The Expanding Network (1.4)
The Internet has continuously expanded in the last two decades, and there is no indication that the expansion is slowing.
Network Trends (1.4.1)
In this section you will learn about emerging Internet trends.
New Trends (18.104.22.168)
When you look at how the Internet has changed so many of the things people do daily, it is hard to believe that it has only been around for most people for about 20 years. It has truly transformed the way individuals and organizations communicate. For example, before the Internet became so widely available, organizations and small businesses largely relied on print marketing to make consumers aware of their products. It was difficult for businesses to determine which households were potential customers, so businesses relied on mass print marketing programs. These programs were expensive and varied in effectiveness. Compare that to how consumers are reached today. Most businesses have an Internet presence where consumers can learn about their products, read reviews from other customers, and order products directly from the website. Social networking sites partner with businesses to promote products and services. Bloggers partner with businesses to highlight and endorse products and services. Most of this product placement is targeted to the potential consumer, rather than to the masses.
As new technologies and end-user devices come to market, businesses and consumers must continue to adjust to this ever-changing environment. The role of the network is transforming to enable the connections of people, devices, and information. There are several new networking trends that will affect organizations and consumers. Some of the top trends include
- Bring Your Own Device (BYOD)
- Online collaboration
- Video communication
- Cloud computing
These trends are interconnected and will continue to build off of one another in the coming years. The next couple of topics will cover these trends in more detail.
But keep in mind, new trends are being dreamed up and engineered every day. How do you think the Internet will change in the next 10 years? 20 years?
Bring Your Own Device (BYOD) (22.214.171.124)
The concept of any device, to any content, in any way is a major global trend occurring in business IT environments that requires significant changes to the way devices are used. This trend is known as Bring Your Own Device (BYOD).
In the past, an employee who needed access to the corporate network would be issued a company-provided device, such as a laptop or PC. These devices were typically expensive and were seen as tools for work. With the growth of consumer devices, and the related drop in cost, employees can be expected to have some of the most advanced tools for personal use. These personal tools include laptops, netbooks, tablets, smartphones, and e-readers. BYOD is about end users having the freedom to use these personal tools to access information and communicate across the corporate network. These can be devices purchased by the employer, devices purchased by the employee, or both. BYOD means any device, with any ownership, used anywhere. Extended connectivity through mobile and remote access to the corporate network gives employees tremendous flexibility and increased productivity.
BYOD is an influential trend that has or will touch every IT organization. There are many effects and considerations when providing for a BYOD environment.
BYOD Considerations (126.96.36.199)
In a BYOD environment, individuals are likely to have multiple devices connected to the network, possibly simultaneously. This leads to a large increase in the overall number of connected devices. The network must be designed in a way to support these additional devices and their traffic.
Additionally, a complete BYOD solution must consider how to extend the full services of the organization seamlessly, providing the same types of services to a user on a BYOD as are available to a user on a corporate PC. This includes collaboration tools such as integrated voice, video, IM, conferencing, and application sharing.
Finally, the network and applications must be able to offer quality of service regardless of whether the connectivity to those applications or collaboration tools occurs in the main campus, branch office, home office, or mobile teleworker location. Any solution must consider not only the employee using their own device, but also the individuals and applications that they are connecting and communicating with.
Security is a major consideration in a BYOD environment; therefore, any solution must be a highly secure mobile solution. Mobile and remote-access devices are typically not under the same strict control and scrutiny as employer-provided desktop and laptop computers. Therefore, appropriate security and user policies need to be applied to protect corporate data when employees connect with these devices. The range of those policies may vary depending on the spectrum of BYOD access that an organization wants.
Depending on the needs of the organization, a range of BYOD policies may be in place, from limited access to advanced BYOD implementation. Each of these implementations must include end-user agreements that outline the use of personal devices on corporate networks, policies for how and what those devices can access, and guidelines for how lost or stolen devices will be handled. Organizations may also need an agreement about when and if data can be accessed from the personal device of an employee. There have been several legal challenges recently for cases involving an employer who remotely “wiped” an employee-owned device, including both the corporate and personal data it contained. Imagine your surprise as an employee when you discover that by using your new tablet to access the corporate network, you unknowingly agreed to let IT delete your favorite family photos remotely.
