SlideShare une entreprise Scribd logo

network administration directory access and remote access

Télécharger en tant que PPTX, PDF
S
Sangeetha Rangarajan

Network management Administration unit 1 directory services and remote access and VPN n DSL

Formation
1  sur  71
S.RANGARAJAN COMPUTER DEPT
Exploring Directory Services and Remote Access
INDEX 1. Directory Service 2. NOVELL DIRECTORY SERVICE 3. WINDOWS DOMAIN 4. X.500 DIRECTORY ACCESS PROTOCOL 5. LDAP (LIGHTWEIGHT DIRECTORY ACCESS PROTOCOL) 6. ACTIVE DIRECTORY ARCHITECTURE 7. REMOTE NETWORK ACCESS 8. PSTN (PUBLIC SWITCHING TELEPHONE NETWORK) 9. ISDN (INTEGRATED SERVICE DIGITAL NETWORK) 10. DSL (DIGITAL SUBSCRIBER LINE) 11. CATV (COMMUNITY ANTENNA TELEVISION) 12. VPN (VIRTUAL PRIVATE NETWORK)
Directory Service  In computing, directory service or name service maps the names of network resources to their respective network addresses.  It is a shared information infrastructure for locating, managing, administering and organizing everyday items and network resources, which can include volumes, folders, files, printers, users, groups, devices, telephone numbers and other objects.  A directory service is a critical component of a network operating system
 A directory server is a server which provides such a service.  Each resource on the network is considered an object by the directory server.  Information about a particular resource is stored as a collection of attributes associated with that resource or object.  A directory service defines a namespace for the network.  The namespace is used to assign a "name" (unique identifier) to each of the objects.  Directories typically have a set of rules determining how network resources are named and identified, which usually includes a requirement that the identifiers be unique and unambiguous.
 When using a directory service, a user does not have to remember the physical address of a network resource; providing a name locates the resource.  Some directory services include access control provisions, limiting the availability of directory information to authorized users.
Characteristics of Directory Services 1. Hierarchical naming model:Follows a tree structure for naming. 2. Extended search capability:can search because of tree like structure. 3. Distributed information model:can be accessed distributedly. 4. Shared network access:The resources are shared over the network. 5. Replicated data:The data is redundant to avoid failure. 6. Data store optimized for reads: reads are more optimised than the reads.
Novell Directory Service  eDirectory is an X.500-compatible directory service software product from NetIQ.  Previously owned by Novell, the product has also been known as Novell Directory Services (NDS) and sometimes referred to as NetWare Directory Services.  NDS was initially released by Novell in 1993 for Netware 4, replacing the Netware bindery mechanism used in previous versions, for centrally managing access to resources on multiple servers and computers within a given network. 
 eDirectory is a hierarchical, object oriented database used to represent certain assets in an organization in a logical tree, including organizations, organizational units, people, positions, servers, volumes, workstations, applications, printers, services, and groups to name just a few.  NDS can be installed to run under Windows NT, Sun- Microsystems’s Solaris and UNIX and as well as under Novelle’s own Netware.  So, it can be used to control a multi-platform network.
Windows Domain  A Windows domain is a form of a computer network in which all user accounts, computers, printers and other security principals, are registered with a central database located on one or more clusters of central computers known as domain controllers.  Authentication takes place on domain controllers.  Each person who uses computers within a domain receives a unique user account that can then be assigned access to resources within the domain.
 Starting with Windows 2000, Active Directory is the Windows component in charge of maintaining that central database.  The concept of Windows domain is in contrast with that of a workgroup in which each computer maintains its own database of security principals.  Computers can connect to a domain via LAN, WAN or using a VPN connection.
 Users of a domain are able to use enhanced security for their VPN connection due to the support for a certification authority which is gained when a domain is added to a network, and as a result smart cards and digital certificates can be used to confirm identities and protect stored information.
Domain Controller  In a Windows domain, the directory resides on computers that are configured as "domain controllers."  A domain controller is a Windows or Samba server that manages all security-related aspects between user and domain interactions, centralizing security and administration.  A domain controller is generally suited for businesses and/or organizations when more than 10 PCs are in use.  A domain does not refer to a single location or specific type of network configuration.  The computers in a domain can share physical proximity on a small LAN or they can be located in different parts of the world.
Workgroup  Windows Workgroups, by contrast, is the other model for grouping computers running Windows in a networking environment which ships with Windows.  Workgroup computers are considered to be 'standalone' - i.e. there is no formal membership or authentication process formed by the workgroup.  A workgroup does not have servers and clients, and hence represents the peer-to-peer (or client-to-client) networking paradigm, rather than the centralized architecture constituted by Server-Client.  Workgroups are considered difficult to manage beyond a dozen clients, and lack single sign on, scalability, resilience/disaster recovery functionality, and many security features.  Windows Workgroups are more suitable for small or home- office networks.
X.500 DIRECTORY ACCESS PROTOCOL  X.500 is a series of computer networking standards covering electronic directory services.  The X.500 series was developed by ITU-T, formerly known as CCITT, and first approved in 1988.  The directory services were developed in order to support the requirements of X.400 electronic mail exchange and name lookup.  ISO was a partner in developing the standards, incorporating them into the Open Systems Interconnection suite of protocols. ISO/IEC 9594 is the corresponding ISO identification.
X.500 protocols  The protocols defined by X.500 include  DAP (Directory Access Protocol)  DSP (Directory System Protocol)  DISP (Directory Information Shadowing Protocol)  DOP (Directory Operational Bindings Management Protocol)  Because these protocols used the OSI networking stack, a number of alternatives to DAP were developed to allow Internet clients to access the X.500  Directory using the TCP/IP networking stack.  The most well-known alternative to DAP is Lightweight Directory Access Protocol (LDAP).  While DAP and the other X.500 protocols can now use the TCP/IP networking stack, LDAP remains a popular directory access protocol.
 The primary concept of X.500 is that there is a single Directory Information Tree (DIT), a hierarchical organization of entries which are distributed across one or more servers, called Directory System Agents (DSA).  An entry consists of a set of attributes, each attribute with one or more values.  Each entry has a unique Distinguished Name, formed by combining its Relative Distinguished Name (RDN), one or more attributes of the entry itself, and the RDNs of each of the superior entries up to the root of the DIT.  As LDAP implements a very similar data model to that of X.500, there is further description of the data model in the article on LDAP.
 X.520 and X.521 together provide a definition of a set of attributes and object classes to be used for representing people and organizations as entries in the DIT.  They are one of the most widely deployed white pages schema.  X.509, the portion of the standard providing for an authentication framework, is now also widely used outside of the X.500 directory protocols. It specifies a standard format for public-key certificates.  X.509v3 is used for digital certificates for e-commerce
LDAP (LIGHTWEIGHT DIRECTORY ACCESS PROTOCOL)  The Lightweight Directory Access Protocol is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network.  Directory services play an important role in developing intranet and Internet applications by allowing the sharing of information about users, systems, networks, services, and applications throughout the network.  As examples, directory services may provide any organized set of records, often with a hierarchical structure, such as a corporate email directory.  Similarly, a telephone directory is a list of subscribers with an address and a phone number.
 LDAP is specified in a series of Internet Engineering Task Force (IETF) Standard Track publications called Request for Comments (RFCs), using the description language ASN.  The latest specification is Version 3, published as RFC 4511.  A common use of LDAP is to provide a central place to store usernames and passwords. This allows many different applications and services to connect to the LDAP server to validate users.  LDAP is based on a simpler subset of the standards contained within the X.500 standard. Because of this relationship, LDAP is sometimes called X.500-lite.
History Telecommunication companies' understanding of directory requirements were well developed after some 70 years of producing and managing telephone directories.  These companies introduced the concept of directory services to information technology and computer networking, their input culminating in the comprehensive X.500 specification, a suite of protocols produced by the International Telecommunication Union (ITU) in the 1980s.  X.500 directory services were traditionally accessed via the X.500 Directory Access Protocol (DAP), which required the Open Systems Interconnection (OSI) protocol stack.  LDAP was originally intended to be a lightweight alternative protocol for accessing
 In the early engineering stages of LDAP, it was known as Lightweight Directory Browsing Protocol, or LDBP. It was renamed with the expansion of the scope of the protocol beyond directory browsing and searching, to include directory update functions.  It was given its Lightweight name because it was not as network intensive as its DAP predecessor and thus was more easily implemented over the Internet due to its relatively modest bandwidth usage.
Protocol Operations  Add/Delete/Modify entries.  Search the DIT (retrieving info)  Authenticate the client (the bind-operation)
ACTIVE DIRECTORY ARCHITECTURE  Active Directory (AD) is a directory service that Microsoft developed for Windows domain networks.  It is included in most Windows Server operating systems as a set of processes and services.  Initially, Active Directory was only in charge of centralized domain management. Starting with Windows Server 2008, however, Active Directory became an umbrella title for a broad range of directory-based identity-related services.  A server running Active Directory Domain Services (AD DS) is called a domain controller. It authenticates and authorizes all users and computers in a Windows domain type network—assigning and enforcing security policies for all computers and installing or updating software.
Object types in AD  Container object  Leaf object
Container Object  A container object is simply an object that stores other objects.  Container objects are function as the branches of the tree.  AD uses container objects such as organizational unit (OUs) and groups to store other objects.  Container can store other container or leaf objects, such as users and computers.  The guiding rule of directory tree design is that rights and permission flow downward through the tree.  Assigning a right to a container object means that by default all of the objects in the container inherit that right.
Leaf Object  A leaf object stands alone and cannot store other objects.
Object naming in AD  Every object in active directory database is uniquely identified.  The naming conventions are based on the LDAP standard.  The distinguished name (DN) of an object consist of the name of the domain in which the object is located, plus the path down the domain tree through the container objects to the object itself.  The part of object’s name that is stored in the object itself is called its relative distinguished name (RDN).
Canonical Names  Most active directory applications refer to objects using their canonical names.  A canonical name is DN in which the domain name comes first, followed by the names of the object’s parent containers working down from the root of the domain and separated by forward slashes, followed by the object’s RDN.  For example: zacker.com/sales/inside/jdoe
LDAP notation  The same DN can also be expressed in LDAP notation. Cn=jdoe,ou=inside,ou=sales,dc=zacker,dc=com cn=common name ou=organizational unit dc=domain component
Globally unique identifier (GUID)  Every object in tree has a globally unique identifier (GUID).  It is a 128 bit number that is automatically assigned by the directory system when the object is created.  DN changes if you move the object to a different container but the GUID is permanent and serves as the ultimate identifier for the object
User Principle Name (UPN)  Distinguished names are used by application and services when they communicate with active directory but they are not easy for users to understand type or remember.  Therefore each user object has a User Principle Name (UPN) that consists of a username and a suffix, separated by an @ symbol.  The user name part of UPN is the user object’s RDN and suffix is the domain name in which the user object is located.  If network consists of multiple domains, you can optional to use a single domain name as the suffix for all of your user’s UPN  This way UPN can remain unchanged even if you move your object to different domain  For ex: jdoe@zacker.com
Active directory structure element  Object:Active directory is composed of objects, which represent the various resources on a network, such as users, servers, printers and applications.  An object is a collection of attributes that define the resources, give it a name, define its capabilities, and specify who should be permitted to use it  Domain:A domain is the basic unit of grouping related objects in active directory. Every domain must have at- least one domain-controller, which is server that is responsible for the domain.  Organizational unit:Many domains have too many objects to manage altogether in a single group. In active directory you can create one or more organization units.  Trees:A tree is a set of active directory names that share a common name space.  Forest:A forest is a collection of trees. In other words, a forest is a collection of one or more domain trees that do not share a common parent domain
