The ability to combine remote offices of a company with each other via secure communication channels is one of the most common tasks when building a distributed network infrastructure for companies of any size. There are several solutions to this problem:
Renting channels from a provider: A common and reliable option. The provider leases dedicated physical or logical communication channels. These channels are often referred to as point-to-point.
Advantages:
- Ease of connection and use - maintenance of equipment and channels is entirely the responsibility of the provider;
- Guaranteed channel width - the data transfer rate always corresponds to the one declared by the provider;
Disadvantages:
- Security and control - the company cannot control the equipment on the provider's side.
Construction of your own (physical) communication backbones: A reliable and costly solution, since the construction of a physical communication channel is entirely the responsibility of the company. With such a solution, the company fully controls and maintains the built channels.
Advantages:
- Flexibility - the ability to deploy channels to suit all necessary requirements;
- Security and control - full control of the channel as it belongs to the company;
Disadvantages:
- Deployment - Building such private channels is a time consuming and costly decision. Laying kilometers of optics on poles can cost a round sum. Even if you do not take into account the receipt of permits from all state. instances;
- Maintenance - the maintenance of the channel is entirely the responsibility of the company, therefore, the staff must have highly qualified specialists to ensure its operability;
- Low fault tolerance - external optical communication lines are often subject to unintentional damage (construction equipment, utilities, etc.). The optical link detection and repair time can take several weeks.
- Limited to one location - laying external optical communication lines is relevant only if objects are located within several tens of kilometers. For reasons of common sense, pulling communication to another city for hundreds and thousands of kilometers is not possible.
Building a secure channel over the Internet (VPN): This solution is relatively budgetary and flexible. To unite remote offices, it is enough to connect to the Internet and network equipment with the ability to create VPN connections
Advantages:
- Low cost - the company only pays for Internet access;
- Scalability - to connect a new office, you need the Internet and a router;
Disadvantages:
- Channel bandwidth - the data transfer rate may vary (there is no guaranteed bandwidth);
In this article, the last point will be considered in more detail, namely, what advantages VPN technology provides to a business.
A virtual private network (VPN) is a set of technologies that provide a secure connection (tunnel) between two or more remote local networks via a public network (eg the Internet).
The Unique Advantages of Geographically Distributed VPNs
Protection of transmitted traffic: it is safe to transmit traffic through a VPN tunnel using strong encryption protocols (3DES, AES). In addition to encryption, data integrity and sender's authenticity are checked, excluding the possibility of information substitution and an intruder's connection.
Reliable connection: leading equipment manufacturers are improving technology VPN connections providing automatic recovery of VPN tunnels in the event of a short-term failure of the connection to the public network.
Mobility and ease of connection: to local network companies can be connected from anywhere in the world and from almost any modern device(smartphone, tablet computer, laptop), while the connection will be protected. Most multimedia device manufacturers have added VPN support to their products.
Redundancy and load balancing: if you use two providers when connecting to the Internet (for balancing / fault tolerance), then it is possible to balance the traffic of VPN tunnels between providers. In case of failure of one of the providers, the tunnel will use the backup connection.
Traffic prioritization: the ability to control traffic using QoS - prioritize voice, video traffic in case of high load on the tunnel.
Business VPNs
Single network
Combining geographically distributed local networks of the company into a single network (connecting branches to the head office) greatly simplifies interaction and data exchange within the company, reducing maintenance costs. Any corporate systems require a single network space for employees to work. It can be IP telephony, accounting and financial accounting systems, CRM, video conferencing, etc.
Mobile access
Regardless of the location of the employee, with the presence of the Internet and a laptop / smartphone / tablet, the employee can connect to the internal resources of the company. Thanks to this advantage, employees have the ability to perform work and quickly solve problems while outside the office.
Consolidation of networks of different companies
It is often necessary to unite the networks of business partners, and such a unification can be organized both with and without limiting access to the internal resources of each of the companies. This combination simplifies communication between companies.
Remote management of IT infrastructure
Thanks to secure remote access to the equipment of the company's IT infrastructure, the administrator is able to quickly solve the tasks and respond to the problems that have arisen.
Quality of service
The traffic of video conferencing, IP-telephony and some other applications requires a guaranteed bandwidth. Thanks to the use of QoS in VPN tunnels, for example, it is possible to combine IP telephony of a company's local network and a remote office.
Areas of application of distributed VPN-networks and corporate data transmission networks (KSPD)
Having analyzed the requirements and tasks of organizations of various sizes, we have compiled an overall picture of solutions for each of them. Below is a description of typical implementations of VPN technology in a company's network infrastructure.
Small business solutions. Often the requirements for such a solution are the ability to connect remote users (up to 10) to the internal network and / or the interconnection of networks of several offices. These solutions are simple and quick to deploy. For such a network, it is recommended to have a backup channel with a speed lower than or the same as that of the main one. The backup channel is passive and is used only if the main one is disconnected (the VPN tunnel is automatically built over the backup channel). Reserving border equipment for such solutions is rare and often unreasonable.
Tunneling traffic - traffic internal applications(mail, web, documents), voice traffic.
