookup

Deep packet inspection wikipedia , lookup

AppleTalk wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Computer network wikipedia , lookup

I²C wikipedia , lookup

Network tap wikipedia , lookup

Internet protocol suite wikipedia , lookup

Wake-on-LAN wikipedia , lookup

UniPro protocol stack wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Transcript 
Essential Elements of Medical Networks
© D. J. McMahon 141004
rev cewood 2017-03-07
Key Points
Medical Networks:
quick conversion of bits to decimal numbers: 210 = 1024 » 1000 = 103
OSI Networking Layers You Need to Know:
• Application layer - generally includes everything layer 5-7
• TCP or UDP & port (layer 4)
• IP address (layer 3):
32 bits
IPv4 is out of addresses What do we do?
DHCP
NAT
• MAC address (layer 2 or hardware address) 48 bits
• Physical Layer (layer 1):
Ethernet (802.3)
wireless (802.11)
Know how switching (Layer 2) works
Know how routing (Layer 3) works
Understand IP address, subnet mask, Router (or ‘gateway’) address
Know what values get programmed into a firewall
Ideal characteristics of a
hospital network:
- Flexible: adaptable to the current needs,
and to future changes
- Modifiable on-line
- Scalable to changes in the equipment
- Compatible with industry standards
- Secure
Network Basics; Layers You Need to Know
Application layer - generally includes stuff from layer 5-7
TCP or UDP & port (layer 4) - a connection protocol and ‘sub-address’
allowing targeted IP ‘conversations’ between nodes.
216 ports available; SSL also lives here
IP address (layer 3) IPv4 is 232 bits (4.3 billion addresses)
IPv6 is 2128 bits (‘enough’ addresses) but not common yet.
IPv4 has run out of addresses. What do we do?
MAC address (‘layer 2’ or ‘burned-in address’ or ‘hardware address’)
every networked device has a unique MAC address
248 bits, expressed as hex e.g. 00-22-5F-D2-09-2C
Physical Layer 1 Some variety of Ethernet (802.3) or wireless (802.11)
Physical Layer 1
> Ethernet (802.3)
The primary cabling and data delivery technology used in local area networks (LANs).
- Ethernet transmits data at up to ten million bits per second (10 Mbps)
- Fast Ethernet supports up to 100 Mbps,
Gigabit Ethernet (‘Gig E’) supports up to 1000 Mbps,
10 Gig Ethernet supports speeds up to 10 gigabits per second.
- supports networks of twisted-pair and fiber-optic cabling. (coax is obsolete)
- data is transmitted over the network in discrete packets (frames) which are
between 64 and 1518 bytes in length
- each device on an Ethernet network operates independently and equally,
precluding the need for a central controlling device.
- supports a wide array of protocols, the most common being TCP/IP.
Physical Layer 1
> Wireless (802.11)
Increasingly common data delivery technology used in local area networks (LANs).
- 802.11a
54 Mbps
5 GHz band (ISM)
- 802.11b
11 Mbps
2.4 GHz band (ISM)
- 802.11g
54 Mbps
2.4 GHz band (ISM)
- 802.11n
54-600 Mbps
2.4 & 5 GHz bands (ISM)
- can function in peer-to-peer ‘ad-hoc’ networks;
more commonly the nodes communicate with a Wireless Access Device.
- Security is a greater concern than with wired networks, demanding ever-stronger
encryption & user validation.
At this time, WPA2 is considered secure, provided a strong passphrase is used
MAC address, Layer 2
48 bits
( ‘burned-in address’ or hardware address”)
- Every networked device has a universally unique MAC address.
-
Addresses are 248 bits, expressed as hex
-
first 24 bits are assigned to a manufacturer,
last 24 bits are assigned by the manufacturer.
-
Sniffer software typically replaces the mfg. segment with the mfg. name.
-
These addresses may be spoofed, but this is unusual (and pointless).
-
These unique addresses let devices communicate on a LAN segment or a
switch (or hub) domain with no configuration.
-
Beyond the local segment, the original MAC addresses do not appear in data
packets.
e.g. 00-22-5F-D2-09-2C
or 00.22.5F.D2.09.2C
IP address, Layer 3
32 bits
- IP address v4 is 232 bits (4.3 billion addresses) e.g. 192.168.0.1
-
You must have a globally unique ‘public IP’ address to communicate with the
internet. IPv4 has run out of addresses. What do we do?
1) DHCP: (Dynamic Host Configuration Protocol) assigns a public address from
a ‘pool’ temporarily, while you are connected to the internet. When you
disconnect (or time out), this address is returned to the pool for
reassignment. This allows an organization to share a limited range of public
addresses.
2) NAT: (Network Address Translation) assigns an address from a special
‘private address’ range (like 10.xx.xx.xx or 192.168.xx.xx) which the router
translates to its own (public) address when communicating with the
internet. This allows an entire network to share a single public address or a
small public address range (if the router is powerful enough).
- IPv6 is 2128 bits (‘enough’ addresses) but not common yet.
TCP or UDP & port, Layer 4
- These are a connection protocol and a ‘sub-address’ (port)
- They allow targeted IP ‘conversations’ between IP nodes
-
216 ports are available (for TCP) and 216 ports are available (for UDP)
-
TCP & UDP ports are different from each other.
To specify a port, you need the protocol and the port number.
-
The first 210 are ‘well-known’ and many have been assigned to specific
processes. HTTP port 80; FTP ports 20 & 21; DNS port 53.
-
This is sometimes the realm of ‘security by obscurity’, with programmers hoping
to safely use a previously-unused port. Not safe enough!
-
This is definitely the realm of firewalls.
Combinations of specific IP addresses (source & destination) and protocols and port
numbers are enabled. Everything else is blocked by the firewall.
Routing
note: each router shown has two ports;
