TB2

Question 1

Asynchronous Transfer Mode

Answer 1

A telecommunications standard defined by ANSI and ITU-T
ATM is a data-link layer protocol
Used in the Wide AreaNetworks
Support the transfer of data with a range of guarantees for quality of service
ATM is a core protocol used in the SONET/SDH backbone

Question 2

ATM provides

Answer 2

Integrated Voice, video and data

High data rates

Question 3

ATM is a form of “cell relay”

Answer 3

Relatively large frames or packets are segmented into “cell-size” (48-octet) pieces for transmission (with 5-octet headers)
53 Octet in total.
These cells are relayed (switched) across the network
They are reassembled at the destination
There is an unpredictable amount of time between the arrivals of these individual “cells”

Question 4

ATM Header Processing Layer

Answer 4

AAL1
AAL1 is responsible for segmentation by converting higher-layer PDUs into fixed-size ATM cells. It adds necessary headers and trailers for transmission. At the receiving end, it reassembles ATM cells back into PDUs. AAL1 also ensures proper timing and synchronization between the source and destination.

Segmentation and Reassembly (SAR) Layer
The SAR layer handles segmentation by breaking down data units into ATM cells and reassembly by converting received cells into packets. It ensures reliability through sequence numbering, error detection, and flow control mechanisms.

Delivery Layer
The delivery layer passes reassembled data to higher-layer protocols and applications. It integrates with protocols like IP and other network protocols. Additionally, it manages flow control, congestion control, and Quality of Service (QoS).

Question 5

Uses of ATM for traffic Engineering or QoS

Answer 5

QoS can be configured at each ATM interface
Constant Bit Rate (CBR)
Peak Cell Rate (PCR)
for a maximum interval before being problematic

Variable Bit Rate (VBR)
Sustainable Cell Rate (SCR)
Can peak at a certain level

Available Bit Rate (ABR)
a minimum guaranteed rate is specified

Unspecified Bit Rate (UBR)
traffic is allocated to all remaining transmission
capacity.

Maximum Burst Length
Guaranteed Minimal Bandwidth

Question 6

Uses of ATM

Answer 6

ATM technology is generally not brought out to the desktop or other “edge” parts of the network
Not cost effective

It resides in the high-speed core portion of the network
Supporting voice, compressed video and data

A major feature of ATM is its built-in quality of service (QoS)

Question 7

Advantages of ATM

Answer 7

Advantages
Meets international and industry standards
Operates over most current high-speed WAN circuits
Directly supports quality of service (QoS) for multimedia transmission needs
Cost competitive within the core network

Question 8

Disadvantages of ATM

Answer 8

Disadvantages
Complex operation and configuration (provisioning)
Somewhat inefficient (the “cell tax” 10% overheads)
Not currently cost competitive at the “edges” of the network

Question 9

Transparent LAN Services (TLS)

Answer 9

Transparent means that you don’t see it or have to deal with it
You don’t have to deal with the WAN
You don’t have provision for frame relay, ATM, leased lines, etc.

With TLS, a carrier bridges between your geographically separated LAN segments
Making them all appear to be one big LAN
Decreasing subscriber WAN management Burdens

Question 10

VoIP (With Ethernet Phones)

Answer 10

The original Motivation was
.Not paying to send email
. Why pay for digitalised voice traffic
.Common place now
The current motivation is to:
.Reduce the cost
.A single infrastructure
.To gain extended capabilities
.Avoid excess delivery delay
.Provide good QoS

Ethernet telephones and “gateways” between the LAN-based and legacy telephone networks
The risks is the quality of the connection
Wireless devices can become out of range of an Ethernet connection

Question 11

Session Initiation Protocol (SIP)

Answer 11

An application layer protocol
A signalling protocol for real-time sessions
It provides a single infrastructure for
voice, video, instant messaging
5 group categories
User location – real-time local discovery
User availability – is user available to communicate
User capability – choice of media and coding scheme
Session set up – establishing the session
Session management – transferring sessions; modifying parameters,
SIP is very ‘similar’ to HTTP
Request-response connection

Question 12

The Internet and NAPs

Answer 12

The Internet consists of a hierarchy of Internet Service Providers (ISPs) of various sizes:

Tier1: International ISPs
Tier 2: National ISPs
Tier 3: Regional ISPs
Tier 4: Local ISPs

Network Access Points (NAPs) are Internet Exchange Points (IXPs)
They interconnect public peering ISPs to exchange traffic
They exchange routing information using BGP-4
Selective private peering with direct inter-ISP links
Naps are layer 2 switches
Typically using ATM switching
With support for ISO-provided routers
NAPs are interconnected by high-speed backbones

Question 13

Router Capabilities

Answer 13

Routers may be any of several types:
.Access routers – Edges of the internet
.Enterprise routers – Organisation network
.Core routers – Handling Heavy Data flow

