Computer networks

Course summary of Lan/Wan

Merit International Institute of Technology

OOTY
American International University of Management and Technology

Submitted by –

Anil Kumar Gupta

Bachu Jim Varghese

Bhaldein Redwan Ahmed Ada,

Deepak Khushalani

Mohit Tripathi

Parth Ashok Kumar Shah

Sudeep Sam Alex

1
 Merit International Institute of Technology OOTY
22, Havelock Road, Ooty, India - 643 001
Tel: ++ 91-423-2443601-6, 2442486
E-mail: mief@meritworldwide.com, mailmerit@yahoo.com

CERTIFICATE
This is to certify that students of final year BE(Electricals
Electronics and Computer science) at Merit International Institute
of Technology Ooty as per the partial requirements of degree
course have submitted there course summary report and we certify
that they have meet the requirements.

For MERIT
Mr.Ashok Kumar

2
 ACKNOWLEDGEMENT

The written word has an unfortunate tendency to convert genuine gratitude

into a stilled formality. But this is only way by which we can record our
feelings permanently. Many people have contributed their time and efforts in
helping us complete our disserting work successfully.

We would like to express our deepest gratitude and thanks to Management

of Merit international institute of technology especially Mr. Ashok
Kumar(coordinator) for following us to carry out our work.

We would also like to thank Mr. Bhagyanathan librarian Merit international

institute of technology who helped us through in getting our hands on all the
reference books and material required for our course summary.

And last but not the least we would like to thank our parents and all those
people who have directly or indirectly helped us in carrying out our
dissertation successfully.

Anil Kumar Gupta

Bachu Jim Varghese

Bhaldein Redwan Ahmed Ada,

Deepak Khushalani

Mohit Tripathi

Parth Ashok Kumar Shah

Sudeep Sam Alex

3
Index

• Introduction – overview of network environments. 05

• Lan configurations and protocols. 08 - 13

→ Network models
→ Network topologies
→ Network communication media
→ Network protocols

• Lan hardware and clients 13 - 18

→ Lan hardware and operating systems
→ Server and worlstation requirements
→ Server and workstation installation and configuration

• Lan management ans services 19 - 29

→ Licensing
→ File systems
→ Domains and trust relationships
→ Passwords
→ User account policies
→ Local and global groups
→ Security and related issues
→ Directories , permissions and shares
→ Auditing
→ Network printing and sharing printer resources

• System monitoring and maintenance 33 - 37

→ Monitoring issues
→ Server maintenance procedures
→ Troubleshooting
→ On-line help
→ System backup and backup techniques.

4
 Introduction
Computer on its own is referred to as a stand-alone machine, and most
domestic computer user’s use their PC’s in this way. However even small
commercial organizations may want to link their computers together. Two
computers linked together so that they can exchange data form a network.
However when we think of networks, we tend to think of lots of machines
linked together.

So what are the advantages of linking machines?

• Sharing of resources such as scanners and printers;

• Common information can be shared.
• Easier to install a program on a central computer rather than having to
do it individually for each computer.
• E-mails can be sent between users.
• New users and equipment can be added easily.
• Different types of computers can connect to each other.

Disadvantages are:

• If a file server goes down, the users cannot access programs.

• If the network is not operating properly, hardware and software
resources cannot be accessed.
• The network’s efficiency depends a lot on the skill of its manager. A
poorly managed network (or one where the manager is obstructive)
becomes frustrating to use and may be less efficient than stand-alone
machines.
• Novices might do something wrong and mess the network up.
• Hard to keep secure from hackers.
• If a network is not well designed, it might not cope with an increase in
traffic without a significant decrease in performance.

“The network’s down” is a phrase often heard in work places and it can
seriously disrupt the operation of an organisation. Network managers enjoy the
security of tenure of a manger of a premiership football team…

A network consists of two or more computers that are linked in order to share resources
(such as printers and CD-ROMs), exchange files, or allow electronic communications.
The computers on a network may be linked through cables, telephone lines, radio waves,
satellites, or infrared light beams.

5
Local Area Network - A Local Area Network (LAN) is a network that is confined to a
relatively small area. It is generally limited to a geographic area such as a writing lab,
school, or building. Rarely are LAN computers more than a mile apart. In a typical LAN
configuration, one computer is designated as the file server. It stores all of the software
that controls the network, as well as the software that can be shared by the computers
attached to the network. Computers connected to the file server are called workstations.
The workstations can be less powerful than the file server, and they may have additional
software on their hard drives. On most LANs, cables are used to connect the network
interface cards in each computer. See the Topology, Cabling, and Hardware sections of
this tutorial for more information on the configuration of a LAN.

Wide Area Network - Wide Area Networks (WANs) connect larger geographic areas,
such as Florida, the United States, or the world. Dedicated transoceanic cabling or
satellite uplinks may be used to connect this type of network.

Using a WAN, schools in Florida can communicate with places like Tokyo in a matter of
minutes, without paying enormous phone bills. A WAN is complicated. It uses
multiplexers to connect local and metropolitan networks to global communications
networks like the Internet. To users, however, a WAN will not appear to be much
different than a LAN or a MAN.

How are local area networks set up?

In large networks the workstations are connected to a central machine called a

server. The terminals may or may not be able to act as stand-alone machines
as well. In client server architecture, the devices act as clients sending in a
request for service to the server, which is a computer dedicated to managing
the networks. The files set up by the users are held on the server rather than
the individual terminals. However it is possible to save data on individual
machines if they have a hard disk. Associated with the file server may be a
print server that stores all the print jobs.

Peer-to-peer architecture is used on small networks. The PC’s can

communicate with other PC’s without going through a central server. They are
used where people do their own work but occasionally need to communicate
with others and share data. However, if one of the stations is turned off, data
stored there cannot be accessed.

6
Comparing the two:

Type Server based Peer to peer

Examples Novell Client Windows for
Workgroups
Storage Central file server Storage on each
machine
Software held centrally Software held centrally Software held on each
and distributed by the machine.
server to requests from
the individual PC’s
Security ID’s, Passwords, and No central control of
access levels are security
centrally controlled
Back up Done regularly by the Back up is responsibility
central system of users
Reliance All users reliant on the No reliance on a central
server. If it goes down, computer
then the whole network
is unusable
Communication Through the central Each computer needs to
computer which has have software to deal
protocols to deal with with communication to
different kinds of other computers.
computer
Advantage Speed and power Less expensive and
easier to administer.

In some networks the terminals can act as stand alone machines; in others the
terminals have to access everything from the server. Although these dumb
terminals look like a PC, they cannot do anything, except perhaps the entry
dialogue.

