Accessing the WAN – Chapter ppt

The term broadband refers to advanced communications systems capable of providing high-speed transmission of services, such as data, voice, and video, over the Internet and other netw

Accessing the WAN – Chapter

2

Objectives

ƒ In this chapter, you will learn to:

– Describe the enterprise requirements for providing teleworker services, including the differences between private and public network infrastructures

– Describe the teleworker requirements and recommended architecture for providing teleworking services

– Explain how broadband services extend enterprise networks using DSL, cable, and wireless technology

– Describe the importance of VPN technology, including its role and benefits for enterprises and teleworkers

– Describe how VPN technology can be used to provide secure teleworker services to an enterprise network

Business Requirement for Teleworker Services

ƒ With advances in broadband and wireless

technologies, working away from the office no longer

presents the challenges it did in the past

– Organizations can cost-effectively distribute data,

voice, video, and real-time applications, across their entire workforce no matter how remote and scattered they might be

ƒ On a broader scale, the ability of businesses to

provide service across time zones and international

boundaries is greatly enhanced using teleworkers

– Contracting and outsourcing solutions are easier to

implement and manage

ƒ From a social perspective, teleworking options

increase the employment opportunities for various

groups, including parents with small children, the

handicapped, and people living in remote areas

– Teleworkers enjoy more quality family time, less

travel-related stress, and in general provide their employers with increased productivity, satisfaction, and retention

4

Teleworker Solution

ƒ With the growing number of teleworkers, enterprises

have an increasing need for secure, reliable, and

cost-effective ways to connect to people working in

small offices and home offices (SOHOs), and other

remote locations, with resources on corporate sites

ƒ The figure displays 3 remote connection technologies

available to organizations for supporting teleworker:

1 Traditional private WAN Layer 2 technologies,

including Frame Relay, ATM, and leased lines, provide

many remote connection solutions

2 IPsec Virtual Private Networks (VPNs) offer flexible

and scalable connectivity

• Site-to-site connections can provide a secure, fast, and reliable remote connection to teleworkers

• This is the most common option for teleworkers, combined with remote access over broadband, to establish a secure VPN over the public Internet (A less reliable means of connectivity using the Internet is a dialup connection.)

Teleworker Solution: Broadband Services

3 The term broadband refers to advanced

communications systems capable of providing

high-speed transmission of services, such as data, voice,

and video, over the Internet and other networks

ƒ Transmission is provided by a wide range of

ƒ The broadband service data transmission speeds

typically exceed 200 kilobits per second (kb/s), or

200,000 bits per second, in at least one direction:

–downstream (from the Internet to the user's computer)

–upstream (from the user's computer to the Internet)

6

Remote Connection Topologies for the Teleworker

ƒ In general, broadband refers to telecommunication in which a wide band of frequencies is available to transmit information

–Broadband is generally defined as any sustained speed of 200K or more

–Broadband options include

•digital subscriber line (DSL),

•high-speed cable modems,

•fast downstream data connections from direct broadcast satellite (DBS)

•fixed wireless providers

•3G wireless

–The most common problem with broadband access is lack of coverage area

• Broadband vs Baseband

– Baseband: only one

signal on the wire at once - time-division multiplexing:

• Ethernet networks

– Broadband: multiple

signals - frequency division multiplexing

Teleworker Solution

ƒ To connect effectively to their organization's

networks, teleworkers need two key sets of

components:

–Home Office Components - The required home

office components are a laptop or desktop

computer, broadband access (cable or DSL), and

a VPN router or VPN client software installed on

the computer

• When traveling, teleworkers need an Internet connection and a VPN client to connect to the corporate network over any available dialup, or broadband connection

–Corporate Components - Corporate

components are VPN-capable routers, VPN

concentrators, multifunction security appliances,

authentication, and central management devices

for resilient aggregation and termination of the

VPN connections

8

Teleworker Solution

ƒ Typically, providing support for VoIP requires

upgrades to these components

–Routers need Quality of Service (QoS)

functionality

–QoS refers to the capability of a network to

provide better service to selected network traffic,

as required by voice and video applications

ƒ The figure shows an encrypted VPN tunnel

connect the teleworker to the corporate network

–This is the heart of secure and reliable teleworker

connections

–A VPN is a private data network that uses the

public telecommunication infrastructure

–VPN security maintains privacy using a tunneling

protocol and security procedures

–This course presents the IPsec (IP Security)

protocol as the favored approach to building

secure VPN tunnels

Options for Connecting the Teleworker

ƒ Split tunneling:

