Documente Academic
Documente Profesional
Documente Cultură
Having a firm understanding of the basics of how computers communicate with each
other is an important aspect of networking foundations. This introductory module
covers basic concepts that will be addressed throughout this course.
These are foundational skills that will help you complete this course as well as build
an essential baseline of information that is needed to successfully understand
networks, network protocols and design concepts, and security issues that all
managers and network technicians must understand as part of their day to day
management and support of a network in any organization.
Networks are used to transmit patient data, pharmacy data, and other
important data from the doctor to the hospital, the health insurer, and in
some cases through the Internet directly to the patient.
The doctor uses tools and instruments that generate data and that data is
stored on the network, such as the data generated from an MRI or CAT scan.
The scanning data is generated at the patient, travels across a network to a
server, and is then used by the radiologist (who could be anywhere in the
world) to determine what is happening with the patient.
Without networks, modern medicine would not exist as we know it. Understanding
the role and use of networks from how they are designed to how they are operated
is critical to medical managers to understand how the hospital operates, and the role
of IT in patient management.
Medical information systems managers also must comply with HIPAA 1 for data
protection and privacy and the Food and Drug Administration (FDA) 2 regulations in
the operation, update, and support of all controlled medical devices from
pacemakers to MRI machines. Understanding how many of these regulations work
to influence how a network is built and maintained is also important for Health
1 http://www.hhs.gov/ocr/privacy/hipaa/faq/securityrule/
2 http://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/Overview/
Informatics Managers and Technologists to understand throughout the health
information lifecycle. Patients generate a large amount of data per visit. This
includes general intake paperwork, diagnosis, payment, treatment, procedure, and
other information including in some cases genomic information. You will learn more
about these processes in C259 if you are taking the CompTIA Health Informatics
Technician course.
All of this requires a network to interconnect all the various devices, records,
payment information, billing information, and other information together into a
coherent process that allows for the efficient running of a medical organization.
What is a network?
A network is a way for more than one computer to talk to each other and share
information. Some computers are designed to serve data and are called a server,
while the majority of computers are regular Personal Computers (PC’s) that access
services that the server provides to a PC. Computers like these that connect to each
other and to servers are called workstations or hosts. Software like e-mail or web
browsing is a connection between a host and a server; hosts can also share
information amongst themselves in an ad-hoc network. Networks come in three
sizes.
The SOHO network (Small Office Home Office) is a small group of computers
without a server that generally connects to the Internet via business class or
consumer-class broadband Internet. Services such as e-mail and web sites are
provided by an Internet Service Provider (ISP) and are generally unmanaged. The
computers can be wired to a small switch that connects to the cable router, or
wireless that connects to a cable router. This is the common type of network that is
be found in a Doctor’s office who is in independent practice.
The LAN, Local Area Network, is a group of computers that might be an entire
office floor, or a building or campus building in an organization. There should be a
server to provide basic services for an office, or access to a server to provide e-mail,
access and authorizing login to the network and computers to provide file sharing
services. These servers should be located in a secure location or in a closed locked
room so that they are not accessible by anyone but the server administrators. A LAN
can be wired or wireless and will connect to a larger ISP on a commercial class
connection. These are the kinds of networks that will be found in hospitals or large
inpatient clinics.
The WAN, Wide Area Network is based on a geographical region, for example
Dallas or Washington State. These are networks that carry data between LANs so
that sites can share data or telecommute. When you access Amazon.com from your
house you will travel over a WAN to get there so you can go shopping online. These
are the kinds of networks that tie hospitals to medical insurers or multi-system
multi-state medical organizations.
As long as two or more computers need to share information they will travel over a
network of some sort.
For more information on this topic, please watch this Lynda.com video on basic
networking:
http://www.lynda.com/IT-IT-Help-Desk-tutorials/Basic-networking-
concepts/184173/187593-4.html
Topologies
The way a network is designed can be very important to how that network behaves
with other computers. There are a number of basic network shapes called
topologies that are used every day to send information back and forth between
servers and workstations.
