CH-5-7 Network Cabling – Network+ Guide to Networks : Chapter Notes

This Document Contains Chapters 5 to 7 Chapter 5 Network Cabling At a Glance Instructor’s Manual Table of Contents • Overview • Objectives • Teaching Tips • Quick Quizzes • Class Discussion Topics • Additional Projects • Additional Resources • Key Terms Lecture Notes Overview Just as highways and streets provide the foundation for automobile travel, networking media provides the physical foundation for data transmission. Networking media is the physical or atmospheric paths that signals follow. The first networks used thick coaxial cables. Today’s local area networks use copper or fiber cabling, or wireless transmissions. Wireless networking is covered in a later chapter. Networks are always evolving to meet the demand for greater speed, versatility, and reliability, and networking media technologies change rapidly. Understanding the characteristics of various networking media is critical to designing and troubleshooting networks. You also need to know how data is transmitted over these various media types. This chapter discusses the details of data transmission and physical networking media. You’ll learn what it takes to make data transmission dependable and how to correct some common transmission problems. Chapter Objectives After reading this chapter and completing the exercises, the student will be able to: • Explain basic data transmission concepts, including throughput, bandwidth, multiplexing, and common transmission flaws • Identify and describe the physical characteristics and official standards of coaxial cable, twisted-pair cable, and fiber-optic cable, and their related connectors • Compare the benefits and limitations of various networking media • Select and use the appropriate tool to troubleshoot common cable problems Teaching Tips Transmission Basics 1. Point out that the transmission techniques in use on today’s networks are complex and varied. Throughput and Bandwidth 1. Define and describe bandwidth as the amount of data that could theoretically be transmitted during a given period of time. 2. Define and describe throughput, which is the measure of how much data is actually transmitted during a given period of time. 3. Use Table 5-1 to illustrate various measures of throughput and bandwidth. 4. Explain that for analog transmission, throughput and bandwidth can be measured by the number of symbols transmitted per second (called baud rate). Point out that a symbol is a voltage, frequency, pulse, or phase change in the analog transmission. Transmission Flaws 1. Explain that three factors can degrade network performance: noise, attenuation, and latency. 2. Define and describe noise. Point out that noise is measured in dB (decibels). 3. Discuss the two common sources of noise: a. EMI (electromagnetic interference) b. Crosstalk 4. Use Figure 5-1 to illustrate crosstalk. Explain the three common types: a. alien crosstalk b. NEXT (near end crosstalk) c. FEXT (far end crosstalk) s 5. Point out that certain amount of noise is unavoidable but engineers have devised a number of ways to limit potential for noise to degrade a signal. 6. Define and describe attenuation, which is the loss of a signal’s strength as it travels away from its source. 7. Explain that a repeater is a device that regenerates a digital signal in its original form without the noise it might have previously accumulated. 7. Use Figure 5-2 to illustrate a digital signal distorted by noise and then amplified. 8. Define and describe latency, which is the delay between the time data leaves the source and the time it arrives at its destination. 9. Discuss potential causes of latency, 10. Note that different devices affect latency to different degrees. 11. Define and describe the most common way to measure latency on data networks. 12. Explain why latency causes problems. Duplex, Half-Duplex, and Simplex 1. Explain that two important NIC settings include the direction in which signals travel over the media and the number of signals that can traverse the media at any given time. 2. Discuss the different methods of communication that are the combination of the two settings above: a. full-duplex (duplex) b. half-duplex c. simplex 3. Use Figure 5-3 to demonstrate how a network adapter’s Speed & Duplex configuration can be changed. Multiplexing 1. Define multiplexing, which is a form of transmission that allows multiple signals to travel simultaneously over one medium. 2. Explain how multiple signals are carried using subchannels. 3. Define and explain the use of a multiplexer. 4. Define and explain the use of a demultiplexer. 5. Discuss the three common types of multiplexing used on copper lines: a. TDM (time division multiplexing) b. STDM (statistical time division multiplexing) c. FDM (frequency division multiplexing) 6. Discuss the three types of multiplexing technologies used with fiber-optic cable: a. WDM (wavelength division multiplexing) b. DWDM (dense wavelength division multiplexing) c. CWDM (course wavelength division multiplexing) Copper Cable Legacy Networking: Coaxial Cable 1. Briefly discuss coaxial cable as the foundation for Ethernet networks. However, point out that coax has been replaced by twisted-pair cable and fiber. Twisted-Pair Cable 1. Explain that twisted-pair cabling consists of color-coded pairs of insulated copper wires that are twisted around each other to form pairs. 2. Use Figure 5-8 to illustrate twisted pair cabling. 3. Point out that the number of pairs used in a cable varies, depending on the type of Ethernet implemented. For example, Fast Ethernet uses two of the four pairs. Networks using Gigabit Ethernet and higher, use all four pairs. 4. Discuss the twisted pair wiring standard, “TIA/EIA 568”. Point out that the standard divides twisted-pair wiring into several categories and most modern LANs use Cat 5e or higher. 5. Use Table 5-3 to discuss the different categories of twisted-pair cabling. 6. Introduce the two categories of twisted pair cable: a. STP (shielded twisted pair) b. UTP (unshielded twisted pair) STP (Shielded Twisted Pair) 1. Explain to students that STP cable consists of twisted-pair wires that are not only individually insulated, but surrounded by a shielding made of a metallic substance such as a foil. 2. Use Figure 5-10 to illustrate STP. UTP (Unshielded Twisted Pair) 1. Explain that UTP cabling does not contain additional shielding for the twisted pairs, which makes it a less expensive option than STP cabling. 2. Use Figure 5-11 to illustrate UTP. Comparing STP and UTP 1. Describe the similarities and differences between STP and UTP: a. throughput b. cost c. connector d. noise immunity e. size and scalability 2. Use Figure 5-12 to illustrate RJ-45 and RJ-11 connectors. Cable Pinouts 1. Explain why closely following proper termination techniques is critical. 2. Identify the two TIA/EIA standards for terminating twisted pair cable: a. TIA/EIA 568A b. TIA/EIA 568B 3. Note that the standards are functionally equivalent but the same standard should be used on every RJ-45 plug and jack on a network. 4. Use Figure 5-13 to illustrate TIA/EIA 568A and TIA/EIA 568B standard terminations. 5. Define a straight-through cable (also known as a patch cable) and discuss situations where it may be used. 6. Briefly discuss a crossover cable and discuss why they are now largely obsolete, except when needed to support older devices.. 7. Use Figure 5-17 to describe a rollover cable. Discuss situations where a rollover cable may be used. 8. Mention the tools required to terminate twisted-pair cable with an RJ-45 plug, using Figures 5-19 through 5-21 to describe these tools. 9. Explain the steps to create a straight-through patch cable. 10. Mention that it is good practice to verify that newly made cables can transmit and receive data at the necessary rates using a cable tester. PoE (Power over Ethernet) 1. Define PoE (Power over Ethernet) and discuss the concept of carrying electrical power over Ethernet connections. 