REMOTE NETWORK ACCESS  Remote access usually means allowing a person to access the office network/computer from a remote location.  It could be an employee who needs to access workplace files while working from home. Or an executive wants to connect to his/her own computer while traveling so that productivity can be maintained.  If only files or network services are needed, then remote network access would be the right solution.  After remote network access is established, a user can access the remote network and its resources such as shared files, VOIP line, connect to database and/or email servers such as Oracle Database and Microsoft Exchange.
Need of Remote Network Access  Use a computer to work from any non-University location connect to campus networks or systems from off-campus, including  your workstation  departmental file systems, shared drives or shared servers  Conduct University business over a non-University network (wired or wireless)  Use a computer for University business that is shared by non-University individuals, including children, family or friends  Use a non-University computer for University business
PSTN (Public Switching Telephone Network)  The public switched telephone network (PSTN) is the aggregate of the world's circuit-switched telephone networks that are operated by national, regional, or local telephony operators, providing infrastructure and services for public telecommunication.  The PSTN consists of telephone lines, fiber optic cables, microwave transmission links, cellular networks, communications satellites, and undersea telephone cables, all interconnected by switching centers, thus allowing most telephones to communicate with each other.  Originally a network of fixed-line analog telephone systems, the PSTN is now almost entirely digital in its core network and includes mobile and other networks, as well as fixed telephones.
 The technical operation of the PSTN adheres to the standards created by the ITU-T. These standards allow different networks in different countries to interconnect seamlessly.  The E.163 and E.164 standards provide a single global address space for telephone numbers. The combination of the interconnected networks and the single numbering plan allow telephones around the world to dial each other.
 Regular telephone service that gives a dial tone, and the ability to dial up any phone number for analog (voice) or digital (data) communications over ordinary telephone lines.  This service sets up a path (circuit) between the calling and the called party, and maintains it for the duration of the call also called public switched telephone network.  All the regional offices are connected using mesh topology.  Accessing a switching station at the end office is accomplished through dialing.  Dialing is accomplished through a touch tone technique.
 In this method the user send two small burst of analog signals, called dual tone.  The frequency of signals sent depends on the row and column of the pressed pad.  When a user dials, for example the number is 8, two burst of analog signals with frequency 852 Hz and 1336 Hz are sent to the end office.
ISDN  Integrated Services Digital Network standards for simultaneous (ISDN) is a set of communication digital transmission of voice, video, data, and other network services over the traditional circuits of the public switched telephone network.  It was first defined in 1988 in the CCITT red book. Prior to ISDN, the telephone system was viewed as a way to transport voice, with some special services available for data.  The key feature of ISDN is that it integrates speech and data on the same lines, adding features that were not available in the classic telephone system.  The ISDN standards define several kinds of access interfaces, such as Basic Rate Interface (BRI), Primary Rate Interface (PRI), Narrowband ISDN (N-ISDN), and Broadband ISDN (B-ISDN).
 ISDN is a circuit-switched telephone network system, which also provides access to packet switched networks, designed to allow digital transmission of voice and data over ordinary telephone copper wires, resulting in potentially better voice quality than an analog phone can provide.
 ISDN is employed as the network, data-link and physical layers in the context of the OSI model, or could be considered a suite of digital services existing on layers 1, 2, and 3 of the OSI model.  In a videoconference, ISDN provides simultaneous voice, video, and text transmission between individual desktop videoconferencing systems and group (room) videoconferencing systems.
ISDN channel Types  Bearer channel (B channel) :  A bearer channel is defined at a rate of 64 Kbps. It is the basic user channel and can carry any type of digital information in full-duplex mode as long as the required transmission rate does not exceed 64 Kbps.  Data Channel (D channel) :  A data channel can be either 16 or 64 Kbps, depending on the needs of the user. The name says data but the primary function of a D channel is to carry control signaling for the B channel.  Hybrid channel (H channel) :  Hybrid channels are available with data rates of 384 Kbps (H0), 1536 Kbps (H11), or 1920 Kbps (H12). These rates suit H channels for high data-rate applications such as video, teleconferencing and so on.
User Interfaces  There are generally two types of access interfaces to ISDN defined as Basic Rate Interface (BRI) and Primary Rate Interface (PRI)  Both include a number of B-channels (Bearer) and a D-channel (Data).  Each B-channel carries data, voice, and other services. The D-channel carries control and signaling (request and response) information
Basic Rate Interface (BRI)  The entry level interface to ISDN is the Basic Rate Interface (BRI), a 128 kbit/s service delivered over a pair of standard telephone copper wires.  The 144 kbit/s payload rate is broken down into two 64 kbit/s bearer channels ('B' channels) and one 16 kbit/s signaling channel ('D' channel or data channel). This is sometimes referred to as 2B+D.
 The interface specifies the following network interfaces:  The U interface is a two-wire interface between the exchange and a network terminating unit, which is usually the demarcation point in non-North American networks.  The T interface is a serial interface between a computing device and a terminal adapter, which is the digital equivalent of a modem.  The S interface is a four-wire bus that ISDN consumer devices plug into; the S & T reference points are commonly implemented as a single interface labeled 'S/T' on a Network termination 1 (NT1).  The R interface defines the point between a non-ISDN device and a terminal adapter (TA) which provides translation to and from such a device.  BRI-ISDN is very popular in Europe but is much less common in North America. It is also common in Japan — where it is known as INS64.
 2B +1D =2(64) + 1(16) =144 Kbps
Primary Rate Interface  Primary Rate Interface (PRI), for larger users.  PRI has two interface line E1 (E-carrier line in European countries) T1 (T-carrier system line in the U.S., Canada, and Japan)  The Primary Rate Interface consists of 23 B-channels and one 64 Kbps D-channel using a T1 line or 30 B- channels and 1 D-channel using an E1 line.  Thus, a Primary Rate Interface user on a T-1 line can have up to 1.544 Mbps service or up to 2.048 Mbps service on an E1 line.
 T1 23B+1D =23(64) +64=1.54 Mbps and E1 30B+1D=30(64) + 64=2.048 Mbps  PRI connection can connect 30 phone lines in single T1 connection. 
DSL (Digital subscriber line)  Digital subscriber line (DSL; originally digital subscriber loop) is a family of technologies that are used to transmit digital data over telephone lines.  In telecommunications marketing, the term DSL is widely understood to mean asymmetric digital subscriber line (ADSL), the most commonly installed DSL technology, for Internet access  DSL service can be delivered simultaneously with wired telephone service on the same telephone line. This is possible because DSL uses higher frequency bands for data. On the customer premises, a DSL filter on each non-DSL outlet blocks any high-frequency interference to enable simultaneous use of the voice and DSL services.  In ADSL, the data throughput in the upstream direction (the direction to the service provider) is lower, hence the designation of asymmetric service. In symmetric digital subscriber line (SDSL) services, the downstream and upstream data rates are equal. Researchers at Bell Labs have reached speeds of 10 Gbit/s, while delivering 1 Gbit/s symmetrical broadband access services using traditional copper telephone lines.
ADSL  The first technology in the set is asymmetric DSL (ADSL).  ADSL, like a 56K modem, provides higher speed (bit rate) in the downstream direction (from the Internet to the resident) than in the upstream direction (from the resident to the Internet).  That is the reason it is called asymmetric. Unlike the asymmetry in 56K modems, the designers of ADSL specifically divided the available bandwidth of the local loop unevenly for the residential customer.  The service is not suitable for business customers who need a large bandwidth in both directions.
CATV (Community antenna television)  Cable television is a system of delivering television programming to paying subscribers via radio frequency (RF) signals transmitted through coaxial cables or, in the 2010s, light pulses through fiber-optic cables.  This contrasts with broadcast television, in which the television signal is transmitted over the air by radio waves and received by a television antenna attached to the television.  FM radio programming, high-speed Internet, telephone services, and similar non-television services may also be provided through these cables.  Analog television was standard in the 20th century, but since the 2000s, cable systems have been upgraded to digital cable operation.
VPN  A virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.  Applications running across the VPN may therefore benefit from the functionality, security, and management of the private network
 Virtual Private Networks may allow employees to securely access a corporate intranet while located outside the office.  They are used to securely connect geographically separated offices of an organization, creating one cohesive network. Individual Internet users may secure their wireless transactions with a VPN, to circumvent geo-restrictions and censorship, or to connect to proxy servers for the purpose of protecting personal identity and location.  However, some Internet sites block access to known VPN technology to prevent the circumvention of their geo- restrictions
 A VPN is created by establishing a virtual point-to- point connection through the use of dedicated connections, virtual tunneling protocols, or traffic encryption.  A VPN available from the public Internet can provide some of the benefits of a wide area network (WAN). From a user perspective, the resources available within the private network can be accessed remotely.
 VPNs cannot make online connections completely anonymous, but they can usually increase privacy and security. To prevent disclosure of private information, VPNs typically allow only authenticated remote access using tunneling protocols and encryption techniques.  The VPN security model provides:  Confidentiality such that even if the network traffic is sniffed at the packet level (see network sniffer and Deep packet inspection), an attacker would only see encrypted data  Sender authentication to prevent unauthorized users from accessing the VPN  Message integrity to detect any instances of tampering with transmitted messages
Tunneling  In computer networks, a tunneling protocol allows a network user to access or provide a network service that the underlying network does not support or provide directly.  One important use of a tunneling protocol is to allow a foreign protocol to run over a network that does not support that particular protocol; for example, running IPv6 over IPv4.  Another important use is to provide services that are impractical or unsafe to be offered using only the underlying network services; for example, providing a corporate network address to a remote user whose physical network address is not part of the corporate network.  Because tunneling involves repackaging the traffic data into a different form, perhaps with encryption as standard, a third use is to hide the nature of the traffic that is run through the tunnels.
 The tunneling protocol works by using the data portion of a packet (the payload) to carry the packets that actually provide the service.  Tunneling uses a layered protocol model such as those of the OSI or TCP/IP protocol suite, but usually violates the layering when using the payload to carry a service not normally provided by the network.  Typically, the delivery protocol operates at an equal or higher level in the layered model than the payload protocol.
Types of VPN  Remote Access VPN:- Also called as Virtual Private dial-up network (VPDN) is mainly used in scenarios where remote access to a network becomes essential. Remote access VPN allows data to be accessed between a company’s private network and remote users through a third party service provider; Enterprise service provider  Site to Site VPN – Intranet based: This type of VPN can be used when multiple Remote locations are present and can be made to join to a single network. Machines present on these remote locations work as if they are working on a single network.  Site to Site VPN – Extranet based: This type of VPN can be used when several different companies need to work in a shared environment. E.g. Distributors and service companies. This network is more manageable and reliable
VPN Protocols 1. PPTP 2. L2tp 3. Ipsec 4. SSL
PPTP  PPTP (Point-to-Point Tunneling Protocol) it’s the most widely supported VPN method among Windows users and it was created by Microsoft in association with other technology companies.  The disadvantage of PPTP is that it does not provide encryption and it relies on the PPP (Point-to-Point Protocol) protocol to implement security measures  But compared to other methods, PPTP is faster and it is also available for Linux and Mac users.
L2TP  L2TP (Layer 2 Tunneling Protocol) it’s another tunneling protocol that supports VPNs. Like PPTP, L2TP does not provide encryption and it relies on PPP protocol to do this.  The difference between PPTP and L2TP is that the second one provides not only data confidentiality but also data integrity.  L2TP was developed by Microsoft and Cisco as a combination between PPTP and L2F(Layer 2 Forwarding).
IPsec  IPsec protocol can be used for encryption in correlation with L2TP tunneling protocol. It is used as a “protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a data stream”. IPSec requires expensive, time consuming client installations and this can be considered an important disadvantage.
SSL  SSL (Secure Socket Layer) is a VPN accessible via https over web browser. The advantage of this SSL VPN is that it doesn’t need any software installed because it uses the web browser as the client application. Through SSL VPNs the user’s access can be restrict to specific applications instead of allowing access to the whole network.