Need for channel redundancy: medium
Need for equipment redundancy: low
Solutions for medium-sized businesses. Along with connecting remote employees (up to 100), the network infrastructure should provide connectivity for multiple remote offices. For such solutions, reservation of the Internet channel is mandatory, while throughput the backup link must be comparable to the speed of the main link. In many cases, the backup link is active (load balancing between links). It is recommended to back up the equipment of critical network nodes (eg central office border router). VPN network topology - star or partial mesh.
Equipment redundancy requirement: Medium
.jpg)
Solutions for large businesses, a distributed network of branches. These networks are large enough to be difficult to deploy and maintain. The topology of such a network from the point of view of organizing VPN tunnels can be: star, partial mesh, full mesh (the full mesh option is shown in the diagram). Channel reservation is mandatory (more than 2 providers are possible), as well as equipment reservation for critical network nodes. All or several channels are active. In networks of this level, leased lines or VPN provided by providers are often used. In such a network, it is necessary to provide for maximum reliability and resiliency in order to minimize business downtime. Equipment for such networks is the flagship line of an enterprise class or provider equipment.
Tunneling traffic - traffic of internal applications (mail, web, documents), voice traffic, video conferencing traffic.
Need for channel redundancy: high
Requirement for equipment redundancy: high
Educational institutions. Educational institutions are typically connected to a network control center. Traffic volume is usually not high. Reservation requirements are set on rare occasions.
Medical institutions. For medical institutions, there is an acute issue of reliability and high fault tolerance of communication channels and equipment. All branches of the territorially distributed network use redundant channel-forming equipment and several providers.
Retail solutions (chain stores). Chain stores are characterized by the massiveness of locations (there can be thousands of stores), and relatively low traffic to the main office (DPC). Reserving equipment in stores is often not advisable. It is enough to reserve the connection to the provider (in the format "the second provider is on the catch"). However, the requirements for the equipment that is in the data center (head office) are high. Since this point terminates thousands of VPN tunnels on itself. Constant monitoring of channels, reporting systems, compliance with security policies, etc. is required.
Implementation of distributed VPN-networks and corporate data transmission networks (KSPD)
The choice of the necessary equipment and the correct implementation of the service is difficult task, requiring high expertise from the performer. For many years, LanKey has been carrying out the most complex projects and has vast experience in such projects.
Examples of some projects for the implementation of KSPD and VPN, implemented by LanKey
| Customer | Description of the work performed |
|
|
Hardware Manufacturer: Juniper Solution: six remote branches of the company were connected to the main office using a star topology via secure communication channels. |
|
|
|
|
|
Hardware manufacturer: Cisco |
|
|
Hardware Manufacturer: Juniper |
|
|
Hardware manufacturer: Cisco Solution: Remote offices are united over a secure channel with fault tolerance by provider. |
.jpg){kind=logo}
.jpg)
Timely exchange of information within the team members is an important component of the successful work of any company, regardless of its specifics and scale.
The spread of digital technologies in all industries contributes to the widespread adoption of corporate networks at different levels of business, from small firms to holdings.
Designing and building a corporate network
The popularity of corporate networks is due to a number of their advantages.
Reducing system downtime in the event of hardware, software and technical errors presupposes a stable, continuous exchange of data between all participants.
Special programs and fine-tuning of access rights to individual documents, functions and sections reduce the risk of information leakage, loss of confidential data. In addition, intruders can be easily tracked using software solutions.
The process of designing a corporate network includes the unification of local networks of departments within the company and the creation of a material and technical base for further planning, organization and management of the company's core activities.
Building a corporate network is based on a consistent and developed architecture of data, platforms and applications, with the help of which the exchange of information between users is ensured. Getting a functioning corporate network additionally presupposes the development of database maintenance and protection tools.
Companies that create corporate networks
Among the companies that create corporate networks, it is worth noting:
- Altegra Sky is a Moscow-based company that provides a full range of services related to the creation of an internal network, from drawing up the principal architecture to commissioning. The company is engaged in the purchase, installation, commissioning of all the necessary equipment and conducts training events for its customers.
- Universum is a Moscow-based provider of system integration services for creating secure local area networks for a wide range of enterprises. Specialization - installation and fine-tuning of all functional elements of local networks and ensuring uninterrupted operation.
- Open Technologies is a provider of innovative solutions for the exchange of data within the company. The company specializes in creating an optimal hierarchical structure that will ensure a consistently high speed of transmission of documents, images and multimedia using the available server capacities.
Structure, architecture, technologies of corporate networks of an enterprise
The corporate network of an enterprise is characterized by two elements.
LAN is a local area network that provides a stable exchange of necessary data and management of user access rights. To create it, you need hardware - structured cable networks, then SCS.
SCS is a telecommunication infrastructure - the totality of all computer devices companies that exchange data in real time.
Creating a corporate network consists of choosing:
- working group;
- modeling environment;
- software and hardware solutions for its creation;
- setting up and maintaining the finished architecture.
Building an architecture and choosing a technology for a corporate network consists of several stages:
- selection of elementary objects included in the corporate data exchange network. As a rule, these are certain products, services of the company and information on them;
- selection of functional, information and resource models for the future network. At this stage, the "internal logic" of the functioning of the future network is determined;
- further, on the basis of the already selected parameters, languages and modeling methods are determined that are capable of solving the assigned tasks.
For example, when forming a corporate network of a small manufacturing company, the most accessible modeling languages that are undemanding to hardware capacities are used. Conversely, building an architecture for large, broad-based companies involves the use of powerful tools.