2. Introduce the two types of devices PoE requires and describe each device type: a. PSE (power sourcing equipment) b. PDs (powered devices) 3. Point out that PoE requires Cat 5 or better copper cable and that the choice or current-carrying pairs should be consistent between all PSEs and PDs. 4. Use Figure 5-25 to illustrate a PoE-capable switch. 5. Use Figure 5-27 to illustrate a PoE-capable switch providing power and data connections to a PoE-capable security camera. Teaching Tip Students may find more information on Power over Ethernet at http://www.l-com.com/content/What_Is_PoE.html Ethernet Standards for Twisted-Pair Cabling 1. Use Table 5-4 to discuss the various Ethernet standards used with twisted-pair cabling. Point out that on today’s networks, most devices and computers autonegotiate for the fastest standard. Quick Quiz 1 1. Which term is used to describe the measure of how much data is actually transmitted during a given period of time? a. bandwidth b. attenuation c. latency d. throughput Answer: D 2. In which method of communication do signals travel in both directions over a medium but in only one direction at a time? a. full-duplex b. half-duplex c. simplex d. multiplex Answer: C 3. In which type of multiplexing does the transmitter assign slots to nodes according to priority and need? a. statistical time division b. frequency division c. wavelength division d. dense wavelength division Answer: A 4. True or False: The most common type of networking cable is a crossover cable. Answer: False 5. Which type of cabling consists of one or more insulated wire pairs encased in a plastic sheath? a. STP (Shielded twisted pair) b. UTP (Unshielded twisted pair) c. Coaxial d. Fiber-optic Answer: B Fiber-Optic Cable 1. Introduce students to fiber-optic cable, which transmits data through a central glass fiber via pulsing light. 2. Describe how data is transmitted using two possible sources: a. laser b. LED (light-emitting diode) 3. Define and explain the purpose of cladding used in fiber-optic cabling. 4. Explain that the purpose of the plastic buffer is to protect the cladding and core. Discuss how the buffer does this. 5. Describe the strands of Kevlar and its purpose. Note the plastic sheath that covers the strands of Kevlar as shown in Figure 5-29. 6. Note that there are different varieties of fiber-optic cable depending on its intended use and the manufacturer. Discuss zipcord fiber-optic cabling as an example of one type of fiber-optic cabling. 7. Discuss the benefits fiber-optic cable provides over copper cabling: a. Extremely high throughput b. Very high resistance to noise c. Excellent security d. Ability to carry signals for much longer distances before requiring repeaters 8. Discuss the following characteristics of fiber optic cable: a. Throughput b. Cost c. Noise immunity d. Size and scalability SMF (Single-Mode Fiber) 1. Describe SMF (single-mode fiber). 2. Explain the benefits of SMF. 3. Point out that SMF is rarely used for short connections due to its high cost. 4. Use Figure 5-31 to illustrate transmission over single-mode fiber-optic cable. MMF (Multimode Fiber) 1. Describe MMF (multimode fiber). Use Figure 5-32 to illustrate transmission over multimode fiber-optic cable 2. Describe the benefits of MMF. 3. Point out that MMF is not suited to distances longer than a few kilometers. 4. Explain that the transition between SMF and MMF cabling might occur at an FDP (fiber distribution panel), which is usually a case on a rack where fiber cables converge. Teaching Tip Students may find more information on single-mode vs. multimode fiber at http://www.differencebetween.net/technology/communication-technology/difference-between-single-mode-and-multimode-fiber/ Fiber Connectors 1. Explain that MMF connectors can be classified by the number of fibers and SMF connectors are classified by the size and shape of the ferrule. Use Figure 5-33 to describe the ferrule. 2. Use Figure 5-34 to discuss the two types of mechanical connections in SMF connectors: a. UPC (Ultra Polished Connector) b. APC (Angle Polished Connector) 3. Point out that the most common type of MMF connector is MTRJ (Mechanical Transfer-Registered Jack). 4. Use Table 5-5 to discuss the characteristics of fiber connectors. Media Converters 1. Explain that the purpose of media converters is to enable networks or segments running on different media to interconnect and exchange signals. Use Figure 5-35 and 5-36 in your explanation. Fiber Transceivers 1. Discuss the use of transceivers to upgrade technologies without purchasing all new equipment. 2. Explain that using hot-swappable transceivers eliminates the need to purchase new switches or even turn off current switches in order to upgrade the network. 3. Use Figure 5-37 to discuss a GBIC (Gigabit interface converter). 4. Explain that the following newer transceivers have made the GBIC largely obsolete: a. SFP (small form-factor pluggable) b. XFP (10 Gigabit small form-factor pluggable) c. SFP+ d. QSFP (quad small form-factor pluggable) e. QSFP+ f. CFP (centum form-factor pluggable) 5. Explain that to avoid a transceiver mismatch, the devices must be paired based on supported speeds and protocols. 6. Explain bidirectional transmission, which means each fiber cable carries data in both directions. Point out that this is accomplished using bidirectional transceivers or BiDi transceivers. 7. Use Figure 5-40 to describe how to install an SFP in a switch. Ethernet Standards for Fiber-Optic Cable 1. Use Table 5-6 to discuss the following standards: a. 1000Base-LX b. 1000Base-SX 2. Point out that modal bandwidth is a measure of the highest frequency of signal a multimode fiber can support over a specific distance and is measured in MHz-km. Teaching Tip Students may read about fiber-optic cable and Gigabit Ethernet at https://www.10gea.org/whitepapers/optical-fiber-and-10-gigabit-ethernet/ Common Fiber Cable Problems 1. Discuss the common problems that are unique to fiber cable: • fiber type mismatch • wavelength mismatch • dirty connectors Troubleshooting Tools 1. Discuss the basic steps to take to start troubleshooting a network connection problem: a. Check the network connection LED status indicator light b. Check the device NICs and make sure cable connections are solid 2. Note that most efficient troubleshooting approach is to use a tool specifically designed to analyze and isolate network problems. Toner and Probe Kit 1. Describe the ideal and realistic characteristics of telecommunications wiring. 2. Define and explain the use of a tone generator (toner). 3. Define and explain the use of a tone locator (probe). 4. Point out that when a tone generator and a tone locator are sold together, they are called a toner and probe kit (or just toner probe). 5. Use Figure 5-44 to illustrate the use of a tone generator and a tone locator. Note that testing requires trial and error technique. 6. Emphasize that tone generators and tone locators cannot be used to determine any characteristics about a cable, such as whether it is defective or whether its length exceeds IEEE standards for a certain type of network. Teaching Tip Emphasize that a tone generator should never be used on a wire that is connected to a device’s port or network adapter. Because a tone generator transmits electricity over the wire, it could damage the device or network adapter. Multimeter 1. Describe and explain how a multimeter works. 2. Explain that very high or low levels of impedance can signify a damaged wire, incorrect pairing, or a termination point. 3. Use Figurer 5-45 to illustrate a multimeter. 