7
LAN CONFIGURATION AND PROTOCOLS

→NETWORK MODELS
When dealing with networking, you may hear the terms "network model" and "network
layer" used often. Network models define a set of network layers and how they interact.
There are several different network models depending on what organization or company
started them. The most important two are:

• The TCP/IP Model - This model is sometimes called the DOD model since it
was designed for the department of defense It is also called the internet model
because TCP/IP is the protocol used on the internet.
• OSI Network Model - The International Standards Organization (ISO) has
defined a standard called the Open Systems Interconnection (OSI) reference
model. This is a seven layer architecture listed in the next section.

8
The three top layers in the OSI model - the application layer, the presentation layer and
the session layer - usually are lumped into one layer in the TCP/IP model.

Application layer - The application layer is used by most programs for network
communication. Data is passed from the program in an application-specific format, then
encapsulated into a transport layer protocol.

Transport layer - The transport layer's responsibilities include end-to-end message

transfer capabilities independent of the underlying network, along with error control,
fragmentation and flow control.

Network layer - As originally defined, the Network layer solves the problem of getting
packets across a single network.

Data link layer - The link layer, which is the method used to move packets from the
network layer on two different hosts, is not really part of the Internet protocol suite,
because IP can run over a variety of different link layers. The processes of transmitting
packets on a given link layer and receiving packets from a given link layer can be
controlled both in the software device driver for the network card, as well as on firmware
or specialist chipsets. These will perform data link functions such as adding a packet
header to prepare it for transmission, then actually transmit the frame over a physical
medium.

Physical layer - The Physical layer is responsible for encoding and transmission of data
over network communications media. It operates with data in the form of bits that are
sent from the Physical layer of the sending (source) device and received at the Physical
layer of the destination device.

→ NETWORK TOPOLOGIES

Network topology is the study of the arrangement or mapping of the elements (links,
nodes, etc.) of a network, especially the physical (real) and logical (virtual)
interconnections between nodes. A local area network (LAN) is one example of a
network that exhibits both a physical topology and a logical topology. Any given node in
the LAN will have one or more links to one or more other nodes in the network and the

9
mapping of these links and nodes onto a graph results in a geometrical shape that
determines the physical topology of the network. Likewise, the mapping of the flow of
data between the nodes in the network determines the logical topology of the network. It
is important to note that the physical and logical topologies might be identical in any
particular network but they also may be different.

Linear Bus - A linear bus topology consists of a main run of cable with a terminator at
each end. All nodes (file server, workstations, and peripherals) are connected to the linear
cable. Ethernet and LocalTalk networks use a linear bus topology.

Star - A star topology is designed with each node (file server, workstations, and
peripherals) connected directly to a central network hub or concentrator. Data on a star
network passes through the hub or concentrator before continuing to its destination. The
hub or concentrator manages and controls all functions of the network. It also acts as a
repeater for the data flow. This configuration is common with twisted pair cable;
however, it can also be used with coaxial cable or fiber optic cable.

Tree - A tree topology combines characteristics of linear bus and star topologies. It
consists of groups of star-configured workstations connected to a linear bus backbone
cable. Tree topologies allow for the expansion of an existing network, and enable schools
to configure a network to meet their needs.

Ring - The type of network topology in which each of the nodes of the network is
connected to two other nodes in the network and with the first and last nodes being
connected to each other, forming a ring – all data that is transmitted between nodes in the
network travels from one node to the next node in a circular manner and the data
generally flows in a single direction only.

Mesh - The value of fully meshed networks is proportional to the exponent of the number
of subscribers, assuming that communicating groups of any two endpoints, up to and
including all the endpoints, is approximated by Reed's Law.

Tree (also known as hierarchical) - The type of network topology in which a central 'root'
node (the top level of the hierarchy) is connected to one or more other nodes that are one
level lower in the hierarchy (i.e., the second level) with a point-to-point link between

10
each of the second level nodes and the top level central 'root' node, while each of the
second level nodes that are connected to the top level central 'root' node will also have
one or more other nodes that are one level lower in the hierarchy (i.e., the third level)
connected to it, also with a point-to-point link, the top level central 'root' node being the
only node that has no other node above it in the hierarchy – the hierarchy of the tree is
symmetrical, each node in the network having a specific fixed number, f, of nodes
connected to it at the next lower level in the hierarchy, the number, f, being referred to as
the 'branching factor' of the hierarchical tree.

Hybrid - The hybrid topology is a type of network topology that is composed of one or
more interconnections of two or more networks that are based upon different physical
topologies or a type of network topology that is composed of one or more
interconnections of two or more networks that are based upon the same physical
topology, but where the physical topology of the network resulting from such an
interconnection does not meet the definition of the original physical topology of the
interconnected networks.

→ NETWORK COMMUNICATION MEDIUM

Unshielded Twisted Pair (UTP) Cable - Twisted pair cabling comes in two varieties:
shielded and unshielded. Unshielded twisted pair (UTP) is the most popular and is
generally the best option for school networks . The standard connector for unshielded
twisted pair cabling is an RJ-45 connector.

Coaxial Cable - Coaxial cabling has a single copper conductor at its center. A plastic
layer provides insulation between the center conductor and a braided metal shield .The
metal shield helps to block any outside interference from fluorescent lights, motors, and
other computers. The most common type of connector used with coaxial cables is the
Bayone-Neill-Concelman (BNC) connector.

Fiber Optic Cable - Fiber optic cabling consists of a center glass core surrounded by
several layers of protective materials. It transmits light rather than electronic signals
eliminating the problem of electrical interference.

11
Wireless LANs - Not all networks are connected with cabling; some networks are
wireless. Wireless LANs use high frequency radio signals, infrared light beams, or lasers
to communicate between the workstations and the file server or hubs. Each workstation
and file server on a wireless network has some sort of transceiver/antenna to send and
receive the data. Information is relayed between transceivers as if they were physically
connected. For longer distance, wireless communications can also take place through
cellular telephone technology, microwave transmission, or by satellite.

→ NETWORK PROTOCOLS
A protocol is a set of rules that governs the communications between computers on a
network. These rules include guidelines that regulate the following characteristics of a
network: access method, allowed physical topologies, types of cabling, and speed of data
transfer.

Ethernet - The Ethernet protocol is by far the most widely used. Ethernet uses an access
method called CSMA/CD (Carrier Sense Multiple Access/Collision Detection). This is a
system where each computer listens to the cable before sending anything through the
network. If the network is clear, the computer will transmit. If some other node is already
transmitting on the cable, the computer will wait and try again when the line is clear.