–Split tunneling is a computer networking

concept which allows a VPN user to access a

public network (e.g., the Internet) and a local

LAN or WAN at the same time,

•The remote user, for example, then downloads his email from the mail server at 10.10.0.5, and

downloads a document from the Archive at 10.2.3.4 Next, without exiting the tunnel, the remote user can print the document through the PC's local network interface 192.19.2.32 to the printer at 192.19.2.33

–Advantages

•An advantage of using split tunneling is that it alleviates bottlenecks and conserves bandwidth as Internet traffic does not have to pass through the VPN server

10

Connecting Teleworker to the WAN

ƒ Teleworkers typically use diverse applications

(e-mail, web, voice, and videoconferencing) that

require a high-bandwidth connection:

–Dialup access - Dialup is the slowest option,

and is typically used by mobile workers in areas

where high speed connection are not available

–DSL - DSL also uses telephone lines DSL uses

a special modem that separates the DSL signal

from the telephone signal and provides an

Ethernet connection to a host computer or LAN

–Cable modem - The Internet signal is carried on

the same coaxial cable that delivers cable TV A

special cable modem separates the Internet signal

from the other signals and provides an Ethernet

connection to a host computer or LAN

–Satellite - The computer connects to a satellite

modem that transmits radio signals to the nearest

point of presence within the satellite network

What is a Cable System?

ƒ John Walson the founder of the cable television

–He was the first cable operator to use microwave to

import distant television stations, –He was the first to use coaxial cable to improve picture

quality, and the distribute pay television programming

ƒ Cable television first began in Pennsylvania in

1948 John Walson, the owner of an appliance store

in a small mountain town, needed to solve poor

over-the-air reception problems experienced by

customers trying to receive TV signals from

Philadelphia through the mountains

–Walson erected an antenna on a utility pole on a local

mountaintop that enabled him to demonstrate the televisions in his store with strong broadcasts coming from the three Philadelphia stations

–He connected the antenna to his appliance store via a

cable and modified signal boosters

–He then connected several of his customers who were

located along the cable path

–This was the first community antenna television

(CATV) system in the United States

http://www.pcta.com/news/walson.php?PHPSESSID=bad26d0ac5fd

8e02fb67d0d5045a6fab

12

What is a Cable System?

ƒ The “cable” in cable system refers to the coaxial

cable that carries radio frequency (RF) signals

across the network Coaxial cable is the primary

medium used to build cable TV systems

ƒ A typical cable operator now uses a satellite

dish to gather TV signals Early systems were

series along the network to compensate for

signal loss

–Taps were used to couple video signals from the

main trunks to subscriber homes via drop cables

ƒ Modern cable systems provide two-way

communication between subscribers and the

cable operator

–Cable operators now offer customers advanced

telecommunications services including high-speed Internet access, digital cable television, and

residential telephone service

–(e.g impulse-pay-per-view, home shopping,

Internet access),

What is a Cable System?

ƒ One Way Cable Modems

–In this system, communications in the down

direction is by cable but the return path is by conventional telephone line and telephone modem (33 Kbps)

•Some companies have a modem box which connects to both your telephone line and to the cable

TV system The box then connects to your computer via either a USB port or an Ethernet port

ƒ Two way Cable Modems

–Two way cable systems transmit data in both

directions via cable and therefore do not need a telephone line Uplink speeds are typically higher than 56K modem but not as high as downlink speeds

–Cable modem service is always-on and so the

problems with busy signals, connect time, and disconnects are eliminated

–These systems generally permanently assign a

dedicated internet address (IP number) to each user which allows the use of services where your friends need to know your Internet address such

as ICQ or netphone

1-way vs 2 way

http://www.azinet.com/a rticles/cablemodem.htm

14

Cable Technology Terms

ƒ The following terms describe key cable technologies:

– Broadband : In cable systems, broadband refers to the

frequency-division multiplexing (FDM) of many signals in a wide RF bandwidth

over a hybrid fiber-coaxial (HFC) network

– Community antenna television (CATV): The term now widely

refers to residential cable systems

– Coaxial cable : Coaxial cable transports RF signals and has certain

physical properties that define the attenuation of the signal These

properties include cable diameter, dielectric construction, ambient

temperature, and operating frequency

– Tap : A tap divides the input signal's RF power to support multiple

outputs Typically, the cable operators deploy taps with two, four, or

eight ports called subscriber drop connections - (Passive)

– Amplifier : An amplifier magnifies an input signal and produces a

significantly larger output signal (Active)