Router may also have Layer 2 switching capabilities
May have hardware or software routing capabilities
Routers may be table top or chassis based
. Multiple plug-in router modules

Question 14

Modern Router Capabilities

Answer 14

Routers may be embedded into other multi-feature network devices, which also include
.Wireless Access Point
.A small (e.g. 4-port) wired switch
.Firewall (hardware device)

Question 15

Multi-protocol label Switching (MPLS)

Answer 15

The MPLS philosophy is to
“route at the edges, and switch in the core”

Provides the best parts of both Layer 3 routing control and Layer 2 switching
Layer 3 is “multi-protocol” since the switching is done at Layer 2

A merger of Layer 3 (e.g. IP) routing protocols and Layer 2 switching.
Intended for use in the core portion of Intranets/Internet
Useful for carriers, ISPs and enterprise WAN networks
MPLS router in the core is called a label-switching router (LSR)

Question 16

Why use MPLS

Answer 16

MPLS specifications allow many variations (options)
Route the first packet when an MPLS label path doesn’t exist to the destination network
As the first packet is processed at each LSR, the Layer 2 switched connection is set up between those LSRs
Subsequent packets are handled by switching at Layer 2 (e.g. ATM)
Swapping the label at each LSR
Label switching is also label swapping

Question 17

A specific MPLS Approach

Answer 17

Benefits of MPLS include:
Traffic engineering capabilities (explicit path other than that selected by routing)
MPLS-based VPNs with simpler provisioning
Service differentiation (QoS)
Improved performance (switching instead of routing at each hop)
Scalability

Question 18

QoS with IP

Answer 18

QoS usually refers to providing support for time-sensitive delivery
.Such as voice and/or compressed video
Much of the work in this area is now showing up in products
.Usually involves prioritisation of traffic based on the type of data being carried
Effort Include
.Various forms of IP switching
.Differentiation services (using the IP TOS byte)
.Multiprotocol label Switching (MPLS)

Question 19

Goals for Network Management

Answer 19

Need responsive network management
.Help desk
.Network support technicians
.Network Systems Management
.Monitors the network
.Providing the ability to diagnose and control the
network

Question 20

TCP/IP Network Management

Answer 20

Network management involves three distinct needs
A protocol to write/read critical network management data
E.G. Event reports
Database of specific parameters
e.g. queue-length, throughput etc
A computer independent definition of the parameters

This is met by
SNMP: Simple Network Management Protocols
Read/write protocol between managers and network devices
MIB: Management Information Bases
The databases of network management information
SMI: Structure of Management Information
Computer independent notation to describe the data items

Question 21

Simple Network Management Protocol (SNMP)

Answer 21

The manger needs to be able to monitor and control the agent devices
To be able to:
.Read the value of the individual parameters (SNMP Get)
.Read sequences of table entries (SNMP Get_Next)
.Write into parameter values (SNMP Set)
.Receive unsolicited event reports (SNMP Trap)
These events and parameters are the MIBs which are documents using SMI notation

Question 22

Remote Monitor (RMON)

Answer 22

SNMP MIBs include Remote Monitor capabilities
RMON implementation
.Independent probe devices(software) attached to each LAN segment
.Can be integrated into networking devices
Has a performance impact!

Available in two forms
.RMON 1 monitors OSI layers 1 and 2
.Collision statistics and error statistics
.RMON 2 includes monitoring of higher levels
.Hosts and what application cause the most traffic etc
Can be cost effective
.Help control traffic throughput
Increases the effectiveness of network management personnel
.Identifies where the problems are for trouble shooting

Question 23

Network Management Areas

Answer 23

OSI identifies five areas of network management:
.Configuration
.Fault management
.Performance management
.Accounting management
.Security management

Question 24

Configuration Management

Answer 24

Includes a wide range of issues
.Address and name assignments to network devices
.Hardware/software updates to Switches, routers
.Software license control etc.

Configuration management includes setting many parameters
.Configure Switch and routers to filter out certain types of traffic
.Multi protocol routers can be configured to run selected protocols
.Configuration of bit rate, parity etc

Question 25

Fault Management

Answer 25

Fault Management Provides:
.Identification and isolation of faults detected

Tools and Techniques include
.Bit-Error Rate Test (BERT)
.Time Domain Reflectometer (TDR)
.Optical TDR (OTDR)
.Protocol analyser (for data links and LANs)
.Used for troubleshooting all protocol layers
.Loopback Tests
.Ping
.Artificial Traffic Generation

Question 26

Fault Isolation – LAN’s

Answer 26

Limiting faults is possible by isolating the fault using switches and router configurations

All traffic across the LAN can be monitored

All exceptional conditions can be detected (collisions, lost tokens, etc)