LocalTalk - LocalTalk is a network protocol that was developed by Apple Computer,

Inc. for Macintosh computers. The method used by LocalTalk is called CSMA/CA
(Carrier Sense Multiple Access with Collision Avoidance). It is similar to CSMA/CD
except that a computer signals its intent to transmit before it actually does so. LocalTalk
adapters and special twisted pair cable can be used to connect a series of computers
through the serial port.

Token Ring - The Token Ring protocol was developed by IBM in the mid-1980s. The
access method used involves token-passing. In Token Ring, the computers are connected
so that the signal travels around the network from one computer to another in a logical
ring. A single electronic token moves around the ring from one computer to the next.

FDDI - Fiber Distributed Data Interface (FDDI) is a network protocol that is used
primarily to interconnect two or more local area networks, often over large distances. The
access method used by FDDI involves token-passing. Transmission normally occurs on
one of the rings; however, if a break occurs, the system keeps information moving by

12
automatically using portions of the second ring to create a new complete ring. A major
advantage of FDDI is speed. It operates over fiber optic cable at 100 Mbps.

ATM - Asynchronous Transfer Mode (ATM) is a network protocol that transmits data at
a speed of 155 Mbps and higher. ATM works by transmitting all data in small packets of
a fixed size; whereas, other protocols transfer variable length packets. ATM supports a
variety of media such as video, CD-quality audio, and imaging. ATM employs a star
topology, which can work with fiber optic as well as twisted pair cable.ATM is most
often used to interconnect two or more local area networks. It is also frequently used by
Internet Service Providers to utilize high-speed access to the Internet for their clients. As
ATM technology becomes more cost-effective, it will provide another solution for
constructing faster local area networks.

LAN HARWARE AND CLIENTS

→ NETWORK HARDWARE AND OPERATING SYSTEMS

→ SERVER AND WORKSTATION REQUIREMENTS
→ SERVER AND WORKSTATION INSTALLATION AND CONFIGURATION

Networking hardware includes all computers, peripherals, interface cards and

otherequipment needed to perform data-processing and communications within the
network.

File Servers – A file server stands at the heart of most networks. It is a very fast
computer with a large amount of RAM and storage space, along with a fast network
interface card. The network operating system software resides on this computer, along
with any software applications and data files that need to be shared.

The file server controls the communication of information between the nodes on a
network. For example, it may be asked to send a word processor program to one
workstation, receive a database file from another workstation, and store an e-mail
message during the same time period. This requires a computer that can store a lot of
information and share it very quickly. File servers should have at least the following
characteristics:

13
 • 800 megahertz or faster microprocessor (Pentium 3 or 4, G4 or G5)
• A fast hard drive with at least 120 gigabytes of storage
• A RAID (Redundant Array of Inexpensive Disks) to preserve data after a disk
casualty
• A tape back-up unit (i.e. DAT, JAZ, Zip, or CD-RW drive)
• Numerous expansion slots
• Fast network interface card
• At least of 512 MB of RAM

Workstations - All of the user computers connected to a network are called

workstations. A typical workstation is a computer that is configured with a network
interface card, networking software, and the appropriate cables. Workstations do not
necessarily need floppy disk drives because files can be saved on the file server. Almost
any computer can serve as a network workstation.

Network Interface Cards - The network interface card (NIC) provides the physical
connection between the network and the computer workstation. Most NICs are internal,
with the card fitting into an expansion slot inside the computer.Laptop computers can
now be purchased with a network interface card built-in or with network cards that slip
into a PCMCIA slot.Network interface cards are a major factor in determining the speed
and performance of a network.

Ethernet Cards - Ethernet cards are usually purchased separately from a computer,
although many computers (such as the Macintosh) now include an option for a pre-
installed Ethernet card. Ethernet cards contain connections for either coaxial or twisted
pair cables (or both) (See fig. 1). If it is designed for coaxial cable, the connection will be
BNC. If it is designed for twisted pair, it will have a RJ-45 connection. Some Ethernet
cards also contain an AUI connector. This can be used to attach coaxial, twisted pair, or
fiber optics cable to an Ethernet card.

LocalTalk Connectors - LocalTalk is Apple's built-in solution for networking

Macintosh computers. It utilizes a special adapter box and a cable that plugs into the
printer port of a Macintosh (See fig. 2). A major disadvantage of LocalTalk is that it is
slow in comparison to Ethernet. Most Ethernet connections operate at 10 Mbps (Megabits
per second). In contrast, LocalTalk operates at only 230 Kbps (or .23 Mbps).

Fig.2. LocalTalk connectors

14
 Ethernet Cards vs. LocalTalk Connections

Ethernet LocalTalk

Fast data transfer (10 to 100 Slow data transfer (.23

Mbps) Mbps)

Expensive - purchased Built into Macintosh

separately computers

Requires computer slot No computer slot necessary

Available for most Works only on Macintosh

computers computers

Token Ring Cards - Token Ring network cards look similar to Ethernet cards. One
visible difference is the type of connector on the back end of the card. Token Ring cards
generally have a nine pin DIN type connector to attach the card to the network cable.

Switch - A concentrator is a device that provides a central connection point for cables
from workstations, servers, and peripherals. In a star topology, twisted-pair wire is run
from each workstation to a central switch/hub. Most switches are active, that is they
electrically amplify the signal as it moves from one device to another. Switches no longer
broadcast network packets as hubs did in the past, they memorize addressing of
computers and send the information to the correct location directly. Switches are:

• Usually configured with 8, 12, or 24 RJ-45 ports

• Often used in a star or star-wired ring topology
• Sold with specialized software for port management
• Also called hubs
• Usually installed in a standardized metal rack that also may store netmodems,
bridges, or routers

Repeaters - Since a signal loses strength as it passes along a cable, it is often necessary
to boost the signal with a device called a repeater. The repeater electrically amplifies the
signal it receives and rebroadcasts it. Repeaters can be separate devices or they can be
incorporated into a concentrator. They are used when the total length of your network
cable exceeds the standards set for the type of cable being used. A good example of the
use of repeaters would be in a local area network using a star topology with unshielded
twisted-pair cabling. The length limit for unshielded twisted-pair cable is 100 meters. The
most common configuration is for each workstation to be connected by twisted-pair cable
to a multi-port active concentrator. The concentrator amplifies all the signals that pass

15
through it allowing for the total length of cable on the network to exceed the 100 meter
limit.

Bridges - A bridge is a device that allows you to segment a large network into two
smaller, more efficient networks. If you are adding to an older wiring scheme and want
the new network to be up-to-date, a bridge can connect the two. A bridge monitors the
information traffic on both sides of the network so that it can pass packets of information
to the correct location. Most bridges can "listen" to the network and automatically figure
out the address of each computer on both sides of the bridge. The bridge can inspect each
message and, if necessary, broadcast it on the other side of the network. The bridge
manages the traffic to maintain optimum performance on both sides of the network. You
might say that the bridge is like a traffic cop at a busy intersection during rush hour. It
keeps information flowing on both sides of the network, but it does not allow
unnecessary traffic through. Bridges can be used to connect different types of cabling, or
physical topologies. They must, however, be used between networks with the same
protocol.

