Archive

Archive for the ‘Networking & Related’ Category

Cloud Computing : Architecture


Hey guys !!! i hope everyone is clear with the overview on cloud computing ,which i had already discussed in my previous blog. Our entire discussion on cloud computing will not end until and unless we discuss about the architectures and the technical side of this system. So, without wasting much time on “bakwasss” lets begin our discussion on the architecture of cloud computing.

Cloud architecture, the systems architecture of the software systems involved in the delivery of cloud computing, typically involves multiple cloud components communicating with each other over a loose coupling mechanism such as a messaging queue. When talking about a cloud computing system, it’s helpful to divide it into two sections:

1. The Front End or the Intercloud:
The front end includes the client’s computer (or computer network) and the application required to access the cloud computing system. Not all cloud computing systems have the same user interface. Services like Web-based e-mail programs leverage existing Web browsers like Internet Explorer or Firefox. Other systems have unique applications that provide network access to clients.

Cloud Computing Architecture

Cloud Computing Architecture

2. The Back End or The Cloud Engineering :
On the back end of the system are the various computers, servers and data storage systems that create the “cloud” of computing services. In theory, a cloud computing system could include practically any computer program you can imagine, from data processing to video games. Usually, each application will have its own dedicated server.

[N.B: Cloud engineering is the application of engineering disciplines to cloud computing. It brings a systematic approach to the high level concerns of commercialisation, standardisation, and governance in conceiving, developing, operating and maintaining cloud computing systems. It is a multidisciplinary method encompassing contributions from diverse areas such as systems, software, web, performance, information, security, platform, risk, and quality engineering.]

If a cloud computing company has a lot of clients, there’s likely to be a high demand for a lot of storage space. Some companies require hundreds of digital storage devices. Cloud computing systems need at least twice the number of storage devices it requires to keep all its clients’ information stored. That’s because these devices, like all computers, occasionally break down. A cloud computing system must make a copy of all its clients’ information and store it on other devices. The copies enable the central server to access backup machines to retrieve data that otherwise would be unreachable. Making copies of data as a backup is called Redundancy.

The architecture of cloud is evolving rapidly. Hopefully in the upcoming future of computing we can say “we build our home in the cloud”. There are also many issues such as privacy, data maintenance, etc, but still there are loads of advantages too. We will discuss it in the later blogs. Stay tuned for more !!!

Advertisements

How to configure a switch port to work in Promiscuous mode?


Following are the steps to configure a switch port to work in promiscuous mode.

  1. Connect to console port (using hyper terminal [port com1, speed 9600 bps]).
  2. Run the following commands:

    # configure terminal.

    # no monitor session 1.

    # monitor session 1 source interface fastEthernet 0/1.

    # monitor session 1 destination interface fastEthernet 0/24.

    # encapsulation dot1q.

    # end

    # show monitor session1.

     

    [Note: Promiscuous mode refers to the special mode of Ethernet hardware, in particular network interface cards (NICs), that allows a NIC to receive all traffic to the network, even if it is not addressed to this NIC. In a wider sense, promiscuous mode also refers to network visibility from a single observation point.]

NETWORK FILE SYSTEM

April 17, 2009 Leave a comment

Network File System Abbreviated NFS. A distributed file-sharing system developed well over a decade ago by Sun Microsystems, Inc.

NFS allows a computer on a network to use the files and peripheral devices of another networked computer as if they were local, subject to certain security restrictions. Using NFS, you can share files on your system with other computers running MS-DOS, MacOS, Unix, Novell NetWare, VMS, and many other operating systems, in both local
and global environments. NFS is platform-independent and runs on mainframes, minicomputers, RISC-based workstations, diskless workstations, and personal computers.

Categories: Networking & Related

OpenSSL: Introduction

April 9, 2009 Leave a comment

OpenSSL is an open source implementation of the SSL and TLS protocols. The core library (written in the C programming language) implements the basic cryptographic functions and provides various utility functions. Wrappers allowing the use of the OpenSSL library in a variety of computer languages are available.
OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an Apache-style licence, which basically means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions.

Versions are available for most Unix-like operating systems (including Solaris, Linux, Mac OS X and the four open source BSD operating systems), OpenVMS and Microsoft Windows.

FIPS 140-2 Complience:

OpenSSL is one of the few open source programs to be validated under the FIPS 140-2 computer security standard by the National Institute of Standards and Technology‘s Cryptographic Module Validation Program.
[Note: FIPS stands for Federal Information Processing Standard]

Present Version:

openssl-1.0.0-beta1 [ Works under FIPS mode as weel as NON-FIPS Mode (Beta Version) ]

openssl-0.9.8k [Works under FIPS mode as well as NON-FIPS mode (Stable Version)]

openssl-fips-1.2 [ Works Under FIPS Mode ]

The other version of the setup files, documentations and other informations can be obtained from http://www.openssl.org/

WIMAX ————– THE 4TH GENERATION

April 6, 2009 Leave a comment

WiMAX, (802.16e) meaning Worldwide Inter-operability for Microwave Access, is a telecommunications technology that provides wireless transmission of data using a variety of transmission modes, from point-to-multipoint links to portable and fully mobile internet access. The technology provides up to 3 Mbit/s broadband speed without the need for cables. It is a newer standard of wireless networking designed to provide the last mile of high speed internet access to the end user. Some people would call Wimax WiFi on steroids but this would be to broad of an assessment. Wifi was and still will be used in LAN environments for the foreseeable future. WiMax was designed to provide (MAN) Metropolitan Area Access, to homes and businesses.