Recommandé

Chapter 1 characterisation of distributed systems
Chapter 1 characterisation of distributed systemsChapter 1 characterisation of distributed systems
Chapter 1 characterisation of distributed systemsAbDul ThaYyal
 
Distributed computing
Distributed computingDistributed computing
Distributed computingSubhash Basistha
 
WORDNET: A Database of Lexical Relations
WORDNET: A Database of Lexical RelationsWORDNET: A Database of Lexical Relations
WORDNET: A Database of Lexical RelationsAhmed Abd-Elwasaa
 
Cloud Computing Tools
Cloud Computing ToolsCloud Computing Tools
Cloud Computing ToolsJithin Parakka
 
1 virtualization
1 virtualization1 virtualization
1 virtualizationROSHNI PRADHAN
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
Historical development of cloud computing
Historical development of cloud computingHistorical development of cloud computing
Historical development of cloud computinggaurav jain
 
Chap 2 virtulizatin
Chap 2 virtulizatinChap 2 virtulizatin
Chap 2 virtulizatinRaj Sarode
 

Recommandé

Chapter 1 characterisation of distributed systems
Chapter 1 characterisation of distributed systemsChapter 1 characterisation of distributed systems
Chapter 1 characterisation of distributed systemsAbDul ThaYyal
 
Distributed computing
Distributed computingDistributed computing
Distributed computingSubhash Basistha
 
WORDNET: A Database of Lexical Relations
WORDNET: A Database of Lexical RelationsWORDNET: A Database of Lexical Relations
WORDNET: A Database of Lexical RelationsAhmed Abd-Elwasaa
 
Cloud Computing Tools
Cloud Computing ToolsCloud Computing Tools
Cloud Computing ToolsJithin Parakka
 
1 virtualization
1 virtualization1 virtualization
1 virtualizationROSHNI PRADHAN
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
Historical development of cloud computing
Historical development of cloud computingHistorical development of cloud computing
Historical development of cloud computinggaurav jain
 
Chap 2 virtulizatin
Chap 2 virtulizatinChap 2 virtulizatin
Chap 2 virtulizatinRaj Sarode
 
Hypervisor
HypervisorHypervisor
Hypervisorkalpita surve
 
Characteristics of cloud computing
Characteristics of cloud computingCharacteristics of cloud computing
Characteristics of cloud computingGOVERNMENT COLLEGE OF ENGINEERING,TIRUNELVELI
 
Application layering vs Application Isolation
Application layering vs Application IsolationApplication layering vs Application Isolation
Application layering vs Application IsolationMarius Sandbu
 
History of linux
History of linuxHistory of linux
History of linuxShiwang Kalkhanda
 
Distributed Systems Naming
Distributed Systems NamingDistributed Systems Naming
Distributed Systems NamingAhmed Magdy Ezzeldin, MSc.
 