Token Ring
Token ring is one of the older topologies that you might encounter at work. The
token is like a baton that is passed among runners during a relay race. Every
computer gets a chance to talk on the network when it has the token. When it is
done talking or its time slot is used up, the computer passes the token to the next
computer in the list. Computers keep on passing the token until all the
communications are finished or the computer is turned off. This is a very polite way
of allowing every computer time to be on the network without the risk of collision of
data. However, it is possible for the token to be corrupted during transmission,
which will cause the network to stop operating correctly.
Bus
The bus network is a network design where the computers all share the same
network line to talk to each other. This kind of network is prone to collisions
between different pieces of information because all the computers can attempt to
talk to each other at the same time. Usually this kind of network is built upon a
coaxial cable called “ThinNet”, but you might run into some very old installations on
“ThickNet”. It is possible for a single computer to “hog the network” or use up a
disproportionate amount of network resources so that other computers cannot use
the network. Generally these kinds of networks are no longer used, but you might
find them in some older companies or on specialized networks.
Star
The star topology is the most common topology in use today. It requires that a
switch be used to connect computers to each other. The switch manages the
network and ensures that computers on the network all work together with few if
any collisions and no resource hogging. The switch controls all the communications
between servers, printers and computers. The switch is also the gateway to other
networks and other computer systems making the network modular and easily
upgradable. One way that computers can share information on this kind of network
is by using a broadcast message. When you are logging in for the first time your
workstation might not know where the login server is. The login server broadcasts
its network address to the entire network so that computers know what service it is
offering to other computers on the network. This behavior is common on a Windows
network and on an Apple Talk network, but Linux computers need to know where
computer services are before they can be accessed.
These kinds of networks can be expensive to install, but once they are installed are
low-maintenance and easy to upgrade because you are only upgrading end points,
not the entire network. Capacity is easily added by installing a new switch. The star
topology also helps with network management by segregating networks into smaller
sections that can be easily monitored for errors.
Mesh
This is the last topology that is common in networking. In a mesh network every
device is connected to every other device. You will see this kind of configuration on
WAN networks for failover and redundancy. You will also see this in data centers so
that every computer has a way to communicate with every other computer in case a
device or computer fails.
For more information on this please watch this Lynda.com video on Networking
Topologies:
http://www.lynda.com/Windows-Server-tutorials/Foundations-Networking-
Networking-Basics/408231-2.html
Cables
For computers to talk to each other they have to work through a medium. The
current media are copper wire, fiber optic cables, and wireless networks that use
radio frequencies to pass data from a computer to another computer. Cables work at
the physical layer of the OSI model and the TCP/IP model (see below) so these are
important to know what they are and how they work.
You should know how much data can be transmitted by what category of cable. This
will help you later on by allowing you to plan the capacity of the network you are in
charge of or building.
Fiber Optic
Figure 3 Fiber Optic Cable
A fiber-optic transmission strand can carry the signal (in the form of a
modulated light beam) a few feet or even hundreds or thousands of miles. A
cable may contain three or four hair-like fibers or a bundle of hundreds of
such fibers.
A source of invisible infrared radiation—usually a light-emitting diode (LED)
or a solid-state laser—that can be modulated to impress digital data or an
analog signal on the light beam.
A photosensitive detector to convert the optical signal back into an electrical
signal at the receiver.
Efficient optical connectors at the light source-to-cable interface and at the
cable-to-photo detector interface. These connectors are also critical when
splicing the optical cable due to excessive loss that can occur at connections.
Wireless
A typical computer network uses twisted-pair and fiber-optic cable to interconnect
LANs. Another media competing for use in higher data-rate LANs is wireless, based
on the IEEE 802.11 wireless standard. The advantages of wireless include:
A cost-effective networking media for use in areas that are difficult or too
costly to wire
User mobility in the workplace
Wireless networks have become more and more the network of choice in
environments such as home, small offices, and public places. Being able to connect to
the network without a wire is convenient for users, not to mention the cost is much
lower. In the age of laptops and mobile devices, wireless opens the door to user
mobility in the workplace. User mobility provides flexibility. Workers can potentially
access the network or wireless data services from virtually any location within the
workplace. Accessing information from the network is as easy as if the information
were on a disk.
The benefits of wireless networks in the workplace are numerous. To provide
wireless connectivity, the network administrator must be sure the network services
are reliable and secure. Providing reliable network services means the administrator
must have a good understanding of WLAN configurations and technologies. This and
the following sections examine the fundamentals of wireless networking; the 802.11
standard and its family, 802.11a, 802.11b, and 802.11g and 802.11n; and how
WLANs are configured.
