Ogmore School A2 ICT Theory Notes

3.4.1 Networks

3.4.1 Networks Choosing a network for a company Candidates should understand the factors which influence choice: cost of network size of organisation how the system will be used existing systems performance required security issues

Types of networks available and the use of associated hardware.

Candidates should understand the advantages and disadvantages of: client server networks peer to peer networks

Network topologies

Bus/Ethernet Ring Star Suitable topologies for LAN and WAN Advantages and disadvantages of different network topologies Advantages and disadvantages of wireless networks User accounts and logs; security strategies; configuration management; remote management; disaster planning (backup and restoration); auditing (keeping logs).

Wireless networking Software components Network management, administration and problem solving strategies

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

Networks
Reasons for growth of networks Falling cost of hardware and software so became more widespread. Growth of the paperless office Managers needed more rapid access to accurate and up to date information. Development of good and reliable telephone and satellite communications It is becoming more and more important to use new methods of exchanging information rapidly and reliably

What is a Network? These are micro computers or terminals known as workstations, linked together a by network cabling. [Either Ethernet, Cat5 or fibre optic cabling] sometimes a mainframe or a powerful minicomputer can be part of the network. Each workstation has a network decoder card through which the cabling is connected to the computer. The card is operated by card driver software. Factors to consider when choosing a network Cost of the network Initial purchasing of equipment Installation and training Maintenance costs Size of the available budget will determine what can be done e.g Fibre optic cable is faster but is also more expensive. Wireless systems are flexible but need more maintenance. Needs can range from a small LAN to a global WAN. Some communications media are limited to the distance they have to travel. Amount of data processing required must also be considered. What type of applications do users require? Will they need large data storage? From where will they operate the network e.g. at home, in office, or remote access from different locations More often networks are not developed from scratch but need to fit in with existing systems. Sometimes an extension is required e.g. when a new branch office 2

Size of the organisation

How the system will be used

Existing systems to integrate

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

Performance and speed required

Security issues

opens. Therefore, any new network must fit in with the operating systems and protocols of the existing system. It must support any peripherals already in use e.g. bar code readers, printers etc. Performance in terms of reliability, user friendliness, capacity, as well as speed of processing. Different parts of the organisation may have different performance requirements. E.g. a real-time e-commerce system may require greater speed, capacity and security than the in house payroll system. Different organisations may have different priorities e.g. a large business organisation may be primarily concerned with the prevention of hacking; avoiding viruses; and secure payments. Whilst a school may be equally concerned with blocking the downloading of illicit material.

LAN - Local Area Network - a smaller network contained within one building or site e.g. a school network. WAN - Wide Area Network - bigger networks covering cities or linking various external networks via gateways (e.g. a multi-corporate network such as Tescos or Lloyds Bank. Local Area Networks can be set up as either a Peer to Peer or a Client Server network: Peer to Peer Network All stations joined together in a peer to peer network have equal status. They are both client and server sharing resources. They are often a form of distributive processing, sharing the processing between intelligent terminals. Hardware and data files can be accessed from several computers. Applications may be stored on different computers and accessed by all as long as the owner gives permission. Work is backed up on individual user PCs.

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

Client Server Network There is one central fileserver, which stores files and/or programs to be accessed by other terminals. The central file server stores the data and programs. Access is determined by the users access rights controlled by their user names and passwords. A print server would spool data ready for despooling to a printer when the printer is ready. A communication servers e.g. web server; email server may control all email and Internet access. A network crash or cable /hub failure would mean no workstation can carry on with work. There are different types of clients: Thin clients (Dumb terminal) have no built in hard drive and only enough processing capacity to run applications and output to a monitor. Fat clients (Intelligent terminal) this is a workstation with full stand-alone capacity. It has its own hard drive for storage and a CPU. Peer to Peer vs. Client server Peer to peer Cheaper: initial start up costs and network operating system less complicated Less vulnerable to central server crashes Simpler to set up and maintain Slower processing of tasks Only works well on small networks <15 Security and backup are not centralised and difficult to manage Access to data depends upon the owners permission. Client server More expensive as software system more complex and need to buy servers. If server crashes or cable fails no user can continue work Require specialist personnel to manage system Faster processing of tasks Can manage large networks Centralised control with servers often doing many management functions themselves e.g. regular backups, auditing Offers easy access to centralised data