Corporate LANs via VPN, and Wi-Fi
VPN, or Virtual Private Network, is an option for creating a virtual network within an enterprise that uses the capabilities of a global network. The peculiarity of building such a network is the ability to access the Internet from anywhere in the world using a registered username and password.
The solution is popular among IT companies, design bureaus and other businesses that hire employees to work remotely. The disadvantage of this method of organizing a local network is the threat of unauthorized access and loss of user data.
Wi-Fi is a more technological and modern option for creating a corporate network that is not tied to hardware capacities and physical location of users. With the help of routers, access to the network for all employees is configured, and you can "get" into the network from any device.
The main advantage of Wi-Fi is easy integration and scaling of the created network for any number of users. WITH using Wi-Fi dynamic redistribution of network bandwidth between individual nodes is carried out, depending on the level of the applied load.
Corporate satellite network
Functioning of this type the corporate LAN is based on the use of the capacities of the HUB - a satellite terminal located in the network control centers.
Each participant gains access to the network using an IP address and a relay satellite that transmits the signal to other users.
This option for organizing a corporate network allows you to:
- quickly connect new users to the existing network;
- remotely monitor its functioning, participants' compliance with the security policy;
- guarantee the safety of data and fine-tuning privacy.
Satellite networks are the most stable, expensive and technologically advanced way of organizing data exchange between employees of the same structure.
Corporate multiservice network
A feature of a multiservice network is the ability to transmit text, graphic, video and audio information using the same communication channels. As a rule, companies providing services for the construction of multiservice networks create turnkey solutions that allow all the necessary types of information to be transmitted via IP addresses.
In technical terms, separate subsystems are created for the transmission of certain types of information, while switches, routers and signal amplifiers are used for data transmission. Thus, the network is more stable, withstands high loads well and allows peripherals access the central server as quickly as possible.
Corporate computer network
The computing network within a company is an adaptation of Internet technologies for use at the level of an individual company. The main goal of building such networks is the joint use of information for internal corporate work: simultaneous access and editing of documents, data exchange.
The functioning of a computer network assumes the use of an operating system that is compatible with all equipment and software connected to it. It is important to ensure the rational distribution of information and provide employees with the means for planning and document management.
The stage of building the architecture of a corporate computer network involves constant communication with future users in order to identify their needs. A successfully built corporate computer network is a convenient software and hardware solution for use in daily work.
Corporate social network
Creating a tool for messaging and exchanging information within one company gives employees the ability to maintain contact between departments in real time. At the same time, the product is based on the principle of operation of ordinary social networks with “cut down” functionality, which does not distract the attention of employees from their professional duties.
Typically, access to corporate social network have employees of the company who are in the office or work remotely, while the discussion of confidential work issues is carried out using secure communication protocols. This ensures prompt and secure communication between company departments without interruption from production and the threat of data leakage.
Remote access to corporate network
The basis of remote access to the capabilities of a corporate network is the configuration of the VPN protocol, which ensures the use of the company's servers by running a virtual machine.
The technology is based on a terminal server, free subnets and a secure guest network. The user does not need to purchase and configure additional programs: access via VPN is carried out in the "Team Viewer" application, which is compatible with all versions of Windows.
Such a solution is safe due to the ability to fine-tune access rights to data stored on the company's servers.
Corporate network security: threats and protection
Unauthorized access to data stored on corporate servers and the threat of losing them are two main threats from which an enterprise network must be protected.
For these purposes, the following are used:
- anti-virus systems;
- operational blocking of unauthorized access manually;
- thin VPN setup networks that cut off unauthorized users by entering a username and password.
Permanent protection is carried out using firewalls monitoring the functioning of all network elements in real time.
Read our other articles:Corporate information network
“A corporate network is a network whose main purpose is to support the operation of a particular enterprise that owns the network. Only employees of this enterprise are users of the corporate network. " The primary purpose of the corporate network is to provide complex information services to the employees of the enterprise, as opposed to a simple local network, which provides only transport services for the transfer of information streams in digital form.
Information flows in the modern world are critical. Today, no one needs to be convinced that a reliable and easily manageable information system is necessary for the successful operation of any corporate structure. Any enterprise has internal connections that ensure interaction between management and structural units, and external relations with business partners, enterprises, authorities. External and internal communications of the enterprise can be considered as informational. But at the same time, an enterprise can be viewed as an organization of people united by common goals. To achieve these goals, various mechanisms are used to facilitate their implementation. One of these mechanisms is effective production management, based on the processes of obtaining information, processing it, making decisions and communicating them to the performers. Most important part management is decision making. To work out the right decision requires complete, prompt and reliable information.
The completeness of information characterizes its volume, which should be sufficient for making a decision. The information must be up-to-date, i.e. such that during its transmission and processing the state of affairs does not change. The reliability of information is determined by the degree to which its content corresponds to the objective state of affairs. The information should come to the workplace of the head of the enterprise or the executor in a form that facilitates its perception and processing. But how to organize a high-quality information system at the lowest cost? What equipment should you give preference to when choosing?
A significant part of the telecommunications equipment market is occupied by hardware designed to provide corporate structures with intra-industrial communication and data transmission services. Moreover, these concepts can mean a fairly wide range of modern services. Using the technologies of modern automatic telephone exchanges, it is possible to deploy a digital network with the integration of ISDN services and provide users with access to databases and the Internet, organize a mini-cellular communication system of the DECT standard, introduce a videoconference or intercom mode.