Presence cloud
Presence cloudPresence cloud
Presence cloudMonali Akhare
 
virtualization and hypervisors
virtualization and hypervisorsvirtualization and hypervisors
virtualization and hypervisorsGaurav Suri
 
Tutorial - Introduction to Rule Technologies and Systems
Tutorial - Introduction to Rule Technologies and SystemsTutorial - Introduction to Rule Technologies and Systems
Tutorial - Introduction to Rule Technologies and SystemsAdrian Paschke
 
Replication of attacks in a wireless sensor network using ns2
Replication of attacks in a wireless sensor network using ns2Replication of attacks in a wireless sensor network using ns2
Replication of attacks in a wireless sensor network using ns2eSAT Journals
 
Virtualization presentation
Virtualization presentationVirtualization presentation
Virtualization presentationMangesh Gunjal
 
snmp
snmpsnmp
snmpحسن رشید
 
Security and Trust in social media networks
Security and Trust in social media networksSecurity and Trust in social media networks
Security and Trust in social media networksTouradj Ebrahimi
 
Cloud computing
Cloud computingCloud computing
Cloud computingKarthik Sathyanarayanan
 
cloud computing:Types of virtualization
cloud computing:Types of virtualizationcloud computing:Types of virtualization
cloud computing:Types of virtualizationDr.Neeraj Kumar Pandey
 
Presentation1VMware EsxI Short Presentation
Presentation1VMware EsxI Short PresentationPresentation1VMware EsxI Short Presentation
Presentation1VMware EsxI Short PresentationBarcamp Cork
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityDhaval Dave
 
Multicast
MulticastMulticast
MulticastSagar Surve
 
Mail server on linux
Mail server on linux Mail server on linux
Mail server on linux Roshni17
 
Wap model
Wap modelWap model
Wap modelSri Manakula Vinayagar Engineering College
 
Zeroconf - Zero Configuration Networking
Zeroconf - Zero Configuration NetworkingZeroconf - Zero Configuration Networking
Zeroconf - Zero Configuration NetworkingMurillo Grubler
 
Network_Administration_PPT
Network_Administration_PPTNetwork_Administration_PPT
Network_Administration_PPTAbhishek Kumar Ravi
 
computer network OSI layer
computer network OSI layercomputer network OSI layer
computer network OSI layerSangeetha Rangarajan
 

Contenu connexe

Tendances

Application layering vs Application Isolation
Application layering vs Application IsolationApplication layering vs Application Isolation
Application layering vs Application IsolationMarius Sandbu
 
virtualization and hypervisors
virtualization and hypervisorsvirtualization and hypervisors
virtualization and hypervisorsGaurav Suri
 
Tutorial - Introduction to Rule Technologies and Systems
Tutorial - Introduction to Rule Technologies and SystemsTutorial - Introduction to Rule Technologies and Systems
Tutorial - Introduction to Rule Technologies and SystemsAdrian Paschke
 
Replication of attacks in a wireless sensor network using ns2
Replication of attacks in a wireless sensor network using ns2Replication of attacks in a wireless sensor network using ns2
Replication of attacks in a wireless sensor network using ns2eSAT Journals
 
Virtualization presentation
Virtualization presentationVirtualization presentation
Virtualization presentationMangesh Gunjal
 
Security and Trust in social media networks
Security and Trust in social media networksSecurity and Trust in social media networks
Security and Trust in social media networksTouradj Ebrahimi
 
cloud computing:Types of virtualization
cloud computing:Types of virtualizationcloud computing:Types of virtualization
cloud computing:Types of virtualizationDr.Neeraj Kumar Pandey
 
Presentation1VMware EsxI Short Presentation
Presentation1VMware EsxI Short PresentationPresentation1VMware EsxI Short Presentation
Presentation1VMware EsxI Short PresentationBarcamp Cork
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityDhaval Dave
 
Mail server on linux
Mail server on linux Mail server on linux
Mail server on linux Roshni17
 
Zeroconf - Zero Configuration Networking
Zeroconf - Zero Configuration NetworkingZeroconf - Zero Configuration Networking
Zeroconf - Zero Configuration NetworkingMurillo Grubler
 

Tendances (20)

Hypervisor
HypervisorHypervisor
Hypervisor
 
Characteristics of cloud computing
Characteristics of cloud computingCharacteristics of cloud computing
Characteristics of cloud computing
 
Application layering vs Application Isolation
Application layering vs Application IsolationApplication layering vs Application Isolation
Application layering vs Application Isolation
 
History of linux
History of linuxHistory of linux
History of linux
 
Distributed Systems Naming
Distributed Systems NamingDistributed Systems Naming
Distributed Systems Naming
 
Presence cloud
Presence cloudPresence cloud
Presence cloud
 
virtualization and hypervisors
virtualization and hypervisorsvirtualization and hypervisors
virtualization and hypervisors
 
Tutorial - Introduction to Rule Technologies and Systems
Tutorial - Introduction to Rule Technologies and SystemsTutorial - Introduction to Rule Technologies and Systems
Tutorial - Introduction to Rule Technologies and Systems
 
Replication of attacks in a wireless sensor network using ns2
Replication of attacks in a wireless sensor network using ns2Replication of attacks in a wireless sensor network using ns2
Replication of attacks in a wireless sensor network using ns2
 
Virtualization presentation
Virtualization presentationVirtualization presentation
Virtualization presentation
 
snmp
snmpsnmp
snmp
 
Security and Trust in social media networks
Security and Trust in social media networksSecurity and Trust in social media networks
Security and Trust in social media networks
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
cloud computing:Types of virtualization
cloud computing:Types of virtualizationcloud computing:Types of virtualization
cloud computing:Types of virtualization
 
Presentation1VMware EsxI Short Presentation
Presentation1VMware EsxI Short PresentationPresentation1VMware EsxI Short Presentation
Presentation1VMware EsxI Short Presentation
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Multicast
MulticastMulticast
Multicast
 
Mail server on linux
Mail server on linux Mail server on linux
Mail server on linux
 
Wap model
Wap modelWap model
Wap model
 
Zeroconf - Zero Configuration Networking
Zeroconf - Zero Configuration NetworkingZeroconf - Zero Configuration Networking
Zeroconf - Zero Configuration Networking
 

En vedette

Unit4 NMA working with user accounts WINDOWS SERVER 2008
Unit4 NMA working with user accounts WINDOWS SERVER 2008Unit4 NMA working with user accounts WINDOWS SERVER 2008
Unit4 NMA working with user accounts WINDOWS SERVER 2008Sangeetha Rangarajan
 
Directory services by SAJID
Directory services by SAJIDDirectory services by SAJID
Directory services by SAJIDSajid khan
 
3 computer network - basic concepts
3 computer network - basic concepts3 computer network - basic concepts
3 computer network - basic conceptsIbrahim Mugis
 
VMware: Enabling Software-Defined Storage Using Virtual SAN (Technical Decisi...
VMware: Enabling Software-Defined Storage Using Virtual SAN (Technical Decisi...VMware: Enabling Software-Defined Storage Using Virtual SAN (Technical Decisi...
VMware: Enabling Software-Defined Storage Using Virtual SAN (Technical Decisi...VMware
 
Report on the sky x technology.
Report on the sky x technology.Report on the sky x technology.
Report on the sky x technology.Udirmaan Deka
 
Dynamic Routing
Dynamic RoutingDynamic Routing
Dynamic Routingtmavroidis
 
Technical Report on the DVB-H and DVB-SH
Technical Report on the DVB-H and DVB-SHTechnical Report on the DVB-H and DVB-SH
Technical Report on the DVB-H and DVB-SHPartho Choudhury
 
Dtt servicios 2017
Dtt servicios 2017Dtt servicios 2017
Dtt servicios 2017ismaeljb
 
Jacob King Final Year Project
Jacob King Final Year ProjectJacob King Final Year Project
Jacob King Final Year ProjectJacob King
 