Online Collaboration (188.8.131.52)
Employees want to connect to the network not only for access to data applications, but also to collaborate with one another. Collaboration is defined as “the act of working with another or others on a joint project.”
For businesses, collaboration is a critical and strategic priority. To remain competitive, organizations must answer three primary collaboration questions:
- How can they get everyone on the same page?
- With decreased budgets and personnel, how can they balance resources to be in more places at once?
- How can they maintain face-to-face relationships with a growing network of colleagues, customers, partners, and peers in an environment that is more dependent on 24-hour connectivity?
One way to answer these questions in today’s environment is through online collaboration tools. In traditional workspaces, and with BYOD environments alike, employees are taking advantage of voice, video, and conferencing services in collaboration efforts.
The ability to collaborate online is changing business processes. New and expanding collaboration tools allow individuals to quickly and easily collaborate, regardless of physical location. Organizations have much more flexibility in the way they are organized. Employees are no longer restricted to physical locations. Expert knowledge is easier to access than ever before. Expansions in collaboration allow organizations to improve their information gathering, innovation, and productivity
Collaboration tools give employees, customers, and partners a way to instantly connect, interact, and conduct business, through whatever communications channels they prefer, and achieve business objectives.
Collaboration Considerations (184.108.40.206)
The ability to work together to solve a common problem has proven to be one of mankind’s greatest accomplishments. Great things can happen when we all work together. However, implementing a collaboration strategy is not always easy and there can be many challenges to overcome.
End users have high expectations that application performance will be maintained, regardless of time, location, and end device. Users also want to be able to have collaboration capabilities regardless of service provider, meaning they want those capabilities to be available whether they are connecting with collaboration tools across a corporate-maintained network or connecting via their home or hotel Internet connection.
For an organization to be successful in its collaboration strategy, it must determine its collaboration needs and establish which tools effectively meet those needs. Additionally, an organization must be able to prioritize traffic and effectively monitor and manage the performance of those collaboration tools. Finally, an organization must consider security requirements for collaboration and establish proper-use policies to ensure corporate data remains secure.
There’s a wide range of collaboration tools available on the market today, including mobile applications, telePresence, and online web-conferencing tools, just to name a few.
Video Communication (220.127.116.11)
Another trend in networking that is critical in the communication and collaboration effort is the use of video. Video conferencing and person-to-person video calling are already proving particularly powerful for sales processes and for doing business at a distance, both locally and globally. Today, businesses are using video to transform key business processes to create competitive advantage, lower costs, and reduce environmental impact, particularly by avoiding the need for travel. Figure 1-18 shows the trend of video in communication.
Figure 1-18 Use of Video on the Internet Is Growing.
Both consumers and businesses are driving this change. Video is becoming a key requirement for effective collaboration as organizations extend across geographical and cultural boundaries. Video users now demand the ability to view any content, on any device, anywhere.
Businesses are also recognizing the role of video to enhance the human network. The growth of media, and the new uses to which it is being put, is driving the need to integrate audio and video into many forms of communication. The audio conference will coexist with the video conference. Collaboration tools designed to link distributed employees will integrate desktop video to bring teams closer together.
There are many drivers and benefits for including a strategy for using video. Each organization is unique. The exact mix, and the nature of the drivers for adopting video, will vary from organization to organization, and by business function. Marketing, for example, may focus on globalization and fast-changing consumer tastes, while the focus of the Chief Information Officer (CIO) may be on cost savings by reducing travel costs of employees who need to meet face-to-face.
Cloud Computing (18.104.22.168)
Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over a network. A company uses the hardware and software in the cloud and pays a service fee to the cloud provider.
Local computers no longer have to do all the “heavy lifting” when it comes to running network applications. The network of computers that make up the cloud handles them instead. The hardware and software requirements of the user are decreased. The user’s computer must interface with the cloud using software, which may be a web browser, and the cloud’s network takes care of the rest.
