Network Fundamentals

A network is a group of computers that can share information through interconnections. A network is made up of the following components:

• Computers (often called nodes or hosts)
• Transmission media—a path for electrical signals between devices
• Network interfaces—devices that send and receive electrical signals
• Protocols—rules or standards that describe how hosts communicate and exchange data

Network Benefits

Despite the costs of implementation and maintenance, networks actually save organizations money by allowing them to:

• Consolidate (centralize) data storage
• Share peripheral devices like printers
• Increase internal and external communications
• Increase productivity and collaboration

Network Classification

There are several ways to classify networks. The following table lists several ways to describe a network:

Type	Classification	Description
Host Role	Peer-to-Peer	In a peer-to-peer network, each host can provide network resources to other hosts or access resources located on other hosts. Each host is in charge of controlling access to those resources. Advantages of peer-to-peer networks include the following: Easy implementation Inexpensive Disadvantages of peer-to-peer networks include the following: Difficult to expand (not scalable) Difficult to support Lack centralized control No centralized storage
Client-Server	In a client-server network, hosts have specific roles. For example, some hosts are assigned server roles, which allow them to provide network resources to other hosts. Other hosts are assigned client roles, which allow them to consume network resources. Advantages of client-server networks include the following: Easy to expand (scalable) Easy to support Centralized services Easy to back up Disadvantages of client-server networks include the following: Expensive server operating systems Extensive advanced planning required
Geography	Personal Area Network (PAN)	A personal area network is a very small network used for communicating between personal devices. For example, a PAN may include a notebook computer, a wireless headset, a wireless printer, and a smart phone. A PAN is limited in range to only a few feet. A PAN is typically created using Bluetooth wireless technologies.
Local Area Network (LAN)	A local area network is a network in a small geographic area, like an office. A LAN typically uses wires to connect systems together.
Wireless Local Area Network (WLAN)	A wireless LAN covers an area that is roughly the same size as a standard LAN. However, it uses radio signals instead of wires to connect systems together.
Metropolitan Area Network (MAN)	A metropolitan area network is a network that covers an area as small as a few city blocks to as large as an entire metropolitan city. MANs are typically owned and managed by a city as a public utility. Be aware that many IT professionals do not differentiate between a wide area network and a MAN as they use the same network technologies.
Wide Area Network (WAN)	A wide area network is a group of LANs that are geographically isolated, but are connected to form a large internetwork.
Controller Area Network (CAN)	A Controller Area Network (CAN) is designed to allow communication between microcontrollers and devices. CAN includes hardware specifications for the physical network and software specifications for communication. CAN was originally developed for the automotive industry to replace the complex wiring harness with a two-wire bus. CANs cost, performance, and easy upgrade process provide flexible system design. CAN uses the following topologies: Bus Star Ring
Management	Network	The term network often describes a computer system controlled by a single organization. This could be a local area network at a single location or a wide area network used by a single business or organization. If two companies connected their internal networks to share data, you could call it one network. In reality, however, it is two networks because each network is managed by a different company.
Subnet	A subnet is a portion of a network with a common network address. All devices on the subnet share the same network address, but they have unique host addresses. Each subnet in a larger network has a unique subnet address. Devices connected through hubs or switches are on the same subnet. Routers are used to connect multiple subnets.
Internetwork	A network with geographically dispersed WAN connections that connect multiple LANs is often called an internetwork. Additionally, connecting two networks under different management is a form of internetworking because data must travel between two networks.
Participation	Internet	The internet is a large world-wide public network. The network is public because virtually anyone can connect to it, and users or organizations make services freely available on the internet. Users and organizations connect to the internet through an internet service provider (ISP). The internet uses a set of communication protocols (TCP/IP) for providing services. Individuals and organizations can make services (such as a website) available to other users on the internet.
Intranet	An intranet is a private network that uses internet technologies. Services on an intranet are only available to hosts that are connected to the private network. For example, your company might have a website that only employees can access.
Extranet	An extranet is a private network that uses internet technologies, but its resources are made available to external (but trusted) users. For example, you might create a website on a private network that only users from a partner company can access.

Network Security Concepts

Q: What are the risks to the network?

Gaining access to a network is traditionally the most common way for a hacker to gain access. The problem is that no matter how secure the network may be, it can’t protect devices that come and go. Once a hacker gains access to that device and creates what’s called a backdoor, it then manipulates the credentials on that device so that other devices on the network will then trust it, and that’s how it becomes so easy for a virus to spread so quickly.

Q: What are the risks to the computers on a compromised network?

As stated in the previous question, computers face significant risks when connecting to a public network that may be compromised. The problem is traffic, or how your computer sends and receives data. The computer has to have a certain amount of trust to function with the network, but a hacker can easily make malware look trusted by changing the credentials and then redirecting your computer to a virus. These types of things are what leads to data theft and malicious code being put on your computer.

