Chandan Minor Project

8/3/2019 Chandan Minor Project

1/26

Software RequirementsSpecification

for

< Network Security>

Version< minor>

Prepared by


2/26

SoftwareRequirements Specification for Page ii

Table of Contents

1. Introduction................................................................................................................................11.1 Purpose................................................................................................................................................ 11.2 Document Conventions....................................................................................................................... 1

1.3 Intended Audience and Reading Suggestion...................................................................................... 21.4 Project Scope....................................................................................................................................... 2Some inefficiency in existing system...................................................................................................... 21.5 References.......................................................................................................................................... 4

2. Overall Description....................................................................................................................52.1 Product Perspective............................................................................................................................. 52.2 Product Features.................................................................................................................................. 52.3 Design and Implementation Constraints........................................................................................... 18

3. System Features....................................................................................................................... 23


3/26

SoftwareRequirements Specification for Page 1

1. Introduction

1.1 Purpose

The purpose of network security is essentially to prevent loss, through misuse of data.

There are a number of potential pitfalls that may arise if network security is not

implemented properly. Some of these are:

1. Each business will identify with the need to keep certain critical information privatefrom competitor eyes.

2. Data destruction: Data is a very valuable commodity for individuals and enterprises

alike. It is a testament to its importance when the proliferation of backup technologyavailable today is considered. Destruction of data can severely cripple the victimconcerned.

3. Data manipulation: A system break-in may be easily detectable, as some hackerstend to leave tokens of their accomplishment. However, data manipulation is amore insidious threat than that. Data values can be changed and, while that maynot seem to be a serious concern, the significance becomes immediately apparentwhen financial information is in question.

There are many more potential threats that can cripple a system.

1.2 Document Conventions

Main Section Titles

Font: Times New Roman Face: Bold Size: 16

Sub Section Titles


Other Text Explanations



4/26


1.3 Intended Audience and Reading Suggestion

Students:

The project shows an infinite path in the field of security in Internet labs. There isalways a perspective of development.

Developers:

Project developers have an advantage of quickly understanding the methodologyenabled and personalizing the product.

A network designer would suggest all the clients to go through therequirement section thoroughly before using any network application. The studentsare expected to have certain knowledge in the terms used and hence can go for thesecurity issues directly.

1.4 Project Scope

Some inefficiency in existing system

The current system has many deficiencies and is inefficient. It does not providefacilities for proper monitoring. Good monitoring mechanisms are the basis ofsuccessful development programs and schemes. The student block is presently not

connected to the network. Thus they are not getting facilities of the internet.The library is also facing the same problem. The database of the library should bemaintained so that student gets the appropriate information about books. Classroomcomputers should also have e books to help students.

Proposed system:AIM:- Developing a Security PolicyThe first step any organization should take to protect its data and itself from a liabilitychallenge is to develop a security policy. A policy is a set of principles that guide

decision-making processes and enable leaders in an organization to distributeauthority confidently. RFC2196 states that a "security policy is a formal statementof the rules by which people who are given access to an organization's technologyand information assets must abide." A security policy can be as simple as a briefAcceptable Use Policy for network resources, or it can be several hundred pages longand detail every element of connectivity and associated policies.


5/26


A security policy meets these goals:

Assembling a security policy can be daunting if it is undertaken without guidance.For this reason, the International Organization for Standardization (ISO) and the

International Electro technical Commission (IEC) have published a security standarddocument called ISO/IEC 27002. This document refers specifically informationtechnology and outlines a code of practice for information securitymanagement. ISO/IEC 27002 is intended to be a common basis and practicalguideline for developing organizational security standards and effective securitymanagement practices. The document consists of 12 sections.

Risk assessment Security policy Organization of information security Asset management Human resources security Physical and environmental security Communications and operations management Access control Information systems acquisition, development, and maintenance Information security incident management Business continuity management Compliance

Common Security Appliances and Applications

Security is a top consideration whenever planning a network. In the past, the onedevice that would come to mind for network security was the firewall. A firewall byitself is no longer adequate for securing a network. An integrated approach involvingfirewall, intrusion prevention, and VPN is necessary.