– Hybrid fiber-coaxial (HFC): HFC is a mixed optical-coaxial

network in which optical fiber replaces the lower bandwidth coaxial

where useful in the traditional trunk portion of the cable network

– Downstream : This is the direction of an RF signal transmission (TV

channels and data) from the source (headend) to the destination

(subscribers) Transmission from source to destination is called the

forward path

– Upstream : This is the direction of an RF signal transmission

opposite to downstream: from subscribers to the headend, or the

return or reverse path

Figure: HFC Architecture Tap Amplifier

Cable Technology Terms

ƒ The following terms describe key cable technologies:

16

Cable System Components

ƒ CATV distributes TV channels collected at a central

location, called a headend, to subscribers over a

branched network of optical fibers, coaxial cables,

and broadband amplifiers

¾ There are five major components of a cable system:

¾Antenna site : The location of an antenna site is chosen

for optimum reception of over-the-air, satellite signals

¾Headend : The headend is a master facility where

signals are first received, processed, formatted, and then

distributed downstream to the cable network

¾Transportation network : A transportation network links

a remote antenna site to a headend The transportation

network can be microwave, coaxial, or fiber-optic

¾Distribution network : In a classic cable system called a

tree-and-branch cable system, the distribution network

consists of trunk and feeder cables The trunk is the

backbone that distributes signals throughout the

community service area to the feeder The feeder

branches flow from a trunk and reach all of the

subscribers in the service area

¾Subscriber drop : A subscriber drop connects the

subscriber to the cable services The subscriber drop is a

connection between the feeder part of a distribution

network and the subscriber terminal device (for example,

TV set or cable modem)

Cable System Benefits

ƒ The cable system architecture provides a

cost-effective solution for densely populated

areas by cascading a broadcast architecture

to the users

ƒ The development of cable systems made new

services possible

–Cable systems support telephony and data

services and analog and digital video services

ƒ Businesses that employ teleworkers can gain

the following benefits from this widely

available high-speed cable Internet access

method:

–VPN connectivity to corporate intranets

–SOHO capabilities for work-at-home employees

–Interactive television

–Public switched telephone network

(PSTN)-quality voice and fax calls over the managed IP

networks

www.conniq.com/InternetAccess_cable.htm

18

Sending Digital Signals over Radio Waves

ƒ When users tune a radio set across the RF

spectrum to find different radio stations, they tune

the radio to different electromagnetic frequencies

across that RF spectrum

–The same principle applies to the cable system

ƒ The cable TV industry uses a portion of the RF

electromagnetic spectrum

–At the subscriber end, equipment such as TVs,

VCRs, and High Definition TV set-top boxes tune to

certain frequencies that allow the user to view the

TV channel or to receive high-speed Internet access

ƒ A cable network is capable of transmitting signals

on the cable in either direction at the same time

The following frequency scope is used:

–Downstream : Transmitting the signals from the

cable operator to the subscriber, the outgoing

frequencies are in the range of 50 to 860 MHz

–Upstream : Transmitting the signals in the reverse

path from the subscriber to the cable operator, the

incoming frequencies are in the range of 5 to 42

Headend-to-RF bandwidth

Upstream: headend has 37 MHz of RF bandwidth

Subscriber-to-Sending Digital Signals over Radio Waves

ƒ When a cable company offers Internet access

over the cable, Internet use the same cables

–the cable modem system puts downstream data

data sent from the Internet to an individual

computer into a 6-MHz channel

•On the cable, the data looks just like a TV channel

So Internet downstream data takes up the same amount of cable space as any single channel of programming

–Upstream data information sent from an

individual back to the Internet requires even

less of the cable's bandwidth, just 2 MHz, since

the assumption is that most people download far

more information than they upload

ƒ Putting both upstream and downstream data on

the cable television system requires two types

of equipment: a cable modem on the customer

end and a cable modem termination system

(CMTS) at the cable provider's end

http://computer.howstuffworks.com/cable-modem2.htm

20

The Data-over-Cable Service Interface Specification (DOCSIS)

ƒ DOCSIS is an international standard developed by

CableLabs, a nonprofit research and development

consortium for cable-related technologies

– CableLabs tests and certifies cable equipment such as

cable modem and cable modem termination systems

ƒ DOCSIS specifies the Open Systems Interconnection

(OSI) Layers 1 and 2 requirements:

– Physical layer: For data signals that the cable operator can

use, DOCSIS specifies the channel widths (bandwidths of

each channel)