Routers - A router translates information from one network to another; it is similar to a

superintelligent bridge. Routers select the best path to route a message, based on the
destination address and origin. The router can direct traffic to prevent head-on collisions,
and is smart enough to know when to direct traffic along back roads and shortcuts.

While bridges know the addresses of all computers on each side of the network, routers
know the addresses of computers, bridges, and other routers on the network. Routers can
even "listen" to the entire network to determine which sections are busiest -- they can
then redirect data around those sections until they clear up.

If you have a school LAN that you want to connect to the Internet, you will need to
purchase a router. In this case, the router serves as the translator between the information
on your LAN and the Internet. It also determines the best route to send the data over the
Internet. Routers can:

• Direct signal traffic efficiently

• Route messages between any two protocols
• Route messages between linear bus, star, and star-wired ring topologies
• Route messages across fiber optic, coaxial, and twisted-pair cabling.

What is a Network Operating System?

Unlike operating systems, such as DOS and Windows, that are designed for single users
to control one computer, network operating systems (NOS) coordinate the activities of
multiple computers across a network. The network operating system acts as a director to

16
keep the network running smoothly. The two major types of network operating systems
are:

Peer-to-Peer - Peer-to-peer network operating systems allow users to share resources

and files located on their computers and to access shared resources found on other
computers. However, they do not have a file server or a centralized management source
(See fig. 1). In a peer-to-peer network, all computers are considered equal; they all have
the same abilities to use the resources available on the network. Peer-to-peer networks are
designed primarily for small to medium local area networks. AppleShare and Windows
for Workgroups are examples of programs that can function as peer-to-peer network
operating systems.

Fig. 1. Peer-to-peer network

Advantages of a peer-to-peer network:

• Less initial expense - No need for a dedicated server.

• Setup - An operating system (such as Windows XP) already in place may only
need to be reconfigured for peer-to-peer operations.

Disadvantages of a peer-to-peer network:

• Decentralized - No central repository for files and applications.

• Security - Does not provide the security available on a client/server network.

Client/Server - Client/server network operating systems allow the network to centralize

functions and applications in one or more dedicated file servers (See fig. 2). The file
servers become the heart of the system, providing access to resources and providing
security. Individual workstations (clients) have access to the resources available on the
file servers. The network operating system provides the mechanism to integrate all the
components of the network and allow multiple users to simultaneously share the same
resources irrespective of physical location. Novell Netware and Windows 2000 Server
are examples of client/server network operating systems.

17
 Fig. 2. Client/server network

Advantages of a client/server network:

• Centralized - Resources and data security are controlled through the server.
• Scalability - Any or all elements can be replaced individually as needs increase.
• Flexibility - New technology can be easily integrated into system.
• Interoperability - All components (client/network/server) work together.
• Accessibility - Server can be accessed remotely and across multiple platforms.

Disadvantages of a client/server network:

• Expense - Requires initial investment in dedicated server.

• Maintenance - Large networks will require a staff to ensure efficient operation.
• Dependence - When server goes down, operations will cease across the network.

Examples of network operating systems

The following list includes some of the more popular peer-to-peer and client/server
network operating systems.

• AppleShare
• Microsoft Windows Server
• Novell Netware

18
LAN MANAGEMENT AND SERVICES

→ LICENSING
Network licensing helps ensure that your users have access to the right software at the
right time and enables you to control the use of your software licenses easily and
efficiently. Effective use of network licensing software requires investment in planning,
implementation, and maintenance. But, used properly, it can generate significant benefits
for you and your organization.

Benefits of Network Licensing

Network licensing provides improved value.

Since a network license process can float to different machines as required and can serve
many users over the course of a day, it will usually be employed a greater fraction of the
time than a license fixed on one machine. For example, if no more than 10 users in a
facility of 50 access Mathematica concurrently, a 10-seat Network Mathematica can
replace 50 single-user copies.

Yet each network process costs only 30 percent more than a process locked to one
machine. This allows users to recoup the small fee for MathLM almost instantly. Of
course, Wolfram Research supports mixed installations of network and locked processes.
Therefore, those relying on a program extensively will have guaranteed access at any
time--even when colleagues are temporarily using all available network processes.

More people can get the benefit of networked programs.

Even users who do not yet use a program enough to justify purchasing a fixed license can
access the program's power via the network license process your organization has
purchased--as long as colleagues haven't tied up all the processes when you want to use
one. It is more convenient for users and system administrators.
Because of the option not to install Wolfram Research programs locally but to serve them
over the network, system administration is greatly simplified and user time is saved.
Serving over the network also makes upgrades and recovering orphaned licenses a snap.

It maximizes the use of a program and prevents orphaned licenses.

All licenses are administered centrally. This means that even if a user leaves or moves to
another department, the user's license will be available to others and not stand on a
bookshelf.

Network licensing is a powerful tool for managing your licenses. It is important to

determine what type of licensing is most appropriate for your users. You can keep a
majority of your seats as stand-alone users, while you run a pilot project with network
licensing, or you can move most of your licenses to a license server, keeping a few

19
essential stand-alone licenses for key users. Most companies that implement network
licensing also have some stand-alone licenses for special cases.

→ FILE SYSTEMS
A network file system is any computer file system that supports sharing of files, printers
and other resources as persistent storage over a computer network. The first file servers
were developed in the 1970s, and in 1985 Sun Microsystems created the file system
called "Network File System" (NFS) which became the first widely used network file
system. Other notable network file systems are Andrew File System (AFS), NetWare
Core Protocol (NCP), and Server Message Block (SMB), also known as Common
Internet File System (CIFS).

Transparency
Ideally, a network file system should appear to its users to be a conventional, centralized
file system. The multiplicity and dispersion of its servers and storage devices should be
made invisible. That is, the client interface used by programs should not distinguish
between local and remote files. It is up to the network file system to locate the files and to
arrange for the transport of the data.

Performance
The most important performance measurement of a network file system is the amount of
time needed to satisfy service requests. In conventional systems, this time consists of a
disk-access time and a small amount of CPU-processing time. But in a network file
system, a remote access has additional overhead due to the distributed structure. This
includes the time to deliver the request to a server, the time to deliver the response to the
client, and for each direction, a CPU overhead of running the communication protocol
software. The performance of a network file system can be viewed as one dimension of
its transparency: ideally, it would be comparable to that of a conventional file system.