4. Discuss the possible uses of a multimeter: a. Measure voltage to verify that a cable is properly conducting electricity b. Check for the presence of noise on a wire c. Test for short or open circuits in the wire Cable Continuity Testers 1. Define and describe cable testers. Note that they may sometimes be referred to as continuity testers or cable testers. 2. Explain how copper-based cable testers work. 3. Explain that continuity testers for fiber-optic cables issue light pulses on the fiber and determine whether they reach the other end of the fiber. 4. Point out that most cable testers are portable and lightweight. 5. Use Figure 5-46 to illustrate a cable tester pair. Teaching Tip Popular manufacturers of cable testing devices include Belkin, Fluke, and Paladin. Navigate to the Fluke Web site at http://www.flukenetworks.com/datacom-cabling?td=products#Copper_Certification_and_Testing Cable Performance Tester 1. Explain that a cable performance tester can be used to measure the overall performance of the entire cabling system. 2. Explain the differences between continuity testers and performance testers. Outline some of the things a performance tester can be used to measure. 3. Point out that a sophisticated performance tester will include a TDR (time domain reflectometer), which issues a signal on a cable and measures the way the signal bounces back to the TDR. 4. Describe fiber-optic continuity testers and explain the functionality of OTDRs (optical time domain reflectometers). 5. Note the expense of cable performance testers. 6. Use Figure 5-47 to illustrate a cable performance tester. OPM (Optical Power Meter) 1. Discuss how an OPM can be used to measure the amount of light power transmitted on a fiber-optic line. Teaching Tip Students may find more information on Cable Considerations for Network Installations at http://www.cablinginstall.com/articles/print/volume-6/issue-9/contents/design/network-design-and-installation-considerations.html Quick Quiz 2 1. True or False: Fiber-optic cable is the most expensive transmission medium. Answer: True 2. Which of the following connectors uses a polished curved surface but has end faces that are placed at an angle to each other? a. PC b. UPC c. APC d. ST Answer: C 3. A hardware component that can be changed without disrupting operations is known as _____. Answer: hot-swappable 4. Which of the following tools transmits light-based signals of different wavelengths in order to accurately measure the length of a the fiber? a. cable tester b. TDR (time domain reflectometer) c. OPM (optical power meter) d. OTDR (optical time domain reflectometer) Answer: D 5. True or False: The difference between continuity testers and performance testers lies in their sophistication and price. Answer: True Class Discussion Topics 1. Discuss why it is critical to follow termination standards. Are there any disadvantages to following these standards? 2. Discuss how to determine which cabling type to use in a network. Include scenarios where using fiber-optic cabling is a better option than using twisted-pair cabling. Ask students to share their personal experiences from their workplaces. Additional Projects 1. Have each student research the three tools to terminate a twisted-pair cable with an RJ-45 plug: wire cutter, wire stripper, and crimping tool. The research report should include a write-up explaining what each tool does in the context of terminating twisted pair wire. The students should find five Web site prices and pictures (if possible) for each tool and present the research in tabular form. Finally, the student should find an example of a combination tool that perform two or more of the functions and provide the Web site and the cost for such a tool. 2. Have the students research the costs comparisons for purchasing 500 feet of the three cabling transmission media: coaxial cable, twisted pair cable, and fiber-optic cable. The research should include two cable types from each of the three cabling transmission media. The students should present their findings in written report format. Additional Resources 1. EIA/TIA site http://www.tiaonline.org 2. Blackbox Network Services http://www.blackbox.com 3. How Fiber Optics Work http://www.howstuffworks.com/fiber-optic.htm 4. Network Cabling Help http://www.datacottage.com/nch/tutorialmenu.htm#.WnidYDCVuM8 Key Terms For definitions of key terms, see the Glossary near the end of the book.  100Base-T  1000Base-LX  1000Base-SX  1000Base-T  10GBase-T  802.3af  802.3at  alien crosstalk  APC (Angle Polished Connector)  attenuation  bandwidth  BiDi transceiver  bidirectional  bit rate  BNC connector  cable performance tester  cable tester  Cat 3 (Category 3)  Cat 5 (Category 5)  Cat 5e (Enhanced Category 5)  Cat 6 (Category 6)  Cat 6a (Augmented Category 6)  Cat 7 (Category 7)  Cat 7a (Augmented Category 7)  CFP (centum form-factor pluggable)  cladding  coaxial cable  console port  continuity  continuity tester  core  crimper  crossover cable  CWDM (coarse wavelength division multiplexing or coarse WDM)  DB-9 connector  DB-25 connector  duplex  DWDM (dense wavelength division multiplexing or dense WDM)  Ethernet port  F-connector  Fast Ethernet  FDM (frequency division multiplexing)  FDP (fiber distribution panel)  ferrule  FEXT (far end crosstalk)  full-duplex  GBIC (Gigabit interface converter)  Gigabit Ethernet  hot-swappable  jitter  LC (local connector)  LED (light-emitting diode)  light meter  loopback adapter  media converter  MMF (multimode fiber)  modal bandwidth  MTRJ (Mechanical Transfer-Registered Jack)  multimeter  multiplexing  NEXT (near end crosstalk)  open circuit  OPM (optical power meter)  optical loss  OTDR (optical time domain reflectometer)  patch cable  pinout  PoE (Power over Ethernet)  PoE1  probe  QSFP (quad small form-factor pluggable)  QSFP+  repeater  RFI (radio frequency interference)  RG-6 (radio guide 6)  RG-59 (radio guide 59)  RJ-11 (registered jack 11)  RJ-45 (registered jack 45)  RTT (round trip time)  SC (subscriber connector or standard connector)  SFP (small form-factor pluggable)  SFP+  short circuit  SMF (single mode fiber)  speed and duplex mismatch  ST (straight tip)  STDM (statistical time division multiplexing)  straight-through cable  TDM (time division multiplexing)  TDR (time domain reflectometer)  throughput  TIA/EIA 568A  TIA/EIA 568B  tone generator  tone locator  toner  toner and probe kit  toner probe  transceiver  twist ratio  twisted-pair  TX/RX reverse  UPC (Ultra Polished Connector)  WDM (wavelength division multiplexing)  XFP (10 Gigabit small form-factor pluggable) Chapter 6 Wireless Networking At a Glance Instructor’s Manual Table of Contents • Overview • Objectives • Teaching Tips • Quick Quizzes • Class Discussion Topics • Additional Projects • Additional Resources • Key Terms Lecture Notes Overview This chapter first looks at how wireless transmissions work, regardless of the type of wireless technology used. These wireless characteristics apply to satellite, Bluetooth, Wi-Fi, cellular, and other wireless signals. Some of these wireless signals, such as satellite and cellular, can travel long distances and will be discussed in more detail later. This chapter explores how to set up, manage, secure, and troubleshoot local wireless networks that you might find in an enterprise setting or that you might set up in your own home. Chapter Objectives After reading this chapter and completing the exercises, the student will be able to: • Identify and describe various types of wireless networking characteristics • Explain the various wireless standards that support the Internet of Things • Explain 802.11 standards and innovations • Secure a Wi-Fi network • Troubleshoot a Wi-Fi network Teaching Tips Characteristics of Wireless Transmissions 1. Explain that networks that transmit signals through the air via radio frequency (RF) waves are known as WLANs (wireless local area networks). 2. Describe the characteristics wireless transmissions have in common with wired transmissions. The Wireless Spectrum 1. Define the term wireless spectrum as the frequency range of electromagnetic waves used for data and voice communication. 