114 research outputs found

    Computer Network Design for Universities in Developing Countries

    Get PDF
    The purpose of this project is to design a suitable network system for universities in developing countries. The aim was to design a network with high-quality security and low cost, in such a way that network devices of universities in developing countries, will meet standards associated with the universities in developed countries. This project will help to enhance education in developing countries. There are many devices that were used in designing the network, such as routers, switches, backup, firewall, and servers. All devices were connected to each other to make integration network system and configured by putting IP addresses to all devices. Although the budget for this design network was low, it needed to have a high level of security. Accordingly, it incorporated several mechanisms including a firewall device that prevents any unfavorable data from entering into the network. Additionally, all devices in the network were secured by passwords, and these passwords were encrypted to be more secure. Moreover, each computer in the network was secured by antivirus programs and a backup system. This research discussed in details the budget challenges that the network faced in developing countries. Developing countries have a limited budget that affects choosing devices in the network such as servers. The servers used for this network design are DHCP server and DNS servers. This presentation and design included additional components such as a web server, mail server, etc

    Computer Network Design for Universities in Developing Countries

    Get PDF
    The purpose of this project is to design a suitable network system for universities in developing countries. The aim was to design a network with high-quality security and low cost, in such a way that network devices of universities in developing countries, will meet standards associated with the universities in developed countries. This project will help to enhance education in developing countries. There are many devices that were used in designing the network, such as routers, switches, backup, firewall, and servers. All devices were connected to each other to make integration network system and configured by putting IP addresses to all devices. Although the budget for this design network was low, it needed to have a high level of security. Accordingly, it incorporated several mechanisms including a firewall device that prevents any unfavorable data from entering into the network. Additionally, all devices in the network were secured by passwords, and these passwords were encrypted to be more secure. Moreover, each computer in the network was secured by antivirus programs and a backup system. This research discussed in details the budget challenges that the network faced in developing countries. Developing countries have a limited budget that affects choosing devices in the network such as servers. The servers used for this network design are DHCP server and DNS servers. This presentation and design included additional components such as a web server, mail server, etc

    Core Network Design of Software Defined Radio Testbed

    Get PDF
    The 4th generation of cellular system (LTE) does not inherit the traditional voice (circuit-switched) capabilities from its predecessors. Instead it relies on its high speed packet-switched core network with IMS (IP Multimedia Subsystem) for voice capabilities. Even though there are temporary solutions available until LTE gets its full deployment and coverage, operators are looking for a long term solution known as VoIMS which uses VoIP with SIP protocol for voice in the LTE network (VoLTE) through the IMS domain. The scope of this thesis work is to design, implement and verify the working of the core network for an LTE type software defined radio (SDR) testbed which is able to initiate, maintain and terminate voice and data connections. First step in this regard is to search and select the tools, programs and technologies that fulfil the network requirement in terms of network performance and user satisfaction. Next is to build, configure and verify the network operations of the designed network. As SDRs are used for testing purposes, the core network is also designed in correspondence to that, i.e., it is a test (lab) core network with configurations that are simple to implement and do not require coding implementation. The core network makes use of the virtualization technology and is realized with the help of open-source solutions, i.e., protocols and technologies that are customizable as required and does not require licensing for their use. These functionalities are implemented with the help of OpenSIPS, an open-source SIP server, DHCP and DNS servers. Demonstration of the core network verifies that successful voice and video call can be made between registered users on two different networks, running VoIP client software on different operating system platforms. The core network provides features such as voice, video, instant messaging, presence, dynamic IP assignment, IP address to name resolution and mobility

    Implementing network security at Layer 2 and Layer 3 OSI model

    Get PDF
    This thesis investigated the features of security devices that would be suitable for implementations in medium to large enterprise networks at the global scale. In the thesis are covered open standard and proprietary security features. The open standard security features that are discussed in the report are the one that are developed by Internet Engineering Task Force – IETF and described in their Request For Comments – RFC. The proprietary features discussed in this report are from Cisco Systems and these features are always implemented in the Cisco Systems equipment. The author at the beginning describes common vulnerabilities, threats and attacks and then used comparative and quantities methodology to analyze the security features and its mitigation. Then in details were analyzed features of Cisco security devices, which operate at layer two and three of the OSI model, as the most commonly used equipment worldwide for securing entire computer networks. Based on their features and technical specifications it is shown that Cisco IOS Firewall feature set and Cisco Adaptive Security Appliance features are suitable for medium to big networks and with a staff that has advanced knowledge of risk security at computer networks. Network security is the process by which digital information assets are protected. The goals of security are to protect confidentiality, maintain integrity, and assure availability. With this in mind, it is imperative that all networks be protected from threats and vulnerabilities in order for a business to achieve its fullest potential. Typically, these threats are persistent due to vulnerabilities, which can arise from misconfigured hardware or software, poor network design, inherent technology weaknesses, or end-user carelessness. With the help of the Packet Tracer simulation software, different features and implementations of security features are tested. Using Packet Tracer software the author has created configuration script for every case used in a designed topology. At the end of the thesis under the Appendixes section is introduced operation of the Packet Tracer and configuration topology that is used throughout this report for the testing purposes

    IPv6 Address Assignment in GNS3 Tool.

