A Deep Dive in the World of IT Networking (Part 2)
Download as PPTX, PDF2 likes622 views
The document provides an in-depth exploration of IT networking, covering the OSI and TCP/IP models, various networking protocols, and the importance of data security. It discusses the advantages and limitations of the OSI model, outlines connection-oriented and connectionless protocols, and highlights key applications like TCP, UDP, and HTTP. Additionally, it emphasizes the role of firewalls, intrusion detection systems, and training options available for professionals in the field.
A Deep Dive in the World of IT Networking (Part 2)
- 1. A Deep Dive in the World of IT Networking (Part 2)
- 3. NetCom Learning – Managed Learning Services
- 5. Agenda •OSI Model. •TCP/IP (D.O.D) Model. •Networking protocols. •Networking and data security. •Q&A.
- 6. The OSI Model •The Open Systems Interconnection (OSI) reference model is used to define how data communication occurs on computer networks. •This model is divided into layers, each of which provides services to the layers above and below. •These layers are associated with protocols and devices.
- 8. Application Presentation Session The Application layer defines several standard network Services that fall into categories such as file transfer, print access the Presentation layer deals with character-set translation Like ASCII , Binary Session layer of the OSI model are responsible for establishing, maintaining, and breaking sessions
- 9. Transport Network Data-Link Physical responsible for reliable end-to-end data delivery and flow control responsible for network addressing and routing responsible for dividing datagrams into packets as well as physical addressing responsible for placing data on the network in the form of electrical signals
- 10. Advantages Of the OSI Model Provides a common language or reference point between network professionals. Divides networking tasks into logical layers for easier comprehension. Allows specialization of features at different levels. Aids in troubleshooting. Promotes standards. interoperability between networks and devices.
- 11. Limitations of the OSI model OSI layers are theoretical and do not actually perform real functions. Industry implementations rarely have a layer-to-layer correspondence with the OSI layers. Different protocols within the stack perform different functions that help send or receive the overall message. A particular protocol implementation may not represent every OSI layer (or may spread across multiple layers).
- 12. The TCP/IP (D.O.D) Model Application Transport Internet Network Application Presentation Session Transport Network Data-link Physical OSI model TCP/IP model Layer 1: Data link layer (also simply known as the link layer). Layer 2: Network layer (also known as the Internet layer). Layer 3: Transport layer. Layer 4: Application layer.
- 13. The Networking Protocols Connection-Oriented and Connectionless Protocols Connection-Oriented (CO) Protocols Connectionless (CL) Protocols They perform session initiation, error detection, and error correction. They identify and retransmit lost packets. assume an existing link between devices and allow transmission without extensive session establishment. Have larger headers and more overhead Have smaller headers and less overhead Provide packet acknowledgments, data segmentation, flow control, and error detection and correction Do not provide additional services Acknowledge transmitted packets, so they are considered reliable Do not acknowledge transmitted packets, so they are considered unreliable
- 14. Protocol Description OSI Model Layer DOD Model Layer Transmission Control Protocol (TCP) It provides connection- oriented services and performs segment sequencing and service addressing. It also performs important error-checking functions and is considered a host- to-host protocol. Transport Host-to-Host (Transport)
- 15. Protocol Description OSI Model Layer DOD Model Layer User Datagram Protocol (UDP) Considered a host- to-host protocol like TCP. It also performs functions at the Transport layer. However, it is not connection- oriented like TCP. Because of less overhead, it transfers data faster, but is not as reliable. Transport Host-to-Host (Transport)
