ITEC 275 Computer Networks - PowerPoint PPT Presentation

About This Presentation
Title:

ITEC 275 Computer Networks

Description:

ITEC 275 Computer Networks Switching, Routing, and WANs Week 11 Robert D Andrea Some s provide by Priscilla Oppenheimer and used with permission – PowerPoint PPT presentation

Number of Views:253
Avg rating:3.0/5.0
Slides: 91
Provided by: RichardR174
Learn more at: https://cs.franklin.edu
Category:

less

Transcript and Presenter's Notes

Title: ITEC 275 Computer Networks


1
ITEC 275 Computer Networks Switching, Routing,
and WANs
  • Week 11
  • Robert DAndrea
  • Winter 2018

2
Agenda
  • Learning Activities
  • TDM and FDM differences
  • Industry Tests
  • Build and Test a Prototype
  • Write and Implement a Test Plan
  • Tools for Testing a Network Design
  • Multicasting
  • QoS
  • Queuing and Traffic Shaping

3
ATM Video
  • Frame Relay, ATM, and MPLS videos
  • https//www.youtube.com/watch?vSz1PThotOUQ

4
TDM and FDM
  • TDM (Time Division Multiplexing) and FDM
    (Frequency Division Multiplexing) are two methods
    of multiplexing multiple signals into a single
    carrier. Multiplexing is the process of combining
    multiple signals into one, in such a manner that
    each individual signal can be retrieved at the
    destination. Since multiple signals are occupying
    the channel, they need to share the resource in
    some manner.

5
TDM and FDM
  • The primary difference between FDM and TDM is
    how they divide the channels. FDM divides the
    channel into two or more frequency ranges that do
    not overlap. TDM divides and allocates certain
    time periods to each channel in an alternating
    manner. Because of this fact, we can say that
    TDM, each signal uses all of the bandwidth some
    of the time, while for FDM, each signal uses a
    small portion of the bandwidth all of the time.

6
TDM and FDM
  • 1. FDM divides the channel into multiple, but
    smaller frequency ranges to accommodate more
    users, while TDM divides a channel by allocating
    a time period for each channel.
  • 2. TDM provides much better flexibility compared
    to FDM.
  • 3. FDM proves much better latency compared to
    TDM.
  • 4. TDM and FDM can be used in tandem.

7
FDM

8
TDM and FDM

9
Reasons for Network Testing
  • Verify that the design meets key business and
    technical goals
  • Validate LAN and WAN technology and device
    selections
  • Verify that a service provider provides the
    agreed-up service
  • Identify bottlenecks or connectivity problems
  • Determine optimization techniques that will be
    necessary

10
Reasons for Network Testing
  • Proving that your network design is better than a
    competing design
  • Passing an acceptance test that gives you
    approval to go forward with the network
    implementation
  • Reassure mangers and co-workers that your design
    is effective
  • Identifying any risks that might impede
    implementation and planning for contingencies
  • Determine how much additional testing might be
    required. Will the new system be deployed as a
    pilot and undergo additional testing before being
    implemented

11
Testing Your Network Design
  • Use industry testing services
  • Build and test a prototype system
  • Use third-party and Cisco tools

12
Respected Independent Test Labs
  • Network Testing Labs' experts write hardware and
    software product reviews, state-of-the-art
    analyses, feature articles, in-depth technology
    workshops, cover stories, buyers guides and
    in-depth technology outlooks. Experts have spoken
    on a number of topics at Comdex, Interop, PC Expo
    and other venues. In addition, they've created
    industry standard network benchmark software,
    database benchmark software and network
    diagnostic utilities.

13
Respected Independent Test Labs
  • The Interoperability Lab at the University of New
    Hampshire (IOL)
  • ICSA Labs
  • Miercom Labs
  • AppLabs
  • The Tolly Group
  • Penetration Testing test your network and
    applications before the bad guys do.