The IEEE 802.11 WLAN standard defines the physical layer, the medium access
control (MAC) layer, and the MAC management protocols and services.
A typical wireless network will look something similar to this to ensure that the
radio frequency is at the same strength all the way through the building.
It is important to verify that sufficient RF signal level is available for the users in the
WLAN. This is best accomplished by performing a site survey. Inside a building, a
site survey is performed to determine the best location(s) for placing the access
point(s) for providing maximum RF coverage for the wireless clients. Site surveys
are also done with outside installations to determine the coverage area.
Layer Function
1 - Physical Layer The Physical Layer defines the electrical
and physical specifications of the data
connection
2 – Data Link Layer The Data Link Layer provides a node to
node (PC to Router, or Router to Router)
data transfer support. It detects and
sometimes corrects errors that may
happen at the physical layer (such as a
cable being cut, or a wireless network
being disconnected). The Data Link
Layer works with the MAC (Media Access
Control) hardware address of the
computer and the router or switch.
3 – Network Layer The Network Layer provides the
functional and procedural means of
transferring packets to other computers,
routers, or other network hardware or
computers. This is where network
establishes routes (say between your
computer and Google would be
determined) for data so that your
communications with the end computer
can be established on the network. This
is where ICMP and IGMP will be found
on the network.
4 – Transport Layer This is where data is transferred
between computers using TCP/IP. This is
where connections are set up (3-way
hand shake to establish
communications). Datagrams are
transmitted using either the TCP or UDP
protocol. Error correction and reliability
are at this layer of the network.
5 – Session Layer The Session Layer is where the session is
established and maintained between a
computer and a service. For example, if
sending e-mail this is where the e-mail is
packaged and sent when you click the
“send” button. Another example is when
your session with Google or other web
service is maintained between you
computer and the server regardless of
how many times you wait between
searches.
6 – Presentation Layer The Presentation Layers is where data is
prepared for use by the Application
Layer. Any special context or libraries
needed by the Application Layer are
called here so that the data can be used
by the application. You would see this
when streaming a video or looking at a
picture on the internet.
7 – Application Layer This is where the user interacts with the
computer by using a browser, or using e-
mail such as Outlook or Word or any
other application on your computer.
Everything at this layer is application
specific, although items such as images
embedded in an e-mail and the internet
might share a common library at the
presentation layer.
And
The TCP/IP Model is a simpler model than the OSI Model with only four discreet
layers rather than seven. These four layers encompass all the same functionality of
the OSI model but wraps the data layer processes into one layer and the physical and
network layer into one layer.
Layer Function
Application Layer Similar to the Application, Presentation
and Session layers in the OSI model, this
is where you will find your applications,
session support, and translation for
types of data such as image, text and
movie
Transport Equal to the transport layer in the OSI
model, this is where you find protocols
such as TCP and UDP.
Network Equal to the network layer in the OSI
model where you will find control and
routing information such as ICMP, IGMP,
and ARP.
Network Interface Similar to the Data Link and Physical
layers in the OSI model, this is where you
find your electrical and physical
connections and layer 2 MAC address
information.
For more information on the TCP/IP Model please watch this video:
https://wgu.hosted.panopto.com/Panopto/Pages/Viewer.aspx?id=ac85dbae-61c0-
4e0d-8032-1393302a7770
There are many ways to break into a computer system, and most of these are well-
known. From a manager’s perspective, you need to learn how to address risks when
it comes to the hardware and software that you purchase for the company. There are
steps that can be taken to minimize risk, but all risk can never be eliminated. At best
you will need to make a number of informed decisions about the hardware and
software you purchase for the company, and how those purchases can best support
the company in continuing to do business.
Personal Firewalls – all modern computer systems have built-in firewalls. Most of
them are enabled by default and the user has to explicitly allow a program to access
the Internet when installing software. These allowed programs include software
like:
Microsoft Word
Microsoft Outlook
any chat or instant messaging clients that a company might use
internet browsers
other programs that the security department is allowing through the firewall
when your computer is set up at work.