Cloud computing is another global trend changing the way organizations access and store data. Cloud computing uses cloud-based services to reduce costs and improve business processes. Cloud computing encompasses any subscription-based or pay-per-use service, in real time over the Internet, that extends the capabilities of IT without requiring investment in new infrastructure, training new personnel, or licensing new software. These services are available on demand and delivered economically to any device anywhere in the world without compromising security or function.
Cloud computing helps enterprise IT shift spending from large, one-time capital expenditures to ongoing operating expenses. It also allows enterprise IT to share cloud solution assets and provide dynamic, on-demand delivery of services to the enterprise as a whole.
Cloud computing offers the following potential benefits:
- Organizational flexibility: Users can access the information anytime and anyplace using a web browser.
- Agility and rapid deployment: The IT department can focus on delivering the tools to mine, analyze, and share the information and knowledge from databases, files, and people.
- Reduced cost of infrastructure: Technology is moved from on site to a cloud provider, eliminating the cost of hardware and applications.
- Refocus of IT resources: Cost savings of hardware and applications can be applied elsewhere.
- Creation of new business models: Applications and resources are easily accessible, so companies can react quickly to customer needs. This helps them set strategies to promote innovation while potentially entering new markets.
Types of Clouds (22.214.171.124)
There are four primary types of clouds:
- Public clouds: Cloud-based applications and services offered in a public cloud are made available to the general population. Services may be free or may be offered on a pay-per-use model, such as paying for online storage. A public cloud uses the Internet to provide services.
- Private clouds: Cloud-based applications and services offered in a private cloud are intended for a specific organization or entity, such as the government. A private cloud can be set up using the organization’s private network, though this can be expensive to build and maintain. A private cloud can also be managed by an outside organization with strict access security.
- Custom clouds: These are clouds built to meet the needs of a specific industry, such as healthcare or media. Custom clouds can be private or public.
- Hybrid clouds: A hybrid cloud is made up of two or more clouds (for example, part custom and part public), where each part remains a distinctive object but both parts are connected using a single architecture. Individuals on a hybrid cloud would be able to have degrees of access to various services based on user access rights.
Data Centers (126.96.36.199)
Cloud computing is possible because of data centers. A data center is a facility used to house computer systems and associated components, including
- Redundant data communications connections
- High-speed virtual servers (sometimes referred to as server farms or server clusters)
- Redundant storage systems (typically use SAN technology)
- Redundant or backup power supplies
- Environmental controls (e.g., air conditioning, fire suppression)
- Security devices
A data center can occupy one room of a building, one or more floors, or an entire building. Modern data centers make use of cloud computing and virtualization to efficiently handle large data transactions. Virtualization is the creation of a virtual version of something, such as a hardware platform, operating system (OS), storage device, or network resources. Whereas a physical computer is an actual discrete device, a virtual machine consists of a set of files and programs running on an actual physical system. Unlike multitasking, which involves running several programs on the same OS, virtualization runs several different OSs in parallel on a single CPU. This drastically reduces administrative and cost overheads.
Data centers are typically very expensive to build and maintain. For this reason, only large organizations use privately built data centers to house their data and provide services to users. For example, a large hospital may own a separate data center where patient records are maintained electronically. Smaller organizations that cannot afford to maintain their own private data center can reduce the overall cost of ownership by leasing server and storage services from a larger data center organization in the cloud.
Network Security (1.4.2)
This section explores how securing a network is becoming an increasingly complex task.
Security Threats (188.8.131.52)
Network security is an integral part of computer networking. As new technologies and trends emerge, so too must the protections that organizations use. Network security requirements must take into account the BYOD environment, the collaboration applications, video requirements, and cloud computing needs. Network security must be able to secure the corporate data while still allowing for the quality of service that is expected of each technology.