Q: What can we do to protect our networks?

Most of the methods that modern day networks use to secure themselves involve separating the network into clearly defined areas. This makes it harder even if a hacker gains access to spread his control to the entire network. Things like Principles of Least Privilege and need to know are good at limiting the damage a hacker can do. It’s also good to try and limit lateral communication across the network, that way a hacker will have a harder time trying to communicate with vulnerable devices.

Q: What are some things I can do to protect my Computer.

Even if a network is compromised, that doesn’t necessarily mean you’ll get a virus. At the very least, you should always install a high quality anti-virus software that automatically updates. It’s also recommended that you use a VPN, this send your data through a tunnel and forced encrypted communication through the virtual server. And lastly it’s always recommended that you know what permissions you give different applications. The more your computer trusts a network, the easier it will be for a hacker to gain access to your computer.

Q: What do I need to look for in my Security Software.

For most personal computers, you can get a generalized anti-virus software that will cover all the basics. But you do need to know what malware, spyware, and adware are and the difference between them to properly defend yourself. I have review three anti-virus systems for you here:

• Bit Defender – They have a free subscription available. It scored very high in the lab tests when it came to detecting malware. In addition to that it also has add ons like a password manager, and it scored very high in malicious URL threat detection.
• Web Root – This is a very good program that doesn’t take up a lot of room on your system. It has a fast scan time and is good about checking all programs upon installation. It’s also pretty good about monitoring new programs that you install and checks for tell tale signs of malware from them.
• Avast Pro – Since this is about Network security I decided to include Avast Pro, which is not only a great anti-virus tool for your personal computer, but it also monitors the security of your entire of your entire network. And the great part about this is that even though you need to Pro to monitor network security, if you’re just looking for something for your computer the free edition has almost the same features. It has a wifi inspector that looks for network problems, a software update to see if your browser is missing any security patches, and a browser extension that steers you away from bad urls and will block ads.

Note: I normally try and use multiple sources, but I found a very good article from US CERT (United States Computer Emergency Readiness Team), and used that extensively for pretty much all the info except the software recommendations. The article talked about the subject and you don’t get more authoritative than a government agency.

Setting up Your Network

It’s important to know what the different types of Networks and what they do before you set up your businesses network.

• LAN – The most common type of network that you’ll encounter are LANs which stand for Local area networks. LANs use routers to connect computers and low voltage devices in a office or other short distance.

• PAN – Personal Area Networks are made of up one modem and no more than a computer or two, they are primarily used for one person in a home or small office.

• HAN – A home area network is similar to a LAN but is used only in the home. It connects things like TVs and mobile devices or smart appliances.

• WAN – Wide area networks connect devices over a long distance. The most basic example of one of these would be the internet.

• MAN – A metropolitan area network is very similar to a WAN but obviously covers a small physical area but is instead maintained by a single organization or person.

Typically one of the first decisions that a business will have to make is whether or not they want a client based server or a peer to peer set up. Peer to Peer networks are the easiest to set up, they have no central server and each machine basically works on its own acting as its own server, the drawback is that it has virtually no security. Client based servers allow data to be stored in a central location and offer much better security, but they’re more expensive to set up.

The next big decision a business will need to decide on will be whether you want a wired or wireless network. If you go the wired route, the cables will either be copper wire, twisted pair, or fiber optic. The advantages of a wired connection are an increased speed, it’s cheaper because you don’t have to get routers, and less interference from other networks. Wireless connections are made over electromagnetic or infrared waves. The advantages of a wireless network are it’s easier to install with no wires, better mobility, and it can cover a wider area.

There is also a lot to consider when purchasing the hardware you’ll need to set up your network., but there are some basics that everyone will use. Network adapters (called NICs) most of the time come with the computer, but if you have specialized equipment then you’ll need to make sure it has them. You’ll also need a modem if your setting up broadband, this will either be DSL or cable modem. Routers are what transfer data, in a home network this would be what transfers data between the internet and the home network. Your router should be connected to your broadband modem with an Ethernet cable. The switch is what will send the data packet from the router to the actual computer, most routers come with them already integrated, but you’ll need to make sure it is compatible.

Setting up your businesses network is only half the battle, you then have to maintain it, and security is always going to be at the top of that list. All the employees that will be on the network should be educated in basic Cybersecurity skills like email phishing prevention. You need to be constantly vigilant in making sure that your software stays up to date by setting your system to upgrade automatically. Things like using a firewall and setting up a VPN on your router are also good things to do because the VPN will encrypt things data while it’s being transferred through the internet.