Satellite Telecom Solutions Asia Pacific (www.suarez.asia)
Satellite Telecom Solutions Asia Pacific (www.suarez.asia)Satellite Telecom Solutions Asia Pacific (www.suarez.asia)
Satellite Telecom Solutions Asia Pacific (www.suarez.asia)Suárez&Co. Consulting
 

En vedette (20)

Network_Administration_PPT
Network_Administration_PPTNetwork_Administration_PPT
Network_Administration_PPT
 
computer network OSI layer
computer network OSI layercomputer network OSI layer
computer network OSI layer
 
PACE-IT, Security+1.2: Secure Network Administration Concepts
PACE-IT, Security+1.2: Secure Network Administration ConceptsPACE-IT, Security+1.2: Secure Network Administration Concepts
PACE-IT, Security+1.2: Secure Network Administration Concepts
 
Unit4 NMA working with user accounts WINDOWS SERVER 2008
Unit4 NMA working with user accounts WINDOWS SERVER 2008Unit4 NMA working with user accounts WINDOWS SERVER 2008
Unit4 NMA working with user accounts WINDOWS SERVER 2008
 
Directory services by SAJID
Directory services by SAJIDDirectory services by SAJID
Directory services by SAJID
 
3 computer network - basic concepts
3 computer network - basic concepts3 computer network - basic concepts
3 computer network - basic concepts
 
Ado.net
Ado.netAdo.net
Ado.net
 
CME
CMECME
CME
 
Routing Protocols
Routing ProtocolsRouting Protocols
Routing Protocols
 
VMware: Enabling Software-Defined Storage Using Virtual SAN (Technical Decisi...
VMware: Enabling Software-Defined Storage Using Virtual SAN (Technical Decisi...VMware: Enabling Software-Defined Storage Using Virtual SAN (Technical Decisi...
VMware: Enabling Software-Defined Storage Using Virtual SAN (Technical Decisi...
 
Report on the sky x technology.
Report on the sky x technology.Report on the sky x technology.
Report on the sky x technology.
 
Ldap intro
Ldap introLdap intro
Ldap intro
 
Dynamic routing
Dynamic routingDynamic routing
Dynamic routing
 
Dynamic Routing
Dynamic RoutingDynamic Routing
Dynamic Routing
 
SKY X TECHNOLOGY
SKY X TECHNOLOGYSKY X TECHNOLOGY
SKY X TECHNOLOGY
 
Technical Report on the DVB-H and DVB-SH
Technical Report on the DVB-H and DVB-SHTechnical Report on the DVB-H and DVB-SH
Technical Report on the DVB-H and DVB-SH
 
Dtt servicios 2017
Dtt servicios 2017Dtt servicios 2017
Dtt servicios 2017
 
Jacob King Final Year Project
Jacob King Final Year ProjectJacob King Final Year Project
Jacob King Final Year Project
 
rapport
rapportrapport
rapport
 
Satellite Telecom Solutions Asia Pacific (www.suarez.asia)
Satellite Telecom Solutions Asia Pacific (www.suarez.asia)Satellite Telecom Solutions Asia Pacific (www.suarez.asia)
Satellite Telecom Solutions Asia Pacific (www.suarez.asia)
 

Similaire à network administration directory access and remote access

Active directory basics
Active directory basicsActive directory basics
Active directory basicsSanjeev Gupta
 
X.500 More Than a Global Directory
X.500 More Than a Global DirectoryX.500 More Than a Global Directory
X.500 More Than a Global Directorylurdhu agnes
 
Server interview[1]
Server interview[1]Server interview[1]
Server interview[1]sourav nanda
 
Security and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioSecurity and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioAVEVA
 
Active Directory Services
Active Directory ServicesActive Directory Services
Active Directory ServicesVarun Arora
 
Directory Services Nma Unit-1
Directory Services Nma Unit-1Directory Services Nma Unit-1
Directory Services Nma Unit-1GPAPassedStudents
 
MCSA 70-410 5 introduction to active directory and basic installation
MCSA 70-410 5 introduction to active directory and basic installationMCSA 70-410 5 introduction to active directory and basic installation
MCSA 70-410 5 introduction to active directory and basic installationTarek Amer
 
OpenLink Virtuoso - Management & Decision Makers Overview
OpenLink Virtuoso - Management & Decision Makers OverviewOpenLink Virtuoso - Management & Decision Makers Overview
OpenLink Virtuoso - Management & Decision Makers OverviewKingsley Uyi Idehen
 
Microsoft Active Directory.pptx
Microsoft Active Directory.pptxMicrosoft Active Directory.pptx
Microsoft Active Directory.pptxmasbulosoke
 
Lecture 4 -_internet_infrastructure_2_updated_2011
Lecture 4 -_internet_infrastructure_2_updated_2011Lecture 4 -_internet_infrastructure_2_updated_2011
Lecture 4 -_internet_infrastructure_2_updated_2011Serious_SamSoul
 
Lotus Admin Training Part I
Lotus Admin Training Part ILotus Admin Training Part I
Lotus Admin Training Part ISanjaya K Saxena
 
lec3_10.ppt
lec3_10.pptlec3_10.ppt
lec3_10.pptImXaib
 
What is active directory
What is active directoryWhat is active directory
What is active directoryrajasekar1712
 

Similaire à network administration directory access and remote access (20)

Active directory basics
Active directory basicsActive directory basics
Active directory basics
 
70 640 Lesson01 Ppt 041009
70 640 Lesson01 Ppt 04100970 640 Lesson01 Ppt 041009
70 640 Lesson01 Ppt 041009
 
X.500 More Than a Global Directory
X.500 More Than a Global DirectoryX.500 More Than a Global Directory
X.500 More Than a Global Directory
 
Server interview[1]
Server interview[1]Server interview[1]
Server interview[1]
 
Security and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioSecurity and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web Studio
 
Active Directory Services
Active Directory ServicesActive Directory Services
Active Directory Services
 
Directory Services Nma Unit-1
Directory Services Nma Unit-1Directory Services Nma Unit-1
Directory Services Nma Unit-1
 
Active directoryfinal
Active directoryfinalActive directoryfinal
Active directoryfinal
 
English ._..pptx
English ._..pptxEnglish ._..pptx
English ._..pptx
 
MCSA 70-410 5 introduction to active directory and basic installation
MCSA 70-410 5 introduction to active directory and basic installationMCSA 70-410 5 introduction to active directory and basic installation
MCSA 70-410 5 introduction to active directory and basic installation
 
Active directory slides
Active directory slidesActive directory slides
Active directory slides
 
OpenLink Virtuoso - Management & Decision Makers Overview
OpenLink Virtuoso - Management & Decision Makers OverviewOpenLink Virtuoso - Management & Decision Makers Overview
OpenLink Virtuoso - Management & Decision Makers Overview
 
Microsoft Active Directory.pptx
Microsoft Active Directory.pptxMicrosoft Active Directory.pptx
Microsoft Active Directory.pptx
 
Lecture 4 -_internet_infrastructure_2_updated_2011
Lecture 4 -_internet_infrastructure_2_updated_2011Lecture 4 -_internet_infrastructure_2_updated_2011
Lecture 4 -_internet_infrastructure_2_updated_2011
 
Lotus Admin Training Part I
Lotus Admin Training Part ILotus Admin Training Part I
Lotus Admin Training Part I
 
Active Directory
Active DirectoryActive Directory
Active Directory
 
lec3_10.ppt
lec3_10.pptlec3_10.ppt
lec3_10.ppt
 
What is active directory
What is active directoryWhat is active directory
What is active directory
 
Welcome
WelcomeWelcome
Welcome
 
Ranjitbanshpal
RanjitbanshpalRanjitbanshpal
Ranjitbanshpal
 

Plus de Sangeetha Rangarajan

Unit i FUNDAMENTALS OF SOFTWARE ENGINEERING
Unit i FUNDAMENTALS OF SOFTWARE ENGINEERINGUnit i FUNDAMENTALS OF SOFTWARE ENGINEERING
Unit i FUNDAMENTALS OF SOFTWARE ENGINEERINGSangeetha Rangarajan
 

Plus de Sangeetha Rangarajan (8)

Unit iv
Unit ivUnit iv
Unit iv
 
Unit iii
Unit iiiUnit iii
Unit iii
 
Unit ii update
Unit ii updateUnit ii update
Unit ii update
 
Unit ii
Unit ii Unit ii
Unit ii
 
Unit i FUNDAMENTALS OF SOFTWARE ENGINEERING
Unit i FUNDAMENTALS OF SOFTWARE ENGINEERINGUnit i FUNDAMENTALS OF SOFTWARE ENGINEERING
Unit i FUNDAMENTALS OF SOFTWARE ENGINEERING
 