•DOCSIS 1.0: 200 kHz, 400 kHz, 800 kHz, 1.6 MHz, 3.2 MHz,

•DOCSIS 2.0: 6.4 MHz

– MAC layer: Defines a deterministic access method

(time-division multiple access [TDMA] or synchronous code

division multiple access [S-CDMA])

ƒ DOCSIS currently uses two standards, and a third

standard is under development:

– DOCSIS 1.0 was the first standard issued in March 1997

– DOCSIS 2.0 was released in January 2002

•DOCSIS 2.0 enhanced upstream transmission speeds and QoS capabilities

– DOCSIS 3.0 is under development and expected to feature

channel bonding, enabling the use of multiple downstream

and upstream channels

http://en.wikipedia.org/wiki/DOCSIS

The Data-over-Cable Service Interface Specification

¾ Plans for frequency allocation bands differ between North American and European cable systems

¾Euro-DOCSIS is adapted for use in Europe

¾The main differences between DOCSIS and Euro-DOCSIS relate to channel bandwidths

¾ TV technical standards vary across the world, which affects the way DOCSIS variants develop

¾International TV standards include NTSC in North American and parts of Japan;

¾PAL in most of Europe, Asia, Africa, Australia, Brazil, and Argentina;

¾SECAM in France and some Eastern European countries

22

Hybrid Fiber-Coaxial (HFC) Cable Networks

ƒ Accessing the Internet through a cable network is a

popular option that teleworkers can use to access

their enterprise network

–A significant drawback of only using coaxial cable is

the signal attenuation that happens when the signal

travels from the antenna to the subscriber

–Amplifiers placed approximately every 2000 feet, boost

signal strength and ensure that RF signals have

enough power to receive all channels for analog TV,

digital TV, and digital data cable modem services

ƒ Modern cable operators use an HFC network that

deploys fiber in the trunks:

–Reduces the number of amplifiers

–Thin and lightweight—takes less space

–Covers longer distances

–Induces less or virtually no noise

–Less loss of signal

–Immune to external influences, such as thunder or RF

interference

–Easier to handle

Hybrid Fiber-Coaxial (HFC) Cable Networks

ƒ HFC architecture is relatively simple A

web of fiber trunk cables connects the

headend (or hub) to the nodes where

optical-to-RF signal conversion takes

place

–Fiber trunks carry downstream traffic at a

signal strength above 50 decibels (dB) and

reduce the number of cable amplifiers in

trunk lines

–Coaxial cable is already in place throughout

many neighborhoods, so cable operators

can build an HFC network without having to

replace existing coaxial cable between

nodes and subscribers

24

Sending Data over Cable

ƒ Two types of equipment are required to send

digital modem signals upstream and downstream

on a cable system:

–A cable modem (CM) on the subscriber end

–A cable modem termination system (CMTS) at the

headend of the cable operator

ƒ In a modern HFC network, 500 to 2000 active data

subscribers are typically connected to a cable

network segment, all sharing the upstream and

downstream bandwidth

–The actual bandwidth for Internet service over a

CATV line can be up to 27 Mbps on the download

path to the subscriber and about 2.5 Mbps of

bandwidth on the upload path

•Based on the cable network architecture, cable operator provisioning practices, and traffic load, an individual subscriber can typically get an access speed of between

256 kb/s and 6 Mb/s

http://en.wikibooks.org/wiki/Computer_Networks/Cable

Sending Data over Cable (cont.)

ƒ When high usage causes congestion,

the cable operator can add additional

bandwidth for data services by

allocating an additional TV channel

for high-speed data

–This addition may effectively double the

downstream bandwidth that is available to

subscribers

–Another option is to reduce the number of

subscribers served by each network

segment To reduce the number of

subscribers, the cable operator further

subdivides the network by laying the

fiber-optic connections closer and deeper into

the neighborhoods

http://en.wikibooks.org/wiki/Computer_Networks/Cable

26

Cable Technology: Putting It All Together

ƒ In the downstream path,

– the local headend (LHE) distributes TV signals to subscribers

via the distribution network

– TV signals are received through satellite dishes

– The CMTS modulates digital data on an RF signal and

combines that RF signal with the TV signals

– At the fiber node, the optical signal is converted back to an RF

signal and then transmitted over the coaxial network comprised

of amplifiers, taps, and drops

– At the subscriber end, an RF splitter divides the combined RF

signal into video and data portions

– The CM receives the data portion of the RF signal

– The CM, tuned to the data RF signal channels, demodulates

the data RF signal back into digital data and finally passes the

data to the computer over an Ethernet connection

ƒ In the upstream direction,

– the CM decodes the digital information from the Ethernet

connection, modulates a separate RF signal with this digital

information, and transmits this signal at a certain RF power

level

– At the headend, the CMTS, tuned to the data RF channels,

demodulates the data RF signal back to digital data and routes

the digital data to the Internet

Data Cable Network Technology Issues

ƒ Because subscribers share a coaxial cable line,

some problems may occur:

–Subscribers on a segment share the available

bandwidth on that segment

•The bandwidth that is available to each subscriber varies based on the number of subscribers

•Cable operators resolve this issue by adding RF channels and splitting the service area into multiple smaller areas within the segment

–As with any shared media, there is a risk of

privacy loss Available safeguards are encryption and other privacy features, which are specified in the DOCSIS standard used by most CMs

ƒ A common misconception is that a computer

may communicate directly with another

computer on the same segment This is not

possible because the CM transmits on a

completely separate frequency than the

frequency on which another CM would receive

28

Data Cable Network Technology Issues

Security

ƒ DOCSIS data transport security

provides cable modem users with

data privacy across the cable network

by encrypting traffic flows between

the Cable Modem (CM) and the

Cable Modem Termination System

(CMTS) located in the cable network

headend

–It should be noted, however, that these

security services only apply to the access network Once traffic makes its way from the access network onto the Internet

backbone, it will be subject to privacy threats common to all traffic traveling across the Internet, regardless of how it got onto the Internet

http://www.cablelabs.com/news/newsletter/SPECS/September_SPECSTECH/tech.pgs/leadstory.html

What is DSL

ƒ Several years ago, Bell Labs identified that a typical

voice conversation over a local loop only required

the use of bandwidth of 300 Hz to 3 kHz

–For many years, the telephone networks did not use

the bandwidth beyond 3 kHz

¾ Advances in technology allowed DSL to use the

additional bandwidth above 3 kHz up to 1 MHz to

deliver high-speed data services over ordinary

copper lines

–As an example, asymmetric DSL (ADSL) uses a

frequency range from approximately 20 kHz to 1 MHz

–Fortunately, only relatively small changes to existing

telephone company infrastructure are required to

deliver high-bandwidth data rates to subscribers

ƒ Figure shows a representation of bandwidth space

allocation on a copper wire for ADSL

–The green area represents the space used by POTS,

–The other colored spaces represent the space used

by the upstream and downstream DSL signals

http://en.wikibooks.org/wiki/Computer_Networks

/DSL

30

What is DSL

ƒ Service providers deploy DSL connections in the

last step of a local telephone network, called the

local loop or last mile

–The connection is set up between a pair of modems

on either end of a copper wire that extends between

the customer premises equipment (CPE) and the

DSL access multiplexer (DSLAM)

ƒ The two key components of DSL connection are:

–DSLAM: A DSLAM is the device located at the

central office (CO) of the provider

•The DSLAM is at the central office and combines individual DSL connections from users into one high capacity link to the Internet

–The DSL transceiver: it connects the teleworker’s

computer to the DSL line

•Newer DSL transceivers can be built into small routers with multiple 10/100 switch ports for home office use

ƒ The advantage that DSL has over cable

technology is that DSL is not a shared medium

–Each user has a separate direct connection to the

DSLAM

–Adding users does not impede performance unless

the DSLAM Internet connection on the other side

becomes saturated

How Does DSL Work?

ƒ DSL types fall into two major categories, taking into

account downstream and upstream speeds:

– Symmetrical DSL: Upstream and downstream speeds

are the same (Enterprise user)

– Asymmetrical DSL: Upstream and downstream speeds

are different Downstream speed is typically higher than

upstream speed (Home user)

ƒ The term xDSL covers a number of DSL variations,

such as Asymmetric DSL (ADSL), high-data-rate DSL

(HDSL), Rate Adaptive DSL (RADSL), symmetric DSL

(SDSL), ISDN DSL (IDSL), and very-high-data-rate

DSL (VDSL)

– DSL types that do not use the voice frequency band allow

DSL lines to carry both data and voice signals

simultaneously (for example, ADSL and VDSL types),

while other DSL types occupying the complete frequency

range can carry data only (for example, SDSL and IDSL

types)

ƒ The data rate that DSL service can provide depends

on the distance between the subscriber and the CO

– The shorter the distance: the higher the bandwidth

available http://www.linktionary.com/d/dsl.html