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

NETWORK TOPOLOGIES:- This is the physical shape or arrangement of a network There are 3 common network topologies: Bus/Ethernet Ring Star They are described in more detail below. 1. BUS or ETHERNET network (Used in LANs)

Terminator
Terminal Terminal

Fileserver PLOTTER

PRINTER

HARD DRIVE

Workstations are connected to the main central cable/bus Data can travel in both directions to reach the various nodes in the network. Two nodes could attempt to transmit at the same time and a collision will occur. To avoid this, a node waits until no traffic on the bus and pauses slightly before transmitting. If a collision occurs both nodes wait and try again at a random time interval. The main bus standard is known as Ethernet the communications uses a broadcast channel so all attached workstations can hear every transmission. A number of computers use a single channel for sending data. Only one computer can send data at any one time. A packet passes from computer to computer until it arrives at the receiving station. All stations have equal priority the maximum length of a single bus segment is 500 metres with speeds of about 10 megabits per second. About 100 stations can be attached to a BUS network but segments can be linked to form larger configurations. e.g. a school may have a bus network in the computer rooms with extra stations in adjoining rooms.

Advantages Less cable need than a ring. Relatively cheap and easy to install and maintain. 5

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

Easy to add new nodes by removing terminator If a workstation/terminal goes down the others will continue Disadvantages Heavy traffic can cause network failure and delays Heavily dependent upon the cable backbone and cable damage can cause network failure. 2. RING / Token Ring network (LAN) The Cambridge ring has no central host computer and none of the nodes need to have overall control of access to the network. Messages in the ring flow in one direction from node to node. The ring consists of a series of repeaters, which are joined by cables. The choice of cable depends upon the distance to be travelled and required speeds. Fibre optic cabling is the best but the most expensive. Fibre optic cabling would allow a ring of about 100 kilometres. Messages addressed from one node to another are passed around the ring until the receiving node is ready to receive it.

Token passing technique An imaginary token is continuously passed around the RING. A token is a small packet that contains bits of data which passes around the ring (Always the same way around) The token is recognised as a unique character sequence.

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

If a device is waiting to transmit it catches a token and with it the authority to send data. It attaches its data. The packet will contain the destination address. As long as one device has a token no other device can send data. A receiving device acknowledges it has received the message by inverting a 1 bit field. Once the sending workstation has received acknowledgement that the message has been received the token is free for use by another device.

Advantages of a Ring network: There is no dependence upon a central host as data transmission is supported by all devices on the ring. Each node has sufficient intelligence to control the transmission of data from and to its own node. Works effectively when processing is distributed across a site. Very high transmission speeds are possible. It is deterministic i.e. different performance levels can be determined for different traffic levels. Routing between devices is simple because messages normally travel in one direction. As data is in one direction it can transmit large volumes of data Disadvantages Systems depend upon the reliability of the ring repeaters although it can be designed to bypass faulty repeaters. If one node malfunctions this can affect the operation of the network. Cabling costs Difficult to extend the ring.
NB Often used in conjunction with a Bus network. A fibre optic cable might provide a high-speed bus through a building with a network hub/switches attached to provide access for a number of computers in various sections.

3. STAR network Each node is connected to a fileserver at the centre. This is a common topology for a WAN. Messages pass through the host which interconnects different devices on the network. The central host switches messages point to point.

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

T6 HARD DISC

T7

T8 Scanner

FILESERVER
COMMUNICATIONS SERVER

T5 PRINTER T1 T2 T3 T4

Advantages of a Star network Suitable for WANs where large organisations rely on a central computer for the bulk of data processing tasks Central control of message switching allows a high degree of security Each spoke is independent of the rest. If one spoke breaks down the others can continue and the central CPU can identify any faults Data transmission speeds can vary from spoke to spoke so one can use a high-speed device and another a low speed e.g. disc drive. Saves cabling.

Disadvantages Network is vulnerable to central hub failures. As a distributed system, some processing is still possible at the nodes but inter-node connection is lost. A mini or mainframe computer is needed to control messaging in a WAN, so hardware and software is expensive.