Other popular ways of ensuring that the integrity of the network is not
compromised include systems such as proxy servers to make sure that clients do
not directly connect to a web server and packet filtering to make sure that data
inside the packets being sent to a computer on the network do not contain malware.
All of these are technical controls in that both software and hardware are used to
enforce company policy when connecting to the internet or network assets.
There are also policy controls that companies make, such as an acceptable use
policy, and guidance for employees in the employee handbook on their
responsibilities to keep the company network safe. Policy and technical controls
form one part of computer security that everyone should pay attention to when
navigating on the internet.
For more information on this network security please watch these video:
https://wgu.hosted.panopto.com/Panopto/Pages/Viewer.aspx?id=218ae766-3a14-
4822-ac2d-d0dc7ad540ac
There are many ways into a computer system at the network level, and in this
section we talk about people. People are always going to be an issue when it comes
to computer security, so much so that we have an entire attack surface devoted to
understanding how people fall for stories that hackers tell them. Social Engineering
relies on people behaving in an insecure manner, something that we all do on a
regular basis including your instructor.
Social engineering is the process of knowing enough about the target to get them to
trust you. If the hacker is interested in getting into a company there are a number of
approaches the hacker can take. The first one is get to know employees at the
company by going through sites likes Linkedin.com and seeing who has the most
complete profiles. The hacker will find out about them, where they work, what they
like, and anything else they have posted that is public. Then, the hacker will cross-
reference this with anything they might have posted on Facebook or Google Plus.
The hacker will next perform a Google search on the user and his or her e-mail
address to see what they post to and any interesting Internet history they might
have. Once the hacker has a fairly complete profile on the desired user, the hacker
can determine how to proceed. The hacker can send them a link, for example for a
Boy Scouts or T-ball sign-up form that has malware embedded. Or, the hacker could
send the user a link to a fake website that looks like the local community web site, in
order to get the user to click on a link that has malware attached so the hacker can
get into their computer system. Once the hacker is in the user’s computer system the
hacker can impersonate the user. It does not matter if it is a home system or a work
system, as many people work from home. The hacker can still get access to work
systems by performing a kind of specifically-targeted attack called phishing for any
employee or whaling for a CEO or other important person in an organization.
You will see that there are many variations of this kind of attack, from “watering
hole”, in which the hacker takes over a web site that people use like Stack Exchange
(a popular computer engineer web site) and infect everyone who goes to that site, to
the more personalized approach of e-mail and getting to be the target’s best friend.
Another popular attack type is to watch what people do at locations that have public
access wireless points that are unsecured. Most computers leak information, even if
it is just broadcast information. There are specific programs that take advantage of
public wireless access points like “firesheep”, which tracks sites that do not use SSL
to capture login cookies. Lack of SSL is common on a network like you will find at
fast food restaurants, hotels, hospitals, airports, and any other place that allows
unrestricted public access to a network. The key to defeating an attack like this is to
always make sure you are using SSL/HTTPS when accessing any web site when you
are on a network you are sharing with people you don’t know or trust. Sniffing the
network for plaintext passwords or other plaintext data is very common in public
networks. The best way to defeat this kind of attack is always use a Virtual Private
Network (VPN) when connecting to your company, and always use SSL to any web
site you visit if that option is available.
Other attacks include the “USB in the parking lot attack”, in which an attacker will
leave malware laden USB sticks in the parking lot of an important company like a
bank or other company. Once the USB has been plugged into a computer, that
computer no longer belongs to the company. There is also the “cleaning person”
routine, in which hackers will deliberately take jobs with companies that clean or
other service used by companies in office buildings like UPS or FedEx to infiltrate a
company.
Password cracking is another method but relies on already being in the company,
or people using insecure passwords. The most common password is still “password”
or “12345678”, allowing a hacker a quick way into an account. To prevent password
cracking and password guessing make sure to enforce through policy complex
passwords like OnTine47% or $$HHJJEEee23.
There is a way to see what others computers your computer is communicating with,
and that is to start up the command window on your computer and type in:
netstat –a or netstat –b
This will show you who you are connected to as shown below:
For more information on using netstat, please view the video here:
https://wgu.hosted.panopto.com/Panopto/Pages/Viewer.aspx?id=819b4fad-ee77-
40d6-99f3-5b71b60dede3
https://wgu.hosted.panopto.com/Panopto/Pages/Viewer.aspx?id=cf1ec2a4-34a6-
41c2-8c21-6b9457ce72d5
IPv4 Addressing
An IPv4 address is 32 bits long, made of 4 Octets that are each 8 bits long. An
example IPv4 address is:
10.24.243.24
IPv4 addresses come in five (5) classes that are used to help define the size and
topology of a network.
