I had a customer asked me when is network security sufficient? That’s a tough and broad question, I thought. I really didn’t have a direct easy answer to this. It really depends on what kind of business you are in, what kind of information you are trying to protect. Depending on the business, I’m pretty sure there are legal that you need to take into considerations, such as medical offices, health care, and hospitals needs to be hippa compliant. With that being said, I have a minimum that I like to set in place for most offices, then when we are done, we realize there needed to be more security. For most office, I would recommend a minimum of antivirus software on each pc/devices/server, etc. I also think most office will need some kind of firewall/router in place with some kind of way to manage threat from outside. Then of course, blocks as many ports as possible from outside and make sure everyone have super strong password with some kind of system in place to make sure password security is enforce. I also highly recommend locking up server room/network closets, etc. That would be my minimum recommendation. If you can afford to do more, then you should do more.
Types of Cabling
- Category 3
- Category 5/5e
- Category 6
Cabling systems are categorized by the levels of data they are able to sustain. Category 3, commonly referred to as Cat-3, is an unshielded twisted pair (UTP) cable designed to carry a maximum data rate of 10Mbit/s and bandwidth of 16MHz. It is part of a copper cabling family and is recognized by its defining standard, TIA/EIA-568-B.
Cat-3 was a very popular format in the early 1990’s, but has since been replaced in favor of the higher performance Cat-5 cable standard. For the last decade, most new cable installations have been built with Cat-5e or Cat-6. Category 3 is still being used for two-line telephone systems and unlike Cat-4, 5/5e and 6 it is still recognized by the TIA/EIA-568-B standard.
While Cat-3 and Cat-5e look identical, Cat-3’s lower specifications tend to cause more errors at higher speeds. Cat-3 is compatible with the original PoE (Power over Ethernet) specifications, though it does not support 802.3at Type 2 high-power variation. Cat-5e is certified for a maximum of 100 MHz, while Cat-3 is only rated for 16 MHz. Category 3 was designed for voice and data transmissions up to 10 Mbit/s, but also runs Ethernet 10BASE-T.
Category 5 (Cat-5) cable is also a twisted pair cable used for carrying signals. Cat-5 is used in structured cabling for networks such as Ethernet, telephony and video. Most Category 5 cables are unshielded and rely on twist pair design for noise rejection. Cat-5 cable has been superseded by Category 5e (Cat-5e), which is an enhanced version of Cat-5. Category-5e has formally been recognized as the standard since 2001.
Cat-5e is the most common cable for data networks. Category 5e is defined as the TIA/EIA-568-B standard with clarification in TBS-95. The specified performance and test requirements are for frequencies up to 100MHz. Cat-5e offers twisted pair cables in two main varieties, solid and stranded. Solid cable will support longer length runs and operates best in fixed wiring configurations. Stranded cable is more pliable and better suited for shorter distance moveable cabling. Cat-5e can be bent at any radius that exceeds four times the diameter of the cable. Most Category 5e cables are connected using 8P8C modular connects, commonly referred to as RJ45 inappropriately.
Cat-5e is not rated for outdoor use and operates at temperatures from -10C to 60C. If being used outdoors, a conduit is required in order to protect it from moisture and lightning. The maximum length for a cable segment is 328 feet, therefor any longer runs will require a repeater or switch.
Category 5e cabling is commonly used for faster Ethernet networks, such as 100BASE-TX and 1000BASE-T. 10BASE-T and 100BASE-TX Ethernet connections require two cable pairs. 1000BASE-T requires four cable pairs. Cat-5 is rated for 100M, while Cat-5e is rated for 350M.
Category 6 (Cat-6) cable is a cable standard for Gigabit Ethernet and is backward compatible with Cat-5, Cat-5e and Cat-3 cable standards. It offers high quality transmission of data at more than twice that of Cat-5e. Category 6 provides performance up to 250 MHz and 1000Mbit/s.
Like the other twisted pair cables, Cat-6 has four twisted wire pairs. It is the 6th generation of twisted pair Ethernet cabling and is made with 23 gauge wire. Category 6 is suitable for 10 BASE-T, 100BASE-TX, 1000BASE-T/1000BASE-TX and 10GBASE-T. Cat-6 cables are normally terminated in 8P8C modular connectors and use either T568A or T568B pin assignments.
Cat-6 connectors help reduce noise, as well as lower attenuation. Category 6 may be used for security systems and telephone services, while having superior transmission performance to the Cat-5e cable. All these features are why many consider Cat-6 cabling the predominant media in the structured cabling market.