2. Explain that the wireless spectrum span frequency ranges (bands) between 9 KHz and 300 GHz. 3. Use Figure 6-1 to illustrate the wireless spectrum and the major wireless services associated with each frequency range. Channel Management 1. Explain that most wireless devices implement one of two technologies to take advantage of the frequencies within it band: a. FHSS (frequency hopping spread spectrum) b. DSSS (direct sequence spread spectrum) Teaching Tip The FCC Wireless Telecommunications Bureau (WTB) handles nearly all FCC domestic wireless telecommunications programs, policies, and outreach initiatives. Go to https://www.fcc.gov/wireless-telecommunications#block-menu-block-4 and review the services and materials available. 2. Discuss the following wireless standards in the 2.4 GHz range and the band it uses: a. Wi-Fi uses DSSS b. Bluetooth uses FHSS c. ZigBee uses DSSS d. ANT+ uses a fixed frequency 3. Use Figure 6-2 to discuss how Bluetooth frequency hopping avoids a busy Wi-Fi channel. Antennas 1. Introduce the concept of an antenna noting that each type of wireless service requires an antenna specifically designed for that service. 2. Define the term radiation pattern. 3. Define the term unidirectional antenna and provide examples of its use. Note that this type of antenna may also be called a directional antenna. 4. Define the term omnidirectional antenna and provide examples of its use. 5. Explain to students that the geographical area that an antenna or wireless system can reach is known as its range. Signal Propagation 1. Introduce the concept of signal propagation noting that ideally, a wireless signal would travel directly in a straight line from its transmitter to its intended receiver. 2. Define and explain LOS (line-of-sight) propagation. 3. Explain the options available when an obstacle stands in a signal’s way. a. The signal may pass through the object. b. The signal may be absorbed by the object. c. The signal may be subject to any of the following phenomena: reflection, diffraction, or scattering. 4. Note that the object’s geometry governs which of these three phenomena occurs. 5. Discuss the following phenomena and its effect on wireless signals: a. fading b. scattering c. diffraction 6. Define multipath signals noting the advantage and disadvantage they present. 7. Use Figure 6-5 to illustrate multipath signals caused by reflection, diffraction, and scattering. Wireless Standards for the IoT (Internet of Things) 1. Introduce students to the acronym IoT (Internet of Things). Point out that this term applies to any device that can be connected to the Internet. 2. Mention that all devices that are able to be connected together within a home create a type of LAN called a HAN (home area network). 3. Define and discuss a wireless personal area network, also known as a WPAN. ZigBee 1. Introduce students to ZigBee, a low-powered battery-conserving wireless technology designed to handle small amounts of data. 2. Point out that ZigBee is used in IoT devices for the following purposes: a. building automation b. HVAC control c. AMR (Automatic Meter Reading) d. Fleet management Z-Wave 1. Explain that Z-Wave is a smart home protocol that provides two basic types of functions: a. signaling – to manage wireless connections b. control – to transmit data and commands between devices 2. Discuss the use of a Z-Wave network controller to control various smart devices on a home network. 3. Explain that Z-Wave transmissions have a range of up to 100 m per hop and can tolerate up to four hops through repeaters. Bluetooth 1. Discuss the very common wireless technology known as Bluetooth. Point out that most Bluetooth devices require close proximity to form a connection and that the exact distance requirements depend on the class of Bluetooth device. 2. Remind students that Bluetooth uses frequency hopping. Note that using this technique reduces interference. 3. Use Table 6-2 to discuss Bluetooth power classes. 4. Discuss the pairing process that is required in order for two Bluetooth devices to connect: a. Turn on the Bluetooth antenna for each device b. Make at least one of the devices discoverable c. On the other device, select the discoverable device to connect to d. Enter a PIN if required 5. Discuss the security risks involved when using Bluetooth devices. ANT+ 1. Discuss the ANT+ protocol, which is used to gather and track information from sensors that are typically embedded in heart rate monitors, GPS devices, and other activity monitoring devices. RFID (Radio Frequency Identification) 1. Explain that RFID uses electromagnetic fields to store data on a small chip in an RFID tag. 2. Discuss the three general types of RFID tag and reader combinations: a. ARPT (Active Reader Passive Tag) b. PRAT (Passive Reader Active Tag) c. ARAT (Active Reader Active Tag) 3. Point out that RFID is commonly used for inventory management and can also be used for so-called “contactless” payment. NFC (Near-Field Communication) 1. Explain that near-field communication (NFC) is a form of radio communication that transfers data wirelessly over very short distances. 2. Use Figure 6-11 and Table 6-3 to discuss NFC tags and how they are used to transmit stored data, launch apps, direct a browser to a Web page, or change device settings. Wireless USB 1. Point out that W-USB radios transmit in the range between 3.1 and 10.6 GHz. 2. Use Figure 6-12 to demonstrate how a mouse can use wireless USB to communicate with a computer. IR (Infrared) 1. Explain that IR technology has found new life in the world of IoT. 2. Point out that IR sensors are used to collect information such as: a. Presence or level of liquid b. Variations in reflections from skin c. Proximity to the device d. Commands from a control device Quick Quiz 1 1. True or False: All wireless signals are carried through the air by electromagnetic waves. Answer: True 2. The frequency range of electromagnetic waves used for data and voice communication is known as which of the following? a. antenna b. band c. wireless spectrum d. spread Answer: C 3. ____________________ are used for both the transmission and reception of wireless signals. Answer: Antennas 4. What type of signals follow a number of different paths to their destination because of reflection, diffraction, and scattering? a. Multipath b. Opened c. Closed d. Variable Answer: A 5. Which of the following uses FSSS technology in order to avoid interference? a. Wi-Fi b. Bluetooth c. ZigBee d. ANT+ Answer: B 802.11 WLAN Standards 1. Introduce 802.11 WANs, and note that they operate at Layers 1 and 2 of the OSI model. 2. Introduce Wi-Fi (wireless fidelity) standards. 3. Point out that the 802.11 standards vary at the Physical layer. Point out that 802.11n and later standards modify the way frames are used at the MAC sublayer. 4. Use Table 6-4 to discuss the technical details for each of the 802.11 wireless standards. Access Method 1. Note the significance of using the same physical addressing scheme as Ethernet. 2. Explain the CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) access method. a. Note the significance of using ACK packets to verify every transmission. 3. Describe the RTS/CTS (Request to Send/Clear to Send) protocol. 4. Use Figure 6-15 to demonstrate CSMA/CA with the optional RTS/CTS protocol. Association 1. Introduce the concept of association by noting that association involves a number of packet exchanges between an access point and a computer. a. Note that association is another function of the MAC sublayer described in the 802.11 standard. 2. Define the term scanning. 3. Describe active scanning and passive scanning. 4. Define an SSID and explain its significance. Point out that changing the SSID contributes to better security and easier network management. 