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

Wireless Networking- Cable-less Connectivity

Radio Transmission Devices in the network have radio transmission facilities and radio receivers. These radio receivers constantly scan the airways for incoming signals. When it detects a signal it recognises, it captures it and converts it to digital form. The digital signal can be transmitted to the CPU either by cable or wireless routers. People now need to be mobile and still access their networks, email accounts etc. e.g. doctors at the scene of an accident accessing patient records. Wireless networks may be used as part of a LAN e.g. a mobile bar code reader in a warehouse, laptops on the school network. Part of a WAN or Virtual Private Network e.g. a delivery driver using a hand held device to confirm deliveries with a central database. Wireless systems transmit using radio waves or infra red light. Infra red refers to light waves of a lower frequency than human eyes can receive and interpret. Infrared is used in most television remote control systems, and with a standard called IrDA (Infrared Data Association) it's used to connect some computers with peripheral devices. For most of these computer and entertainment purposes, infrared is used in a digital mode - the signal is pulsed on and off very quickly to send data from one point to another. Advantages: Infrared communications are fairly reliable and don't cost very much to build into a device. Disadvantages: It can only travel short distances. Infrared is a "line of sight" technology. For example, you have to point the remote control at the television or DVD player to make things happen. Infrared is almost always a "one to one" (Remote to one TV) technology. Bluetooth technology (such as wireless mouse, keyboards, printers). Bluetooth adapter cards can be plugged plug into your PDA, PC, or laptop computer, and enable the user to effortlessly transfer data to other Bluetooth devices such as

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

desktop or notebook computers, input devices, PDAs, scanners, printers, and even mobile phones. Connect with up to seven other Bluetooth devices at a time.

Broadband and wireless networking

The broadband connection gives faster access speeds to the Internet and wireless routers give wireless connection to the wireless adaptor in your PC. Average home speeds of about 54 Mbps are possible.

Advantages of Broadband

Faster connection when you want to be online Savings on telephone bills Faster downloading of programs, email, attachments songs, graphics-rich sites, animations and video clips Play interactive games at top speed against gamers around the globe Use telephone and be on the Internet at the same time Real-time services such as web cams and radio are better quality Work from home with high speed access to corporate networks

Disadvantages of broadband

Higher subscription costs Local exchanges may not be capable of very high speed digital transmission

Software Components
Network management, administration and problem solving strategies.

User accounts and logs

Each user must have an account with a user name and password. The account will have permissions i.e. access rights to files and data such as read only, right only, read and write, and there will be restrictions of programs or data they can access. e.g. a member of the Personnel Department may be able to write, add and delete files of workers but a worker may only be able to read their personnel file. The resources; disk space, printers they can use etc will be allocated to their account. Auditing software keeps a record of who has logged on, when, how long, what programs and data was used and what was amended. Therefore any illicit use of the system can

Auditing

10

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

Remote management

be tracked and evidenced. Networks can now be managed remotely from other rooms, buildings or across many sites by network management companies. E.g. A workstation left unattended can be logged off. Network managers can observe what users are doing. Remote technicians can find and fix software problems with the network

Configuratio n management

Factors to be considered when making configuration choices.

Applications Software choices What applications e.g. an Office type suite would allow easier maintenance and support from IT staff and documents and other data can be shared. What appearance on the desktop will be allowed? Restrictions on downloading to prevent harmful software for personal use. Operating systems and network management software What operating systems and network is suitable? Windows 2000/ XP network; UNIX ?? Hardware What hardware is on the network? Ideally everyone should have identical workstations to make maintenance simpler but this does not often happen as existing workstation have to be added to a newer network. Replacing all workstations would be too expensive for most organisations and time for installation needs to be staggered so the company can continue functioning. What peripherals should be on the network and who has access to them? Range of User needs Some users will have different skills and requirements. Some may only use 1 package occasionally whilst others may use very technically demanding software constantly. The skills users have already and their confidence in using them must be considered and retraining given if required. Future proofing Make sure the system has a reasonable life span. Many companies replace computers every 3 to 4 years as they become too slow to cope with modern software.

11

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

The format of the data must be considered. Old archived data must be able to be processed as well as new data. Storage media must be capable of being read in the future. Programs must have backward compatibility. Network cabling and network infrastructure such as routers, bridges, switches and servers installed must be capable of taking an expansion in future traffic at reasonable speed When making choices it must be flexible and simple to expand. Avoid over reliance on one supplier as if they go bust you may not have the expertise to fix problems. Having an up to date ICT system can inspire confidence in customers and give staff better working conditions.