- 16. Protocol Description OSI Model Layer DOD Model Layer File Transfer Protocol (FTP) Provides a generic method of transferring files. It can include file security through usernames and passwords, and it allows file transfer between dissimilar computer systems. Application, Presentation, Session Application/Process
- 17. Protocol Description OSI Model Layer DOD Model Layer The Hypertext Transfer Protocol (HTTP) Used by Web browsers and Web servers to exchange files (such as Web pages) through the World Wide Web and intranets. It is typically used to request and send Web documents, but is also used as the protocol for communication between agents using different TCP/IP protocols. Application, Presentation, Session Application/Process
- 18. Protocol Description OSI Model Layer DOD Model Layer Simple Network Management Protocol (SNMP) Designed for managing complex networks. SNMP lets network hosts exchange configuration and status information. This information can be gathered by management software and used to monitor and manage the network. Application, Presentation, Session Application/Process
- 19. Protocol Description OSI Model Layer DOD Model Layer Simple Mail Transfer Protocol (SMTP) used to route electronic mail through the internetwork. E-mail applications provide the interface to communicate with SMTP or mail servers. Application, Presentation, Session Application/Process
- 20. Protocol Description OSI Model Layer DOD Model Layer Domain Name System (DNS) Is distributed throughout the internetwork to provide address/name resolution. For example, the name "www.testout.com" would be identified with a specific IP address. Transport Host-to-Host (Transport)
- 21. Protocol Description OSI Model Layer DOD Model Layer DHCP The Dynamic Host Configuration Protocol (DHCP) delivering IP configuration parameters from a DHCP server to a host specifying how IP addresses are assigned. Network Internet
- 22. Protocol Description OSI Model Layer DOD Model Layer Internet Protocol (IP) The main TCP/IP protocol. It is a connectionless protocol that makes routing path decisions, based on the information it receives from ARP. It also handles logical addressing issues through the use of IP addresses. Network Internet
- 23. Networking and data security Virtual Private Network (VPN) A connection between two or more computers or devices that are not on the same private network. In order to ensure that only the proper users and data sessions cross to a VPN device, data encapsulation and encryption are used. A “tunnel” is created, so to speak, through the LANs and WANs that might intervene.
- 24. Security devices such as firewalls are the main defense for a company’s networks, whether they are LANs, WANs, intranets, or extranets. Firewalls are used to protect a network from malicious attack and unwanted intrusion. They are the most commonly used type of security device in an organization’s perimeter. Perimeter security zones such as demilitarized zones (DMZs) help keep certain information open to specific users or to the public while keeping the rest of an organization’s data secret. Security Devices and zones
- 25. A network intrusion detection system (NIDS) is a type of IDS that attempts to detect malicious network activities (e.g., port scans and DoS attacks) by constantly monitoring network traffic. The NIDS will then report any issues that it finds to a network administrator as long as it is configured properly. A network intrusion prevention system (NIPS) is designed to inspect traffic, and, based on its configuration or security policy, it can remove, detain, or redirect malicious traffic in addition to simply detecting it. Network Intrusion Detection System
- 26. A perimeter network or demilitarized zone (DMZ) is a small network that is set up separately from a company’s private local area network and the Internet. It is called a perimeter network because it is usually on the edge of a LAN, but DMZ has become a much more popular term. A DMZ allows users outside a company LAN to access specific services located on the DMZ. However, when the DMZ set up properly, those users are blocked from gaining access to the company LAN. The DMZ might house a switch with servers connected to it that offer web, email, and other services. DMZ
- 27. Watch the Live Demonstration Watch the recorded webinar here!