5. Define the BSS (basic service set) and explain its significance. 6. Define the ESS (extended service set) and explain its significance. Point out that BSSes that belong to the same ESS share a special identifier called an ESSID. 7. Use Figure 6-16 to illustrate a network with a single BSS. 8. Use Figure 6-17 to illustrate a network encompassing multiple BSSs that form an ESS. 9. Define and explain reassociation. 10. Note that on a network with multiple access points, network managers can take advantage of the stations’ scanning feature to automatically balance transmission loads between those access points. Teaching Tip Explain why it is considered best practice to use access points manufactured by the same company when designing an 802.11 network. IEEE 802.11 Frames 1. Review the types of overhead required to manage access to the 802.11 wireless networks. 2. Introduce and describe the three groups for these multiple frame types: a. management, control, and data 3. Compare a basic 802.11 data frame with an Ethernet_II (DIX) frame (Figure 6-18). 4. Describe the significant fields in an 802.11 data frame contributing to data frame overhead. Use Table 6-5 in your discussion. 802.11 Innovations 1. Explain that beginning with 802.11n, several innovations have been implemented that contribute to making later 802.11 standards much faster and much more reliable. Discuss each of the following: • MIMO • MU-MIMO • channel bonding • frame aggregation 2. Note that not all of the above techniques are used in every 802.11n or 802.11ac implementation. Implementing a Wi-Fi Network 1. Introduce the topics covered in this section: a. Designing a small WLAN b. Installing and configuring access points and clients Wireless Topologies 1. Explain why wireless networks are not laid out using the same topologies as wired networks. 2. Describe an ad hoc WLAN. Use Figure 6-22 to illustrate an ad hoc WLAN. 3. Describe an infrastructure WLAN and define a wireless access point and provide alternative names for it. 4. Use Figure 6-10 to illustrate an infrastructure WLAN. 5. Note that it is common for a mesh WLAN to include several access points. 6. Use Figure 6-11 to illustrate a mesh WLAN. 7. Discuss the use of a wireless controller for centralized wireless management. Wireless controllers uses a lightweight wireless protocol, such as LWAPP or CAPWAP to provide centralized wireless management. 8. Point out that wireless controllers can be used to detect the presence of unauthorized APs (called rogue APs). 9. Explain why wireless technology can be used to connect two different parts of a LAN or two separate LANs. 10. Use Figure 6-26 to illustrate wireless LAN interconnection. Determining the Design 1. Explain that an AP in a home or small office network often combines switching, routing, and other network functions. This type of device is often called a wireless router or SOHO router. 2. Use Figure 6-28 to illustrate a home or small office WLAN arrangement. 3. Discuss the following factors when deciding where to install a WLAN’s AP: a. distance b. type and number of obstacles c. coverage d. interference 4. Explain why in larger WLAN environments, a systematic approach to access point placement is necessary. 5. Define and describe a site survey. 6. Mention that some access points may be used as wireless bridges to extend wired access to remote areas of the network. Use Figure 6-30 in your discussion. 7. Point out the enterprise-wide WLAN design considerations found on pages 341-342 of the text. 8. Use Figure 6-31 to illustrate an enterprise-wide WLAN. Configure Wi-Fi Connectivity Devices 1. Review the steps to configure an access point. Configure Wi-Fi Clients 1. Explain that wireless access configuration varies from one type of client to another. 2. Explain that configuring clients for wireless access on an enterprise network involves a two-part process: a. on-boarding b. off-boarding 3. Review the section on how to configure a Linux/UNIX client using the iwconfig command-line utility. 4. Use Figure 6-32 to illustrate output from the iwconfig command. Wi-Fi Network Security 1. Explain that the 802.11 standard does not offer any security and the client only needs to know the access point’s SSID. Further mention that network administrators may prevent their access points from broadcasting the SSIDs. 2. Define and describe authentication. Point out that the authentication process can be strengthened by using MAC filtering. 3. Define and explain the term encryption. 4. Emphasize to the students that the purpose of encryption is to keep information private. 5. Explain that many forms of encryption exist with some being more secure than others. Legacy Networking: WEP (Wired Equivalent Privacy) 1. Briefly discuss the various flaws of WEP and mention that WEP was replaced with a quick-fix improvement called WPA. WPA/WPA2 (Wi-Fi Protected Access) 1. Describe the WPA wireless security protocol. 2. Explain that the encryption protocol in WPA was replaced by a stronger encryption protocol for the updated version, called WPA2. 3. Point out some additional security options: a. Create a separate guest network b. If creating a guest network, be sure to set up a captive portal Security Threats to Wi-Fi Networks 1. Discuss the following security threats to wireless networks: • war driving • war chalking • evil twin • WPA attacks • WPS attack Troubleshooting Wireless LANs 1. Point out that cable-testing tools covered in Chapter 5 will tell you nothing about wireless connections, stations, or access points on a network. Tools that contain wireless NICs and run wireless protocols will need to be used. Wi-Fi Network Tools 1. Discuss the two types of software every network administrator should have in their toolkit: • spectrum analyzer • Wi-Fi analyzer 2. Describe the specific capabilities common to most wireless network testing tools. Avoid Pitfalls 1. Discuss the following wireless configuration pitfalls to avoid: • wrong SSID • security types mismatch • wrong passphrase • overlapping channels or mismatched frequencies • mismatched standards • incorrect antenna placement • interference • simultaneous wired and wireless connections • problems with firmware updates • unoptimized access point power levels • inappropriate antenna type • client saturation or overcapacity Quick Quiz 2 1. Which type of wireless network consists of wireless nodes that transmit directly to each other via wireless NICs without an intervening connectivity device? a. mesh WLAN b. infrastructure WLAN c. ad hoc WLAN d. AP WLAN Answer: C 2. BSSes that belong to the same ESS share a special identifier. What is the identifier called? a. SSID b. BSSID c. BESSID d. ESSID Answer: D 3. True or False: 802.11 networks use the same access method as Ethernet networks. Answer: False 4. The 802.11 standard specifies a frame type at which of the following? a. MAC sublayer b. Physical layer c. LLC sublayer d. Network layer Answer: A 5. Which of the following best describes an innovation where two adjacent 20-MHz channels can be combined to make a 40-MHz channel? a. MIMO b. MU-MIMO c. channel bonding d. frame aggregation Answer: C Class Discussion Topics 1. Take a student poll of Wi-Fi use (802.11b, 802.11a, 802.11g, 802.11n, and 802.11ac). Which standard is used the most by the class? Have the class discuss their experiences with the technology they use. Ask students to explain why they have or have not moved to the newer 802.11ac standard. 2. As a class, discuss the implications of security breaches on technology adoption. Are people hesitant to use the Internet or wireless technology for purchases due to security concerns? Are people hesitant to use technology because of privacy concerns? Are these concerns warranted and are they influenced by age, race, or gender? Additional Projects 1. Have students research the AT&T network of hot spots across the nation. Each student should write a report summarizing his or her findings. 