14
Simple verses Complex Network Designs
  • Simple network designs can rely on test results
    from vendors, independent labs, or trade journals
    to prove to your customer that your design will
    perform as intended.
  • Complex network designs require more
    considerations.
  • Testing should be implemented in-house
  • Testing will require more than component testing.
    There will be a need for unit, integration, and
    system testing.

15
Scope of a Prototype System
  • Normally, it is impractical to implement a
    full-scale network system.
  • A prototype should verify important capabilities
    and functions that might not perform adequately.
  • Risky functions include complex, intricate
    functions and functions that were influenced by
    the need to make tradeoffs with other network
    components.

16
Live Production Network
  • Perform initial testing during off-hours to
    minimize issues with user community, performance,
    and existing traffic flow.
  • Perform final testing during normal hours and
    benchmark the performance.
  • Perform final testing at various times to
    exercise the network during typical loads and
    benchmark the performance.

17
Test Plan
  • Implement a Test Plan?
  • A test plan is primarily comprised of test cases
    and test items. Think of a test case as a
    scenario or a finite state in which your network
    might find itself. 
  • In each test case, you'll have a list of test
    items or functions or features that you want to
    evaluate. Each test item should include not just
    an action, but the success criteria, and if you
    want to get more sophisticated, the testing too
    must be more critical. For example, you might
    want to make sure a business-critical application
    still work after a network change. So you'd
    arrange to have the application owners create a
    transaction or operate the application. 

18
Components of a Test Plan
  • Test objectives and acceptance criteria
  • The types of tests that will be run
  • Network equipment and other resources required
  • Testing scripts
  • The timeline and milestones for the testing a
    project

19
Components of a Test Plan
  • Test objectives and acceptance criteria
  • Objectives and acceptance should be based on a
    customers business and technical goals
  • Acceptance of test results are acceptable by both
    the customer and the tester.
  • Measure response time
  • Measure applications throughput
  • Measure the amount of time it takes to hear a
    dial tone using Voice over IP
  • Establish a baseline measurement of CRC errors

20
Test Objectives and Acceptance Criteria for a
Test Plan
  • Specific and concrete
  • Based on business and technical goals
  • Clear criteria for declaring that a test passed
    or failed
  • Avoid biases and preconceived notions about
    outcomes
  • If appropriate, reference an established baseline

21
Test Plan Considerations and Implementation
  • Network Connectivity Section
  • Is Layer 2 set up appropriately? (VLANs on the
    right trunks, PVCs, etc.)
  • Do your router tables have the proper routes?
    (Check the next hops and ages, too.)
  • Can you ping everywhere in the network?
    (Performance Are the times acceptable?)
  • Do trace routes show paths you would expect?
  • If you load balance across the core of your
    network, verify each link is being used.
  • Is DHCP handing out addresses?
  • DNS resolving names properly?
  • Does your remote access still work?

22
Test Plan Considerations
  • Application Connectivity Section
  • Does VOIP work? Is it showing up in the right
    queues?
  • Are your firewalls and proxies blocking and
    allowing traffic appropriately?
  • Can you browse the Web?
  • Are your network management and logging systems
    working?
  • Do your business applications work? (And do
    transactions complete in an acceptable time?)
  • Are backup jobs still working?

23
Achieve Success with a New Network Design
  • Your chances of success are much greater if you
    perform several simple tests along the way,
    rather than waiting until you think you're done
    and discovering that something doesn't work.
    Performing simple incremental tests along the way
    will help testers and customers maintain a sense
    of truthfulness and confidence about in the
    system being tested.

24
Types of Tests
  • Application response-time tests with terminal
  • Throughput tests (I/O)
  • Availability tests (failure test)
  • Regression tests (does the network perform
    similarly after changes were implemented)

25
Types of Tests
  • What are the benefits of Protocol Testing?
  • To understand the behavior of a protocol, it must
    be tested to observe the protocols functionality
  • Verify every phase of testing life cycle for
  • Functionality testing
  • Interoperability testing (IOT) is the process of
    testing to determine the interoperability of a
    software product
  • Performance
  • Obtain tools to generate and test the protocol
    messages

26
Types of Tests
  • Why is Protocol Testing necessary?
  • Different vendor products need to communicate
    with each other.
  • If any product is using this standards in their
    devices they are interoperable with other vendor
    devices as both must meet compliance to Standards
    of IETF/RFC to study the network through their
    packet data.
  • Protocol testing ensures proper functionality of
    various elements of a message. It also ensures
    whether it was designed as per specification.