Chemistry(matter and change)
Chemistry(matter and change)Chemistry(matter and change)
Chemistry(matter and change)
 
Unit 3
Unit 3Unit 3
Unit 3
 
unit 2
unit 2unit 2
unit 2
 

Dernier

Dyslexia AI Workshop for Slideshare.pptx
Dyslexia AI Workshop for Slideshare.pptxDyslexia AI Workshop for Slideshare.pptx
Dyslexia AI Workshop for Slideshare.pptxcallscotland1987
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Jisc
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibitjbellavia9
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...ZurliaSoop
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701bronxfugly43
 
Magic bus Group work1and 2 (Team 3).pptx
Magic bus Group work1and 2 (Team 3).pptxMagic bus Group work1and 2 (Team 3).pptx
Magic bus Group work1and 2 (Team 3).pptxdhanalakshmis0310
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentationcamerronhm
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxVishalSingh1417
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxVishalSingh1417
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Association for Project Management
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPoojaSen20
 

Dernier (20)

Dyslexia AI Workshop for Slideshare.pptx
Dyslexia AI Workshop for Slideshare.pptxDyslexia AI Workshop for Slideshare.pptx
Dyslexia AI Workshop for Slideshare.pptx
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
Magic bus Group work1and 2 (Team 3).pptx
Magic bus Group work1and 2 (Team 3).pptxMagic bus Group work1and 2 (Team 3).pptx
Magic bus Group work1and 2 (Team 3).pptx
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
Asian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptxAsian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptx
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 

