Download Understanding Internetworking Infrastructure

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Wireless security wikipedia , lookup

Deep packet inspection wikipedia , lookup

Mobile security wikipedia , lookup

Unix security wikipedia , lookup

Network tap wikipedia , lookup

Computer security wikipedia , lookup

Cyberattack wikipedia , lookup

Distributed firewall wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Transcript
Agendas



Chapter 3 (Recap)
Understanding Internetworking Infrastructure
(Chapter 5)
Case 2-2: The iPremier Company (A):
Denial of Service Attack
1
Three Inter-organizational Governance Models
(Recap)


What are the three governance models?
Describe each governance model.
Three Inter-organizational Governance Models

Market


Hierarchy


Simple exchange of goods, services, and payments, usually during
a specific time period and with limited interaction or information
sharing between the parties involved
Formal contracts and authority define the activities to be
performed, the products or services to be provided, the price to
be paid by each party, and the length of the relationship
Partnership

Require shared goals, complementary expertise and skills, high
levels of trust among the parties, and networked integration of
processes and work across organizational boundaries
Three Network Ownerships


What are the three types of ownerships?
Describe each network ownership.
Three Network Ownerships (Recap)



The majority of specialized units may be located inside
a corporation or other legally defined organization.
An alliance may be formed between two ( or a small
number of players).
A diverse community, also called an ecosystem, of
players representing different roles (e.g., suppliers,
distributors, buyers) may work together to achieve
shared goals.
Governance and Ownership
Ownership
Community
Alliance
Corporation
Hierarchy
Market
Partnership
Governance
6
Course Road Map
ISQS 5231
Business Impacts
Networked
Infrastructure
and Operations
Making Case for
IT
Internetworking
Infrastructure
IT and Strategy
Diverse IT
Infrastructures
IT and
Organization
Reliable and
Secure IT
Services
Extending the
Enterprise
Leadership
Issues
Management IT
Functions
Managing IT
Projects
Management IT
Outsourcing
Chapter 5: Understanding Internetworking Infrastructure

Technical issues vs. business issues

Bridging the gap between the business and technical domains
8
Chapter 5: Understanding Internetworking Infrastructure
Corporate Telecommunications System
9
The IT architecture of an e-business
Chapter 5: Understanding Internetworking Infrastructure
Moore’s Law
11
Moore’s Law
12
Chapter 5: Understanding Internetworking Infrastructure
TCP/IP
Evolution of Corporate IT Infrastructure
13
Chapter 5: Understanding Internetworking Infrastructure
Metcalfe’s Law
14
Chapter 5: Understanding Internetworking Infrastructure
Bandwidth Explosion
15
Components of Internetworking Infrastructure
Core technologies
Key MGNT Issues
Network
Fiber optics, cable systems,
DSL, Routers, switches,
firewalls, software
Tech standards
Partners
Reliability
Security
Processing Systems
Transaction software,
servers, server appliances,
client services
Souring strategy
Crisis management
Disaster recovery
Facilities
Corporate data centers,
data management
Facility selection
Reliability
Security
16
Components of Internetworking Infrastructure
A Simple LAN
17
Network Elements – LAN





Local Area Networks (LAN)
Connects computers and other digital devices within 2000 ft
radius
Cabling or wireless technology links computers, network
interface cards, and software
Network Operating System (NOS)
Network Topologies

Star, bus, and ring topologies
18
Network Elements – LAN
LAN Topologies
19
Network Elements – WAN
Wide Area Networks (WAN)


Span broad geographic distances
Can consist of combination of:





Switched lines
Dedicated lines
Microwave
Satellite communications
Private WANs expensive to support
20
Network Elements – WAN
An Example of WAN
21
Network Elements – MAN

Metropolitan Area Network (MAN)



Scope between LAN and WAN
Limited distance; faster and less expensive than WAN
Value-Added Networks


Private, third-party managed, data only networks
Subscription basis
22
Network Elements – Bridge (Switch), Router, Firewall, Caching
Bridge (Switch)



Connect network segments at the physical layer
Relay and subdividing network device
Less or no intelligent in transporting data
Router

A network device containing software and hardware – usually
tailored to the tasks of routing and forwarding information.
23
Network Elements – Bridge (Bridge, Router, Firewall, Cache)
Firewall

A firewall is a dedicated hardware, or software running on
another computer, which inspects network traffic passing
through it, and denies or permits passage based on a set of
rules.
Cache