Modern automatic telephone exchanges use digital technologies, a modular construction principle, have a relatively high reliability, provide a full set of basic functions (call routing, administration, etc.), provide the ability to connect additional equipment such as voice mail, billing systems, etc.
Any organization is a set of interacting elements (departments), each of which can have its own structure. The elements are interconnected functionally, i.e. they perform certain types of work within a single business process, as well as informational, exchanging documents, faxes, written and oral orders, etc. In addition, these elements interact with external systems, and their interaction can also be both informational and functional. And this situation is true for almost all organizations, no matter what type of activity they are engaged in - for a government institution, a bank, an industrial enterprise, a commercial firm, etc.
This general view of the organization allows us to formulate some general principles of building corporate information systems, i.e. information systems throughout the organization.
A corporate network is a system that provides information transfer between various applications used in a corporation's system. A corporate network is a network of a separate organization. A corporate network is any network that uses the TCP / IP protocol and uses Internet communication standards, as well as service applications that provide data delivery to network users. For example, a business might set up a Web server to publish announcements, production schedules, and other service documents. Employees access the documents they need using Web content viewers.
Web servers on the corporate network can provide users with services similar to those of the Internet, such as working with hypertext pages (containing text, hyperlinks, graphics, and sound recordings), providing the necessary resources when requested by web clients, and accessing databases.
A corporate network, as a rule, is geographically distributed, i.e. uniting offices, divisions and other structures located at a considerable distance from each other. The principles by which a corporate network is built are quite different from those used to create a local network. This limitation is fundamental, and when designing a corporate network, all measures should be taken to minimize the amount of data transferred. For the rest, the corporate network should not impose restrictions on which applications and how they process the information carried over it. An example of a corporate network is shown in Figure 9.
The process of creating a corporate information system
The main stages of the process of creating a corporate information system can be distinguished:
Conduct an information survey of the organization;
Based on the results of the survey, select the architecture of the system and the hardware and software for its implementation, based on the results of the survey, select and / or develop the key components of the information system;
Corporate database management system;
Business operations and workflow automation system;
Electronic document management system;
Special software tools;
Decision support systems.
When designing a corporate information network of an organization, it was necessary to be guided by the principles of consistency, standardization, compatibility, development and scalability, reliability, security and efficiency.
The principle of consistency implies that during the design and creation of the corporate information system, its integrity must be maintained by creating reliable communication channels between subsystems.
The principle of standardization provides for the use of standard equipment and materials that comply with international standards ISO, FCC, Gosstandards of the Republic of Kazakhstan.
Example of a corporate network
Figure 9
The principle of compatibility, directly related to the principle of standardization, ensures the compatibility of equipment, interfaces and data transfer protocols throughout the organization and the global network.
The principle of development (scalability) or openness of the corporate information system is that even at the design stage the corporate information system should be created as open system, allowing replenishment, improvement and updating of subsystems and components, connection of other systems. The development of the system will be carried out by replenishing it with new subsystems and components, modernizing existing subsystems and components, updating the tools used computing technology, more perfect.
The principle of reliability lies in the duplication of important subsystems and components in order to ensure the uninterrupted operation of the EIS, to create a stock of materials and equipment for prompt repair and replacement of equipment.
The principle of corporate information system security implies the use of hardware and software tools and organizational methods in the construction of corporate information systems that exclude unauthorized access to equipment and information retrieval from the corporate information system by external and internal objects and subjects that do not have special permission.
The principle of efficiency is to achieve a rational ratio between the costs of designing and creating the corporate information system and the target effects obtained as a result of the practical implementation and operation of the integrated information system. The economic essence of the creation and implementation is to ensure an effective and efficient exchange of information between the departments of the organization to solve production, financial and economic issues, expressed in reducing the cost of telephone communications and postage.
We will analyze the specific implementation of the foregoing later at the stage of designing a computer information network of the organization under study.
Introduction
One of the basic human needs is the need for communication, which becomes possible when people understand each other. To do this, they study languages, master the culture of communication, use modern means and methods of communication. Communication in a broad sense is understood as a process, way and means of transferring an object or message from one place to another. Communications can be organized using different transmission media, for example, water and air communications, gas pipelines, railways and highways, etc.
Computer networks provide invaluable help to people, the appearance of which marked a new era in the history of the development of communications. With the advent of computer networks, they began to talk about computer communications, understanding by this the exchange of all kinds of information using computers. They are more and more included in our life, in some cases displacing, and in others - supplementing the existing ones. When you are far from each other, you exchange letters by mail - on a computer network, this type of communication is known as e-mail. To discuss some important problem, you organize a meeting, meeting, conference. There is a corresponding type of communication in the computer network. This is a teleconference. Computer communications are in many ways reminiscent of traditional ones, but at the same time the time for mail delivery is significantly reduced, communication is organized more quickly, the ability to communicate with a large circle of people is expanding, and prompt access to the world's information storages appears.
Computer communications are provided using computer networks: local, regional, corporate, global.
In the lecture, you will learn how they differ from each other and what their hardware is, namely: which components ensure the operation of the network, which communication channels are used, what is a modem and network adapter what role in computer networks play protocols and more.
Computer networks. Basic information.