- 28. Recommended Courses NetCom Learning offers a comprehensive portfolio for IT Networking training options. Please see below the list of recommended courses: 20741: Networking with Windows Server 2016 Interconnecting Cisco Networking Devices, Part 1 v 3.0 - ICND1 (Entry) Interconnecting Cisco Networking Devices, Part 2 v3.0 - ICND2 (Associate) Check out more IT Networking training options with NetCom Learning – CLICK HERE
- 29. Our live webinars will help you to touch base a wide variety of IT, soft skills and business productivity topics; and keep you up to date on the latest IT industry trends. Register now for our upcoming webinars: Active Directory for VMware vCenter 6.5 – June 5 Understanding the Windows Server Administration Fundamentals (Part-1) – June 13 Microsoft Word Power Shortcuts & Tips (Part-2) – June 15 Your Quick Guide to PMP Certification and Examination – June 20 Understanding the Windows Server Administration Fundamentals (Part-1) – June 27
- 30. Special Promotion Whether you're learning new IT or Business skills, or you are developing a learning plan for your team, now you can register for our Guaranteed to Run classes with confidence. From Microsoft, to CompTIA, to CISSP; all classes delivered by top-notch instructors in in- person Instructor-led Classroom or Live Online. Learn more»
- 31. Special Promotion Is the internet secure? It becomes a matter of deep introspection whether the internet remains a safe place for us with all our personal and official data on it. Take a proactive stance on security. It is time to wake up and begin preparing a defense for the future. Acquire the skillset, become certified cybersecurity professional. Learn more»
- 32. Special Promotion Trial Version & 10% First Time User discount on Soft Skills E-Learning Courses (Limited Period Offer, Register NOW) Log onto www.sarderlearning.com Coupon Code: SARDER10
- 33. 3500+ BYTE SIZE VIDEOS 200+ MENTORS 100+ COURSES Leadership focused programs across Functions, Management levels, & Industries Business Productivity programs enabling professionals master the latest concepts Soft skills programs ensuring the basics of management success Best selling books focused programs covering all aspects of professional & personal lives Premium programs such as Board-Series www.sarderlearning.com Course Categories Anywhere Anytime Learning across Devices & Operating Systems
- 34. Media Platform with a blend of Charlie Rose & TED Headquartered in New York, the platform publishes Exclusive High Quality Video Content from Fortune 1000 Corporate Leaders, Best Selling Authors & Ivy League Professors With a purpose to "Promote Learning", the Platform is based on the Core values of Continuous Learning, Innovation & Performance. Get the latest insights on Management, Strategy, Marketing, Sales, Innovation and Entrepreneurship. www.sardertv.com To get the latest insights on the Business World
- 35. To get latest technology updates, please follow our social media pages!
- 37. THANK YOU !!! We manage learning. “Building an Innovative Learning Organization. A Framework to Build a Smarter Workforce, Adapt to Change, and Drive Growth”. Download now!
Editor's Notes
- #8: Physical layer Data link layer Network layer Transport layer Session layer Presentation layer Application layer All People Seem To Need Data Processing (descending). Please Do Not Trust Sales Person Always (ascending).
- #9: Layer Description and Keywords Protocols Devices Encapsulation 7- Application User interface Communication partner identification HTTP (P.NO.80) Telnet (P.NO.23) FTP(20,21) TFTP (69) SNMP(161) SMTP(25) Messages and Packets 6- Presentation Data format (file formats) Encryption, translation, and compression Data format and exchange JPEG, BMP, TIFF, PICT MPEG, WMV, AVI ASCII, EBCDIC MIDI, WAV Packets 5- Session Keeps data streams separate (session identification) Set up, maintain, and terminating communication sessions SQL NFS ASP RPC X window Packets 4- Transport Reliable (connection-oriented i.e. file transfer and email) and unreliable (connectionless i.e. streaming audio&videoin real time applications) communications (segments) End-to-end flow control Port and socket numbers Segmentation, sequencing, and combination TCP (transport control protocol) (connection-oriented) SPX (connection-oriented) UDP(user datagram protocol ) (connectionless) Segments, Datagrams, and Packets 3- Network Logical addresses Path determination (identification and selection) Routing packets IP IPX (by Novel) AppleTalk DECNET ALL USE THE SOURCE PORT NO.&DESTINATION PORT NO. Router Packets and Datagrams 2- Data Link Logical Link Control (LLC) Convert bits into bytes and bytes into frames MAC address, a.k.a. burned in address (BIA), hardware address Logical network topology Media access Flow control Acknowledgements Buffering Windowing Parity and CRC LAN protocols: 802.2 logic link control (LLC), 802.3 (Ethernet), 802.5 (Token Ring), 802.11 (Wireless) WAN protocols: high level data link control (HDLC), point to point protocol (PPP)between different vonders on the same serial link , Frame Relay, ISDN, ATM NICs Switches Bridges Frames Media Access Control (MAC) 1- Physical Move bits across media Cables, connectors, pin positions Electrical signals (voltage, bit synchronization) Physical topology (network layout) EIA/TIA 232 (serial signaling) V.35 (modem signaling) Cat5 RJ45 Cable Connectors Hubs and repeaters Bits
- #10: The physical Layer has the physical and electrical medium for data transfer. It includes but is not limited to cables, jacks, patch panels, punch blocks, hubs, and MAUs. Concepts related to the physical layer include topologies, analog versus digital/encoding, bit synchronization, baseband versus broadband, multiplexing, and serial (5-volt logic) data transfer. The unit of measurement used on this layer is bits.