Securing a network involves protocols, technologies, devices, tools, and techniques to secure data and mitigate threats. Many external network security threats today are spread over the Internet. The most common external threats to networks include
- Viruses, worms, and Trojan horses: Malicious software and arbitrary code running on a user device
- Spyware and adware: Software installed on a user device that secretly collects information about the user
- Zero-day attack, also called zero-hour attack: An attack that occurs on the first day that a vulnerability becomes known
- Hacker attack: An attack by a knowledgeable person using software or network vulnerabilities to exploit devices or network resources
- Denial of service attack: An attack designed to slow or crash applications and processes on a network device
- Data interception and theft: An attack to capture private information from an organization’s network
- Identity theft: An attack to steal the login credentials of a user in order to access private data
It is equally important to consider internal threats. There have been many studies that show that the most common data breaches happen because of employees. This can be attributed to lost or stolen devices, accidental misuse by employees, and even malicious insiders. With the evolving BYOD strategies, corporate data is much more vulnerable. Therefore, when developing a security policy, it is important to address both external and internal security threats. Figure 1-19 depicts threats from internal and external sources.
Figure 1-19 Network Threats
Security Solutions (184.108.40.206)
No single solution can protect the network from the variety of threats that exist. For this reason, security should be implemented in multiple layers, using more than one security solution. If one security component fails to identify and protect the network, others still stand.
The network security implementation for a corporate network usually consists of many components built into the network to monitor and filter traffic. Ideally, all components work together, which minimizes maintenance and improves security.
Network security components for a home or small office network should include, at a minimum, the following:
- Antivirus and antispyware: To protect user devices from malicious software.
- Firewall filtering: To block unauthorized access to the network. This may include a host-based firewall system that is implemented to prevent unauthorized access to the host device, or a basic filtering service on the home router to prevent unauthorized access from the outside world into the network.
Larger networks and corporate networks often have additional security requirements:
- Dedicated firewall system: To provide more advanced firewall capability that can filter large amounts of traffic with more granularity
- Access control lists (ACL): To further filter access and traffic forwarding
- Intrusion prevention system (IPS): To identify fast-spreading threats, such as zero-day or zero-hour attacks
- Virtual private network (VPN): To provide secure access to remote workers
Network security requirements must take into account the network environment, as well as the various applications and the computing requirements. Both home environments and businesses must be able to secure their data, while still allowing for the quality of service that is expected of each technology. Additionally, the security solution implemented must be adaptable to the growing and changing trends of the network.
The study of network security threats and mitigation techniques starts with a clear understanding of the underlying switching and routing infrastructure used to organize network services.
Network Architectures (1.4.3)
This section explores network architectures and how they evolve to handle new technologies.
Cisco Network Architectures (220.127.116.11)
The role of the network has changed from a data-only network to a system that enables the connections of people, devices, and information in a media-rich, converged network environment.
In order for networks to function efficiently and grow, the network must be built upon a standard architecture. The network architecture refers to the devices, connections, and products that are integrated to support the necessary technologies and applications. A well-planned network technology architecture helps to ensure that any device can be connected across any combination of network, increases cost efficiency by integrating network security and management, and improves business processes.
With the constant evolution of networks, Cisco has updated its enterprise architectures and frameworks and has created the following three enterprise architectures to address the new network trends, as shown in Figure 1-20:
- Borderless networks architecture
- Collaboration architecture
- Data center and virtualization architecture
These three enterprise technology architectures can be implemented separately, or combined.
Figure 1-20 Three Cisco Network Architectures
Cisco Borderless Network (18.104.22.168)
The Cisco Borderless Network Architecture is a network solution that enables organizations and individuals to connect securely, reliably, and seamlessly to the corporate network in a BYOD environment.
This architecture separates the network functions into four areas of responsibility:
- Cisco Borderless End Point/User Services: Connects the various devices to provide access to network services. Devices that can connect to the borderless network can range from PCs to tablets and smartphones.
- Cisco Borderless Network Services: Optimizes the network connection and includes wireless access, secure access to corporate assets, and video performance optimization.
- Cisco Borderless Network Systems: Spans an organization from initial device network access to connecting devices to the cloud.
