Xem mẫu
1102.book Page 89 Tuesday, May 20, 2003 2:53 PM
Networking Models 89
Figure 2-32 Optical Platform—The Cisco ONS 15454 DWDM Optical Network System
Security Devices
Because of increased Internet and extranet connections, as well as more telecommuters and mobile users accessing enterprise networks from remote sites, the importance of network security increases. Firewalls, AAA servers, and VPN concentrators are com-ponents or devices related to network security.
Firewalls
The term firewall refers to either a firewall program running on a router or server or a special standalone hardware component of a network. A firewall protects a private network’s resources from users in other networks.
Working closely with a router program, a firewall examines each network packet to determine whether to forward it to its destination. Using a firewall is like using a traffic officer to ensure that only valid traffic can enter or leave certain networks. Figure 2-33 shows a Cisco PIX Firewall 535 series, which is a dedicated network device.
1102.book Page 90 Tuesday, May 20, 2003 2:53 PM
90 Chapter 2: Networking Fundamentals
Figure 2-33 Cisco PIX Firewall
AAA Servers
An AAA server is a server program that handles user requests for access to computer and network resources. An AAA server provides authentication, authorization, and accounting services for an enterprise. The AAA server ensures that only authentic users can get into the network (authentication), that the users are allowed access only to the resources they need (authorization), and that records are kept of everything they do after they are allowed entry (accounting).
An AAA server is like the credit card system. To put charges on a credit card, the mer-chant must verify that the credit card actually belongs to the person using it (authenti-cation). The merchant must also check that the credit card has enough credit left for the requested charge amount (authorization), and then the merchant must record the charge to the user’s account (accounting). Figure 2-34 shows an example of where an AAA server is used.
Figure 2-34 AAA Server
Massachusetts California
No Access to HQ
Allow Access to HQ
Corporate Headquarters
AAA Server
New Hampshire
Allow Access to HQ
Vermont
• Permit Access from MA • Permit Packets from NH • Permit Packets from VT • Deny All Other Packets
1102.book Page 91 Tuesday, May 20, 2003 2:53 PM
Networking Models 91
VPN Concentrators
A VPN concentrator offers powerful remote access and site-to-site VPN capability, an easy-to-use management interface, and a VPN client. The Cisco VPN 3000 Concentra-tor Series is a family of purpose-built, remote-access VPN platforms and client soft-ware that incorporates high availability, high performance, and scalability with the most advanced encryption and authentication techniques available today. Figure 2-35 shows a VPN 3000 Concentrator.
Figure 2-35 Cisco VPN 3000 Concentrator
Wireless Devices
A wireless LAN (WLAN) provides all the features and benefits of traditional LAN technologies, such as Ethernet, without the limitations of wire or cables. Some com-mon wireless networking devices include wireless NICs, wireless access points, and wireless bridges. The following sections briefly describe these wireless networking devices.
Wireless NICs
Each wireless client requires a wireless NIC or client adapter. These are available as PCMCIA and PCI cards to provide wireless connectivity for both laptop and desktop workstations. Laptops or notebook PCs, with wireless NICs, can move freely through-out a campus environment while maintaining connectivity to the network. Wireless PCI and ISA adapters (for desktop workstations) allow end stations to be added to the LAN quickly, easily, and inexpensively without the need for additional cabling. All adapters feature antennas—the PCMCIA card with a built-in antenna and the PCI card with an external antenna. The antennas provide the range required for data trans-mission and reception. Figure 2-36 shows wireless adapters.
1102.book Page 92 Tuesday, May 20, 2003 2:53 PM
92 Chapter 2: Networking Fundamentals
Figure 2-36 Wireless Adapters
Wireless Access Points
The access point (AP) or base station (see Figure 2-37) is a wireless LAN transceiver that can act as a hub—the center point of a standalone wireless network—or as a bridge—the connection point between wireless and wired networks. Multiple APs can provide roaming functionality, allowing wireless users freedom to roam throughout a facility while maintaining uninterrupted connectivity to the network.
Figure 2-37 Wireless Access Point
1102.book Page 93 Tuesday, May 20, 2003 2:53 PM
Network Topologies 93
Wireless Bridges
A wireless bridge, shown in Figure 2-38, provides high-speed (11 Mbps), long-range (up to 25 miles), line-of-sight wireless connectivity between Ethernet networks. Any Cisco AP can be used as a repeater (extension point) for the wireless network.
Figure 2-38 Wireless Bridge
Lab Activity OSI Model Encapsulation and Devices
In this lab, you describe layers and characteristics of the OSI model. You also identify the encapsulation units and devices that operate at each layer.
Network Topologies
A network topology defines how computers, printers, network devices, and other devices are connected. In other words, a network topology describes the layout of the wire and devices as well as the paths used by data transmissions. The topology greatly influences how the network works.
Networks can have both a physical and a logical topology. Physical topology refers to the physical layout of the devices and media. Physical topologies that are commonly used are
Bus Ring Star
Extended star
...
- tailieumienphi.vn
nguon tai.lieu . vn