27
Resources Needed for Testing
  • A Test Plan should include a network topology
    drawing for tester to be able to reference.
  • A list of switches, routers, bridges, firewalls,
    servers, telephone equipment, and wireless
    access points.
  • A list of documented version numbers for
    hardware and software.
  • Scheduled time in a lab either at your site or
    the customers site
  • Power, air conditioning, rack space, and other
    physical resources
  • Help from co-workers or customer staff
  • Help from users to test applications
  • Network addresses and names

28
Resources Needed for Testing
  • How it is carried out?
  • Objective To test the protocol
  • i.e. to check every node with their packet data.
  • Tools Protocol Analyzer or WireShark and
    simulator.

29
Example Test Script
Server 1
Workstations
Firewall
Network A
Network B
Protocol Analyzer
Protocol Analyzer
30
Example Test Script (continued)
  • Based on the previous slide
  • Test objective.
  • Assess the firewalls capability to block
    Application ABC traffic, during both light and
    moderately heavy load conditions.
  • Acceptance criterion.
  • The firewall should block the TCP SYN request
    from every workstation on Network A that
    attempts to set up an Application ABC session
    with Server 1 on Network B. The firewall should
    send each workstation a TCP RST (reset) packet.

31
Example Test Script (continued)
  1. Start capturing network traffic on the protocol
    analyzer on Network A.
  2. Start capturing network traffic on the protocol
    analyzer on Network B.
  3. Run Application ABC on a workstation located on
    Network A and access Server 1 on Network B.
  4. Stop capturing network traffic on the protocol
    analyzers.

32
Example Test Script (continued)
  • 5. Display data on Network As protocol analyzer
    and verify that the analyzer captured a TCP SYN
    packet from the workstation. Verify that the
    network layer destination address is Server 1 on
    Network B, and the destination port is port 1234
    (the port number for Application ABC). Verify
    that the firewall responded to the workstation
    with a TCP RST packet.

33
Example Test Script (continued)
  1. Display data on Network Bs protocol analyzer and
    verify that the analyzer did not capture any
    Application-ABC traffic from the workstation.
  2. Log the results of the test in the project log
    file.
  3. Save the protocol-analyzer trace files to the
    project trace-file directory.
  4. Gradually increase the workload on the firewall,
    by increasing the number of workstations on
    Network A one at a time, until 50 workstations
    are running Application ABC and attempting to
    reach Server 1. Repeat steps 1 through 8 after
    each workstation is added to the test.

34
Example Test Script (continued)
  • Host A sends a TCP SYNchronize packet to Host B
  • Host B receives A's SYN
  • Host B sends a SYNchronize-ACKnowledgement
  • Host A receives B's SYN-ACK
  • Host A sends ACKnowledge
  • Host B receives ACK.
  • TCP socket connection is ESTABLISHED.

35
Tools for Testing a Network Design
  • Network-management and monitoring tools. These
    monitoring tools are used to alert network
    management to problems and report significant
    network problems.
  • Traffic generation tools
  • Modeling and simulation tools
  • QoS and service-level management tools
  • Protocol analyzer

36
Tools for Testing a Network Design
  • The following list of products are probably more
    related to network monitoring than network
    design, but don't forget that two important steps
    in the top-down network design methodology are
    characterizing the existing network and testing
    the new network.
  • Big Brother Professional Edition
  • Ixia IxN2X Multiservice Test Solution
  • LANSurveyor
  • Multi Router Traffic Grapher
  • Nagios
  • NetIQ

