92 Chapter 2: Networking FundamentalsFigure 2-36 Wireless Adapters Wireless Access Points The access point AP or base station see Figure 2-37 is a wireless LAN transceiver that can act a
Trang 1Figure 2-32 Optical Platform—The Cisco ONS 15454 DWDM Optical Network System
Security Devices
Because of increased Internet and extranet connections, as well as more telecommuters
and mobile users accessing enterprise networks from remote sites, the importance of
network security increases Firewalls, AAA servers, and VPN concentrators are
com-ponents or devices related to network security
Firewalls
The term firewallrefers to either a firewall program running on a router or server or a
special standalone hardware component of a network A firewall protects a private
network’s resources from users in other networks
Working closely with a router program, a firewall examines each network packet to
determine whether to forward it to its destination Using a firewall is like using a traffic
officer to ensure that only valid traffic can enter or leave certain networks Figure 2-33
shows a Cisco PIX Firewall 535 series, which is a dedicated network device
Trang 290 Chapter 2: Networking Fundamentals
Figure 2-33 Cisco PIX Firewall
AAA Servers
An AAA server is a server program that handles user requests for access to computer
and network resources An AAA server provides authentication, authorization, and accounting services for an enterprise The AAA server ensures that only authentic users can get into the network (authentication), that the users are allowed access only to the resources they need (authorization), and that records are kept of everything they do after they are allowed entry (accounting)
An AAA server is like the credit card system To put charges on a credit card, the mer-chant must verify that the credit card actually belongs to the person using it (authenti-cation) The merchant must also check that the credit card has enough credit left for the requested charge amount (authorization), and then the merchant must record the charge to the user’s account (accounting) Figure 2-34 shows an example of where an AAA server is used
Figure 2-34 AAA Server
Massachusetts California
New Hampshire
Vermont
Corporate Headquarters AAA Server
No Access
to HQ
Allow Access
to HQ
Allow Access
to HQ
• Permit Access from MA
• Permit Packets from NH
• Permit Packets from VT
• Deny All Other Packets
Trang 3VPN Concentrators
A VPN concentrator offers powerful remote access and site-to-site VPN capability, an
easy-to-use management interface, and a VPN client The Cisco VPN 3000
Concentra-tor Series is a family of purpose-built, remote-access VPN platforms and client
soft-ware that incorporates high availability, high performance, and scalability with the
most advanced encryption and authentication techniques available today Figure 2-35
shows a VPN 3000 Concentrator
Figure 2-35 Cisco VPN 3000 Concentrator
Wireless Devices
A wireless LAN (WLAN) provides all the features and benefits of traditional LAN
technologies, such as Ethernet, without the limitations of wire or cables Some
com-mon wireless networking devices include wireless NICs, wireless access points, and
wireless bridges The following sections briefly describe these wireless networking
devices
Wireless NICs
Each wireless client requires a wireless NIC or client adapter These are available as
PCMCIA and PCI cards to provide wireless connectivity for both laptop and desktop
workstations Laptops or notebook PCs, with wireless NICs, can move freely
through-out a campus environment while maintaining connectivity to the network Wireless
PCI and ISA adapters (for desktop workstations) allow end stations to be added to the
LAN quickly, easily, and inexpensively without the need for additional cabling All
adapters feature antennas—the PCMCIA card with a built-in antenna and the PCI
card with an external antenna The antennas provide the range required for data
trans-mission and reception Figure 2-36 shows wireless adapters
Trang 492 Chapter 2: Networking Fundamentals
Figure 2-36 Wireless Adapters
Wireless Access Points
The access point (AP) or base station (see Figure 2-37) is a wireless LAN transceiver that can act as a hub—the center point of a standalone wireless network—or as a bridge—the connection point between wireless and wired networks Multiple APs can provide roaming functionality, allowing wireless users freedom to roam throughout a facility while maintaining uninterrupted connectivity to the network
Figure 2-37 Wireless Access Point
Trang 5Wireless Bridges
A wireless bridge, shown in Figure 2-38, provides high-speed (11 Mbps), long-range
(up to 25 miles), line-of-sight wireless connectivity between Ethernet networks Any
Cisco AP can be used as a repeater (extension point) for the wireless network
Figure 2-38 Wireless Bridge
Network Topologies
A network topology defines how computers, printers, network devices, and other
devices are connected In other words, a network topology describes the layout of the
wire and devices as well as the paths used by data transmissions The topology greatly
influences how the network works
Networks can have both a physical and a logical topology Physical topology refers to
the physical layout of the devices and media Physical topologies that are commonly
used are
■ Bus
■ Ring
■ Star
■ Extended star
Lab Activity OSI Model Encapsulation and Devices
In this lab, you describe layers and characteristics of the OSI model You also identify the encapsulation units and devices that operate at each layer
Trang 694 Chapter 2: Networking Fundamentals
■ Hierarchical
■ Mesh Figure 2-39 illustrates the different physical topologies
Figure 2-39 Physical Topologies
Logical topology defines how the medium is accessed by the hosts for sending data
The following sections describe different types of physical and logical topologies Figure 2-40 shows many different topologies connected by networking devices It shows a network of moderate complexity that is typical of a school or small business
Figure 2-40 Networking Topologies
Bus Topology Ring Topology Star Topology
Extended Star Topology
Hierarchical Topology
Mesh Topology
G
1
Internet
Main Server
Main Switch
Workgroup Switch
Repeater
Bridge Hub
E0 F0
E1 T0
2
L
K
N
M
O
H
FDDI
Token Ring
1
Trang 7The following sections describe the different networking topologies in more detail.