Telecommunication(from the Greek. tele - "into the distance", far ~ and Latin communicato - "communication") - this is the exchange of information at a distance.
The radio transmitter, telephone, teletype, fax machine, telex and telegraph are the most common and familiar examples of telecommunications technology today.
Later, one more tool was added to them - these are computer communications, which are now becoming more and more widespread. They promise to squeeze out facsimile and teletype communications, just as the latter supplanted the telegraph.
Computer communications- exchange of information at a distance using computer networks.
Nowadays, computer networks are gaining more and more importance in the life of mankind, their development is very promising. Networks can unite and make available information resources of both small enterprises and large organizations occupying premises remote from each other, sometimes even in different countries.
Computer networks- a system of computers connected by information transmission channels.
The purpose of all types of computer networks is determined by two functions:
- ensuring the joint use of hardware and software resources of the network;
- providing shared access to data resources.
For example, all members of a local network can share one common printing device - a network printer or, for example, resources hard drives one dedicated computer - a file server. Similarly, you can share and software... If a network has a dedicated computer dedicated to be shared by network participants, it is called a file server.
Networks by dimension are divided into local, regional, corporate, global
the local network(LAN - Local Area Network) - connection of computers located on short distances from each other (from several meters to several kilometers). PCs in such networks are located in the same room, in the same enterprise, in closely located buildings.
Local networks do not allow to provide shared access to information for users located, for example, in different parts of the city. Come to the rescue regional networks that unite computers within one region (city, country, continent).
regional network(MAN - Metropolitan Area Network) - combining PCs and local networks to solve common problem regional scale. Regional a computer network connects computers located at a considerable distance from each other. It can include computers within a large city, economic region, or a single country. Typically, the distance between subscribers of a regional computer network is tens - hundreds of kilometers.
Many organizations interested in protecting information from unauthorized access (for example, military, banking, etc.) create so-called corporate networks... A corporate network can unite thousands and tens of thousands of computers located in different countries and cities (as an example, the Microsoft Corporation network)
corporatenetworks - consolidation of local networks within one corporation.
The need for the formation of a single world information space led to the creation of a global computer network, the Internet.
global networks(WAN - Wide Area Network) –
a system of interconnected local networks and PCs of users located at remote distances, for general use world information resources .
Information networks create a real opportunity for quick and convenient user access to all information accumulated by mankind throughout history.
By the type of transmission medium, networks are divided into:
Wired (coaxial, twisted pair, fiber optic);
- wireless with information transmission via radio channels or in the infrared range.
By the way of organizing the interaction of network computers divided into peer-to-peer and dedicated server (hierarchical networks).
All computers in a peer-to-peer network are equal. Anyone on the network can access data stored on any computer.
The main advantage of peer-to-peer networks is ease of installation and operation. The main disadvantage lies in the fact that in the conditions of peer-to-peer networks, it is difficult to solve information security issues. Therefore, this method of organizing a network is used for networks with a small number of computers and where the issue of data protection is not critical.
In a hierarchical network, when installing the network, one or more servers are pre-allocated - computers that control the exchange of data over the network and the allocation of resources. Any computer that has access to the server's services is called a network client or workstation.
The general scheme for connecting computers to local networks is called network topology... There are only 5 main types of network topology:
1. BUS topology. In this case, connection and data exchange is carried out through a common communication channel called a common bus. The bus structure is simpler and more economical as it does not require additional device and less cable is consumed. But it is very sensitive to cabling faults. If the cable is damaged at least in one place, then problems arise for the entire network. The location of the malfunction is difficult to locate.
2. 
STAR topology... In this case, each computer is connected with a separate cable to a common device called a hub (hub), which is located in the center of the network. The star is more resistant to malfunctions of the cable system. A damaged cable is a problem for one specific computer; it does not affect the operation of the network as a whole. No effort is required to isolate the fault. The disadvantages of a star topology include the higher cost of network equipment due to the need to purchase a hub. In addition, the ability to grow the number of nodes in the network is limited by the number of ports on the hub. This structure is currently the most common type of link topology in both local and wide area networks.
3. 
Topology RING... In networks with a ring topology, data in the network is transmitted sequentially from one station to another along the ring, usually in one direction. If the computer recognizes the data as intended for it, then it copies it to itself into an internal buffer. In a network with a ring topology, special measures must be taken so that in the event of failure or shutdown of a station, the communication channel between the other stations is not interrupted. The advantage of this topology is simplicity of management, the disadvantage is the possibility of failure of the entire network in case of a failure in the link between two nodes.
4. 
Mesh topology... A mesh topology is characterized by a computer connection scheme in which physical communication lines are installed with all adjacent computers. In a network with a mesh topology, only those computers between which there is an intensive exchange of data are directly connected, and for the exchange of data between computers that are not connected by direct links, transit transmissions through intermediate nodes are used. A mesh topology allows a large number of computers to be connected and is typical, as a rule, of wide area networks. The advantages of this topology are its resistance to failures and overloads. there are several ways to bypass individual nodes.
5. Mixed topology... While small networks tend to have a typical topology - star, ring, or shared bus, large networks tend to have arbitrary connections between computers. In such networks, separate arbitrary subnets can be distinguished, having a typical topology, therefore they are called mixed topology networks.