37
Tools for Testing a Network Design
  • Online Erlang Traffic Calculators
  • OPNET
  • Orion NetFlow Traffic Analyzer (NTA)
  • NetMRI
  • Tivoli
  • Visio Enterprise Network Tools
  • WANDL's Network-Planning and Analysis Tools
  • WhatsUp Gold

38
Protocol Analyzer Tool
  • A protocol analyzer is used to analyze traffic
    behavior, errors, utilization, efficiency, and
    rates of broadcast and multicast packets.
  • A protocol analyzer can be a computer
    program (WireShark) or a piece of computer
    hardware that can intercept and log traffic
    passing over a digital network or part of a
    network. As data streams flow across the network,
    the sniffer captures each packet and, if needed,
    decodes the packet's raw data, showing the values
    of various fields in the packet, and analyzes its
    content according to the appropriate RFC or other
    specifications.

39
Simulation Tool
  • A simulation tool enables you to develop a model
    of a network, estimate the performance of the
    network and compare alternatives for implementing
    the network.
  • iTrinegy Network Emulator (INE) products enable
    you to realistically recreate a wide variety of
    network conditions like latency, jitter, packet
    loss/error/reordering and bandwidth restrictions
    so that you can simulate environments such as
    Wide Area Networks (WANs), Wireless LANs, GPRS,
    3G, IP over Radio/Radio over IP(RoIP), Satellite
    or MPLS networks.

40
Command Tools
  • Test Tools
  • Command Format
  • ipconfig
  • ping ltIP addressgt ping
  • ping ltDNS namegt ping yahoo.com
  • tracert ltDNS namegt tracert yahoo.com
  • nslookup ltDNS namegt nslookup yahoo.com
  • netstat netstat -a

41
Reasons to Optimize
  • Meet key business and technical goals
  • Use bandwidth efficiently
  • Control delay and jitter
  • Reduce serialization delay
  • Support preferential service for essential
    applications
  • Meet Quality of Service (QoS) requirements (IP
    Multicast)

42
IP Multicast
Server
Server
43
IP Multicast
  • Router/MCS
  • The Miscellaneous Control Subsystem (MCS) works
    with its companion Routing Engine provides
    control and monitoring functions for router
    components. It also generates a clock signal for
    the SONET/SDH interfaces on the router.

44
IP Multicast
  • Applications
  • Applications that take advantage of multicast
    include video conferencing, corporate
    communications, distance learning, and
    distribution of software, stock quotes, and news.

45
IP Multicast Helps Optimize Bandwidth Usage
  • With IP multicast, you can send a high-volume
    multimedia stream just once instead of once for
    each user
  • Requires support for
  • Multicast addressing
  • Multicast registration (IGMP)
  • Multicast routing protocols

46
IP Multicast Addresses
  • IPv4 Multicast Addresses
  • 224.0.0.0 to 239.255.255.255
  • IPv6 Multicast Addresses
  • FF020000001 All Nodes Address
  • FF020000002 All Routers Address

47
IP Multicast Helps Optimize Bandwidth Usage
  • To map an IP multicast address to a MAC-layer
    multicast address, the low order 23 bits of the
    IP multicast address are mapped directly to the
    low order 23 bits in the MAC-layer multicast
    address. Because the first 4 bits of an IP
    multicast address are fixed according to the
    class D convention, there are 5 bits in the IP
    multicast address that do not map to the
    MAC-layer multicast address. 

48
IP Multicast Addressing
  • Uses Class D multicast destination address
  • 224.0.0.0 to 239.255.255.255
  • Converted to a MAC-layer multicast destination
    address
  • The low-order 23 bits of the Class D address
    become the low-order 23 bits of the MAC-layer
    address
  • The top 9 bits of the Class D address are not
    used
  • The top 25 bits of the MAC-layer address are
    0x01005E followed by a binary 0

49
Internet Group Management Protocol (IGMP)
  • Allows a host to join a multicast group
  • Host transmits a membership-report message to
    inform routers on the segment that traffic for a
    group should be multicast to the hosts segment
  • IGMPv2 has support for a router more quickly
    learning that the last host on a segment has left
    a group

