The Internet is a vast network that connects computers all over the world. Through the Internet, people can share information and communicate from anywhere with an Internet connection. The short form of internet is the 'net'.
A network that connects computers and devices within a building or small group of buildings is known as a local area network (LAN). A LAN may link the computers within a home, office, or campus, for example, allowing the individual users to share resources.
Broadband refers to various high-capacity transmission technologies that transmit data, voice, and video across long distances and at high speeds. Common mediums of transmission include coaxial cables, fiber optic cables, and radio waves. Broadband is always connected and removes the need for dial-up. Its importance is far-reaching; it allows for high-quality and quick access to information, teleconferencing, data transmission, and more in various capacities, including healthcare, education, and technological development.
Wireless connectivity, often known as Wi-Fi, is the technology that allows a PC, laptop, mobile phone, or tablet device to connect at high speed to the internet without the need for a physical wired connection. Wi-Fi (pronounced “Why-Fy”) is a term that was coined by a branding company in 1999 as a name which would be easily recalled, due to its similarity to the then well-known term “hi-fi”.
Mobile data allows your phone to access the Internet even when you’re not on Wi-Fi. Mobile data gives you an Internet connection anywhere as long as you’re connected to a cellular network. The speed is lesser than Wi-Fi and Broadband connection.
IP address stands for internet protocol address; it is an identifying number that is associated with a specific computer or computer network. When connected to the internet, the IP address allows the computers to send and receive information.An IP address allows information to be sent and received by the correct parties, which means they can also be used to track down a user's physical location.
A router is a computer whose software and hardware are designed to move data between computer networks. Routers make sure traffic between computers goes where it needs to go. They do this by choosing the shortest path between the computers using a complicated system of rules called routing protocols.
A switch is a device in a computer network that connects other devices together. Multiple data cables are plugged into a switch to enable communication between different networked devices. Switches manage the flow of data across a network by transmitting a received network packet only to the one or more devices for which the packet is intended. Each networked device connected to a switch can be identified by its network address, allowing the switch to direct the flow of traffic maximizing the security and efficiency of the network.
Alternatively known as an Ethernet cable or LAN cable, a Cat 5 or category 5 is a network cable that consists of four twisted pairs of copper wire terminated by an RJ-45 connector. The picture shows an example of a Cat 5 cable. Cat 5 cable is used in home and business networks, providing data transmission speeds of up to 100 Mbps. The maximum recommended length of a Cat 5 cable is 100 meters. Exceeding this length without the aid of a bridge or other network device could cause network issues, including data packet loss and data transmission speed degradation.
The eight-pin RJ45 connector is a standardised interface which often connects a computer to a local area network (LAN). This type of connector was originally developed for telephone communications but is now used in a range of applications. The abbreviation, RJ45, stands for Registered Jack-45. Registered jack specifications are related to the wiring patterns of the jacks, rather than their physical characteristics. The term RJ45 has also come to refer to a range of connectors for Ethernet jacks. An 8 Position/8 Contact connector, called an 8P8C, is a modular connector for telecommunication cables. It is also informally referred to as an RJ45.
A fiber optic cable is a network cable that contains strands of glass fibers inside an insulated casing. They're designed for long-distance, high-performance data networking, and telecommunications. Compared to wired cables, fiber optic cables provide higher bandwidth and transmit data over longer distances. Fiber optic cables support much of the world's internet, cable television, and telephone systems.
The maximum amount of data transmitted over an internet connection in a given amount of time. Bandwidth is often mistaken for internet speed when it's actually the volume of information that can be sent over a connection in a measured amount of time – calculated in megabits per second (Mbps).
Internet speed is the measure of how fast information is transferred, while bandwidth refers to the capacity of an individual internet connection. So if your internet connection has a bandwidth of 5 Mbps, your speed would only be that fast if it's operating at full capacity.
World Wide Web, which is also known as a Web, is a collection of websites or web pages stored in web servers and connected to local computers through the internet. These websites contain text pages, digital images, audios, videos, etc. Users can access the content of these sites from any part of the world over the internet using their devices such as computers, laptops, cell phones, etc. The WWW, along with internet, enables the retrieval and display of text and media to your device.
Discussed below is each stage of the Open Systems Interconnection Model in detail. Please go through these carefully to understand the structure and the functioning of the model in a systematic manner:
Structure and Types of IP Address
An IP address represents an Internet Protocol address. A unique address that identifies the device over the network. It is almost like a set of rules governing the structure of data sent over the Internet or through a local network. An IP address helps the Internet to distinguish between different routers, computers, and websites. It serves as a specific machine identifier in a specific network and helps to improve visual communication between source and destination.
IP address structure:
IP addresses are displayed as a set of four digits- the default address maybe 184.108.40.206. Each number on the set may range from 0 to 255. Therefore, the total IP address range ranges from 0.0.0.0 to 255.255.255.255.
IP address is basically divided into two parts: X1. X2. X3. X4
[X1. X2. X3] is the Network ID
[X4] is the Host ID
IP Address Types:
There are 4 types of IP Addresses- Public, Private, Fixed, and Dynamic. Among them, public and private addresses are derived from their local network location, which should be used within the network while public IP is used offline.
Types of Website IP address:
Website IP address is of two types- Dedicated IP Address and Shared IP Address. Let us discuss the two.
IP Address Classification Based on Operational Characteristics:
According to operational characteristics, IP address is classified as follows:
This IP address class is used when there are a large number of hosts. In a Class A type of network, the first 8 bits (also called the first octet) identify the network, and the remaining have 24 bits for the host into that network.
An example of a Class A address is 220.127.116.11. Here, “102” helps you identify the network and 168.212.226 identify the host.