each port is on a different IP network
configuration for PC1:
configuration for PC2:
IP address: 192.168.1.10
subnet mask: 255.255.255.0
router address: 192.168.1.1
IP address: 192.168.4.10
subnet mask: 255.255.255.0
router address: 192.168.4.1
TCP/UDP
IP address
MAC address
physical
IP network:
192.168.1.xx
192.168.3.xx
192.168.2.xx
192.168.4.xx
The Layer 3 packet
IP
IP
... followed by the packet from layer 4
(layer 4)
(layer 3)
(layer 2)
The Layer 2 frame
‘data’ field is the entire Layer 3 packet
Dest & Source are 48-bit MAC addresses
Network Addressing:
Every node attached to an IP network must be addressed.
This addressing can be automated with DHCP, but it will always include:
-
IP address - of this specific port 192.168.1.10
-
subnet mask - telling how many bits are the network number and
how many are the node number
255.255.255.0 means the first 24 bits of the address are the network number
-
the address of the router (or ‘gateway’); how to get beyond this LAN segment
e.g. 192.168.1.1
If a packet is addressed to a local node (same subnet), the packet is sent directly to
that MAC address.
If it is headed beyond the local subnet, it is sent to the MAC address of the router,
which will deal with it.
Network Models:
> Client-Server – most commonly used
how it’s wired
how it acts
Network Operating System Providers:
& many others…
Interconnection Devices:
> Network Interface Card (NIC) – layer 1
- connects a computer to the external network
- typically has an edge connector to connect to one of the PC expansion slots
and an RJ-45 connector to connect to the Ethernet. Can also connect via USB.
Interconnection Devices:
> Hub – layer 1
- connects all the nodes of a network
using Twisted Pair cables
- the hub repeats the signal to all ports, but does not look into the packet
- signals received on one port are transmitted to all other ports
- all work stations connected to the hub ‘listen’ to one another
- these older devices often require attention (and manual setting) for
speed (10 or 100 mbps) and half or full duplex
- can be useful for troubleshooting with a network sniffer
Interconnection Devices:
> Repeater – layer 1
- regenerates incoming signals in order
to compensate for timing errors and
signal loss due to long wire distances
- preserves signal integrity and extends the signal travel distance
- does not look into the packet
- can connect a twisted pair segment with a fiberoptic segment
- often called an “active hub”
- no longer used
Interconnection Devices:
> Switch – layer 2
- distributes signals only to a specific port or ports,
based on MAC addresses which it learns by looking inside the packet.
- decides where to send each packet based on its internal configuration settings
( a switch is “.. a hub with intelligence”)
- can establish multiple conversations simultaneously
Interconnection Devices:
> Bridge – layer 2
- functions similar to a Switch.
- segments the network according to settings
- keeps unintended traffic from entering different segments of a network.
- filters traffic based on the destination MAC address.
- no longer used
Interconnection Devices:
> Router – layer 3
- connects multiple IP networks, using routing to forward the packets
- each port is configured for a specific network
- can include local and wide-area (telco & carrier) networks
- forwards packets based on the IP addresses of the source and the destination
(not the same as a Switch, which works on the physical address (MAC address)
of a host or a node)
Network Sizes:
LAN - Local Area Network
•
Connects a home, office building, hospital, etc.
VLAN - Virtual Local Area Network
• A group of devices that communicate as if they were attached to the same
system, regardless of their physical location.
• Acts like a LAN, but it allows for diverse stations to be grouped together
even if they are not located on the same switch.
• Very popular in health care settings.
WAN - Wide Area Network
•
•
•
Usually involves a telco or carrier utility.
Covers a broad geographical area with multiple systems.
May link across a city, regional, or national boundaries.
PACS Integration
Example of the Radiology Computing Environment
Overview of Hospital Information Services
Network Certifications:
Basic certification:
Network+ from CompTIA
Microsoft Certified Professional (MCP)
Cisco Certified Network Associate (CCNA)
Cisco Certified Design Associate (CCDA)
Intermediate certification:
Security+ from CompTIA
Server+ from CompTIA
Microsoft Certified Systems Administrator (MCSA)
Microsoft Certified Systems Engineer (MCSE)
Cisco Certified Network Professional (CCNP)
Certified Information Systems Security Professionals (CISSP)
Advanced certification:
Security Expertise in Management (CISSP-ISSMP)
Certified Information Security Manager (CISM)
Cisco Certified Internetwork Engineer (CCIE)
Cisco Certified Security Professional(CCSP)
Related documents
Physical Layer – How bits are sent
Physical Layer – How bits are sent
Australian Flag Draw (Powerpoint)
Australian Flag Draw (Powerpoint)
Chapter 1: Protocols and Layers
Chapter 1: Protocols and Layers
CS447_Spring2002_Rea..
CS447_Spring2002_Rea..
Northeastern Illinois University Department of Computer
Northeastern Illinois University Department of Computer
Nona*s Homemade * Marketing Project * C Block Marketing Class
Nona*s Homemade * Marketing Project * C Block Marketing Class
4th Edition: Chapter 1 - United States Naval Academy
4th Edition: Chapter 1 - United States Naval Academy
ch-3-FIT-pt2
ch-3-FIT-pt2
Subnet and Packet Tracer Task
Subnet and Packet Tracer Task
One. Clear the even-numbered bits of AX, leaving the other bits
One. Clear the even-numbered bits of AX, leaving the other bits