The principles of functioning of various electronic networks are approximately the same:
1. The network consists of interconnected PCs
In most cases, the network is built on the basis of several powerful computers called servers. Servers and, accordingly, networks of the second order (regional), third order (corporate), fourth order (local) are usually connected to the servers of the global network, and users of individual computers - subscribers(clients) networks. Note that networks are not required at all intermediate levels (eg corporate).
2. PCs are interconnected by communication channels
The main goal of creating any computer network is to ensure the exchange of information between objects (servers and clients) of the network. To do this, it is necessary to connect the computers to each other. Therefore, the mandatory components of any network are all kinds of communication channels (wired and wireless), for which different physical media are used. In accordance with this, networks distinguish between such communication channels as telephone and fiber-optic lines, radio communication, space communication and etc.
The purpose of communication channels in a computer network is easy to understand if you compare them with the transport channels of a freight or passenger transportation system. Transportation of passengers can take place by air, using railways or water (sea or river) routes. A means of transportation is chosen depending on the transportation environment. Information is transported through computer networks. The environments in which network computers communicate determine the means of connecting computers. If it is an environment that requires a telephone connection, then the connection is made through a telephone cable. Connections of computers using electrical cables, radio waves, fiber optic cables, etc. are widely used.
Let's consider the main types of channels. Some of them are mutually exclusive, some may describe the same channel from different angles.
Channels are digital and analog.
TO analog channels include an ordinary telephone channel. To use it, you need a special device - a modem that converts digital information into analog. Analog channels are highly susceptible to interference and have low bandwidth (several tens of kilobytes per second). Now there is a tendency to replace all analogue channels with digital ones, not only in computer networks, but also in telephone ones.
Channels are also divided into allocated and dial-up.
Using dial-up line, the connection is formed for the duration of the data transfer, and at the end of this transfer, it is disconnected. Dial-up is a connection via a regular telephone line.
Dedicated the line works differently:
the connection is permanent, it always allows data to be transferred from one computer to another. Leased lines differ from dial-up lines in high speed (up to tens of megabits per second) and high rental prices.
By physical device, channels are subdivided on electrical wire, optical and radio channels.
Wired channels represent a connection with an electric cable, possibly a complex one. All such channels use electrical impulse data transmission.
Optical channels communications are based on light guides. The signal is transmitted using lasers.
Radio channels act on the same principle as radio and television.
These are all different communication channels. The efficiency of communication in computer networks substantially depends on the following main characteristics (parameters) of communication channels:
- throughput (data transfer rate), measured by the number of bits of information transmitted over the network per second (bits per second is called baud);
Average throughput - measured on average over a certain period of time (for a large file)
Guaranteed Bandwidth - the minimum bandwidth that a channel can provide (for video files)
- reliability - the ability to transmit information without distortion and loss;
- cost;
- expansion possibilities (connecting new computers and devices).
To transmit information through communication channels, it is necessary to convert computer signals into signals of physical media.
For example, when transmitting information over an optical fiber cable, the data presented in the computer will be converted into optical signals, for which special technical devices- network adapters.
Network adapters (network cards) - technical devices performing the functions of interfacing computers with communication channels.
If the communication channel –
telephone line, then when receiving - transmitting information, a modem is used.
Modem- (modulator - demodulator) - a device for converting digital PC signals into audio (analog) telephone line signals and vice versa.
The main characteristic of the modem: the speed of reception - transmission of information (measured in bits per second). Modern modems have a speed of information transmission and reception - 33600 bits per second, 57600 bits per second.
3. The network operates using protocols
In order for the information transmitted by one PC to be understood by another PC, it was necessary to develop uniform rules called protocols.
Protocol- a set of agreements on the rules for the formation and transmission of messages, on the methods of exchanging information between PCs, on the rules for the operation of various equipment in the network
There are 2 types of Internet protocols: basic and application protocols.
basic protocols responsible for physical shipment e-mails any type between computers on the Internet (IP and TCP). These protocols are so closely related that they are most often referred to as "TCP / IP";
applied protocols over high level responsible for the functioning of specialized Internet services: HTTP (hypertext messaging), FTP (file transfer), e-mail protocols, etc.
Technically, TCP / IP is not one, but two network protocol... TCP is a transport layer protocol. It controls how information is transmitted. The IP protocol is addressable. It defines where the data transfer takes place.
4. The operation of a PC in a network is provided by network programs, usually organized according to the client-server model:
server- a program providing services, customer- a program that consumes the services of a server - programs
IP-addresses
Information exchanged between PCs is divided into packages. A PACKAGE is a "piece" of information containing the address of the sender and the recipient.
A. Multiple packets form a data stream that is received by the user PC
B. Then the "scattered packets" arriving from the network are collected into a single "bundle" by the client program of your PC (for example, the Microsoft InterNet Explorer browser)
C. In order for the package to find its addressee - each PC is assigned an IP address (when registering with the provider). An IP address contains 4 bytes (32 bits) separated by dots or 4 numbers from 0 to 255. It is easy to calculate that the total number of different IP addresses is over 4 billion: 232 = 4294967296.
The lР -address is "read" from right to left. Usually the most right digit stands for a specific computer, and the rest of the numbers show the numbers of networks and subnets (i.e. local networks).
Sometimes this may not be so, but in any case, if the address is represented in binary form, then some part of the rightmost bits identifies a specific computer, and the rest designate the networks and subnets to which the computer belongs.