    Get PDF
    Cílem bakalářské práce je popis možností získání IP adresy v prostředí protokolu IPv6. Teoretická část popisuje způsoby adresování zařízení a získání jiných konfiguračních parametrů, jako je DNS server, prostřednictvím technologií SLAAC, zero configuration, stateless DHCPv6 a statefull DHCPv6. V praktické části je popsáno jakým způsobem se pracuje v prostředí GNS3 souběžně s virtuálními zařízeními s operačním systémem Ubuntu. V této části je také popsaná konfigurace malé místní sítě skládající se z DHCPv6 serveru a 3 klientů, kde každý z nich bude mít přiřazenou IPv6 adresu jiným způsobem. Následuje ověření konfigurace pomocí screenshotů a zhodnocení popsaných metod.Purpose of my bachelors thesis is to describe options of obtaining IP address in the IPv6 environment. Theoretical part describes different ways of device addressing and gaining other configuration parameters, for example DNS server, through technology called SLAAC, zero configuration, stateless and statefull DHCPv6. In the practical part is described how to work in GNS3 environment in parallel with virtual machines running on operation system Ubuntu. In this part there is also described configuration of LAN consisting of DHCPv6 server and 3 clients, where each of them will have assigned address by different method. Verification by screenshots and evaluation of described methods follows.440 - Katedra telekomunikační technikyvelmi dobř

    Implementing IS-IS Routing and DHCP Services in an IPv4 Network

    Get PDF
    This research project explores the operation of the IS-IS routing protocol, as well as DHCP and DNS services provided by a Raspberry Pi computer. IS-IS is a routing protocol that is commonly ignored in most training and certification programs, because it is most frequently used by service providers. However, IS-IS solutions are also deployed in some large enterprise networks, making experience with the protocol a valuable skill. In order to gain a deeper understanding of the routing domains, route propagation, and general operation of IS-IS, additional services were implemented in this project. A Raspberry Pi computer was used as an internal DHCP and DNS server for all hosts in all domains and areas of the network. This network design facilitated learning and increased network troubleshooting skills

    A Companion Study Guide for the Cisco DCICN Data Center Certification Exam (200-150)

    Get PDF
    The official Cisco DCICN book and practice exams are great resources, but this is not an easy exam. This study guide is a companion to those resources and summarizes the subject areas into additional review questions with an answer description for each item. This book is not a braindump and it is not bootleg screenshots of the actual exam. Instead, this book provides additional context and examples, serves to complement other study guides, and provides additional examples. If you are getting ready to take the exam for the first time, I hope that this guide provides the extra help to pass! If you are up for re-certification, I hope that this guide serves as a refresher and reminder! Keep working hard, keep studying, and never stop learning…https://digitalcommons.odu.edu/distancelearning_books/1000/thumbnail.jp

    ANALIZING PROTOCOLS FOR LAYER THREE NETWORK REDUNDANCY

    Get PDF
    This thesis will analyze FHRP (First Hop Redundancy Protocols) which are three redundancy protocols of the IP Layer (layer 3). Protocols of the default gateway redundancy or FHRP are HSRP (Hot Standby Router Protocol) which is a Cisco proprietary and is an active/standby redundancy protocol, GLBP (Gateway Load Balancing Protocol) which is an active/active redundancy protocol and also it does Load Balancing, and the last VRRP (Virtual Redundant Routing Protocol) which is typically used with non-Cisco routers (such as Juniper) and is an extension of GLBP. Basically what FHRP protocols do is; they allow multiple redundant routers on the same subnet to act as a single default router (first-hop router). Layer 3 redundancy protocols were designed to keep networks 100% up and running. The focus of this thesis is the difference between the three protocols and the way they use to keep the network up and running

    IPv6: a new security challenge

    Get PDF
    Tese de mestrado em Segurança Informática, apresentada à Universidade de Lisboa, através da Faculdade de Ciências, 2011O Protocolo de Internet versão 6 (IPv6) foi desenvolvido com o intuito de resolver alguns dos problemas não endereçados pelo seu antecessor, o Protocolo de Internet versão 4 (IPv4), nomeadamente questões relacionadas com segurança e com o espaço de endereçamento disponível. São muitos os que na última década têm desenvolvido estudos sobre os investimentos necessários à sua adoção e sobre qual o momento certo para que o mesmo seja adotado por todos os players no mercado. Recentemente, o problema da extinção de endereçamentos públicos a ser disponibilizado pelas diversas Region Internet registry – RIRs - despertou o conjunto de entidades envolvidas para que se agilizasse o processo de migração do IPv4 para o IPv6. Ao contrário do IPv4, esta nova versão considera a segurança como um objetivo fundamental na sua implementação, nesse sentido é recomendado o uso do protocolo IPsec ao nível da camada de rede. No entanto, e devido à imaturidade do protocolo e à complexidade que este período de transição comporta, existem inúmeras implicações de segurança que devem ser consideradas neste período de migração. O objetivo principal deste trabalho é definir um conjunto de boas práticas no âmbito da segurança na implementação do IPv6 que possa ser utilizado pelos administradores de redes de dados e pelas equipas de segurança dos diversos players no mercado. Nesta fase de transição, é de todo útil e conveniente contribuir de forma eficiente na interpretação dos pontos fortes deste novo protocolo assim como nas vulnerabilidades a ele associadas.IPv6 was developed to address the exhaustion of IPv4 addresses, but has not yet seen global deployment. Recent trends are now finally changing this picture and IPv6 is expected to take off soon. Contrary to the original, this new version of the Internet Protocol has security as a design goal, for example with its mandatory support for network layer security. However, due to the immaturity of the protocol and the complexity of the transition period, there are several security implications that have to be considered when deploying IPv6. In this project, our goal is to define a set of best practices for IPv6 Security that could be used by IT staff and network administrators within an Internet Service Provider. To this end, an assessment of some of the available security techniques for IPv6 will be made by means of a set of laboratory experiments using real equipment from an Internet Service Provider in Portugal. As the transition for IPv6 seems inevitable this work can help ISPs in understanding the threats that exist in IPv6 networks and some of the prophylactic measures available, by offering recommendations to protect internal as well as customers’ networks

    Renumbering Still Needs Work

    Full text link
    corecore