To address the needs of users, a series of IPv4 addresses were set to private so that
companies and users could build large elaborate networks behind one or more
public IP addresses. Private IP addresses are in all ranges A, B, and C:
Class B address of 129.12.34.35: the first two octets (129.12) are the network
while .34.35 is the host on the 129.12.x.x network
Class C address of 192.168.12.23: the first three octets (192.168.12) are the
network while 23 is the host address on the 192.168.12.x network
Each of these IP Address classes also has a subnet (Class D and E do not use
subnets) that matches the network address layout. For example, the subnet of a
standard class A IP address is:
These base subnets are used for helping define the boundaries of a network, and we
will cover this more in the subnetting section.
There are also special-purpose IP addresses like Class D and Class E as well as the
local loopback port:
127.0.0.1 – Home or Local Loopback Port – this is a reserved class A IP address to
test how the TCP/IP program on your computer is working. If you can contact
127.0.0.1 (ping localhost) and you get a reply back, then odds are highly likely that
your TCP/IP networking program is working correctly. You will also hear this
loopback address referred to as “home” by network engineers.
Class D IP Addresses – these are used for multi-casting. If you are a very large
company like Microsoft, Facebook, or Google, no one computer can ever be large
enough to take care of the billions of monthly visitors. You would use a Class D IP
address to have many computers respond to the name Microsoft.com or Google.com.
They can also be used for security, such as in preventing Denial of Service (DoS) and
Distributed Denial of Service (DDoS) attacks by making sure there are enough
computers to respond to spikes in user requests that might not be legitimate.
Class E IP Addresses – these are used for experimental purposes. If you are
designing the next great computer application and want to test how it will work on
the Internet, give it a class E IP address for research and development without
disrupting any other network you might be on at the time.
CIDR Notation
CIDR stands for Classless Inter-Domain Routing and was developed to make it
easier to route packets across the Internet. We remember that IP addresses have the
Network bits and the Host bits that we discussed in the IPv4 section above. CIDR
involves using network bits, also called “significant bits”. When routing on the
Internet it is not necessary to know every host on the Internet; rather, CIDR allows
routers and switches to know where networks reside rather than individual hosts.
CIDR is a shortcut so that network engineers know how many possible available
hosts are on a network. CIDR makes sending a packet from your computer to Google
much faster because the only thing the router needs to know is that Google is on the
6.0.0.0 network and will route accordingly. Not having to know where every host is
makes routing much faster and helps keep the Internet manageable from a network
engineering viewpoint.
The diagram below shows the possible combinations on an IPv4 address with 32
bits in the address. The diagram below shows the binary mask, the CIDR prefix, and
the subnet mask that would be used by a network engineer who is building out a
network for a company.
Figure 4 From Cisco cisco.com
It is a good idea to memorize this table for future use in the course. The easiest way
to memorize this table is to start with the bases
Class A /8
Class B /16
Class C /24
Then, use the CIDR count method below to calculate CIDR numbers for a network.
Remember that IPv4 relies on 4 octets of 8 bits each to make a 32-bit address. A
helpful way to think about how to calculate the CIDR block is to think of each set of
bits like a number line. The right-most bit is the least significant bit, and signifies a
decimal 1 in the overall subnet mask. The next right-most bit signifies a decimal 2,
the third right-most bit signifies a 4, and so on. This is counting in binary. Using this
logic, the full set of 8 bits in each octet work out this way:
128 64 32 16 8 4 2 1
Adding the numbers above together equals 255. CIDR simply counts the number of
bits that are enabled and ignores everything else. So, if all 8 bits in an octet are on:
11111111 (binary), that equals 255 (128+64+32+16+8+4+2+1) in the subnet mask.
If only a few bits are on, such as 11000000, then from the number line that means
we have turned on 128 and 64. We add these together to give us 192. Using the
number line to count your subnet and CIDR block is a straight-forward way of
solving a CIDR problem.