- Cisco Borderless Infrastructure: Supports services and systems with an infrastructure of scalable and resilient hardware and software.
The borderless network architecture supports a highly secure, high-performing network that is accessible to a wide range of devices. It needs to be flexible enough to scale in its support for future growth in terms of business expansion, including BYOD, mobility, and cloud computing, and must be able to support the growing requirements for online voice and video.
Collaboration Architecture (22.214.171.124)
To help organizations meet expanding collaboration needs, Cisco provides a collaboration architecture consisting of four categories of collaboration products:
- TelePresence: Provides next-generation video conferencing, where everyone, everywhere can be face-to-face and more effective through the most natural and lifelike communications experience available.
- Collaboration Applications: Stay connected and productive with voice, video, and web conferencing; messaging; mobile applications; and enterprise social software. For example, Cisco WebEx Meetings enables users to create and attend web conference calls. Users can meet to present ideas, share desktops, work on files together, and collaborate with others. Callers can see one another using webcams, and meetings can be recorded for people who are unable to attend.
- Customer Collaboration: Creates the foundation for positive customer service, a primary factor in building a stronger business. An example of this is the Cisco SocialMiner social media customer care solution. It can help companies proactively respond to customers and prospects communicating through public social media networks such as Twitter, Facebook, and other public forums or blogging sites.
- Unified Communications: View, optimize, and manage the entire communications system from one screen. With Cisco Unified Communications, organizations can seamlessly manage voice, video, mobility, and presence services between IP endpoints, media-processing devices, Voice over IP (VoIP) gateways, mobile devices, and multimedia applications.
Data Center Architecture (126.96.36.199)
The Cisco Unified Data Center is a complete data center infrastructure architecture that combines computing, networking, security, virtualization, and management solutions in a framework that delivers outstanding performance for physical and virtualized business applications. It is uniquely capable of providing the kind of simplicity, performance, and security that IT departments demand as they transition from physical to virtual to cloud environments.
The Cisco Unified Data Center incorporates three main data center technologies:
- Cisco Unified Computing: Integrates computing, networking, and storage resources to provide a unique, open, managed system that can scale to hundreds of server blades and thousands of desktops on virtual machines. Cisco Unified Computing reduces infrastructure costs, and can be deployed nearly 90 percent more quickly than traditional server platforms.
- Cisco Unified Fabric: Flexible network solutions deliver network services to servers, storage, and applications, providing transparent convergence, scalability, and sophisticated intelligence using Cisco Nexus and Catalyst switches.
- Cisco Unified Management: Provides the framework for IT service-creation and self-service capabilities, enabling IT to operate more efficiently and to more quickly offer new services to the business.
The three Cisco architectures previously discussed are built on an infrastructure of scalable and resilient hardware and software. Components of the architectures come together to build network systems that span your organization from network access to the cloud, and provide organizations with the services they need.
At the foundation of all three of these architectures, and in fact, at the foundation of the Internet itself, are routers and switches. Routers and switches transport data, voice, and video communications, allow for wireless access, and provide for security. After a basic network infrastructure with routing and switching is built, organizations can grow their network over time, adding features and functionality in an integrated solution.
As the use of these integrated, expanding networks increases, so does the need for training for individuals who implement and manage network solutions. This training must begin with the routing and switching foundation. Achieving Cisco Certified Network Associate (CCNA) certification is the first step in helping an individual prepare for a career in networking.
CCNA certification validates an individual’s ability to install, configure, operate, and troubleshoot medium-size routed and switched networks, including implementation and verification of connections to remote sites in a WAN. This CCNA curriculum includes lessons that address the basic mitigation of security threats, introduction to wireless networking concepts and terminology, and performance-based skills. This CCNA curriculum also includes the use of various protocols, such as Internet Protocol (IP), Open Shortest Path First (OSPF), Serial Line Interface Protocol (SLIP), Frame Relay, VLANs, Ethernet, access control lists (ACLs), and others.
This course helps set the stage for networking concepts and basic routing and switching configurations and is a start on your path for CCNA certification.