Class A addresses 127.0.0.0 to 127.255.255.255 cannot be used and is reserved for loopback and diagnostic functions.
In a B class IP address, the binary addresses start with 10. In this IP address, the class decimal number that can be between 128 to 191. The number 127 is reserved for loopback, which is used for internal testing on the local machine. The first 16 bits (known as two octets) help you identify the network. The other remaining 16 bits indicate the host within the network.
An example of Class B IP address is 18.104.22.168, where *168 212* identifies the network and *226.204* helps you identify the Hut network host.
Class C is a type of IP address that is used for the small network. In this class, three octets are used to indent the network. This IP ranges between 192 to 223.
In this type of network addressing method, the first two bits are set to be 1, and the third bit is set to 0, which makes the first 24 bits of the address them and the remaining bit as the host address. Mostly local area network used Class C IP address to connect with the network.
Example for a Class C IP address:
Class D addresses are only used for multicasting applications. Class D is never used for regular networking operations. This class addresses the first three bits set to “1” and their fourth bit set to use for “0”. Class D addresses are 32-bit network addresses. All the values within the range are used to identify multicast groups uniquely.
Therefore, there is no requirement to extract the host address from the IP address, so Class D does not have any subnet mask.
Introduction of Firewall in Computer Network
A firewall is a network security device, either hardware or software-based, which monitors all incoming and outgoing traffic and based on a defined set of security rules it accepts, rejects or drops that specific traffic.
Accept : allow the traffic
Reject : block the traffic but reply with an “unreachable error”
Drop : block the traffic with no reply
A firewall establishes a barrier between secured internal networks and outside untrusted network, such as the Internet.
History and Need for Firewall
Before Firewalls, network security was performed by Access Control Lists (ACLs) residing on routers. ACLs are rules that determine whether network access should be granted or denied to specific IP address.
But ACLs cannot determine the nature of the packet it is blocking. Also, ACL alone does not have the capacity to keep threats out of the network. Hence, the Firewall was introduced.
Connectivity to the Internet is no longer optional for organizations. However, accessing the Internet provides benefits to the organization; it also enables the outside world to interact with the internal network of the organization. This creates a threat to the organization. In order to secure the internal network from unauthorized traffic, we need a Firewall.
How Firewall Works
Firewall match the network traffic against the rule set defined in its table. Once the rule is matched, associate action is applied to the network traffic. For example, Rules are defined as any employee from HR department cannot access the data from code server and at the same time another rule is defined like system administrator can access the data from both HR and technical department. Rules can be defined on the firewall based on the necessity and security policies of the organization.
From the perspective of a server, network traffic can be either outgoing or incoming. Firewall maintains a distinct set of rules for both the cases. Mostly the outgoing traffic, originated from the server itself, allowed to pass. Still, setting a rule on outgoing traffic is always better in order to achieve more security and prevent unwanted communication.
Incoming traffic is treated differently. Most traffic which reaches on the firewall is one of these three major Transport Layer protocols- TCP, UDP or ICMP. All these types have a source address and destination address. Also, TCP and UDP have port numbers. ICMP uses type code instead of port number which identifies purpose of that packet.
Default policy: It is very difficult to explicitly cover every possible rule on the firewall. For this reason, the firewall must always have a default policy. Default policy only consists of action (accept, reject or drop).
Suppose no rule is defined about SSH connection to the server on the firewall. So, it will follow the default policy. If default policy on the firewall is set to accept, then any computer outside of your office can establish an SSH connection to the server. Therefore, setting default policy as drop (or reject) is always a good practice.
Types of Firewall
Firewalls are generally of two types: Host-based and Network-based.
Network Address Translation (NAT)
To access the Internet, one public IP address is needed, but we can use a private IP address in our private network. The idea of NAT is to allow multiple devices to access the Internet through a single public address. To achieve this, the translation of a private IP address to a public IP address is required. Network Address Translation (NAT) is a process in which one or more local IP address is translated into one or more Global IP address and vice versa in order to provide Internet access to the local hosts. Also, it does the translation of port numbers i.e. masks the port number of the host with another port number, in the packet that will be routed to the destination. It then makes the corresponding entries of IP address and port number in the NAT table. NAT generally operates on a router or firewall.
Network Address Translation (NAT) working –
Generally, the border router is configured for NAT i.e the router which has one interface in the local (inside) network and one interface in the global (outside) network. When a packet traverse outside the local (inside) network, then NAT converts that local (private) IP address to a global (public) IP address. When a packet enters the local network, the global (public) IP address is converted to a local (private) IP address.
If NAT runs out of addresses, i.e., no address is left in the pool configured then the packets will be dropped and an Internet Control Message Protocol (ICMP) host unreachable packet to the destination is sent.
Why mask port numbers ?
Suppose, in a network, two hosts A and B are connected. Now, both of them request for the same destination, on the same port number, say 1000, on the host side, at the same time. If NAT does only translation of IP addresses, then when their packets will arrive at the NAT, both of their IP addresses would be masked by the public IP address of the network and sent to the destination. Destination will send replies to the public IP address of the router. Thus, on receiving a reply, it will be unclear to NAT as to which reply belongs to which host (because source port numbers for both A and B are the same). Hence, to avoid such a problem, NAT masks the source port number as well and makes an entry in the NAT table.
NAT inside and outside addresses –
Inside refers to the addresses which must be translated. Outside refers to the addresses which are not in control of an organization. These are the network Addresses in which the translation of the addresses will be done.
Network Address Translation (NAT) Types –
There are 3 ways to configure NAT:
Suppose, if there are 3000 devices that need access to the Internet, the organization has to buy 3000 public addresses that will be very costly.
Advantages of NAT –
Disadvantage of NAT –