Devices called LAN analysers (or LAN protocol analysers) can be attached to the network
.Selectively record information about packets of interest
.May be set up to filter based on address, protocol, or other fields(s) of interest

Question 27

Performance Management

Answer 27

Network performance management
.Concerned with statistical data
.Round trip delays
.Throughput
.May require prioritization of certain traffic
.Including other QoS capabilities
.Tuning of performance (eliminating bottlenecks)
.Buffer size adjustments
.Setting timer values
.Establishing a baseline
.Adequate minimum system performance required

Performance management is also concerned with finding bottlenecks
.Wide area links between remote switches and routers
.Access to servers resources e.g. disk storage
.Parts of the network that are nearing overload

Many fault-management tools are useful in performance management

Question 28

Accounting Management

Answer 28

Accounting management
.Can be the billing for network usage
Accounting parameters normally include the
.Number of connections made
.Duration of each connection
.Number of e-mail messages sent and received
.Number of packets sent and received
.Systems that are accessed across the network
.Internet usage.

Accounting management may be broadened to include other network attached resources
.Server usage (connect time and disk storage)
.Traffic that needs access to expensive WAN circuits
.Data storage

Accounting management may also be used to place limits on the use of network resources
.Disc storage space

Question 29

Security Management

Answer 29

Security management includes
Confidentiality
Integrity
Authentication
Access control
Nonrepudiation

Vulnerabilities
.Wiretaps placed on cables
.Outsiders intercepting Remote login attempts from across the network
.Introduction of a virus

Security protection mechanisms include
.Encryption
.Physical protection
.Access-control lists
.Audit data collection

Question 30

Secure Sockets Layer/transport layer security

Answer 30

The preceding example shows the basic mechanism of the secure sockets layers (SSL) and transport Layer security (TLS) operation
These mechanisms are utilised whenever a web access screen indicates that you are going into a secure mode of operation
.It may be just for the transfer of a credit card number or it may be for the entire session

The encryption key may vary from 40 bits to 128 bits
.The 40 bit approach is very weak
.The 128 bit approach can be much stronger, but that depends on other factors as well (such as how random the key generation really is)
.256 bit are used for a stronger cipher

Question 31

Trusted certificates

Answer 31

The trusted certificates contains the owner’s public key
It is trusted because it is cryptographically signed by a trusted agency

Question 32

DES, Triple DES and AES Encryption

Answer 32

The Data Encryption Standard (DES) dates back to the mid-1970’s
.Its 56-bit key length is inadequate today (it can be broken in less than 24 hours)

Triple DES has a much longer effective key length

The more recent Advanced Encryption Standards (AES) provides
.Greater security e.g 128-256-bit length
.An internationally developed algorithm (from Belgium)
.A 128-bit block cipher (for efficient computer implementation)

Question 33

Virtual Private Networks (VPN)

Answer 33

Definition:
A private network that uses a public network (usually the Internet) to connect remote sites or users together. Instead of using a dedicated, real-world connection such as leased line, a VPN uses “virtual” connections

Appears to be private but is not
.“Privacy” occurs due to encryption
.Then, encapsulation is in “routable IP packets”

An outsider might intercept packets, but cannot
.Read them
.Modify them without detection
.Impersonate expensive T1/E1 leased lines

Two typical uses of virtual Private Networks
.Replacing expensive T1/E1 leased lines

Question 34

Replacing Expensive T1/E1 Leased Lines

Answer 34

A virtual private network may be utilized to replace expensive T1/E1 lines
.Using the organisation’s intranet or the internet instead
However, this does not provide any assurances of timeliness of delivery
.Gets the usual best-efforts delivery of the intranet or internet

Question 35

Usage of Radius Protocol

Answer 35

Remote Authentication Dial-in user Service (radius) provides
.Authentication, Authorization checking and accounting
.Uses Point-to-Point Protocol (PPP)
.Operates on port 1812
.Commonly used to facilitate roaming
.Can provide customizable login prompts

Question 36

Internet Access Security solutions

Answer 36

These solutions are generally called firewalls
The router that we use for interconnection to the internet may include filters
.Filter out undesired traffic
.Example external TELNET,FTP requests
.Allow only e-mail in and out

Question 37

Router-Based Firewalls

Answer 37

The firewall may be a screening router
.The router is set up to filter connection requests
.These are not considered to be very strong security measures

This is a low-budget approach

Question 38

Host-Based Firewalls

Answer 38

Alternatively, we may want to use a host-based firewall
.Login controls over inbound and outbound internet traffic
.May include an e-mail gateway, FTP server or Web Server

Question 39

Key firewall Data Sheet Parameters

Answer 39

The firewall may be router or host based
.Router filtering is least expensive
Host-based is more secure
Must be configurable to support your security policy
.What connections you will permit
.Usually deny all others

Should be capable of filtering unauthorized connection attempts
.There are known vulnerabilities in many approaches to this
.Considerable care must be taken in configuring the firewall!