Concurrent file updates

A network file system should allow multiple client processes on multiple machines to
access and update the same files. Hence updates to the file from one client should not
interfere with access and updates from other clients. Concurrency control or locking may
be either built into the file system or be provided by an add-on protocol.

List of network file systems

Client-server file systems:

9P
Amazon S3
Andrew File System (AFS), OpenAFS
Apple Filing Protocol (AFP)

20
Coda
DCE Distributed File System
NetWare Core Protocol (NCP)
Network File System (protocol) (NFS)
Secure File System (SFS)
Self-certifying File System (SFS)
Server Message Block (SMB)

→DOMAINS AND TRUST RELATIONSHIPS

The word domain naming system is commonly abbreviated as DNS. For a domain
naming system, the word domain is defined as a group of workstations and servers which
share a single group name. The word domain also refers to the address of a website on the
Internet. The protocol, the path, the page and the other items are not attached to the
domain.

Multiple domains and trust relationships

As the network grows, simplify administration by dividing the network into multiple
domains. Each domain has a unique name that you choose when installing the domain's
primary server. A network with three domains might look like this:

Sample Advanced Server network

A trust relationship is a link between domains where the trusting domain honors the
logon validations from the trusted domain. Trust relationships make the network easier to
manage and easier to use because each user needs only a single account in one of the
domains on the network, which can provide access to resources anywhere on the
network.

21
→ PASSWORDS

Passwords are nothing but access control limits prescribed to a user.

Access control can be based on:

• What you know, for example a password or PIN number. We know that
these are not foolproof because people use obvious words, divulge their
password, or write it down. Sometimes fraudsters pose as people who
would seem to be authorised to know it. The fraudster runs a program
that appears to be a login procedure and the employee is asked to
supply their password. (Some fraudsters have been known to send bogus
but genuine-looking e-mails to bank customers, to ask for bank details
and PINs. If that happens to you, DO NOT send them details, but let
your bank know. Your bank will never send such an e-mail.)
• What you have, for example an ID card with a barcode or a chip.
• Where you are, using a specified telephone number. This is a call-back
system. The use dials in and enters an ID and a password. After
checking these, the user is called back on a predetermined phone
number.
• Who you are - the computer can check voice-print and/or biometric
data.

These become less effective if users leave their computers logged in. Screen-
savers can come on if there is no keyboard activity for, say, ten minutes. A
password may be needed to restore the system. Or the user can be logged out.

→ USER ACCOUNTS POLICIES

Policies can define a specific user's settings or the settings for a group of users.
The resulting policy file contains the registry settings for all users, groups, and
computers that will be using the policy file. Separate policy files for each user,
group, or computer are not necessary. If you create a policy that will be
automatically downloaded from validating domain controllers, you should name
the file NTConfig.POL. As system administrator, you have the option of renaming
the policy file and, by modifying the Windows NT-based workstation, directing the
computer to update the policy from a manual path. You can do this by either
manually changing the registry or by using the System Policy Editor. This can
even be a local path such that each machine has its own policy file, but if a
change is necessary to all machines, it must be made individually to each
workstation. When a Windows NT4/200x/XP machine logs onto the network, the
client looks in the NETLOGON share on the authenticating domain controller for
the presence of the NTConfig.POL file. If one exists, it is downloaded, parsed, and
then applied to the user's part of the registry. MS Windows 200x/XP clients that
log onto an MS Windows Active Directory security domain may additionally
acquire policy settings through GPOs that are defined and stored in Active

22
Directory itself. The key benefit of using AD GPOs is that they impose no registry
spoiling effect. This has considerable advantage compared with the use of
NTConfig.POL (NT4) style policy updates. In addition to user access controls that
may be imposed or applied via system and/or group policies in a manner that
works in conjunction with user profiles, the user management environment under
MS Windows NT4/200x/XP allows per-domain as well as per-user account
restrictions to be applied. Common restrictions that are frequently used include:

• Logon hours
• Password aging
• Permitted logon from certain machines only
• Account type (local or global)
• User rights

Samba-3.0.20 does not yet implement all account controls that are common to
MS Windows NT4/200x/XP. While it is possible to set many controls using the
Domain User Manager for MS Windows NT4, only password expiry is functional
today. Most of the remaining controls at this time have only stub routines that
may eventually be completed to provide actual control. Do not be misled by the
fact that a parameter can be set using the NT4 Domain User Manager or in the
NTConfig.POL.

→ LOCAL AND GLOBAL GROUPS

Groups are nothing but the way in which a network is connected that is network type

Main Network Types

• Ethernet
• FDDI
• Token Ring
• ARCnet
• AppleTalk

Other Network Types

• Fiber channel - Operates at 256 Mbps or 1 Gbps. It was developed for peripheral
devices like disk arrays, but is now used for point to point networking for full
duples server to server communications. It is the lowest cost 1 Gbps network.
• Gigabit Ethernet - This type of ethernet places ethernet packets in fiber channel
packets. The fiber channel network works like an ethernet bridge.

23
Ethernet

The IEEE 802.3 standard defines ethernet at the physical and data link layers of the OSI
network model. Most ethernet systems use the following:

• Carrier-sense multiple-access with collision detection (CSMA/CD) for controlling

access to the network media.
• Use baseband broadcasts
• A method for packing data into data packets called frames
• Transmit at 10Mbps, 100Mbps, and 1Gbps.

FDDI
FDDI stands for Fiber Distributed Data Interface. The FDDI standard is ANSI X3T9.5 .
The FDDI topology is ring with two counter rotating rings for reliability with no
hubs. Cable type is fiber-optic. Connectors are specialized. The media access method is
token passing. Multiple tokens may be used by the system. The maximum length is 100
kilometers. The maximum number of nodes on the network is 500. Speed is 100 Mbps.
FDDI is normally used as a backbone to link other networks. A typical FDDI network
can include servers, concentrators, and links to other networks. CDDI is a copper
version of FDDI which uses category 5 cable. Obviously the distance is more limited
than FDDI.

Devices called concentrators provide functions similar to hubs. Most concentrators use
dual attachment station network cards but single attachment concentrators may be used to
attach more workstations to the network.

FDDI token passing allows multiple frames to circulate around the ring at the same time.
Priority levels of a data frame and token can be set to allow servers to send more data
frames. Time sensitive data may also be given higher priority. The second ring in a FDDI
network is a method of adjusting when there are breaks in the cable. The primary ring is
normally used, but if the nearest downstream neighbor stops responding the data is sent
on the secondary ring in attempt to reach the computer. Therefore a break in the cable
will result in the secondary ring being used. There are two network cards which are:

1. Dual attachment stations (DAS) used for servers and concentrators are attached to
both rings.
2. Single Attachment stations (SAS) attached to one ring and used to attach
workstations to concentrators.