Security strategies

Threats:
Hacking Spreading viruses Deliberate or accidental destruction of data Data integrity White collar crime Fire Theft Terrorism /sabotage Consequences Loss of business and income Loss of reputation Legal action

Prevention of deliberate crimes or misuse

1. Hacking unauthorised access

Unauthorised access can be reduced by assigning different access rights to different users. For example, network managers can be given complete access to the network whilst other users may be limited to certain types of applications software such as word processors.

Define security status and access rights for users o All authorised users should be given user names and passwords. This will limit unauthorised access to the network. Hierarchy of Passwords o Identification (User Name) o Authentication (Password) o Authorisation (What files you can see and what youre allowed to do)

12

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

Enforce a strict password regime. o Passwords must be kept secret; o never written down o at least 8 characters long o a mixture of upper and lower case numbers and letters; o not allowed to reuse old passwords; o do not use familiar names which are easy to guess. o Users should change their passwords frequently.
Restrict physical access to files o smart cards to control entrance to rooms. Secured areas to hold servers o Biometric scans such as voice or hand prints; retina scans; o Security of document filing systems. Access Security limits a persons use of the network

Firewalls A dedicated gateway machine with special security precautions on it, used to monitor network, especially Internet, connections. The idea is to protect a network segment and its files from hackers. This prevents intrusion from an Internet access Point. It can be firewall software or a dedicated iron/sandbox. It authenticates messages coming into the network and verifies the legitimacy of the user to enter the network. If a packet of data cannot be authenticated then it is removed and not let through. This is used to try to control hacking and malicious spreading of a virus.

An iron/sandbox is a special environment set up to trap a hacker logging in over remote connections. May include a modified shell restricting the hacker's movements in unobvious ways, and "bait" files designed to keep him interested and logged on until he can be traced.
Proxy servers This device tries to stop intruders from identifying the IP (Internet Protocol) address of a user workstation accessing the Internet. The IP address of any user wanting to use the Internet sends a request to the proxy server who notes this IP address. The proxy server sends the request out to the Internet and it gets the return response, which then sends it to the user IP address. Outsiders only see the IP address of the proxy server and not of the user workstation. This is of little use to a hacker. Call Back procedures Some companies operate a dial-back system. A user logs on to a

13

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

computer, which immediately disconnects the line and dials the user back. This would stop a user logging on with someone else's password. If data is transmitted through a network there needs to be measures to ensure the data is secure. If users are sending their credit card details over the Internet then it is important that hackers cannot access them Encryption Data transmitted over a network is coded before transmission (using a key). This means that anybody intercepting the transmitted data would not be able to understand it. The data needs to be de-coded by the proper recipient (using the same key).

2. Spreading a computer virus

These are programs introduced into computer systems which destroy or alter files by rewriting over data or by copying themselves over and over again until computer system is full and cannot continue. Prevention o Firewalls o Dont download unknown programs from the Internet straight to hard disc. Only use reputable sources. o Write protect media so cant be written onto o Dont copy illegal software o Use a virus scanning software and virus eradication program. Make sure this is kept up to date with the latest virus definitions available from the Internet. o Use diskless workstations on networks o Control access to portable media and do not let users use own disk etc on the organisations system.

3. Computer fraud white-collar crime

Bogus data entry when entering data Bogus output -output may be destroyed to prevent discovery of fraudulent data entry or processing Alteration of files e.g. employee alters salary rate or hours worked Program Patching introduction of an additional subroutine or code e.g. channel funds into a fictitious account or transmit codes to get free telephone calls Suspense accounts rejected or un-reconciled accounts may be

14

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

redirected into a colluding account. Blackmailing with threat of virus Deliberate data destruction to cause havoc and financial loss to a competitor

Prevention of White Collar computer crimes Monitor all programs. Users' actions should also be monitored and logged. All users should be identifiable and all files capable of being audited. Online transaction logs should be kept. Auditing procedures to detect fraud Divide up programming tasks so no one programmer has responsibility for writing a program common in banks. Control access to hardware and software.

Often companies are unwilling to disclose crimes against them because: It could lead to loss of public confidence in the security of the data. Often their own security teams can be involved and this would again question their efficiency. Computer crime is often relatively easy because: Users do not have a great deal of technical knowledge Many external auditors do not have the expertise to trace programs but rely on printouts.