Bus Topology
Commonly called a linear bus, a bus topology connects all the devices using a single
cable (see Figure 2-41) This cable proceeds from one computer to the next like a bus
line going through a city
Figure 2-41 Bus Topology
With a physical bus topology, the main cable segment must end with a terminator that
absorbs the signal when it reaches the end of the line or wire If there is no terminator,
the electrical signal representing the data bounces back at the end of the wire, causing
errors in the network
Star and Extended-Star Topologies
Thestar topology, shown in Figure 2-42, is the most commonly used physical topology
in Ethernet LANs When installed, the star topology resembles spokes in a bicycle wheel
The star topology is made up of a central connection point that is a device such as a
hub, switch, or router, where all the cabling segments meet Each host in the network
is connected to the central device with its own cable
Although a physical star topology costs more to implement than the physical bus
topology, the advantages of a star topology make it worth the additional cost Because
each host is connected to the central device with its own cable, when that cable has a
problem, only that host is affected; the rest of the network remains operational This
benefit is extremely important and is why virtually every newly designed Ethernet
LAN has a physical star topology
A central connection point might be desirable for security or restricted access, but this
is also a main disadvantage of a star topology If the central device fails, the whole
net-work becomes disconnected
Trang 896 Chapter 2: Networking Fundamentals
Figure 2-42 Star Topology
When a star network is expanded to include an additional networking device that is connected to the main networking device, it is called an extended-star topology, as shown in Figure 2-43
Figure 2-43 Extended-Star Topology
Trang 9Ring Topology
The logical ring topology is another important topology in LAN connectivity As the
name implies, hosts are connected in the form of a ring or circle Unlike the physical
bus topology, the ring topology has no beginning or end that needs to be terminated
Data is transmitted in a way unlike the logical bus topology A frame travels around
the ring, stopping at each node If a node wants to transmit data, it is permitted to add
that data as well as the destination address to the frame The frame then continues
around the ring until it finds the destination node, which takes the data out of the
frame The advantage of using this type of method is that there are no collisions of
data packets
Two types of rings exist:
■ Single ring
In a single ring, as shown in Figure 2-44, all the devices on the network share a single
cable, and the data travels in one direction only Each device waits its turn to send data
over the network Most single-ring topologies are actually wired as a star
Figure 2-44 Ring Topology
In a dual ring, two rings allow data to be sent in both directions, as shown in Figure 2-45
This setup creates redundancy (fault tolerance), meaning that if one ring fails, data can
be transmitted on the other ring Also, if both rings fail, a “wrap” at the fault can heal
the topology back into a ring
Trang 1098 Chapter 2: Networking Fundamentals
Figure 2-45 Dual-Ring Topology
Hierarchical Topology
Ahierarchical topology is created similar to an extended-star topology The primary difference is that it does not use a central node Instead, it uses a trunk node from which it branches to other nodes, as shown in Figure 2-46 Two types of tree topolo-gies exist: the binary tree (each node splits into two links) and the backbone tree (a backbone trunk has branch nodes with links hanging from it)
Full-Mesh and Partial-Mesh Topologies
Thefull-mesh topology connects all devices (nodes) to each other for redundancy and fault tolerance, as shown in Figure 2-47 The wiring in a full-mesh topology has very distinct advantages and disadvantages The advantage is that every node is connected physically to every other node, which creates a redundant connection If any link fails, information can flow through many other links to reach its destination The primary disadvantage is that for anything more than a small number of nodes, the amount
of media for the links and the number of the connections on the lines becomes over-whelming Implementing a full-mesh topology is expensive and difficult The full-mesh topology is usually implemented in WANs between routers
Two Links Connected to the Same Networking Device