A router or switch can link an FDDI network to a local area network (LAN). Normally
FDDI is used to link LANs together since it covers long distances.

24
Token Ring
Developed by IBM, Token Ring, is standardized to IEEE 802.5. Token Ring uses a star
topology, but it is wired so the signal will travel from hub to hub in a logical ring. These
networks use a data token passed from computer to computer around the ring to allow
each computer to have network access. The token comes from the nearest active upstream
neighbor (NAUN). When a computer receives a token, if it has no attached data and the
computer has data for transmission, it attaches its data to the token then sends it to its
nearest active downstream neighbor (NADN). Each computer downstream will pass the
data on since the token is being used until the data reaches its recipient. The recipient will
set two bits to indicate it received the data and transmit the token and data. When the
computer that sent the data receives the package, it can verify that the data was received
correctly. It will remove the data from the token and pass the token to its NADN.

It can use UTP, STP, or fiber optic cable. Maximum cable length is 45 meters with UTP
and 101 meters with STP. Topology is star-wired ring. Uses type 1 STP and type 3 UTP.
Connectors are RJ-45 or IBM type A. Minimum length between nodes is 2.5 meters.
Maximum number of hubs or segments is 33. Maximum nodes per network is 72 nodes
with UTP and 260 nodes with STP. Speed is 4 or 16 Mps. IEEE 802.5 defines token ring.
Data frames may be 4,000 to 17,800 bytes long.

A token ring network uses a multistation access unit (MAU) as a hub. It may also be
known as a Smart Multistation Access Unit (SMAU). A MAU normally has ten ports.
Two ports are Ring In (RI) and Ring Out (RO) which allow multiple MAUs to be linked
to each other. The other 8 ports are used to connect to computers.

ARCnet (Attached Resource Computer Network) (CR)

ARCnet Topology is star and bus or a mixture. Cable type is RG-62 A/U coaxial (93
ohm), UTP or fiber-optic. A network can use any combination of this media. Connectors
used include BNC, RJ-45, and others. It passes tokens passing for media access.
Maximum segment length is 600 meters with RG-62 A/U, 121 meters with UTP, 3485
meters with fiber-optic, and 30 meters from a passive hub. It may use active and passive
hubs. The specification is ANSI 878.1. It can have up to 255 nodes per network. The
speed is 2.5 Mbps. ARCnet Plus has operating speeds approaching 20Mbps.

25
Signals are broadcast across the entire network with computers processing only signals
addressed to them. ARCnet tokens travel based on a station identifier (SID) which each
computer has. Each network card has a DIP switch used to set the SID with an address
between 1 and 255. Signals are generally sent from the lowest numbered station to the
next until they wrap around back to SID of 1. To determine non-existent stations, the
station with the lowest ID indicates it has the token and begins querying IDs of higher
value until it gets a response. Then the next computer does the same until the original
station is queried. This procedure is done when a station is added or removed from the
network or when the network is originally started. The acronym SID is used for a station
identifier with regard to ARCnet, but as used in the Windows NT and Windows 95
operating systems, it refers to the security identification number of a user or group.

AppleTalk
AppleTalk topology is bus. Cable type is STP. The connectors are specialized. The media
access method is CSMA/CA . Maximum segment and network length is 300 meters. The
maximum number of connected segments is 8. There are 32 maximum nodes per segment
with 254 maximum number of nodes per network. Speed is 230.4Kbps. The cabling
system used with AppleTalk is called LocalTalk.

Addressing

Addressing is dynamic with each computer, when powered on, choosing its last used
address or a random address. The computer broadcasts that address to determine if the
address is used. If it is used, it will broadcast another random address until it finds an
unused address.

EtherTalk and TokenTalk provide for use of AppleTalk network protocols on top of
ethernet and token ring architectures respectively.

LocalTalk

LocalTalk uses STP cable and bus topology. Using CSMA/CA for media access,
computers will first determine if any other computers are transmitting, before they
transmit. A packet is transmitted prior to transmitting that alerts other computers that a
transmission will be sent. Usually LocalTalk is only used in small environments.

26
→ SECURITY AND RELATED ISSUES

Security can be maximised by

• Training users about security - every employee needs to know about

the importance of security and what the company security policies are.
Downloading programs can bring in viruses. All files need to be virus
checked before use. Strangers should not be given access to restricted
areas, and computers should be logged off when employees are out of
the office.
• Access Privileges - to both software and data. We know of the different
levels of access to data such as read only, read and copy, read and
update. Employees should have just the software that is needed for
them to do their jobs.

Firewalls

The primary purpose of a firewall is to keep out hackers. Firewall software

can also be configured to control what goes in or out of an organisation.
Placed at the interface between the LAN and the WAN, the firewall products
can be:

• A router that examines all packets of data going in and out, checking
source or destination addresses. Packets going to or from unwanted
addresses are barred.
• Special software that restricts traffic to a particular application, for
example e-mail, or Lotus Notes, software that enables several users to
work on the same document at the same time.
• A proxy server that maintains replicated copies of web-pages for easy
access to normal or outside users of the site. Only authorised users can
access the more sensitive information. For example, a college will have
web-pages that anyone can access, usually with details of courses, and a
message from the principal. Only staff and students can access the
intranet through an ID and a password.

Audit Controls
Audit controls can track all network activity:

• What programs have been used;

• What files have been opened;
• How many reads and writes have been carried out;
• How many times the server has been accessed.

Special monitoring software can produce statistical profiles on the use of the
network. Each individual user can also be monitored, and any abnormal
behaviour of users can be detected.

27
Performance Monitoring
The network performance can be monitored:

• Network availability (i.e. on but not working);

• Response time, e.g. time taken between a query being made and the
response being received.
• Usage of hardware resources;
• Usage of software.
• Traffic density.

These will help in the management and planning of a network. Bottlenecks can
be identified and sorted out. If more copies of software are being used than
allowed by the licence, then action can be taken.

Encryption
Data passing through a wire or as a radio signal are vulnerable to interception.
Such data can be scrambled or encrypted to make sure they are meaningless to
everyone else other than the intended recipient.Encryption is nothing new; the
Enigma machine used by the Germans in the Second World War were
sophisticated devices. And it took a sophisticated electro-mechanical
computer, Collosus, to crack them. Collosus was faster at decoding Enigma
than a Pentium Processor, so it was a pretty good machine. (Many historians
state that the Germans were good soldiers, but had a blind spot about the
value of good intelligence. The Allies were good at intelligence which won the
war.)

There are different ways of encrypting data based on:

• transposition where characters are moved about;

• substitution where one character stands for another.