Fiber optic cables are those which contain one or more optical fibers. They use light pulses to transmit information down fiber lines. They are typically individually coated with plastic layers and contained in a protective tube. Fiber optics are replacing traditional copper lines due to their large carrying capacity and ability to transmit signals a greater distance without the need of refreshing.
Modern fiber cables can hold up to a thousand fibers in a single cable and have potential bandwidth in the Terabytes per second range. Fiber optic cable has become cheaper over time and the cost of small fiber-count-pole-mounted cables has greatly decreased. It is estimated that no more than 1% of the optic fiber buried in recent years is actually “lit”.
While copper cable cost less per square foot, fiber optic cable has much more capacity. Connectors and other equipment needed to install fiber optics are also more expensive. The ends must be cleaved when joining lengths of optical fiber and therefor require special connectors.
An optical fiber link in a commercial network will allow the transmittal of ten billion digital bits per second. Telephone calls numbering in the tens of thousands could be carried. Fibers consist of two layers of silica glass; the core and the cladding enclosed in a protective sheath. Plastic optical fiber (POF) is a newer, plastic-based cable. POF promises performance similar to glass. POF will cost less than glass fibers but will only be used on very short runs.
Small to Larges scale business computer network will assist in the interconnect of a group of computer systems for business purposes. This will allow employees to share files over the network with other employees. A network will help in efficiency and productivity. A network can consist of two or more computers, phone systems and other security devices need to run a small to large business. It is important to have a network admin to ensure that your network, computers and security devices are optimized and secure.
These are the three main systems for small to large scale businesses:
•PAN or Personal Area Network is a small network, usually supporting one or two people and various electronic devices like printers, phones, computers and tablets.
• LAN or Local Area Network covers a slightly larger scale but consists of systems all within a certain location. This can be used for small offices or people working within the same building. These networks can be expanded to support hundreds of computer systems as you expand the business.
• VPN Virtual Private Network uses the internet but creates a secure network within this larger public network. This can work well with innovative ideas when people not in the same geographical area without the risk of information leaks.
After 19 years of being in the industry, I decided to take some refresher course, I’m hoping to learning something new. Today I decided to learn or revisit network terminology.
Host: A host is any device that is connected to a network. Typically a host will use 1 ip address. Here are some examples of host on most network: computers, servers, printers, canner, ip phone, ip camera. Hmmmm.. this lead me to a question… is a router consider a host? Honestly, I’m not even sure. Technically, it does take up 1 ip address, so I guess in a way, I would consider it a host. I’m not 100% sure though, but in the interest of time, I’m moving on. There are other devices on the network that is important, yet it does not take up an ip address, so it is not consider a host. Example of non host devices on network can be modems, hubs, and some network switches. Typically unmanaged switches does not take up an ip, so it’s not consider a host. Managed switches on the other hand, does take up ip address, so it would be consider a host, at least in my book.
IP Address: An ip address is a number that identifies a host. In a network, each host have it’s own ip address. If you have 2 host of the same ip address, it would be consider a conflict and those two host will most likely not work properly. Ip address can be version 4 or version 6. In version 4 ip address, it can be internal or public. Internal ip is assign a number that only accessible via it’s direct neighbor or host on the same lan. External ip address is typically a number that is assign to you by the isp (internet service provider). A router, typically can use a public ip and an internal ip. This is how you can multiple host on a network can share 1 internet connection. Ip address is on the layer 3 of our network model. A good example of an internal (local) ip address would be 192.168.1.1. A good example of an external ip address would be 220.127.116.11 (google public dns). You can’t access 192.168.1.1 from anywhere in the world, but you should be able to access 18.104.22.168 from anywhere as so long as you are not being blocked by some kind of security configuration.
LAN: A LAN (Local Area Network) consists of multiple host on the same network. A good example would be you have your server, 3 computers, and 2 printers in your office in Austin, then that would be consider a LAN. You can have multiple LAN on one network. A good example would be you have your normal day to day data on LAN 1 (typically call VLAN), then you can have all your VOIP phones on LAN 2 (VLAN2). You can tag all your traffic on VLAN2 to have priority over your normal data traffic. If you have a remote office with the exact same setup in Dallas, then that would be consider another LAN. You can actually tie two LANs together via VPN, Private Point to Point Ethernet Network, MPLS, and SD WAN.