50
Multicast Routing Protocols
  • Becoming obsolete
  • Multicast OSPF (MOSPF)
  • Distance Vector Multicast Routing Protocol
    (DVMRP)
  • Still used
  • Protocol Independent Multicast (PIM)
  • Dense-Mode PIM
  • Sparse-Mode PIM

51
Multicast Routing Protocols
52
Multicast Routing Protocols
  • What is PIM?
  • Protocol-Independent Multicast (PIM) is a family
    of multicast routing protocol for Internet
    Protocol (IP) networks that provide one-to-many
    and many-to-many distribution of data over a LAN,
    WAN
  • or the Internet. It is termed protocol -
    independent because PIM does not include its
    own topology discovery mechanism, but instead
    uses routing information supplied by
    other routing protocols.

53
PIM (Protocol Independent Multicast)
  • What is PIM Dense Mode?
  • Dense mode is used when there are many members
    (employees listen to a company president).
  • Dense PIM does not require the computation of
    routing tables.

54
PIM (Protocol Independent Multicast)
  • What is PIM Dense Mode?
  • Dense mode PIM is the older and simpler PIM
    mode. It works well in small networks where there
    are a large number of listeners, but is
    inefficient in larger network.

55
PIM Dense Mode
56
(No Transcript)
57
PIM (Protocol Independent Multicast)
  • What is PIM Sparse Mode?
  • Sparse mode utilizes a rendezvous point (RP). A
    rendezvous point provides a registration service
    for a multicast group.
  • Sparse mode PIM relies on IGMP which let a host
    join a group by sending a membership-report
    message, and detach from a group by sending a
    leave message.

58
PIM (Protocol Independent Multicast)
  • What is PIM Sparse Mode?
  • PIM Sparse Mode (PIM-SM) explicitly builds
    unidirectional shared trees rooted at
    a rendezvous point (RP) per group, and optionally
    creates shortest-path trees per source. PIM-SM
    generally scales fairly well for wide-area usage.

59
(No Transcript)
60
Serialization
  • What is serialization?
  • Serialization is the process of translating data
    structures or object state into a format that can
    be stored (for example, in a file or
    memory buffer, or transmitted across
    a network connection link) and reconstructed
    later in the same or another computer
    environment. When the resulting series of bits is
    reread according to the serialization format, it
    can be used to create a semantically identical
    clone of the original object.

61
Serialization Delay
  • What is serialization delay? Serialization
    delay is the time it takes for a unit of data,
    such as a packet, to be serialized for
    transmission on a narrow channel such as a cable.
    Serialization delay is dependent on size, which
    means that longer packets experience longer
    delays over a given network path. Serialization
    delay is also dependent on channel capacity
    ("bandwidth"), which means that for equal-size
    packets, the faster the link, the lower the
    serialization delay.

62
Reducing Serialization Delay
  • Link-layer fragmentation and interleaving
  • Breaks up and reassembles frames
  • Multilink PPP
  • Frame Relay FRF.12
  • Compressed Real Time Protocol
  • RTP is used for voice and video
  • Compressed RTP compresses the RTP, UDP, and IP
    header from 40 bytes to 2 to 4 bytes

63
Reducing Serialization Delay
64
A Few Technologies for Meeting QoS Requirements
  • IETF controlled load service
  • IETF guaranteed service
  • IP precedence
  • IP differentiated services

65
IP Type of Service Field
  • The type of service field in the IP header is
    divided into two subfields
  • The 3-bit precedence subfield supports eight
    levels of priority
  • The 4-bit type of service subfield supports four
    types of service
  • Although IP precedence is still used, the type of
    service subfield was hardly ever used