→ DIRECTORIES, PERMISSIONS AND SHARES

Directories
Directories contain data describing resources such as computers, printers and user
accounts that are contained within a particular network. Directories can be as simple as
text file, such as the /etc.passwd and /etc/group files on traditional Unix systems, which
list the active user accounts and their group permissions, or a directory can be complex
LDAP directory structure such as microsoft's active directory. Directories can contain
authentication data. Authenticating "against" a directory takes two forms: a client
machine can contact a directory, obtain the hashed version of the user's password, hash
the password given by the user, and compare the two. this method is used by NIS, for
example.

28
the other form, employed by most LDAP authentication mechanisms, is to attempt to
bind to the LDAP directory using the crudentials that the user provided.The pam_ldap
PAM module uses this latter method to authenticate against an LDAP directory.

Permissions
Microsoft windows XP to support many different types of partitions(NTFS,FAT16
,FAT32), old and new! network permissions are Microsoft's way of enabling you to
administer file sharing on any typr of partition supported by windows, no mater how
ancient. sure your options will be pretty limited if you are working with the older
partition type, but you can do it. the beauty of windowsNT/2000/xp is that gives you
another tool - NTFS permissions - that can do much more. NTFS is where power lies, but
power always comes with a price: you have to configure two seperate sets of permissions,
so if you are sharing a folder on an NTFS drive, as you normally are these days, you must
set both the network permissions and the NTFS permissions to let others access your
shared resources.

Shares
In network sharing you just give access or permissions shared on LAN to transfer or view
files according to the levels specified once the network ids are setup with IP addresses
specified and communication link build up.
To share a folder right click on the folder or drive to be shared then click on the sharing
and security tab, then in the network sharing and security area highlight the sharing
option and specify the mane with which it can be seen on the network.

29
→ AUDITING
Assessment can be defined as the act of testing network security to determine the strength
of current security measures taken in the network. futhermore auditing can be defined as
teh act of examining, evaluating and recording security measures. so basically both the
terms mean similar but in laymans language have to be assessed together to prevent
hacking of the network in means of theft , piracy and many more terms related to cyber
crime. So hence we require lot of securities firewalls and auditing is the means of testing
of those measures.

→ NETWORK PRINTING AND SHARING PRINTER RESOURCES

The most common network printing implementation is a “printserver” accepting print

jobs from clients tied to the server via a network cable. The term "printserver" is one of
those networking terms, like packet, that has been carelessly tossed around until its
meaning has become somewhat confusing and blurred. To be specific, a printserver is
simply a program that arbitrates print data from multiple clients for a single printer.
Printservers can be implemented in one of the four methods described in the following
sections.The printer can be physically cabled to the PC running the Network OS. Print
jobs are submitted by clients to the printserver software on the fileserver, which sends
them down the parallel or serial cable to the printer. The printer must be physically close
to the fileserver. This kind of printserving is popular in smaller workgroup networks, in
smaller offices.

30
The printer can be physically cabled to the PC running the Network OS. Print jobs are
submitted by clients to the printserver software on the fileserver, which sends them down
the parallel or serial cable to the printer. The printer must be physically close to the
fileserver. This kind of printserving is popular in smaller workgroup networks, in smaller
offices.

Figure 8-1. Printserver on the fileserver

It is possible to run a print server program on a cheap PC that is located next to the
printer and plugged into it via parallel cable. This program simply acts as a pass-through
program, taking network packets from the network interface and passing them to the
printer. This kind of server doesn't allow any manipulation of print jobs, jobs usually
come from a central fileserver, where jobs are controlled.

Figure 8-2. Printserver on a separate PC

The HP JetDirect Internal is the best known printserver of this type. It is inserted into a
slot in the printer case, and it works identically to the external JetDirect units.

Figure 8-4. Printserver in the printer

31
Printspooling is an integral part of network printing. Since the PC can spit out data much
faster than the printer can accept it, the data must be buffered in a spool at some location.
In addition, because many clients share printers, when clients send print jobs at the same
time, jobs must be placed on a queue so that one can be printed after the other.

Figure 8-5. Print spool locations

Sharing printer resources→

To share the printer, I opened the Printers and Faxes folder on the computer that was
connected to my printer.

To open the Printers and Faxes folder

•Click Start and then click Control Panel.

•Click Printers and Other Hardware, and then click Printers and Faxes.
•In the Printers and Faxes folder, I clicked the printer's icon and, in the tasks pane, I
clicked Share This Printer.
•I opened the printer's Properties dialog box, and clicked on the Sharing tab.
•I clicked Share Name, and then clicked OK.

That's it—the printer was immediately available for other computers to use.

Now that I had a network printer, I was ready to connect to it and print from other
computers on the network.

To connect to the printer

•I opened Control Panel, and clicked Printers and Other Hardware.

•I clicked Add a Printer.

32
•Instead of adding a local printer, though, I clicked Printer Connection and then
browsed the network for the printer.

The whole process took less than a minute before I was printing to the network printer as
though it was connected to the computer.

SYSTEM MONITORING AND MAINTENANCE

→MONITORING ISSUES
• Quality of data - how complete is the logging data sent to logging systems and are
logging systems working as designed.
• Volume of traffic - how much data volume is being stored and is it possible to
effectively analyze it.
• Spatial distribution - where is the data coming from within the organization.
• More sophisticated attacks - do data analysis systems have the capability to detect
sophisticated attacks embedded within the data collected.
• Complexity of the networks - how complex is our network and does its complexity
outstrip our ability of our analysis systems to comprehend the attacks taking place on it.
• Encryption .
• Protection of reported network data.

• Identifying attacks on an encrypted network.

•Attacks concealed within encrypted data.
• Switched networks.
• Decreased network event visibility.
• Complexity of network IDS.
• Packet loss for a network ID increases with bandwidth

→ SERVER MAINTENANCE PROCEDURES

The maintenance procedures to be followed are

• Providing a continuous power backup to the server

• Keeping memory management to the max by providing backup techniques and

implementing those techniques at least once a day/week whenever the server remains
ideal.

• Keeping dust level to the minimum and cleaning the server workstation with blowers
whenever possible.

33
• Providing the server with as many cooler fans as possible to keep the heat level of the
processor as well as the machine to the minimum.

• Keeping track of the access limits to different hierarchy of users and implementing
firewalls wherever possible and to keep a check for loop holes and vires definations by
using a anti virus.

• Keeping server I/O procedures to the minimum to help in implementing a faster

network and limiting the count of users by implementing service counts.

• Prevention of deadlock implementation and techniques to resolve them should be

implemented and user primary and unique status should be maintained.