Question 40

Evaluated Products

Answer 40

There is an internationally accepted security rating system called “common Criteria Evaluated products”
.With an “evaluated Assurance Level (EAL)” range of 1 to 7
Many government and commercial procurements are requiring an EAL rating for security-related hardware/software
.EAL 2 is the minimally accepted assurance level
.EAL 4 is the highest level obtainable for a retrofit product
.EAL’s 5 to 7 are extremely expensive to obtain (typically limited to government/military applications)
.These product include Firewalls, Intrusion detection, downgrade guards etc.

Question 41

Security Goals

Answer 41

Confidentiality (Transmission privacy)

Integrity
(Data has not been altered)

Authentication (knowing who created or sent the data)

Question 42

Types of Security Threats– Passive Threats

Answer 42

Passive attacks are eavesdropping on, or monitoring (listening) of transmissions

The goal of the attacker is to obtain the information that is being transmitted (i.e. interception)

Question 43

Types of Security Threats–Active Threats

Answer 43

Attempt to cause harm typically through system faults or brute force attack

Attempt to overload the victim’s computer to the point that it either slows to an unusable crawl, hangs, or completely crashes!

Question 44

Security Services

Answer 44

Non-repudiation (the order is final)
.The assurance that someone cannot deny something
.Digital Signatures ensure that a message has been electronically signed by the originator

Access control (prevent misuse of resources)
.Levels of access
.Read or write access

Availability (permanence, non-erasure)
.Denial of Service Attacks
.Virus that deletes files

Question 45

Methods of Defence

Answer 45

Encryption
.Altering the original data so only those it is intended for can read it.

Software Controls
.access limitations in a data base,
.operating system protect each user from other users

Hardware Controls
.Smartcard access to data,
.Biometrics, finger prints, iris scans

Policies and procedures
.E.g. frequent changes of passwords

Physical Controls
.Controlled access

Question 46

The Internet Society

Answer 46

The society has three main sections
.Internet Architecture Board (IAB)
.Defines architecture of the internet

Internet Engineering Task Force (IETF)
.Receives Architecture definitions from IAB
.Protocol engineering development

Internet Engineering steering Group (IESG)
.Technical management of the IEFT
.Defines the Internet Standard

Initiates working groups who investigates the actual details of the proposed standard or protocol.
Draft version is developed
.Made available for consultation
.The IESG gives final approval
.Published as a Request for Comments (RFC)
.If the draft hasn’t progressed to RFC within 6 months it is withdrawn

Question 47

Progression

Answer 47

To gain Standard status there must be at least TWO independent and interoperable implementations.
.If the implementations have been rigorously tested
.Internet standard is assigned along with
.STD number
.RFC number

Question 48

International Standards Organisation (ISO)

Answer 48

Aim to promote standardisation and related activities to facilitate international exchange of goods and services
.
The ISO collaborate with other organisations
.International Electronic Commission (IEC)
.Focused at the electrical and electronic engineering standards with the focus on hardware.
.ISO and IEC collaborate through the Joint Technical Committee (JTC1) for IT standards

Question 49

6 Step Development Process

Answer 49

Proposal Stage:
New proposal assigned to technical can and working group

Preparatory Stage:
Working group prepares the draft
Once satisfied, its passed to the committee for consensus-building phase.

Committee Stage:
Registered at ISO central Secretariat
Distributed for balloting and comment
Once censuses is achieved it becomes a Draft International Standard (DIS)

Enquiry Stage:
DIS is circulated to all ISO member bodies
Time limit of 5 months for comment and vote on approval
It becomes a Final Draft International Standard
If not approved its returned to the working group

Approval Stage:
Redistributed for final acceptance
2 months time limit
Technical comments are no longer considered at this stage
If not agreed it is returned to the working group

Final Stage:
Once agreed its an International Standard
Some minor editorial changes are allowed prior to the publications of the standard

Question 50

Telecommunications Standardization Sector (ITU)

Answer 50

Its is a United Nations specialized agency
Members are governments

Charter
“is responsible for studying technical, operating and tariff questions and issuing recommendations on them with a view to standardization telecommunications on a worldwide basis”

Question 51

Institute of Electrical and Electronic Engineers (IEEE)

Answer 51

The Institute of Electrical and Electronics Engineers (IEEE) is a professional association dedicated to advancing technology for the benefit of humanity. It is the world’s largest technical professional organization dedicated to the advancement of technology.

IEEE’s activities include publishing cutting-edge research in various fields of engineering, developing standards that often become industry benchmarks, and organizing conferences and events to facilitate the exchange of knowledge among professionals. It covers a wide range of disciplines including electrical engineering, electronics, computer science, telecommunications, and many others.