Full example:
We can do this for class A and B subnets as well just by remembering the base of a
class A is 11111111.00000000.000000.000000 255.0.0.0 /8 and a class B is
11111111.11111111.00000000.00000000 255.255.0.0 /16.
Sometimes we can borrow from a network address and use host bits to make a new
subnet. For example, let’s say I need a Class A network subnet mask that is CIDR /9.
Using the same number line method, that would equal:
Subnetting
Now that we know how an IPv4 address is comprised of 32 bits in 4 octets of 8 bits
each, and that we know CIDR is a short hand notation for making routing tables
smaller by only needing to know the network not the host, we can start thinking
about subnetting. There are many reasons to break up a network into smaller more
manageable sections, and that is what subnetting allows the network engineer to do.
Subnet example:
Let’s imagine we have a class C network that we need to split into 2 equal segments.
With a class C network, we know we have 24 network bits and 8 host bits. The
maximum number of available hosts is theoretically 255
(=128+64+32+16+8+4+2+1) but since one half of 255 is a fraction, that will not
work in terms of the math.
So, we need to use 256 because one half of 256 takes us to 128, or one half of the
network we are working with. This is the only time that the number of 256 will
show up in the math that we use for calculating a subnet. We need it to get to the
first number of 128 so we know what host bit to use for our subnet in our number
line.
We know from our previous lessons that a class C network is 255.255.255.0 /24. If
we need one half of that number, we can use our number line. We divide 256 by 2
and get 128, or our first number on our number line. Based on that, we next do the
following:
11111111.11111111.11111111.10000000
Because we took 1 bit from the hosts to be a network bit, we count all our 1’s and
come to 25. So, our CIDR notation for this subnet would be /25.
One half of a Class A network is also 128, but our position in the IP address is
different and our CIDR is different.
255.128.0.0
11111111.10000000.00000000.00000000 and the CIDR is /9.
256 / 4 = 64
We would subtract 64 from 256 and arrive at 192. Using our number line, we count
the number of bits that we need to borrow from the hosts:
128 64 32 16 8 4 2 1
1 1 0 0 0 0 0 0 = 192 (128 + 64)
255.255.192.0
CIDR /18
As long as you remember that IPv4 addresses are 32 bits, 4 octets of 8 bits each,
subnetting a network can be straightforward. Remember the number line to
calculate the CIDR block, and memorize the table so that you know the number of
available hosts on a network.
Key Terms
Internet – a global network where people can share and store data
MRI – Magnetic Resonance Imager produces images of organs and structures within
the body
Network – A method for two or more computers to communicate with each other
Token Ring – an older topology in the shape of a ring where computers talk to each
other by sharing a token
Bus Network – a single cable terminated by 50-Ohm caps that all computers share
Star Network – a modern design with a switch that performs routing and sharing
decisions for the computers on the network
Mesh – a fault tolerant network topology where all computers are interconnected to
each other
Cross Talk – two data streams that interfere with each other
IEEE 802.11 – A Wireless Local Area Network standard for the physical layer
OSI Model – A reference guide called the Open Systems Interconnect with seven
layers
TCP/IP Model – A reference guide used in conjunction with the OSI model but with
only four layers
Worm – a malware program that can propagate and replicate without human
intervention
Trojan – a malware program that looks like a useful program but can damage a
computer system
Proxy Server – a specialized server that provides logging, caching, and filtering of
web sites or other services
Packet Filtering – a method used to ensure that data inside a network session does
not contain malware
Policy Controls – polices created by companies that set down minimum standards
that will be followed by all employees of a company
Social Engineering – a hacking method that can be used against people to click a link
or turn over a username and password
Phishing – a social engineering practice used to trick a person into clicking a link to
malware
Whaling – a social engineering practice that directly targets CEO’s and other C suite
executives to compromise their computers
Sniffing – a technological way of obtaining computer traffic for later off line analysis
SSL – Secure Sockets Layer – used to encrypt sessions between servers and
workstations
HTTPS – Secure Hyper Text Transfer Protocol – used to secure data transmission
between a web server and a work station
Local Loopback – also known as home, a special IPv4 address to test the local
connection to the network
References:
http://www.hhs.gov/ocr/privacy/hipaa/faq/securityrule/
http://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/Overview/