Example.
192.45.9.200. Network address - 192.45; subnet address - 9; computer address - 200.
The packet contains the address of the recipient and the address of the sender, and then it is thrown into the network.
Routers determine the route packets should take.
Domain name system
Computers can easily communicate with each other using a numeric IP address, but it is not easy for humans to remember a numeric address, and for convenience, the Domain Name System (DNS) was introduced.
Domain name system maps the numeric IP address of each computer to a unique Domain name... Domain addresses are assigned at the Internet Network Information Center (InterNIC).
Domain (domain- region, district) - defines a set of PCs belonging to any part of the Internet, within which computers are united by one attribute.
Domain address defines a scope that represents a range of host computers. Unlike a digital address, it is read in reverse order. First comes the name of the computer, then the name of the network in which it is located.
A computer name includes at least two levels of domains. Each level is separated from the other by a point. To the left of the domain top level subdomains for the general domain are located.
In the Internet addressing system, it is customary to represent domains by geographic regions. They have a two-letter name.
Example.
Geographic domains of some countries: France - fr; Canada- sa; USA - us; Russia - ru; Belarus - by.
There are also domains divided by thematic featured. Such domains have three-letter abbreviation.
Example.
Educational establishments - edu... Government agencies - gov... Commercial organizations - com:
tutor.sp tu.edu . Here edu- a common domain for schools and universities. Tutor- subdomain sp tu which is a subdomain edu.
World wide web
The most popular Internet service is the World Wide Web (abbreviated as WWW or Web), also called the World Wide Web. The presentation of information on the WWW is based on the capabilities of hypertext links. Hypertext is a text that contains links to other documents. This makes it possible, when viewing a document, to easily and quickly switch to other information related to it, which can be text, an image, sound file or have any other form accepted on the WWW. In this case, linked documents can be scattered around the globe.
Numerous overlapping links between WWW documents and the computer web span the planet - hence the name. Thus, the dependence on the location of a particular document disappears.
The World Wide Web service is designed to access a special kind of electronic documents called Web documents or, more simply, Web pages. A web page is an electronic document that, in addition to text, contains special formatting commands, as well as embedded objects (pictures, audio and video clips, etc.).
Browsing web pages with special programs called browsers so the browser is not just a WWW client for interacting with remote Web servers, it is also a Web document viewer. So, for example, if a Web page has been saved to your hard drive, you can view it using a browser without an Internet connection. This is called offline browsing.
Unlike printed electronic documents, Web pages have not absolute, but relative formatting, that is, they are formatted at the time of viewing in accordance with the screen and with which browser they are viewed. Strictly speaking, the same Web page may look different when viewed in different browsers, depending on how the browser responds to the commands that the author has embedded in the Web page.
Every Web document (and even every object embedded in such a document) on the Internet has its own unique address - it is called uniform resource locator URL (Uniformed Resource Locator) or, for short, URL... By contacting this address, you can get the document stored there.
There are many, many Web documents on the Internet. In the past seven years, the content of the WWW has doubled every year and a half. Apparently, in the coming years this rate will decrease somewhat, but it will remain quite high, at least until the turn of 10 billion. In connection with such a huge number of Web-documents, on the Web today there is an important problem of their search and selection - we will take a closer look at it, but for now we will get acquainted with how the URL looks formally.
Example url: http://klyaksa.net/htm/exam/answers/images/a23_1.gif
Here is the URL of a picture located on one of the web pages of the www.klyaksa.net portal.
The document URL has three parts and, unlike domain names, reads from left to right. The first part specifies the name of the application protocol used to access this resource... For the World Wide Web service, this is the HyperText Transfer Protocol (HTTP). Other services have different protocols. The protocol name is separated from the rest of the address by a colon and two slashes.
The second element is the domain name of the computer on which this document is stored. We are already familiar with the structure of a domain name - its elements are separated by periods. A slash is placed after the domain name.
The last element addresses - the path to the file containing the Web document on the specified computer. We are already familiar with recording the path to a file in the Windows operating system, but there is an important difference. On Windows, it is customary to separate directories and folders with a backslash "\", but on the Internet, it is customary to use the normal forward slash "/". This is due to the fact that the Internet originated on computers running the UNIX operating system, and there it is customary to separate directories that way.
Each hyperlink on the Web is associated with the Web address of a document or object (a file with a picture, sound recording, video clip, etc.). When you click on the hyperlink, a request is sent to the Network to supply the object that the hyperlink points to. If such an object exists at the specified address, it is loaded and played. If it does not exist in nature (for example, it ceased to exist for some reason), an error message is issued - then you can return to previous page and continue working.
Basic Internet Services
1. Electronic mail (E-mail).
Electronic mail (E-mail - Electronic mail, English mail - "mail") is the most widespread and until recently the most popular application of the Internet. According to the estimates of the International Telecommunication Union, the number of e-mail users exceeds 50 million. The popularity of e-mail is explained not only by its capabilities, but also by the fact that it can be used with any type of Internet access, even the cheapest one.
When using e-mail, each user is assigned a unique mailing address, which is usually formed by attaching the user's name to the name of the computer itself. The username and computer name are separated by the @ special character. For example, if a user has the login name еmswоrth on the computer blandings.corn, then his email address will look like [email protected]
3. Teleconferencing Service (Usenet)
Another widely used service provided by the Internet is Usenet news- Usenet news, which are also often called teleconferences (they have nothing to do with television, and the prefix "tele" means "remote", "operating at a long distance"). They provide the ability to read and post to public (open) discussion groups.