66
IP Type of Service Field
Type of Service Subfield
Bit
0
3
4
5
6
7
D Delay T Throughput R Reliability C Cost
Precedence
D
T
R
C
0
0
8
15
24
31
Version
Header Length
Type of Service
Total Length
Bit
Identification
Flags
Fragment Offset
Time to Live
Protocol
Header Checksum
Source IP Address
Destination IP Address
Options
Padding
67
IP Differentiated Services (DS) Field
  • RFC 2474 redefines the type of service field as
    the Differentiated Services (DS) field
  • Bits 0 through 5 are the Differentiated Services
    Codepoint (DSCP) subfield
  • Has essentially the same goal as the precedence
    subfield
  • Influences queuing and packet dropping decisions
    for IP packets at a router output interface
  • Bits 6 and 7 are the Explicit Congestion
    Notification (ECN) subfield

68
IP Differentiated Services (DS) Field
0
6
Differentiated Services Codepoint
Explicit Congestion Notification
0
8
15
24
31
Header Length
Version
Differentiated Services
Total Length
69
Resource Reservation Protocol (RSVP)
  • RSVP complements the IP type-of-service,
    precedence, DSCP, and traffic-class capabilities
    inherent in an IP header.
  • RSVP supports mechanisms for hosts to specify QoS
    requirements for individual traffic flow.
  • RSVP can be deployed on LANs and enterprise WANs
    to support multimedia applications or other types
    of applications with strict QoS requirements.

70
Resource Reservation Protocol (RSVP)
  • IP header type-of-service capabilities and RSVP
    are examples of QoS signaling protocols.

71
Classifying LAN Traffic
  • IEEE 802.1p
  • Classifies traffic at the data-link layer
  • Supports eight classes of service
  • A switch can have a separate queue for each class
    and service the highest-priority queues first

72
Cisco Switching Techniques
  • Process switching is the slowest switching method
  • Fast switching allows highest throughput by
    switching a packet using an entry in the
    fast-cache that was created when a previous
    packet to the same destination was processed.
  • NetFlow switching is optimized for environments
    where services must be applied to packets to
    implement security, QoS features, and traffic
    accounting. Example Internet and enterprise
    network environment boundary.

73
Cisco Switching Techniques
  • Cisco Express Forwarding (CEF) is a technique for
    switching packets quickly across large backbone
    networks and the Internet.
  • CEF depended on a forwarding information base
    (FIB), rather than caching techniques.
  • FIB allows CEF to use less CPU resources compared
    to other Layer 3 switching methods. FIB contains
    forwarding information for all routes in the
    routing tables.

74
Cisco Switching Techniques
  • Why did CEF evolve?
  • With the introduction of web-based applications
    and other interactive applications that are
    characterized by sessions of short duration to
    multiple addresses.
  • It became very apparent that the cache-based
    system could not deliver the needed performance
    for these applications.

75
Cisco Queuing Services
  • First in, first out (FIFO) queuing store
    packets when the network is congested and forward
    the packets in the order they arrived in when
    there is no congestion. Disadvantage No packet
    priority scheme.
  • Priority queuing ensures that important traffic
    is processed first. Priority is based on the type
    of protocol, incoming interface, packet size, and
    source or destination address. The priorities are
    high, medium, normal, and low.

76
Cisco Queuing Services
  • Custom queuing is designed to allow the network
    to be shared among applications with different
    minimum bandwidth or latency requirements. Custom
    queuing provides different amounts of queue space
    to different protocols and handles the queues in
    round-robin manner. A particular protocol can be
    prioritized by assigning it more queue space.
  • Custom queuing can be used to guarantee
    bandwidth at a potential congestion point.

77
Cisco Queuing Services
  • Custom queuing helps ensure that each traffic
    type receives a fixed portion of available
    bandwidth and that when the link is under stress,
    no application receives more than a predetermined
    proportion of capacity.
  • Weighted fair queuing (WFQ) operates from
    algorithms designed to reduce delay variability
    and provide predictable throughput and response
    time for traffic flows. Applications with small
    payloads are not starved of bandwidth by
    applications that send large packets.