network administration directory access and remote access

  • 2. Exploring Directory Services and Remote Access
  • 3. INDEX 1. Directory Service 2. NOVELL DIRECTORY SERVICE 3. WINDOWS DOMAIN 4. X.500 DIRECTORY ACCESS PROTOCOL 5. LDAP (LIGHTWEIGHT DIRECTORY ACCESS PROTOCOL) 6. ACTIVE DIRECTORY ARCHITECTURE 7. REMOTE NETWORK ACCESS 8. PSTN (PUBLIC SWITCHING TELEPHONE NETWORK) 9. ISDN (INTEGRATED SERVICE DIGITAL NETWORK) 10. DSL (DIGITAL SUBSCRIBER LINE) 11. CATV (COMMUNITY ANTENNA TELEVISION) 12. VPN (VIRTUAL PRIVATE NETWORK)
  • 4. Directory Service  In computing, directory service or name service maps the names of network resources to their respective network addresses.  It is a shared information infrastructure for locating, managing, administering and organizing everyday items and network resources, which can include volumes, folders, files, printers, users, groups, devices, telephone numbers and other objects.  A directory service is a critical component of a network operating system
  • 5.  A directory server is a server which provides such a service.  Each resource on the network is considered an object by the directory server.  Information about a particular resource is stored as a collection of attributes associated with that resource or object.  A directory service defines a namespace for the network.  The namespace is used to assign a "name" (unique identifier) to each of the objects.  Directories typically have a set of rules determining how network resources are named and identified, which usually includes a requirement that the identifiers be unique and unambiguous.
  • 6.  When using a directory service, a user does not have to remember the physical address of a network resource; providing a name locates the resource.  Some directory services include access control provisions, limiting the availability of directory information to authorized users.
  • 7. Characteristics of Directory Services 1. Hierarchical naming model:Follows a tree structure for naming. 2. Extended search capability:can search because of tree like structure. 3. Distributed information model:can be accessed distributedly. 4. Shared network access:The resources are shared over the network. 5. Replicated data:The data is redundant to avoid failure. 6. Data store optimized for reads: reads are more optimised than the reads.
  • 8. Novell Directory Service  eDirectory is an X.500-compatible directory service software product from NetIQ.  Previously owned by Novell, the product has also been known as Novell Directory Services (NDS) and sometimes referred to as NetWare Directory Services.  NDS was initially released by Novell in 1993 for Netware 4, replacing the Netware bindery mechanism used in previous versions, for centrally managing access to resources on multiple servers and computers within a given network. 
  • 9.  eDirectory is a hierarchical, object oriented database used to represent certain assets in an organization in a logical tree, including organizations, organizational units, people, positions, servers, volumes, workstations, applications, printers, services, and groups to name just a few.  NDS can be installed to run under Windows NT, Sun- Microsystems’s Solaris and UNIX and as well as under Novelle’s own Netware.  So, it can be used to control a multi-platform network.
  • 10. Windows Domain  A Windows domain is a form of a computer network in which all user accounts, computers, printers and other security principals, are registered with a central database located on one or more clusters of central computers known as domain controllers.  Authentication takes place on domain controllers.  Each person who uses computers within a domain receives a unique user account that can then be assigned access to resources within the domain.
  • 11.  Starting with Windows 2000, Active Directory is the Windows component in charge of maintaining that central database.  The concept of Windows domain is in contrast with that of a workgroup in which each computer maintains its own database of security principals.  Computers can connect to a domain via LAN, WAN or using a VPN connection.
  • 12.  Users of a domain are able to use enhanced security for their VPN connection due to the support for a certification authority which is gained when a domain is added to a network, and as a result smart cards and digital certificates can be used to confirm identities and protect stored information.
  • 13. Domain Controller  In a Windows domain, the directory resides on computers that are configured as "domain controllers."  A domain controller is a Windows or Samba server that manages all security-related aspects between user and domain interactions, centralizing security and administration.  A domain controller is generally suited for businesses and/or organizations when more than 10 PCs are in use.  A domain does not refer to a single location or specific type of network configuration.  The computers in a domain can share physical proximity on a small LAN or they can be located in different parts of the world.
  • 14. Workgroup  Windows Workgroups, by contrast, is the other model for grouping computers running Windows in a networking environment which ships with Windows.  Workgroup computers are considered to be 'standalone' - i.e. there is no formal membership or authentication process formed by the workgroup.  A workgroup does not have servers and clients, and hence represents the peer-to-peer (or client-to-client) networking paradigm, rather than the centralized architecture constituted by Server-Client.  Workgroups are considered difficult to manage beyond a dozen clients, and lack single sign on, scalability, resilience/disaster recovery functionality, and many security features.  Windows Workgroups are more suitable for small or home- office networks.
  • 15.
  • 16. X.500 DIRECTORY ACCESS PROTOCOL  X.500 is a series of computer networking standards covering electronic directory services.  The X.500 series was developed by ITU-T, formerly known as CCITT, and first approved in 1988.  The directory services were developed in order to support the requirements of X.400 electronic mail exchange and name lookup.  ISO was a partner in developing the standards, incorporating them into the Open Systems Interconnection suite of protocols. ISO/IEC 9594 is the corresponding ISO identification.
  • 17. X.500 protocols  The protocols defined by X.500 include  DAP (Directory Access Protocol)  DSP (Directory System Protocol)  DISP (Directory Information Shadowing Protocol)  DOP (Directory Operational Bindings Management Protocol)  Because these protocols used the OSI networking stack, a number of alternatives to DAP were developed to allow Internet clients to access the X.500  Directory using the TCP/IP networking stack.  The most well-known alternative to DAP is Lightweight Directory Access Protocol (LDAP).  While DAP and the other X.500 protocols can now use the TCP/IP networking stack, LDAP remains a popular directory access protocol.
  • 18.  The primary concept of X.500 is that there is a single Directory Information Tree (DIT), a hierarchical organization of entries which are distributed across one or more servers, called Directory System Agents (DSA).  An entry consists of a set of attributes, each attribute with one or more values.  Each entry has a unique Distinguished Name, formed by combining its Relative Distinguished Name (RDN), one or more attributes of the entry itself, and the RDNs of each of the superior entries up to the root of the DIT.  As LDAP implements a very similar data model to that of X.500, there is further description of the data model in the article on LDAP.
  • 19.  X.520 and X.521 together provide a definition of a set of attributes and object classes to be used for representing people and organizations as entries in the DIT.  They are one of the most widely deployed white pages schema.  X.509, the portion of the standard providing for an authentication framework, is now also widely used outside of the X.500 directory protocols. It specifies a standard format for public-key certificates.  X.509v3 is used for digital certificates for e-commerce
  • 20. LDAP (LIGHTWEIGHT DIRECTORY ACCESS PROTOCOL)  The Lightweight Directory Access Protocol is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network.  Directory services play an important role in developing intranet and Internet applications by allowing the sharing of information about users, systems, networks, services, and applications throughout the network.  As examples, directory services may provide any organized set of records, often with a hierarchical structure, such as a corporate email directory.  Similarly, a telephone directory is a list of subscribers with an address and a phone number.
  • 21.  LDAP is specified in a series of Internet Engineering Task Force (IETF) Standard Track publications called Request for Comments (RFCs), using the description language ASN.  The latest specification is Version 3, published as RFC 4511.  A common use of LDAP is to provide a central place to store usernames and passwords. This allows many different applications and services to connect to the LDAP server to validate users.  LDAP is based on a simpler subset of the standards contained within the X.500 standard. Because of this relationship, LDAP is sometimes called X.500-lite.
  • 22. History Telecommunication companies' understanding of directory requirements were well developed after some 70 years of producing and managing telephone directories.  These companies introduced the concept of directory services to information technology and computer networking, their input culminating in the comprehensive X.500 specification, a suite of protocols produced by the International Telecommunication Union (ITU) in the 1980s.  X.500 directory services were traditionally accessed via the X.500 Directory Access Protocol (DAP), which required the Open Systems Interconnection (OSI) protocol stack.  LDAP was originally intended to be a lightweight alternative protocol for accessing
  • 23.  In the early engineering stages of LDAP, it was known as Lightweight Directory Browsing Protocol, or LDBP. It was renamed with the expansion of the scope of the protocol beyond directory browsing and searching, to include directory update functions.  It was given its Lightweight name because it was not as network intensive as its DAP predecessor and thus was more easily implemented over the Internet due to its relatively modest bandwidth usage.
  • 24. Protocol Operations  Add/Delete/Modify entries.  Search the DIT (retrieving info)  Authenticate the client (the bind-operation)
  • 25. ACTIVE DIRECTORY ARCHITECTURE  Active Directory (AD) is a directory service that Microsoft developed for Windows domain networks.  It is included in most Windows Server operating systems as a set of processes and services.  Initially, Active Directory was only in charge of centralized domain management. Starting with Windows Server 2008, however, Active Directory became an umbrella title for a broad range of directory-based identity-related services.  A server running Active Directory Domain Services (AD DS) is called a domain controller. It authenticates and authorizes all users and computers in a Windows domain type network—assigning and enforcing security policies for all computers and installing or updating software.
  • 26. Object types in AD  Container object  Leaf object
  • 27. Container Object  A container object is simply an object that stores other objects.  Container objects are function as the branches of the tree.  AD uses container objects such as organizational unit (OUs) and groups to store other objects.  Container can store other container or leaf objects, such as users and computers.  The guiding rule of directory tree design is that rights and permission flow downward through the tree.  Assigning a right to a container object means that by default all of the objects in the container inherit that right.
  • 28. Leaf Object  A leaf object stands alone and cannot store other objects.
  • 29.
  • 30. Object naming in AD  Every object in active directory database is uniquely identified.  The naming conventions are based on the LDAP standard.  The distinguished name (DN) of an object consist of the name of the domain in which the object is located, plus the path down the domain tree through the container objects to the object itself.  The part of object’s name that is stored in the object itself is called its relative distinguished name (RDN).
  • 31. Canonical Names  Most active directory applications refer to objects using their canonical names.  A canonical name is DN in which the domain name comes first, followed by the names of the object’s parent containers working down from the root of the domain and separated by forward slashes, followed by the object’s RDN.  For example: zacker.com/sales/inside/jdoe
  • 32. LDAP notation  The same DN can also be expressed in LDAP notation. Cn=jdoe,ou=inside,ou=sales,dc=zacker,dc=com cn=common name ou=organizational unit dc=domain component
  • 33. Globally unique identifier (GUID)  Every object in tree has a globally unique identifier (GUID).  It is a 128 bit number that is automatically assigned by the directory system when the object is created.  DN changes if you move the object to a different container but the GUID is permanent and serves as the ultimate identifier for the object
  • 34. User Principle Name (UPN)  Distinguished names are used by application and services when they communicate with active directory but they are not easy for users to understand type or remember.  Therefore each user object has a User Principle Name (UPN) that consists of a username and a suffix, separated by an @ symbol.  The user name part of UPN is the user object’s RDN and suffix is the domain name in which the user object is located.  If network consists of multiple domains, you can optional to use a single domain name as the suffix for all of your user’s UPN  This way UPN can remain unchanged even if you move your object to different domain  For ex: jdoe@zacker.com
  • 35. Active directory structure element  Object:Active directory is composed of objects, which represent the various resources on a network, such as users, servers, printers and applications.  An object is a collection of attributes that define the resources, give it a name, define its capabilities, and specify who should be permitted to use it  Domain:A domain is the basic unit of grouping related objects in active directory. Every domain must have at- least one domain-controller, which is server that is responsible for the domain.  Organizational unit:Many domains have too many objects to manage altogether in a single group. In active directory you can create one or more organization units.  Trees:A tree is a set of active directory names that share a common name space.  Forest:A forest is a collection of trees. In other words, a forest is a collection of one or more domain trees that do not share a common parent domain