Usenet is a virtual, imaginary network through which news is transmitted between computers - news servers using a special protocol NNTP (Network News Transfer Protocol).
4. File Transfer Service (FTP) is engaged in the reception and transmission of large files. The FTP service has its own servers in the world network, which store data archives. These archives can be commercial, restricted, or publicly available.
5. Access to a remote computer (Telnet)
If we recall the history of the development of computers, then there was a time when the computer itself was large and stood in a special computer room. The terminals (i.e. displays with keyboards) allowing the computer to operate were located in a different room. The displays were alphanumeric, so the dialogue with the computer consisted of entering symbolic commands, in response to which the computer printed the corresponding data on the screen.
When creating a remote access system, it was decided to keep this method of dialogue with a computer.
The remote access program is called Telnet.
For its functioning, as for all Internet services, there must be two parts - a server program installed on remote computer, and the client program - on the local computer.
To connect to a remote system, you must be a registered user, that is, have an input name and password. To establish a connection, you must specify the name of the remote computer. After a successful connection, you can do the same operations on the remote computer as on the local computer, that is, browse directories, copy or delete files, run various programs that have an alphanumeric interface.
6. IRC service (Internet Relay Chat) is designed for direct communication of several people in real time. This service is also called chat conferencing or just chat.
7. ICQ service. Its name comes from the expression I seek you - I'm looking for you. Its main purpose is to enable communication between two people, even if they do not have a permanent IP address.
8. World Wide Web Service (WWW) Is one information space composed of hundreds of millions of interconnected electronic documents stored on Web servers. Individual documents are called Web pages. Groups of thematically linked Web pages are called Web sites or Web sites.
Creating a local network is the best way to organize a unified information environment for an enterprise. Thanks to it, users will gain access to shared resources, will be able to share printers and other network equipment. By properly configuring the network, the administrator can ensure the proper level of secrecy and prevent leakage of data constituting trade secrets.
Four stages of organization
This whole process can be divided into the following stages:
- Network development. At this stage, specialists examine the territory of the enterprise, listen to the wishes of the customer in terms of functionality, draw up a plan, technical specification and prepare the equipment necessary for its installation.
- Mounting. At this stage, cables are laid, equipment is installed and the necessary software is configured.
- Testing. Experts check the work, compliance of the established network with generally accepted quality standards.
- Service. This phase includes upgrades and, if necessary, troubleshooting.
The created enterprise network must meet the following basic requirements:
- Be easily manageable.
- Be protected from hacker attacks. The protection of a corporate network involves the installation of special software - a firewall.
- Be adapted to the main types of network devices and cables. Thanks to this, the network can be upgraded and changed at any time.
Topology
Organization of a corporate network involves the choice of one of the architectures for its construction:
- star;
- tire;
- ring.
The first scheme for connecting computers in a local network is the most common. Each vertex of the "star" is a separate computer on the network. The PCs are connected to the hub with a cable. Typically, this is a twisted pair with an RJ-45 connector. The advantage of this connection method is the independence in the operation of individual PCs. When one of the computers loses its connection to the network, the others continue to function normally. The disadvantage of this scheme is that if the hub fails, none of the computers can connect to the Internet. To build a local network "star", it is necessary to use longer cables than in the case of a ring or bus.
In the case of a bus topology, all computers are connected to one main cable - the backbone. In this case, the data is received only by the addressee with a specific IP address. If the connection is broken, the entire network will inevitably "fall down" on each individual computer.
In the case of a "ring", the signal is transmitted "in a circle" from one computer to the second, to the third, etc. Each PC in this case is a repeater and signal amplifier. The disadvantage of a ring is the same as a bus: if one computer loses its connection to the Internet, the same thing happens on all other machines.
Necessary equipment
To build a local network, you need active and passive network equipment. Active equipment not only transmits, but also converts the signal. These are such equipment as network cards of computers and laptops, print servers, routers. Passive equipment only transmits data at the physical layer.
To organize a local network, twisted pair or fiber optic cable is used. Twisted pair are copper insulated conductors twisted in pairs. There is a cable for 8 conductors (4 pairs) or 4 conductors (2 pairs).
To connect a computer, it must have a network card. If the internal card does not work, it is permissible to use a USB adapter.
You also need a hub - a device that analyzes incoming traffic and distributes it to the connected PCs. If each of the computers has a Wi-Fi module, it is better to use a router instead of a hub. The router has one WAN port and several LANs. An Internet operator's cable is connected to the WAN port, and cables to the signal consumers: computers, TVs, etc., are connected to the LAN ports.
Additional equipment will also be needed - signal repeaters and a print server. A repeater is a device that is needed to extend the distance of a network connection. Thanks to them, it is possible to connect several buildings located nearby with a cable. A print server is a network device for connecting a printer. At the same time, the printer is not connected directly to the computer, thus, the printing device is available at any time.
How to keep your corporate network secure
To protect a corporate network, you need special software - an Internet gateway. This is a whole software package that includes VPN, antivirus, firewall, traffic shaper, mail server and much more. Our software - ICS is just such a gateway.
