The International School of Chefs (ISC) has 500 students and 32 full-time and pa

Question

The International School of Chefs (ISC) has 500 students and 32 full-time and part-time faculty. There are two computer specialists who maintain the servers, workstations, and network. The school has five Linux servers and two servers running Windows Server 2008 R2. One of the Linux servers is used for the school’s Web site. There are eight kitchens used for teaching, 15 classrooms, and two computer labs containing Windows 7 and Mac OS X Lion computers. Only the computer labs use wireless networking. ISC offers a two-year program that includes a full range of cooking courses plus courses in nutrition, health, and restaurant management.

Problem: The computer specialists at the International School of Chefs have received funding to purchase network-monitoring hardware. Up to this point when there has been a problem with a network segment, they have called a local company that support networks. Now they plan to do much of this troubleshooting by using their own equipment. They plan to troubleshoot only those portions of the network that have UTP cable and wireless communications. What network-monitoring devices do you recommend they purchase, and why do you recommend them?

Explanation / Answer

Network monitoring devices that should be recommended are as follows:

A hacker may still be able to send packets containing harmful material to an organization’s network. On the other hand, somebody inside the client organization trying to commit sabotage may be attempting to upload sensitive information to a rival organization outside the network. It would be better if there is a facility that can monitor the incoming and outgoing traffic of packets and if necessary to prevent the flow of the packets according to the rules set by the organization’s security management policy.

A firewall can be implemented either or both at the hardware and the software level. At the hardware level it is generally a special router or a gateway computer. At the software level, it might be special application software installed at the gateway computer. The firewall abstracts the organization’s network from the outside world.

Here we briefly discuss the different types of firewall.

Packet Filter Firewall: This type of firewall is generally implemented as a router. For packets coming into the organization network they check the source address. If the rules prohibit the downloading of packets from this address, the firewall discards this packet. For packets going out of the organization network they check the destination address. If the rules prohibit the uploading of packets to this address, the firewall discards this packet. The exclusion list is mentioned in the routing table.

Proxy Firewall: They are also known as Application Gateways. Proxies stand as a medium between the clients on the outside world and the server inside the organization network. They can simulate the activity of both the server and the client. For a packet coming into the organization network from a client, the proxy receives the packet and starts a server process (as if it is the server). If the packet is found to be safe, the proxy stops the server process and starts a client process (as if it is the client) to send the packet to the real server. When the server wants to sent the client the reply for the packet, the proxy starts a client process to receive the reply packet from the real server. After that it starts a server process and sends the packet to the client outside the network. The use of proxy server prohibits the clients from directly accessing the server.

Routers are very efficient in monitoring networks.

A router is a device that interconnects different networks. Whenever a computer in one network wants to send something to another computer belonging to a different network, the communication must have to go through one or more routers. The routers themselves form a network of their own to provide seamless connectivity between different networks. The technique of choosing a correct path from a source network to a destination network through a set of routers is called routing. This issue is handled in the network layer.

The main function of the network layer is routing packets from the source to the destination. The routing algorithm is that part of the network layer software which is responsible for deciding which output line an incoming packet should be transmitted on. Routing algorithms can be grouped into two major classes: non-adaptive and adaptive.

  Non-adaptive routing algorithms do not base their routing decisions on measurements or estimates of the current traffic and topology. Instead, the choice of the route is computed in advance, off-line and downloaded to the routers when the network is booted. This procedure is sometimes called static routing. That disadvantage of this algorithm is that if and when the network conditions changes (i.e. change in the topology and/or network traffic, which are a very frequent matter), the paths cannot be recomputed. Any alteration must have to be done manually. Thus, this is quite an inefficient algorithm for routing.

Adaptive algorithms, in contrast, change their routing decisions many times during the operation to reflect changes in the topology, and usually the traffic as well. It differs in where they get their information (e.g. locally, from adjacent routers or from all routers), when they change the routes (when the load changes or when the topology changes) and what metric is used for optimization (e.g. distance, number of hops or estimated transit time). In this scheme, each router keeps a table of information regarding the networks and other routers to which it is connected. If there is a change, the information about the change is propagated to all the routers so that another suitable path can be recomputed dynamically. For this reason adaptive algorithm is also called dynamic routing.

These algoritms not only help to save guard the network but also monitor network for any anomalies.

The advantages of switching are:

1) It reduces the number of connections needed to link all the users of the network.

2) It allows varying combinations of users to communicate at different times.

3) Switching uses cheap data processing capacity to efficiently use the costly resources of the network. It reduces the cost of communication.

4) It increases the reliability of the network at minimal cost. By guiding proper packets to proper network segment , and filtering out the unwanted ones.

Switching can be classified into the following three categories. Circuit switching,

Packet switching, Message switching.

Bridges have filtering capability. It means that bridges can take decision regarding which packet it would allow to pass through itself and which not. If two stations within the same region want to communicate, a frame sent out from the source goes to every other station within the region. That frame is accepted only by the station whose MAC address is the same as the destination address mentioned within the frame. When a copy of this frame goes to the bridge, the bridge checks whether the destinations address are in the same region as the source address. If so, the bridge does not allow the frame to move through itself. If the bridge finds out that the destination address belongs to the other region, it opens its ports and makes the frame pass through itself to reach the other region where the frame is delivered.  

The bridge maintains an internal table to manage this task. It contains a list of the MAC addresses of all the stations belonging to a particular region and the port id where that region is connected to the bridge. This table can be of two types. First, the system administrator may create the table statically. This table contains two columns, the port id, and the physical address of the machines which are connected to that port. The problem with static bridge is that the administrator has to work a lot to develop the table, and any reconfiguration made in the network must be promptly and properly updated in the table. The second solution is the make the bridge “smart” enough so that it can build the table on its own. For this reason we need the transparent bridge.

It works with network layer and above. It is a device, which connects two or more networks, which use entirely different architectures. It operates at the application layer. Practically a gateway is that particular computer within a local area network which connects to an outside network. All outgoing traffic must go through the gateway just as all incoming traffic must come through the same Gateway computer. A network may have more than one gateways depending upon its need and architecture.

This device filters incoming packets by checking if the pack is correct or not, and the destination address of the packet is present in the network or not. If the destination is present then is allows the packet to enter the network else discards it.

Hope your question has been resloved now. Please do not forget to give a positive like to the answer. Thank you.

Related Questions

Navigate

• Browse (All)
• Browse T
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.