WiMax base stations will have the ability to provide approximately 60 businesses with T1 access and hundreds of homes with DSL/Cable speed access…in theory. Engineers are stating that WiMax has the capability of reaching 30 Miles but real world testing has shown 4-8 mile working radius. WiMax (MAN) deployments are similar to a WiFi network. First the ISP would have their T3 or higher access. The ISP would then use line of sight antennas (Bridges) to connect to towers that would distribute the non line of sight signal to (MAN) residential/business clients. WiMax line of sight antennas operate at a higher Frequency up to 66mhz. Distribution antennas do not have to be in the line of sight with their clients. Non – line of sight towers operate on a range similar to WiFi . WiMax can operate right next to cell phone towers with no interference. WiMax networks are similar to Wifi in deployment. The Wimax Base station/Tower will beam a signal to a WiMax Receiver. Similar to a WiFi access point sending a signal to a laptop. As far as I can tell laptops will be shipping with Wimax receivers in 2006.

aaaa1

QOS (Quality of Service) is an major issue with WiMax because of the number of people accessing a tower at once. Some would think that a tower could be easily overloaded with a lot of people accessing it at once. Built into the WiMax standard is an algorithm that when the tower/base station is nearing capacity then it automatically will transfer the user to another WiMax tower or cell. Unlike a Wifi clients who have to kind of fight to stay associated with a given access point; WiMax will only have to perform this hand shake at the MAC level the first time they access the network. WiMax is designed for building a network infrastructure when the environment or distance is not favorable to a wired network. Also, WiMax is a cheaper and quicker alternative than having to lay wire. Third world countries will greatly benefit from deploying WiMax networks. WiMax can handle virtually all the same protocols Wifi can including VOIP. African countries are now going to start deploying WiMax networks instead of cell phone networks. Disaster zones can also utilize WiMax giving them the ability to distribute crisis information quickly and cheaply. Militaries are already using wireless technology to connect remote sites. Logistics will be simplified with the ease of tracking with RF technologies. WiMax can also handle Webcams and streaming video which would give commanders eyes on target capability. Just imagine if planes were able to drop preconfigured self deploying WiMax antennas in strategic areas giving troops real time battlefield intel. Armed with wireless cameras, drones and a GPS one soldier would truly be an Army of One.  As WiMax is deployed in more areas theory and real life capabilities of WiMax will come to light. The differences between WiMax and Wifi are simple. Think of a WiMax network as an ISP with out wires, with the signal providing your internet access to your business/ home. Wifi will be used within in your LAN for the near future.

SSL VPN: Architechture of VPN


On my last 2 posts, I had explained the ‘SSL‘ and the ‘VPN‘. What are they, and what is our purpose of using them. Now, we’ll see VPN Architecture. With a simple diagram, I shall try to make you understand.

VPN architectureLet us take our previous example of John. Here, in the figure, the VPN device has 2 Ethernet ports: a Public Port & a Private Port. The Public Port is directly connected to the Internet via firewall and routers. The Private Port is connected to the 30 computers in the XYZ Pvt. Ltd. Now, as we can see, John wishes to connect to VPN; he, using the Internet, can connect to the VPN.

Now, one more thing, we can see, in the figure, over the ‘Internet‘, there is something called “SSL Tunnel Thru Internet“. Remember SSL? This is that tunnel. It is encrypted through several algorithms, which depends on the manufacturer of the device. Some manufacturers uses AES-128 some uses RC4 algorithm.

One more thing, the VPN device looks alike just a normal ’24-port switch‘. It contains more than 1 Ethernet port. It contains all normal hardware components of a CPU: like a Motherboard, a Processor, RAMs, a Hard Disk Drive etc. They also contain some Operating Systems. Generally Linux OS is provided with the devices. The reason is open source, free and its robustness. More over Linux is such a dynamic OS, that, the administrator can perform any type of job there.

So, in a nutshell, this was a brief architecture of VPN devices. If you guys face any problem, just post them in comments or contact us. We shall try to help you.

Thank you.

O.S.I REFERENCE

April 3, 2009 1 comment

OSI Reference Model : A networking reference model defined by the ISO (International Organization for Standardization) that divides computer-to-computer communications into seven connected layers. Suchlayers are known as a protocol stack. Each successively higher layer builds on the functions of the layers below, as follows:

  • Application layer :The highest level of the model. It defines the manner in which applications interact with the network, including database management, e-mail, and terminal-emulation programs.
  • Presentation layer : Defines the way in which data is formatted, presented, converted, and encoded.
  • Session layer : Coordinates communications and maintains the session for as long as it is needed, performing security, logging, and administrative functions.
  • Transport layer : Defines protocols for structuring messages and supervises the validity of the transmission by performing some error checking.
  • Network layer : Defines protocols for data routing to ensure that the informationarrives at the correct destination
  •  Data-link layer : Validates the integrity of the flow of data from one node to another by synchronizing blocks of data and controlling the flow of data.
  • Physical layer : Defines the mechanism for communicating with the transmission medium and interface hardware.