78
Cisco Queuing Services
  • Class-based Weighted Fair Queuing (CBWFQ)
    combines the best scenarios of priority, custom,
    and weight-fair queuing.
  • Class-based WFQ allows you to define traffic
    classes based on matching criteria such as
    protocol, access control lists, and input
    interfaces.
  • Low latency queuing (LLQ) combines priority
    queuing with CBWFQ. LLQ brings strict priority
    queuing to CBWFQ. Strict priority queuing allows
    delay-sensitive data such as voice to be sent
    before packets in other queues are sent.

79
Priority Queuing
START
NO
Packet in high queue?
NO
Packet in medium queue?
YES
NO
Packet in normal queue?
YES
NO
Packet in low queue?
YES
YES
Continue
80
Custom Queuing
START (with Queue 1)
NO
YES
Reached transmission window size?
NO
YES
81
Low-Latency Queuing
  • One queue always gets the green light
  • Use this for voice
  • Combine this with class-based weighted fair
    queuing
  • Define traffic classes based on protocols, access
    control lists, and input interfaces
  • Assign characteristics to classes such as
    bandwidth required and the maximum number of
    packets that can be queued for the class

82
Random Early Detection (RED)
  • Congestion avoidance rather than congestion
    management
  • Monitors traffic loads and randomly discards
    packets if congestion increases
  • Source nodes detect dropped packets and slow down
  • Works best with TCP
  • Weighted Random Early Detection
  • Ciscos implementation uses IP precedence or the
    DS field instead of just randomly dropping packets

83
Traffic Shaping
  • Manage and control network traffic to avoid
    bottlenecks
  • Avoid overwhelming a downstream router or link
  • Reduce outbound traffic for a flow to a
    configured bit rate
  • Queue bursts of traffic for that flow
  • In summary, traffic shaping is the manipulation
    and prioritization of network traffic to reduce
    the impact of heavy users or machines from
    effecting other users.

84
Committed Access Rate (CAR)
  • Cisco feature for classifying and policing
    traffic on an incoming interface
  • Supports policies regarding how traffic that
    exceeds a certain bandwidth allocation should be
    handled
  • Can drop a packet or change the IP precedence or
    DSCP bits

85
Security Penetration
  • A penetration test is a proactive and authorized
    attempt to evaluate the security of an IT
    infrastructure by safely attempting to exploit
    system vulnerabilities, including OS, service and
    application flaws, improper configurations, and
    even risky end-user behavior. Such assessments
    are also useful in validating the efficacy of
    defensive mechanisms, as well as end-users
    adherence to security policies.

86
Security Penetration
  • Penetration tests are typically performed using
    manual or automated technologies to
    systematically compromise servers, endpoints, web
    applications, wireless networks, network devices,
    mobile devices and other potential points of
    exposure. Once vulnerabilities have been
    successfully exploited on a particular system,
    testers may attempt to use the compromised system
    to launch subsequent exploits at other internal
    resources, specifically by trying to
    incrementally achieve higher levels of security
    clearance and deeper access to electronic assets
    and information via privilege escalation.

87
Summary
  • An untested network design probably wont work.
  • Its often not practical to test the entire
    design.
  • However, by using industry testing services and
    tools, as well as your own testing scripts, you
    can (and should) test the complex, risky, and key
    components of a network design.

88
Summary
  • Optimization provides the high bandwidth, low
    delay, and controlled jitter required by many
    critical business applications
  • To minimize bandwidth utilization by multimedia
    applications, use IP multicast
  • To reduce serialization delay, use link
    fragmentation and compressed RTP
  • To support QoS and optimize performance, use IP
    precedence, DSCP, 802.1p. advanced switching and
    queuing methods, RED, CAR, etc.

89
This Weeks Outcomes
  • Industry Tests
  • Build and Test a Prototype
  • Write and Implement a Test Plan
  • Tools for Testing a Network Design
  • Multicasting
  • QoS
  • Queuing and Traffic Shaping

90
Q A
  • Questions, comments, concerns?
Write a Comment
User Comments (0)
About PowerShow.com