2. Have students research channel bonding. Each student should write a report summarizing his or her findings. Additional Resources 1. The ABCs of securing your wireless network http://arstechnica.com/security/news/2008/04/wireless-security.ars 2. How to Minimize Wireless Problems http://setup-wireless.blogspot.com/2008/12/how-to-minimize-wireless-problems.html 3. Bluetooth Special Interest Group https://www.bluetooth.org/en-us 4. Introduction to Wireless Network Security http://netsecurity.about.com/od/hackertools/a/aa072004b.htm 5. How WiFi Works http://computer.howstuffworks.com/wireless-network.htm Key Terms For definitions of key terms, see the Glossary near the end of the book.  802.11a  802.11ac  802.11b  802.11g  802.11n  ad hoc  ANT1  AP (access point)  association  authentication  band  beacon frame  Bluetooth  brute force attack  BSS (basic service set)  BSSID (basic service set identifier)  captive portal  CAPWAP (Control and Provisioning of Wireless Access Points)  channel bonding  CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance)  data frame  diffraction  DSSS (direct sequence spread spectrum)  encryption  ESS (extended service set)  ESSID (extended service set identifier)  evil twin  fading  FHSS (frequency hopping spread spectrum)  frequency hopping  guest network  infrastructure  interference  IoT (Internet of Things)  IR (infrared)  iwconfig  LLC sublayer  LOS (line of sight)  LWAPP (Lightweight Access Point Protocol)  MAC filtering  MAC sublayer  mesh  MIMO (multiple input-multiple output)  MU-MIMO (multiuser MIMO)  NFC (near-field communication)  off-boarding  omnidirectional antenna  on-boarding  paired  probe  propagation  radiation pattern  range  reassociation  reflection  refraction  remote wipe  RFID (Radio Frequency Identification)  rogue access point  RTS/CTS (Request to Send/Clear to Send)  scanning  scattering  site survey  SNR (signal-to-noise ratio)  spectrum analyzer  SSID (service set identifier)  unidirectional antenna  war driving  WEP (Wired Equivalent Privacy)  Wi-Fi  Wi-Fi analyzer  wireless bridge  wireless controller  wireless range extender  wireless spectrum  WLAN (wireless local area network)  WPA (Wi-Fi Protected Access or Wireless Protected Access)  WPA2  WPAN (wireless PAN)  Z-Wave Chapter 7 Virtualization and Cloud Computing At a Glance Instructor’s Manual Table of Contents • Overview • Objectives • Teaching Tips • Quick Quizzes • Class Discussion Topics • Additional Projects • Additional Resources • Key Terms Lecture Notes Overview In this chapter, students explore various ways of making local and remote resources available on a network in ways that are both secure and reliable. They will learn about the flexibility of virtualization, which is a cost-effective way of expanding network resources, as well as the growing fields of cloud computing and remote access, which make network resources available across long distances. These IT innovations touch nearly every industry. Chapter Objectives After reading this chapter and completing the exercises, the student will be able to: • Describe and explain virtualization technologies, including how virtual machines connect with a network and how networking infrastructure devices can be virtualized • Describe cloud computing categories and models, and discuss concerns regarding cloud connectivity and security • Secure network connections using encryption protocols • Configure remote access connections between devices Teaching Tips Virtualization 1. Explain that virtualization is a virtual (logical) version of something rather than the actual (physical) version. Discuss how this relates to the use of virtual machines and virtual LANs. 2. Discuss the following terminology related to virtualization: a. host b. guest c. hypervisor 3. Use Figure 7-1 to describe some of the components of virtualization. 4. Use Figure 7-2 to discuss the two types of hypervisors: a. Type 1 b. Type 2 5. Explain that a VM’s software and hardware characteristics are assigned when it is created in the virtualization program. 6. Use Figure 7-3 as an example of specifying the memory resources of a virtual machine.. Teaching Tip Ensure that students understand that the use of virtualization is a convenience, but that the convenience comes with a high price and potential for server sprawl caused by virtualization. Network Connection Types 1. Explain the purpose of the vNIC. 2. Use Figure 7-4 as an example of customizing a virtual network adapter’s settings. 3. Remind students that every vNIC assigned to a virtual machine has a new MAC address assigned to it at creation. 4. Explain the function of virtual switches (may be called virtual bridges). Point out that one host can support multiple virtual switches, which are controlled by the hypervisor. 5. Use Figure 7-5 to explain how virtual machines on a single host connect to a virtual switch. 6. Use Figure 7-6 to show an example of virtual switches passing traffic through a router. 7. Point out that the way a vNIC is configured determines whether the VM is joined to a virtual network or attempts to join the physical LAN that the host is connected to. 8. Define the three modes of connection common to virtual connections: bridged, NAT, and host-only. 9. Explain that in bridged mode, a vNIC accesses a physical network using the host machine’s NIC and it obtains its own IP address, default gateway, and subnet mask. 10. Point out that when using bridged mode, a VM appears to other nodes as just another client or server and other nodes do not realize it is virtual. 11. Use Figures 7-7 and 7-8 in your discussion of a bridged connection. 12. Be sure to mention that VMs that must be available at a specific IP address, such as mail or web servers, should be assigned bridged network connections. 13. Explain that in NAT mode, a vNIC relies on the host machine to act as a NAT device. Point out that the VM obtains IP addressing information from its host, rather than a server or router. 14. Use Figures 7-9 and 7-10 in your discussion of a NAT connection. 15. Discuss when it would be appropriate to configure a NAT connection. 16. Explain the circumstances where you might want to use a host-only connection for a guest versus the other types. 17. Use Figure 7-11 to demonstrate a host-only connection. 18. Explain the limitations of a host-only connection. Pros and Cons of Virtualization 1. Discuss the following advantages of virtualization: a. efficient use of resources b. cost and energy savings c. fault and threat isolation d. simple backups, recovery, and replication 2. Discuss the following disadvantages of creating multiple guests on a single host machine: a. compromised performance b. increased complexity c. increased licensing costs d. single point of failure NFV (Network Functions Virtualization) 1. Explain that networking devices can also be virtualized. For example an inexpensive server can be turned into a virtual firewall and virtual router. 2. Discuss the following advantages of virtualizing network functions: a. Virtual devices can be quickly and sometime automatically migrated from one server to another in the event of hardware failure or maintenance b. Resources are utilized more efficiently c. Services can be easily scaled to meet changing needs of a network 3. Discuss the following disadvantages of NFV: a. Licensing issues b. Latency issues c. Security issues Teaching Tip Students can read more about Network Functions Virtualization (NFV) at http://web2.research.att.com/export/sites/att_labs/techdocs/TD_101400.pdf SDN (Software-Defined Networking) 1. Explain that software-defined networking (SDN) is the virtualization of network services in which a network controller manages these services instead of the services being directly managed by the hardware devices involved. Use Figure 7-12 in your discussion. 