  • 36. REMOTE NETWORK ACCESS  Remote access usually means allowing a person to access the office network/computer from a remote location.  It could be an employee who needs to access workplace files while working from home. Or an executive wants to connect to his/her own computer while traveling so that productivity can be maintained.  If only files or network services are needed, then remote network access would be the right solution.  After remote network access is established, a user can access the remote network and its resources such as shared files, VOIP line, connect to database and/or email servers such as Oracle Database and Microsoft Exchange.
  • 37. Need of Remote Network Access  Use a computer to work from any non-University location connect to campus networks or systems from off-campus, including  your workstation  departmental file systems, shared drives or shared servers  Conduct University business over a non-University network (wired or wireless)  Use a computer for University business that is shared by non-University individuals, including children, family or friends  Use a non-University computer for University business
  • 38. PSTN (Public Switching Telephone Network)  The public switched telephone network (PSTN) is the aggregate of the world's circuit-switched telephone networks that are operated by national, regional, or local telephony operators, providing infrastructure and services for public telecommunication.  The PSTN consists of telephone lines, fiber optic cables, microwave transmission links, cellular networks, communications satellites, and undersea telephone cables, all interconnected by switching centers, thus allowing most telephones to communicate with each other.  Originally a network of fixed-line analog telephone systems, the PSTN is now almost entirely digital in its core network and includes mobile and other networks, as well as fixed telephones.
  • 39.  The technical operation of the PSTN adheres to the standards created by the ITU-T. These standards allow different networks in different countries to interconnect seamlessly.  The E.163 and E.164 standards provide a single global address space for telephone numbers. The combination of the interconnected networks and the single numbering plan allow telephones around the world to dial each other.
  • 40.  Regular telephone service that gives a dial tone, and the ability to dial up any phone number for analog (voice) or digital (data) communications over ordinary telephone lines.  This service sets up a path (circuit) between the calling and the called party, and maintains it for the duration of the call also called public switched telephone network.  All the regional offices are connected using mesh topology.  Accessing a switching station at the end office is accomplished through dialing.  Dialing is accomplished through a touch tone technique.
  • 41.
  • 42.  In this method the user send two small burst of analog signals, called dual tone.  The frequency of signals sent depends on the row and column of the pressed pad.  When a user dials, for example the number is 8, two burst of analog signals with frequency 852 Hz and 1336 Hz are sent to the end office.
  • 43.
  • 44. ISDN  Integrated Services Digital Network standards for simultaneous (ISDN) is a set of communication digital transmission of voice, video, data, and other network services over the traditional circuits of the public switched telephone network.  It was first defined in 1988 in the CCITT red book. Prior to ISDN, the telephone system was viewed as a way to transport voice, with some special services available for data.  The key feature of ISDN is that it integrates speech and data on the same lines, adding features that were not available in the classic telephone system.  The ISDN standards define several kinds of access interfaces, such as Basic Rate Interface (BRI), Primary Rate Interface (PRI), Narrowband ISDN (N-ISDN), and Broadband ISDN (B-ISDN).
  • 45.  ISDN is a circuit-switched telephone network system, which also provides access to packet switched networks, designed to allow digital transmission of voice and data over ordinary telephone copper wires, resulting in potentially better voice quality than an analog phone can provide.
  • 46.  ISDN is employed as the network, data-link and physical layers in the context of the OSI model, or could be considered a suite of digital services existing on layers 1, 2, and 3 of the OSI model.  In a videoconference, ISDN provides simultaneous voice, video, and text transmission between individual desktop videoconferencing systems and group (room) videoconferencing systems.
  • 47.
  • 48. ISDN channel Types  Bearer channel (B channel) :  A bearer channel is defined at a rate of 64 Kbps. It is the basic user channel and can carry any type of digital information in full-duplex mode as long as the required transmission rate does not exceed 64 Kbps.  Data Channel (D channel) :  A data channel can be either 16 or 64 Kbps, depending on the needs of the user. The name says data but the primary function of a D channel is to carry control signaling for the B channel.  Hybrid channel (H channel) :  Hybrid channels are available with data rates of 384 Kbps (H0), 1536 Kbps (H11), or 1920 Kbps (H12). These rates suit H channels for high data-rate applications such as video, teleconferencing and so on.
  • 49. User Interfaces  There are generally two types of access interfaces to ISDN defined as Basic Rate Interface (BRI) and Primary Rate Interface (PRI)  Both include a number of B-channels (Bearer) and a D-channel (Data).  Each B-channel carries data, voice, and other services. The D-channel carries control and signaling (request and response) information
  • 50. Basic Rate Interface (BRI)  The entry level interface to ISDN is the Basic Rate Interface (BRI), a 128 kbit/s service delivered over a pair of standard telephone copper wires.  The 144 kbit/s payload rate is broken down into two 64 kbit/s bearer channels ('B' channels) and one 16 kbit/s signaling channel ('D' channel or data channel). This is sometimes referred to as 2B+D.
  • 51.  The interface specifies the following network interfaces:  The U interface is a two-wire interface between the exchange and a network terminating unit, which is usually the demarcation point in non-North American networks.  The T interface is a serial interface between a computing device and a terminal adapter, which is the digital equivalent of a modem.  The S interface is a four-wire bus that ISDN consumer devices plug into; the S & T reference points are commonly implemented as a single interface labeled 'S/T' on a Network termination 1 (NT1).  The R interface defines the point between a non-ISDN device and a terminal adapter (TA) which provides translation to and from such a device.  BRI-ISDN is very popular in Europe but is much less common in North America. It is also common in Japan — where it is known as INS64.
  • 52.  2B +1D =2(64) + 1(16) =144 Kbps
  • 53. Primary Rate Interface  Primary Rate Interface (PRI), for larger users.  PRI has two interface line E1 (E-carrier line in European countries) T1 (T-carrier system line in the U.S., Canada, and Japan)  The Primary Rate Interface consists of 23 B-channels and one 64 Kbps D-channel using a T1 line or 30 B- channels and 1 D-channel using an E1 line.  Thus, a Primary Rate Interface user on a T-1 line can have up to 1.544 Mbps service or up to 2.048 Mbps service on an E1 line.
  • 54.  T1 23B+1D =23(64) +64=1.54 Mbps and E1 30B+1D=30(64) + 64=2.048 Mbps  PRI connection can connect 30 phone lines in single T1 connection. 
  • 55. DSL (Digital subscriber line)  Digital subscriber line (DSL; originally digital subscriber loop) is a family of technologies that are used to transmit digital data over telephone lines.  In telecommunications marketing, the term DSL is widely understood to mean asymmetric digital subscriber line (ADSL), the most commonly installed DSL technology, for Internet access  DSL service can be delivered simultaneously with wired telephone service on the same telephone line. This is possible because DSL uses higher frequency bands for data. On the customer premises, a DSL filter on each non-DSL outlet blocks any high-frequency interference to enable simultaneous use of the voice and DSL services.  In ADSL, the data throughput in the upstream direction (the direction to the service provider) is lower, hence the designation of asymmetric service. In symmetric digital subscriber line (SDSL) services, the downstream and upstream data rates are equal. Researchers at Bell Labs have reached speeds of 10 Gbit/s, while delivering 1 Gbit/s symmetrical broadband access services using traditional copper telephone lines.
  • 56. ADSL  The first technology in the set is asymmetric DSL (ADSL).  ADSL, like a 56K modem, provides higher speed (bit rate) in the downstream direction (from the Internet to the resident) than in the upstream direction (from the resident to the Internet).  That is the reason it is called asymmetric. Unlike the asymmetry in 56K modems, the designers of ADSL specifically divided the available bandwidth of the local loop unevenly for the residential customer.  The service is not suitable for business customers who need a large bandwidth in both directions.
  • 57. CATV (Community antenna television)  Cable television is a system of delivering television programming to paying subscribers via radio frequency (RF) signals transmitted through coaxial cables or, in the 2010s, light pulses through fiber-optic cables.  This contrasts with broadcast television, in which the television signal is transmitted over the air by radio waves and received by a television antenna attached to the television.  FM radio programming, high-speed Internet, telephone services, and similar non-television services may also be provided through these cables.  Analog television was standard in the 20th century, but since the 2000s, cable systems have been upgraded to digital cable operation.
  • 58.
  • 59. VPN  A virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.  Applications running across the VPN may therefore benefit from the functionality, security, and management of the private network
  • 60.  Virtual Private Networks may allow employees to securely access a corporate intranet while located outside the office.  They are used to securely connect geographically separated offices of an organization, creating one cohesive network. Individual Internet users may secure their wireless transactions with a VPN, to circumvent geo-restrictions and censorship, or to connect to proxy servers for the purpose of protecting personal identity and location.  However, some Internet sites block access to known VPN technology to prevent the circumvention of their geo- restrictions
  • 61.  A VPN is created by establishing a virtual point-to- point connection through the use of dedicated connections, virtual tunneling protocols, or traffic encryption.  A VPN available from the public Internet can provide some of the benefits of a wide area network (WAN). From a user perspective, the resources available within the private network can be accessed remotely.
  • 62.
  • 63.  VPNs cannot make online connections completely anonymous, but they can usually increase privacy and security. To prevent disclosure of private information, VPNs typically allow only authenticated remote access using tunneling protocols and encryption techniques.  The VPN security model provides:  Confidentiality such that even if the network traffic is sniffed at the packet level (see network sniffer and Deep packet inspection), an attacker would only see encrypted data  Sender authentication to prevent unauthorized users from accessing the VPN  Message integrity to detect any instances of tampering with transmitted messages
  • 64. Tunneling  In computer networks, a tunneling protocol allows a network user to access or provide a network service that the underlying network does not support or provide directly.  One important use of a tunneling protocol is to allow a foreign protocol to run over a network that does not support that particular protocol; for example, running IPv6 over IPv4.  Another important use is to provide services that are impractical or unsafe to be offered using only the underlying network services; for example, providing a corporate network address to a remote user whose physical network address is not part of the corporate network.  Because tunneling involves repackaging the traffic data into a different form, perhaps with encryption as standard, a third use is to hide the nature of the traffic that is run through the tunnels.
  • 65.  The tunneling protocol works by using the data portion of a packet (the payload) to carry the packets that actually provide the service.  Tunneling uses a layered protocol model such as those of the OSI or TCP/IP protocol suite, but usually violates the layering when using the payload to carry a service not normally provided by the network.  Typically, the delivery protocol operates at an equal or higher level in the layered model than the payload protocol.
  • 66. Types of VPN  Remote Access VPN:- Also called as Virtual Private dial-up network (VPDN) is mainly used in scenarios where remote access to a network becomes essential. Remote access VPN allows data to be accessed between a company’s private network and remote users through a third party service provider; Enterprise service provider  Site to Site VPN – Intranet based: This type of VPN can be used when multiple Remote locations are present and can be made to join to a single network. Machines present on these remote locations work as if they are working on a single network.  Site to Site VPN – Extranet based: This type of VPN can be used when several different companies need to work in a shared environment. E.g. Distributors and service companies. This network is more manageable and reliable
  • 67. VPN Protocols 1. PPTP 2. L2tp 3. Ipsec 4. SSL
  • 68. PPTP  PPTP (Point-to-Point Tunneling Protocol) it’s the most widely supported VPN method among Windows users and it was created by Microsoft in association with other technology companies.  The disadvantage of PPTP is that it does not provide encryption and it relies on the PPP (Point-to-Point Protocol) protocol to implement security measures  But compared to other methods, PPTP is faster and it is also available for Linux and Mac users.
  • 69. L2TP  L2TP (Layer 2 Tunneling Protocol) it’s another tunneling protocol that supports VPNs. Like PPTP, L2TP does not provide encryption and it relies on PPP protocol to do this.  The difference between PPTP and L2TP is that the second one provides not only data confidentiality but also data integrity.  L2TP was developed by Microsoft and Cisco as a combination between PPTP and L2F(Layer 2 Forwarding).
  • 70. IPsec  IPsec protocol can be used for encryption in correlation with L2TP tunneling protocol. It is used as a “protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a data stream”. IPSec requires expensive, time consuming client installations and this can be considered an important disadvantage.
  • 71. SSL  SSL (Secure Socket Layer) is a VPN accessible via https over web browser. The advantage of this SSL VPN is that it doesn’t need any software installed because it uses the web browser as the client application. Through SSL VPNs the user’s access can be restrict to specific applications instead of allowing access to the whole network.