• Up gradation of hardware as well as software should be taken into account whenever

the load on the machine servers is unbearable.

→ TROUBLESHOOTING

The 10 step Universal Troubleshooting Process:

Prepare
Make damage control plan
Get a complete and accurate symptom description
Reproduce the symptom
Do the appropriate corrective maintenance
Narrow it down to the root cause
Repair or replace the defective component
Test
Take pride in your solution
Prevent future occurrence of this problem.

Eg : if the lan card is not functioning : then according to the above steps

1> Calm your self to search the problem as banging the machine is not a solution.
2> Then set your goal that you wont make the problem worse in the troubleshooting
process
3> Then why is the problem being caused like hardware or is it software related.
4> Then recheck whether it is the same problem.
5,6,7> If hardware then check whether the slot where lan card is placed is properly
functioning if yes then check the card if yes then the problem is software related
then perform the nic check if that is also working then it is the network media
problem. Whatever is the cause once determined replace it with spare or get the
cause fixed or else call an expert.
8> Once fixed recheck whether the cause is not creating trouble once again
9,10> Take precaution that you don’t create that problem again.

34
→ ON-LINE HELP

Online Help is topic, procedural or reference information delivered through computer

software. It is a form of User Assistance. Most Help is designed to give assistance in the
use of a software application or operating system, but can also be used to present
information on a broad range of subjects. When Help is linked to the state of application
(what user is doing), it's called context-sensitive Help.
Online Help is created through Help authoring tools. It is delivered in a wide variety of
formats, some proprietary and some open-standard, including:
Hypertext Markup Language (HTML), which includes HTML Help, HTML-based Help,
JavaHelp, and Oracle Help.
Adobe Portable Document Format (PDF) .

→ EFFECTIVE USE OF SYSTEM RESOURCES

The method for managing system resources required for communication between a
source device and a sink device includes the steps of (a) initially allocating system
resources presently required to the source device, (b) monitoring the format of the output
bit stream of the source device in a state in which communication between the two
devices is maintained, (c) allocating additional system resources to the source device or
releasing redundant system resources from the source device, under the lead of the source
device when it is determined as a result of monitoring that the requirements for system
resources have changed, and (d) detecting final system resources and releasing the
detected system resources when communication between two devices is terminated.

Eg: Useful results from monitoring software usage:

If there are more copies of the software being used than is allowed for in the licence, then
the licence needs to be changed;
Monitoring whether the software is performing as it claims to;
Assessing whether the software is using more resources than it should do;
In the event of a software crash, looking at the software behaviour just before the crash.
Assessing whether all functions are working.

Accounting Software

There are organisations that provide other organisations with network services and charge
for network use. The charge depends on:

Time logged on;

Processing time;

Resources used (such as disk space or printer);

35
Time of day.

Like auditing software, patterns of usage can be monitored to encourage users to use the
system at less busy times of the day. It can also help administrators to decide whether
extra resources are used.

→ SYSTEM BACKUP AND BACKUP TENIQUES

Backup: Information technology, backup refers to making copies of data so that these
additional copies may be used to restore the original after a data loss event. These
additional copies are typically called "backups." Backups are useful primarily for two
purposes. The first is to restore a computer to an operational state following a disaster
(called disaster recovery). The second is to restore small numbers of files after they have
been accidentally deleted or corrupted.Backups are typically that last line of defense
against data loss, and consequently the least granular and the least convenient to use.
Since a backup system contains at least one copy of all data worth saving, the data
storage requirements are considerable. Organizing this storage space and managing the
backup process is a complicated undertaking. A data repository model can be used to
provide structure to the storage. In the modern era of computing there are many different
types of data storage devices that are useful for making backups. There are also many
different ways in which these devices can be arranged to provide geographic redundancy,
data security, and portability.Before data is sent to its storage location, it is selected,
extracted, and manipulated. Many different techniques have been developed to optimize
the backup procedure. These include optimizations for dealing with open files and live
data sources as well as compression, encryption, and de-duplication, among others. Many
organizations and individuals try to have confidence that the process is working as
expected and work to define measurements and validation techniques. It is also important
to recognize the limitations and human factors involved in any backup scheme.

Backup teniques:

Data repository models - Any backup strategy starts with a concept of a data repository.
The backup data needs to be stored somehow and probably should be organized to a
degree. It can be as simple as a sheet of paper with a list of all backup tapes and the dates
they were written or a more sophisticated setup with a computerized index, catalog, or
relational database. Different repository models have different advantages. This is closely
related to choosing a backup rotation scheme.

Unstructured - An unstructured repository may simply be a stack of floppy disks or

CD-R/DVD-R media with minimal information about what was backed up and when.
This is the easiest to implement, but probably the least likely to achieve a high level of
recoverability.

36
Full + Incrementals - A Full + Incremental repository aims to make storing several
copies of the source data more feasible. At first, a full backup (of all files) is taken. After
that an incremental backup (of only the files that have changed since the previous full or
incremental backup) can be taken. Restoring whole systems to a certain point in time
would require locating the full backup taken previous to that time and all the incremental
backups taken between that full backup and the particular point in time to which the
system is supposed to be restored. This model offers a high level of security that
something can be restored and can be used with removable media such as tapes and
optical disks. The downside is dealing with a long series of incrementals and the high
storage requirements.

Full + Differential - A full + differential backup differs from a full + incremental in that
after the full backup is taken, each partial backup captures all files created or changed
since the full backup, even though some may have been included in a previous partial
backup. Its advantage is that a restore involves recovering only the last full backup and
then overlaying it with the last differential backup.

Mirror + Reverse Incrementals - A Mirror + Reverse Incrementals repository is similar

to a Full + Incrementals repository. The difference is instead of an aging full backup
followed by a series of incrementals, this model offers a mirror that reflects the system
state as of the last backup and a history of reverse incrementals. One benefit of this is it
only requires an initial full backup. Each incremental backup is immediately applied to
the mirror and the files they replace are moved to a reverse incremental. This model is
not suited to use removable media since every backup must be done in comparison to the
mirror.

Continuous data protection - This model takes it a step further and instead of
scheduling periodic backups, the system immediately logs every change on the host
system. This is generally done by saving byte or block-level differences rather than file-
level differences.It differs from simple disk mirroring in that it enables a roll-back of the
log and thus restore of old image of data.

37
 REFERENCES

• Site: www.google.co.in

• Site: www.wikipedia.org

• Site: www.nevisnetworks.com

• Site: www.networkcomputing.com

• Site: www.sdn.sap.com

• Book: Data and Computer Communications by Prentice Hall, 1997

• Book: Data Network Design by McGraw-Hill, 1997

• Book: Computer Networks – A systems Approach by Morgan Kaufman, 1998

38