2. Discuss the difference between the control plane and the data plane. 3. Use Figure 7-13 to explain that physical and virtual network devices operate only on Layer 1’s data plane. Point out that the SDN controller takes over decision-making functions at Layers 2 and up. Cloud Computing 1. Define cloud computing, which has the following characteristics no matter what kind of service is offered. a. on demand b. cross-platform c. consolidated d. metered e. elastic f. 2. Use Figure 7-14 to discuss some of the benefits of cloud computing. Teaching Tip Students may find more information various cloud services from Amazon at http://aws.amazon.com/ec2/. Cloud Computing Categories 1. Explain that cloud computing service models are categorized by the types of services they provide. 2. Use Figure 7-2 to discuss the four service models: a. Traditional b. IaaS (Infrastructure as a Service) c. PaaS (Platform as a Service) d. SaaS (Software as a Service) 3. Point out that there is another model known as XaaS (Anything as a Service), which is a broader model where the cloud can provide any combination of functions depending on the client’s exact needs. 4. Use Figure 7-16 to discuss why IaaS customers must understand more about a cloud provider’s hardware infrastructure than SaaS customers. 5. Use Figure 7-17 to demonstrate that end users can easily access and use SaaS products without much setup, whereas IaaS products require more extensive preparation by a much smaller group. Deployment Models 1. Discuss the following deployment models: a. public cloud b. private cloud c. community cloud d. hybrid cloud Cloud Connectivity and Security 1. Discuss the following potential risks and limitations with cloud computing: a. ISP’s uptime b. ISP-imposed bandwidth limitations c. Cloud provider’s uptime d. Cloud provider’s backup and security systems e. Misconfiguration that exposes one client’s data to another client f. Unauthorized access to data by cloud provider employees g. Breaches of confidentiality agreements h. Data security regulations i. Questions over ownership of intellectual property stored in the cloud j. Questions over data maintenance if a payment is not made on time k. Risks to the network, proprietary data, or customer information caused by BYOC l. Reduced customer confidence, fines, lawsuits, and possibly criminal charges when cloud breaches occur 2. Point out that one way to reduce risks of cloud computing is to: a. Use encryption b. Carefully choose the method by which your network connects to your cloud resources 3. Discuss the 4-tiered array of options organizations have when connecting to a cloud: a. Internet b. remote access connections c. leased line d. dedicated connection Quick Quiz 1 1. A _____ is a logically defined device that operates at the Data Link layer to pass frames between the nodes. Answer: virtual switch 2. True or False: VMs that must be available at a specific address, such as mail servers or Web servers, should be assigned host-only network connections. Answer: False 3. In which networking mode, can VMs on one host exchange data with each other and with their host, but they cannot communicate with any nodes beyond the host? a. host-only b. bridged c. NAT d. network-only Answer: A 4. In which cloud computing service model are hardware services provided virtually, including network infrastructure devices such as virtual servers? Answer: IaaS (Infrastructure as a Service) 5. Which of the following cloud deployment models would the Internet be considered as an example? a. Community b. Private c. Public d. Hybrid Answer: C Encryption Protocols 1. Explain that data exists generally in three states: a. at rest b. in use c. in motion 2. Define and explain the term encryption. Mention that encryption protocols use a mathematical code to scramble data into a format (called a cipher) that can be read only by reversing the cipher. 3. Discuss the three benchmarks that encryption methods are evaluated by: a. confidentiality b. integrity c. availability 6. Point out that these three principles form the standard security model called the CIA triad. Key Encryption 1. Define and explain that a key is a random string of characters used to encode original data bits. 2. Define and explain the term ciphertext. 3. Define and describe private key encryption. Point out that private key encryption is also known as symmetric encryption. 4. Define and describe public key encryption. Mention that public key encryption is also known as asymmetric encryption. 5. Explain that a public key server is a publicly accessible host that freely provides a list of user’s public keys. 6. Point out that a key pair is the combination of a public key and a private key. 7. Explain that a digital certificate is a small file containing a user’s verified identification information and the user’s public key. Further mention that the digital certificate is issued, maintained, and validated by an organization called a CA (certificate authority). 8. Introduce students to the term PKI (Public-key Infrastructure), which is the use of certificate authorities to associate public keys with certain users. IPSec (Internet Protocol Security) 1. Explain to students that IPsec is an encryption protocol suite that defines a set of rules for encryption, authentication, and key management for TCP/IP transmissions. 2. Point out that IPsec works at the Network layer of the OSI model. 3. Discuss the five steps in which IPsec creates a secure connection: a. IPsec initiation b. key management c. security negotiations d. data transfer e. termination 4. Point out that IPSec can be used with any type of TCP/IP transmission and operates in two modes: a. transport mode b. tunnel mode Teaching Tip Students can learn more about IPSec by visiting: https://supportforums.cisco.com/t5/security-documents/ipsec/ta-p/3113829 SSL (Secure Sockets Layer) and TLS (Transport Layer Security) 1. Explain that SSL and TLS are both methods of encrypting TCP/IP transmissions en route between the client and server using public key encryption technology. 2. Point out to students that SSL operates in the Application layer and that TLS operates in the Transport Layer. 3. Discuss HTTPS and its use of SSL/TLS to establish a secure HTTP connection. 4. Explain a handshake protocol and discuss the steps in an SSL/TLS handshake. 5. Introduce DTLS (Datagram Transport Layer Security) as a variant of TLS. Explain that it provides authentication like SSL/TLS but does not provide packet reordering, flow control, and reliability assurance. Remote Access 1. Explain why a user might need to connect to a remote network for services. 2. Point out that in order to communicate via remote access, the client and host need a transmission path plus the appropriate software to complete the connection. 3. Explain the purpose of a RAS (remote access server). Point out that there are two types of remote access servers: a. dedicated devices b. software running on a server 4. Use Figure 7-19 to explain how remote clients connect via a remote access server. 5. Discuss the three most common types of remote access methods: a. Point-to-point remote access over a dedicated line b. Terminal emulation (also called remote virtual computing) c. VPN (virtual private network) Point-to-Point Remote Access Protocols 1. Explain that clients and remote servers require an agreed-to protocol to establish a session and exchange data. 2. Introduce students to PPP (Point-to-Point Protocol) which is a Data Link layer protocol that directly connects two WAN endpoints. 3. Describe the advantages of PPP. Terminal Emulation 1. Explain that terminal emulation allows a user on one computer (client) to control another computer (host or server) across a network connection. Mention that terminal emulation may also be referred to as remote virtual computing. 