4. Physical theft or destruction of computer equipment

Use locking devices - lock computers to desks; keep doors and windows locked. Serial numbers Keep a record of all serial numbers. Restrict access to rooms with smart cards, hand or voice prints, retina scans. Use fire doors and smoke alarms.

Physical protection of the data from accidental destruction

Accidental destruction of files.

Backup systems including o Keep back up files on a different site and/or in fireproof containers o Use an online tape or disc streamer which automatically backs up data on a network o Use grandfather-father-son security system in batch processing systems. E.g. payroll

15

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

RAID systems mirror discs (Redundant Array of Inexpensive Disc)

Prevent overwriting o Put the write protect notch on your disc o Make hard discs read only

Accidental Corruption/Data Integrity The integrity of the data is ensured by: Clerical procedures e.g asking customers to confirm name and address date of birth agreed words etc, Double entry keying Check / parity bit A Parity Bit is a single bit (0 or 1) added onto the end of a byte of data. If even parity is used then the number of 1 bits in any transmitted data must always be even. In the following two bytes, the last bit is the parity bit:

0 0 1 0 1 1 0 1 1 1 1 0 1 1 1 0
The receiving computer will check the number of 1 bits in the data. If data is received with an odd number of bits then the computer will know the data has been corrupted during the transmission - and will ask for the data to be sent again. Odd parity uses an odd number of 1-bits in every byte. Validation procedures - Range checks; presence checks; check digits; format checks; input masks etc. Why is disaster planning important? A computer system can crash E.g. hardware failure - e.g. hard drive head crash software failure - resource problems or errors Floods, fire, bombs cannot always be prevented There may be deliberate vandalism/terrorism /hacking or accidental altering of data e.g. by inexperienced employees Networks may go down preventing communication.

Disaster Planning

Companies must: Ensure data, hardware and software is not lost or damaged. Restore communication systems as quickly as possible. Consequences: Loss of business and income Loss of reputation

16

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

Legal action Physical security Prevention of misuse Availability of an alternative computer system and back up power supply Audit trails for detection Continuous investigation of irregularities System Access - establishing procedures for accessing data such as log on procedures, firewalls Operational procedures Disaster recovery planning and dealing with threats from viruses Personnel administration Staff code of conduct and responsibilities; staff training Policy and maintenance staff available.

Factors to be taken into account when designing security policies

Operational

Disciplinary procedures. Screening potential employees Routines for distributing updated virus information and virus scanning procedures Define procedures for downloading from the Internet, use of floppy discs, personal backup procedures Establish security rights for updating web pages Establish a disaster recovery programme Set up auditing procedures (Audit trails) to detect misuse.

Factors determining how much a company spends to develop control, minimising risk.

Three phases of a Disaster Recovery Plan

1. What to do before? Do a risk analysis of potential threats Identify potential risks Likelihood of risk occurring Short and long term consequences of threat How well equipped is the company to deal with threat

Put preventive measures in place. Establish physical protection system (firewalls etc.) Establish security rights for file access and updating web pages Establish a disaster recovery programme Set up auditing procedures (Audit trails) to detect misuse Staff training in operational procedures.

17

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

Screening potential employees Routines for distributing updated virus information and virus scanning procedures Define procedures for downloading from the Internet, use of floppy discs, personal backup procedures Define staff code of conduct for using computer systems e.g. no abusive emails. No illicit use etc. 2. What to do during? What response should staff make when the disaster occurs?

3. What to do after? Implement recovery measures:

Hardware can be replaced. Software can be re-installed (or de-bugged by the programming department). The real problem is the data. No business can afford to lose its data. Backups of all data should be regularly made. This means that the worst case scenario is that the business has to go back to the situation of the last backup and carry on from there. Backups may take a long time - often tape-streamed at night. Alternative communication /computer systems may be arranged in case a network goes down or alternative power supply.

18

Ogmore School A2 ICT Theory Notes

3.4.1 Networks

Exercise: If you were the network manager for this school what would be your security / disaster avoidance policy?
Hardware and software policy

Network procedures

Backup strategies and Storage Media Preventing theft

User awareness Power supply

Fire prevention

19