- #14: A three-way handshake is a method used in a TCP/IP network to create a connection between a local host/client and server. It is a three-step method that requires both the client and server to exchange SYN and ACK (acknowledgment) packets before actual data communication begins. A three-way handshake is primarily used to create a TCP socket connection. It works when: A client node sends a SYN data packet over an IP network to a server on the same or an external network. The objective of this packet is to ask/infer if the server is open for new connections. The target server must have open ports that can accept and initiate new connections. When the server receives the SYN packet from the client node, it responds and returns a confirmation receipt – the ACK packet or SYN/ACK packet. The client node receives the SYN/ACK from the server and responds with an ACK packet. Upon completion of this process, the connection is created and the host and server can communicate.
- #24: Popular VPN Protocols are: PPTP L2TP with IPSec Point-to-Point Tunneling Protocol (PPTP) is the more commonly used protocol, but it is also the less secure option. PPTP generally includes security mechanisms, and no additional software or protocols need to be loaded. A VPN device or server that allows incoming PPTP connections must have inbound port 1723 open. PPTP works within the point-to-point protocol (PPP), which is also used for dial-up connections. Layer 2 Tunneling Protocol (L2TP) is quickly gaining popularity due to the inclusion of IPsec as its security protocol. Although this is a separate protocol and L2TP doesn’t have any inherent security, L2TP is considered the more secure solution because IPsec is required in most L2TP implementations. A VPN device or server that allows incoming L2TP connections must have inbound port 1701 open.
- #27: Two common DMZ configurations are as follows: Back-to-back configuration: This configuration has a DMZ situated between two firewall devices, which could be black box appliances or Microsoft Internet Security and Acceleration (ISA) Servers. 3-leg perimeter configuration: In this scenario, the DMZ is usually attached to a separate connection of the company firewall. Therefore, the firewall has three connections—one to the company LAN, one to the DMZ, and one to the Internet.
- #33: Further, if your interested in “Learning from the Top American Leaders”, please logon to the e-learning platform - www.sarderlearning.com. Avail the special promotion meant for FIRST TIME USERS. Use your coupon code – SARDER10 and begin your leadership journey. Now!!
- #34: Sarder Learning is a micro-learning knowledge platform that brings the world’s best Fortune 500 companies CXOs, Ivy League professors and best selling authors together to share industry –wide best practices related to leadership & management. Sarder Learning under 13 different categories has a rapidly growing course library relevant across multiple domains with well defined specific learning paths and scenario –based learning. An intuitive and responsive learning management system environment makes it easy to track one’s learning journey take courses at convinence
- #35: To get your dose of Latest Business Insights FROM Corporate America, logonto Sardertv.com. Don’t forget to register for our newsletter.
- #38: I’d like to thank the team members that were part of this webinar: Swedha Sarah Gaurav Ben Ankuna vashali &special thanks to Chief Engineer Mina Henery from IBM Germany for his valuable support