2. Discuss Telnet, which is a terminal emulation utility used by Telnet client/server applications that allow an administrator or other user to control a computer remotely. 3. Define and explain SSH. Point out that with SSH you can securely log on to a host, execute commands, and copy files to or from the host. 4. Explain to students that SSH can guard against a number of security threats, such as: a. unauthorized access to a host b. IP spoofing c. interception of data in transit d. DNS spoofing 5. Mention that SSH must be running on both the client and server. 6. Explain that SSH is highly configurable and that you can choose from a number of encryption methods. Point out that it can also be configured to perform port forwarding. 7. Introduce students to RDP (Remote Desktop Protocol) and VNC (Virtual Network Computing). Remind students that RDP is a Microsoft proprietary protocol used by Windows Remote Desktop and Remote Assistance. 8. Explain that most networking devices are configured through a connected computer’s browser that navigates to a management URL. Remind students that they used a browser to configure a SOHO router in Hands-On Project 6-1. 9. Discuss the concept of out-of-band management that relies on a dedicated connection between the network administrator’s computer and each critical network device. 10. Point out that these dedicated connections allow network administrators to remotely: a. Power up a device b. Change firmware settings c. Reinstall OSs d. Monitor hardware sensors e. Troubleshoot boot problems f. Limit network users’ access to management functions g. Manage devices even when other parts of the network are down 11. Explain that while FTP may not technically be a form a terminal emulation, it does provide remote access. 12. Discuss the following FTP-related technologies: a. FTPS b. SFTP c. TFTP VPNs (Virtual Private Networks) 1. Note that virtual private networks establish connections between sites or sites and clients over public networks. 2. Explain how VPNs can be used to reduce costs for remote workers. 3. Discuss the three VPN models: a. site-to-site VPN b. client-to-site VPN c. host-to-host VPN 4. Use Figure 7-24 to visualize a site-to-site VPN. 5. Explain that the software or hardware required to establish VPNs is typically inexpensive and is often included in the OS of a networking device’s hardware. 6. Discuss the following possible implementation of VPNs: a. router-based b. server-based c. third-party solutions 7. Explain that for large organizations a specialized device known as a VPN concentrator can be used as the VPN server. A VPN server performs the following tasks: a. Authenticates VPN clients b. Establishes tunnels for VPN connections c. Manages encryption for VPN transmissions 8. Use Figure 7-26 to demonstrate the placement of a VPN concentrator on a LAN. 9. Explain that a DMVPN (Dynamic Multipoint VPN) dynamically creates VPN tunnels between branch locations as needed rather than requiring constant, static tunnels for site-to-site connections. Use Figure 7-27 in your discussion. VPN Tunneling Protocols 1. To ensure a VPN can carry all types of data in a private manner over any kind of connection, special VPN protocol encapsulate higher-layer protocols in a process known as tunneling. 2. Discuss how a VPN tunnel works. Use the truck analogy in the book in your discussion. 3. Point out that most tunneling protocols rely on an additional encryption protocol to provide data security. Use Figure 7-28 to show a PPP frame encapsulated in a VPN frame that is encrypted by IPsec. 4. Discuss the following VPN tunneling protocols: a. PPTP b. L2TP c. GRE d. OpenVPN e. IKEv2 Remote Access Policies 1. Discuss the list of common requirements in a good remote access policy, found on page 418 of the text. Quick Quiz 2 1. Because public key encryption requires the use of two different keys, it is also known as which type of encryption? a. symmetric b. key c. asymmetric d. dual key Answer: C 2. Which of the following terms best describe a small file containing verified identification information about the user and the user’s public key? a. certificate authority b. private key c. digital certificate d. cipher Answer: C 3. Which type of protocol allows the client and server to introduce themselves to each other and establish terms for how they will exchange data? a. tunneling b. handshake c. VPN d. file transfer Answer: B 4. True or False: SSH provides little security for establishing a connection and no security for transmitting data. Answer: False 5. Which of the following is an older, Layer 2 protocol developed by Microsoft that encapsulates VPN data frames? a. PPTP b. L2TP c. GRE d. OpenVPN Answer: A Class Discussion Topics 1. Discuss the benefits of cloud computing. 2. Discuss why an organization would want to develop an enterprise-wide approach to remote access via VPNs. Additional Projects 1. Have the student research the available cloud computing services offering infrastructure services. Students should be sure to use the common features of a cloud computing platform to ensure that the service they are reporting on is a cloud computing service according to the text. 2. Have students research policies and procedures at several organizations surrounding either cloud computing or remote access, including remote desktops. Students may also want to research the controversy surrounding companies that want to provide these services commercially for certain popular applications, like Microsoft Office, in the context of what they learn from their policy and procedure research. Additional Resources 1. Cloud Computing Tutorial http://www.tutorialspoint.com/cloud_computing/index.htm 2. Remote Access Server http://www.webopedia.com/TERM/R/remote_access_server.html 3. OpenVPN http://openvpn.net/ 4. What is IPsec? https://technet.microsoft.com/en-us/library/cc776369%28v=ws.10%29.aspx 5. How Virtual Private Networks Work https://computer.howstuffworks.com/vpn.htm Key Terms For definitions of key terms, see the Glossary near the end of the book.  AH (authentication header)  asymmetric encryption  bridged mode  CA (certificate authority)  CIA (confidentiality, integrity, and availability) triad  client_hello  client-to-site VPN  cloud computing  colocation facility  community cloud  console router  console server  control plane  data plane  digital certificate  DMVPN (Dynamic Multipoint VPN)  DNS spoofing  DTLS (Datagram Transport Layer Security)  ESP (Encapsulating Security Payload)  FTPS (FTP Security or FTP Secure)  GRE (Generic Routing Encapsulation)  guest  handshake protocol  host  host-only mode  HVD (hosted virtual desktop)  hybrid cloud  hypervisor  IaaS (Infrastructure as a Service)  IKE (Internet Key Exchange)  IKEv2  in-band management  IPsec (Internet Protocol Security)  ISAKMP (Internet Security Association and Key Management Protocol)  key  key management  L2TP (Layer 2 Tunneling Protocol)  management URL  NAT mode  NFV (Network Functions Virtualization)  OpenVPN  out-of-band management  PaaS (Platform as a Service)  PKI (Public-key Infrastructure)  platform  PoP (Point of Presence)  port forwarding  PPP (Point-to-Point Protocol)  PPPoE (PPP over Ethernet)  PPTP (Point-to-Point Tunneling Protocol)  private cloud  private key encryption  public cloud  public key encryption  RAS (remote access server)  remote access  SaaS (Software as a Service)  SDN (software-defined networking)  SDN controller  server_hello  site-to-site VPN  subscription model  symmetric encryption  Type 1 hypervisor  Type 2 hypervisor  virtual firewall  virtual router  virtualization  VNC (Virtual Network Computing)  vNIC (virtual NIC)  VPN (virtual private network)  VPN concentrator  vSwitch (virtual switch)  XaaS (Anything as a Service or Everything as a Service) Instructor Manual for Network+ Guide to Networks Jill West, Tamara Dean, Jean Andrews 9781337569330, 9781133608196