A cache is a block of memory for temporary storage of data
likely to be used again. The CPU and hard drive frequently use
a cache, as do web browsers and web servers.
24
Elements of Processing Systems




Client Devices and Systems
Server Devices and Systems
Mainframe Devices and Systems
Middleware




Middleware is the enabling technology of enterprise
application integration. It describes a piece of software that
connects two or more software applications, allowing them
to exchange data.
TCP/IP
Extremely important
Not well-understood
25
Client/Server Computing




Client/server computing: Splits processing between “clients” and
“servers” on network
Powerful personal computers connect to network with one or
more server computers
Has extended networking to parts of business that could not be
served by centralized architecture
Processing load balanced over many smaller machines
26
Client/Server Computing
Types of Client/Server Computing
Client/Server Computing (n-tier)
Remote method innovation/Internet Inter-Orb Protocol
29
Packet Switching (How Internet Work)

Messages broken into “packets” before transmission

Packets include destination and error-checking information

Packets travel independently using routers; reassembled into
original message at destination
Transmission Control Protocol/Internet Protocol (TCP/IP)



Open suite of protocols for connectivity developed in 1970s
Provides standards for breaking messages into packets, routing
them to destination addresses, and reassembling them at end
Allows for communication regardless of hardware/software
Packet Switching
Transmission Control Protocol/Internet Protocol (TCP/IP)
TCP/IP: Four-Layer Reference Model
1.
2.
3.
4.
Network interface layer: Placing packets on and receiving them
from network medium
Internet layer: Addressing, routing, packaging data packets
Transport layer: Acknowledging and sequencing packets
to/from application
Application layer: Communication between applications and
other layers
TCP/IP: Four-Layer Reference Model
Complexity and Coupling
Complexity

Systems have many interactions
Interactions can be linear (simple) or complex




Linear  cause and effect relationships are clear
Complex  cause and effect relationships are difficult to see or anticipate
Coupling




Here coupling or dependency is the degree to which each
network system relies on each other.
Coupling in systems can be tight or loose.
Tight coupling  changes in A seriously affect B
Where System Fall
36
Why Systems Are Vulnerable?
Telecommunications networks vulnerabilities
Why Systems Are Vulnerable?
Type of computer crimes and criminals
Hacker: An outside person who has penetrated a computer system, usually
with no criminal intent.
Cracker: A malicious hacker.
Social engineering: Getting around security systems by tricking computer
users into revealing sensitive information or gaining unauthorized access
privileges.
Cybercrimes: Illegal activities executed on the Internet.
Identify theft: A criminal (the identity thief) poses as someone else.
Cyberwar: War in which a country’s information systems could be paralyzed
from a massive attack by destructive software.
Virus: Software that can attach itself to (“infect”) other computer programs
without the owner of the program being aware of the infection.
IS Security and Control
Security Treats
Method
Definition
Virus
Secret instructions inserted into programs (or data) that are innocently ordinary tasks. The secret instructions may destroy or alter
data as well as spread within or between computer systems
Worm
A program that replicates itself and penetrates a valid computer system. It may spread within a network, penetrating all connected
computers.
Trojan horse
An illegal program, contained within another program, that ‘’sleep' until some specific event occurs then triggers the illegal
program to be activated and cause damage.
Salami slicing
A program designed to siphon off small amounts of money from a number of larger transactions, so the quantity taken is not
readily apparent.
Super zapping
A method of using a utility ‘’zap’’ program that can bypass controls to modify programs or data
Trap door
A technique that allows for breaking into a program code, making it possible to insert additional instructions.
Logic bomb
An instruction that triggers a delayed malicious act
Denial of services
Too many requests for service, which crashes the site
Sniffer
A program that searches for passwords or content in packet of data as they pass through the Internet
Spoofing
Faking an e-mail address or web-page to trick users to provide information instructions
Password cracker
A password that tries to guess passwords (can be very successful)
War dialling
Programs that automatically dial thousands of telephone numbers in an attempt to identify one authorized to make a connection
with a modem, then one can use that connection to break into databases and systems
Back doors
Invaders to a system create several entry points, even if you discover and close one, they can still get in through others
Malicious applets
Small Java programs that misuse your computer resource, modify your file, send fake e-mail, etc
Protecting the Digital Firm

Firewall screening technologies
Static packet filtering
 Network address translation
 Application proxy filtering


Intrusion detection systems
Scanning software
 Monitoring software

Security and Electronic Commerce
Encryption
 Authentication
 Message integrity
 Digital signatures
 Digital certificates
 Public key infrastructure (PKI)
