CCNA 1 and 2 Companion Guide, Revised (Cisco Networking Academy Program) part 13

1102.book Page 89 Tuesday, May 20, 2003 2:53 PM Networking Models 89 Figure 2-32 Optical Platform—The Cisco ONS 15454 DWDM Optical Network System Security Devices Because of increased Internet and extranet connections, as well as more telecommuters and mobile users accessing enterprise networks from remote sites, the importance of network security increases. Firewalls, AAA servers, and VPN concentrators are com-ponents or devices related to network security. Firewalls The term firewall refers to either a firewall program running on a router or server or a special standalone hardware component of a network. A firewall protects a private network’s resources from users in other networks. Working closely with a router program, a firewall examines each network packet to determine whether to forward it to its destination. Using a firewall is like using a traffic officer to ensure that only valid traffic can enter or leave certain networks. Figure 2-33 shows a Cisco PIX Firewall 535 series, which is a dedicated network device. 1102.book Page 90 Tuesday, May 20, 2003 2:53 PM 90 Chapter 2: Networking Fundamentals Figure 2-33 Cisco PIX Firewall AAA Servers An AAA server is a server program that handles user requests for access to computer and network resources. An AAA server provides authentication, authorization, and accounting services for an enterprise. The AAA server ensures that only authentic users can get into the network (authentication), that the users are allowed access only to the resources they need (authorization), and that records are kept of everything they do after they are allowed entry (accounting). An AAA server is like the credit card system. To put charges on a credit card, the mer-chant must verify that the credit card actually belongs to the person using it (authenti-cation). The merchant must also check that the credit card has enough credit left for the requested charge amount (authorization), and then the merchant must record the charge to the user’s account (accounting). Figure 2-34 shows an example of where an AAA server is used. Figure 2-34 AAA Server Massachusetts California No Access to HQ Allow Access to HQ Corporate Headquarters AAA Server New Hampshire Allow Access to HQ Vermont • Permit Access from MA • Permit Packets from NH • Permit Packets from VT • Deny All Other Packets 1102.book Page 91 Tuesday, May 20, 2003 2:53 PM Networking Models 91 VPN Concentrators A VPN concentrator offers powerful remote access and site-to-site VPN capability, an easy-to-use management interface, and a VPN client. The Cisco VPN 3000 Concentra-tor Series is a family of purpose-built, remote-access VPN platforms and client soft-ware that incorporates high availability, high performance, and scalability with the most advanced encryption and authentication techniques available today. Figure 2-35 shows a VPN 3000 Concentrator. Figure 2-35 Cisco VPN 3000 Concentrator Wireless Devices A wireless LAN (WLAN) provides all the features and benefits of traditional LAN technologies, such as Ethernet, without the limitations of wire or cables. Some com-mon wireless networking devices include wireless NICs, wireless access points, and wireless bridges. The following sections briefly describe these wireless networking devices. Wireless NICs Each wireless client requires a wireless NIC or client adapter. These are available as PCMCIA and PCI cards to provide wireless connectivity for both laptop and desktop workstations. Laptops or notebook PCs, with wireless NICs, can move freely through-out a campus environment while maintaining connectivity to the network. Wireless PCI and ISA adapters (for desktop workstations) allow end stations to be added to the LAN quickly, easily, and inexpensively without the need for additional cabling. All adapters feature antennas—the PCMCIA card with a built-in antenna and the PCI card with an external antenna. The antennas provide the range required for data trans-mission and reception. Figure 2-36 shows wireless adapters. 1102.book Page 92 Tuesday, May 20, 2003 2:53 PM 92 Chapter 2: Networking Fundamentals Figure 2-36 Wireless Adapters Wireless Access Points The access point (AP) or base station (see Figure 2-37) is a wireless LAN transceiver that can act as a hub—the center point of a standalone wireless network—or as a bridge—the connection point between wireless and wired networks. Multiple APs can provide roaming functionality, allowing wireless users freedom to roam throughout a facility while maintaining uninterrupted connectivity to the network. Figure 2-37 Wireless Access Point 1102.book Page 93 Tuesday, May 20, 2003 2:53 PM Network Topologies 93 Wireless Bridges A wireless bridge, shown in Figure 2-38, provides high-speed (11 Mbps), long-range (up to 25 miles), line-of-sight wireless connectivity between Ethernet networks. Any Cisco AP can be used as a repeater (extension point) for the wireless network. Figure 2-38 Wireless Bridge Lab Activity OSI Model Encapsulation and Devices In this lab, you describe layers and characteristics of the OSI model. You also identify the encapsulation units and devices that operate at each layer. Network Topologies A network topology defines how computers, printers, network devices, and other devices are connected. In other words, a network topology describes the layout of the wire and devices as well as the paths used by data transmissions. The topology greatly influences how the network works. Networks can have both a physical and a logical topology. Physical topology refers to the physical layout of the devices and media. Physical topologies that are commonly used are Bus Ring Star Extended star ... - tailieumienphi.vn