An integrated approach to security, and the necessary devices to make it happen,follows these building blocks:

Threat control-Regulates network access, isolates infected systems, preventsintrusions, and protects assets by counteracting malicious traffic, such as worms andviruses. Devices that provide threat control solutions are:

Cisco ASA 5500 Series Adaptive Security Appliances Integrated Services Routers (ISR) Network Admission Control Cisco Security Agent for Desktops Cisco Intrusion Prevention Systems


6/26


Secure communications: Secures network endpoints with VPN. The devices thatallow an organization to deploy VPN are Cisco ISR routers with Cisco IOS VPNsolution, and the Cisco 5500 ASA and Cisco Catalyst 6500 switches.Network admission control (NAC): Provides a roles-based method of preventing

unauthorized access to a network. Cisco offers a NAC appliance.Cisco IOS Software on Cisco Integrated Services Routers(ISRs): Cisco providesmany of the required security measures for customers within the Cisco IOS software.Cisco IOS software provides built-in Cisco IOS Firewall, IPSec, SSL VPN, and IPSservices.Cisco ASA 5500 Series Adaptive Security Appliance: At one time, the PIX firewallwas the one device that a secure network would deploy. The PIX has evolved into a

platform that integrates many different security features, called the Cisco AdaptiveSecurity Appliance (ASA). The Cisco ASA integrates firewall, voice security,SSLand IPsec VPN, IPS, and content security services in one device.Cisco IPS 4200 Series Sensors: For larger networks, an inline intrusion preventionsystem is provided by the Cisco IPS 4200 series sensors. This sensor identifies,classifies, and stops malicious traffic on the network.Cisco NAC Appliance: The Cisco NAC appliance uses the network infrastructure to enforcesecurity policy compliance on all devices seeking to access network computing resources.

Cisco Security Agent (CSA): Cisco Security Agent software provides threat protection capabilities for server,desktop, and point-of-service (POS) computingsystems. CSA defends these systems against targeted attacks, spyware, rootkits, andday- zero attacks to assist with the compliance of a security policy, the SecurityWheel, a continuous process, has proven to be an effective approach. The SecurityWheel promotes retesting and reapplying updated security measures on a continuous

basis.To begin the Security Wheel process, first develop a security policy that enables theapplication of security measures. A security policy includes the following:

Identifies the security objectives of the organization. Documents the resources to be protected. Identifies the network infrastructure with current maps and inventories. Identifies the critical resources that need to be protected, such as research and

development, finance, and human resources. This is called a risk analysis.

1.5 References

Websites:


7/26


8/26


Web Server:

There are many advantages to using a web server within your developmentenvironment. Of course, in a production hosting environment, a web server isessential. And, depending on your website, a web server could indeed be essential in

your development environment.

Most web servers have features that allow you to do the following:

Create one or more websites. (No I don't mean build a set of web pages. What Imean is, set up the website in the web server, so that the website can be viewedvia HTTP)

Configure log file settings, including where the log files are saved, what data toinclude on the log files etc. (Log files can be used to analyse traffic etc)

Configure website/directory security. For example, which user accountsare/aren't allowed to view the website, which IP addresses are/aren't allowed toview the website etc.

Create an FTP site. An FTP site allows users to transfer files to and from thesite.

Create virtual directories, and map them to physical directories

Configure/nominate custom error pages. This allows you to build and displayuser friendly error messages on your website. For example, you can specify

which page is displayed when a user tries to access a page that doesn't exist(i.e. a "404 error").

Specify default documents. Default documents are those that are displayedwhen no file name is specified. For example, if you open "http://localhost",which file should be displayed? This is typically "index.html" or similar but itdoesn't need to be. You could nominate "index.cfm" if your website is usingColdFusion. You could also nominate a 2nd choice (in case there is noindex.cfm file), and a 3rd choice, and so on.

Mail Server:

A mail server is a computer that serves as an electronic post office for email. Mailexchanged across networks is passed between mail servers that run specially designedsoftware. This software is built around agreed-upon, standardized protocols forhandling mail messages, the graphics they might contain, and attachment files.Internet Service Providers (ISPs) each have a mail server for handling their clients


9/26


mail messages, sometimes referred to as private mail servers. Some websites alsooffer public email services, utilizing their own mail servers.

An email client or email program allows a user to send and receive email bycommunicating with mail servers. There are many types of email clients with

differing features, but they all handle email messages and mail servers in the samebasic way.

When an email message is sent, the email program contacts the authors ISP mailserver to pass it the message. The mail server is normally named mail.[isp].com or itmight be named after the Send Mail Transfer Protocol, smtp.[isp].com. The mailserver scans the messages imbedded headers for addressing information. Theseheaders are not usually visible in an email client unless the user configures the

program to show the headers, but critical information is contained here.

FTP Server:

FTP or file transfer protocol is the convention for connecting computers over aInternet connection in order for one computer to transfer files and execute filecommands on a different computer.

FTP is generally used for transferring files over a network using the TCP/IP protocol.The 2 main components are usually a FTP Client and FTP Server. The server listensfor a connection request from the client computer, and once connected, the client maysend commands to the server to execute operations on files such as uploading,downloading, deleting and renaming to name the basic operations.

FTP is normally used on ports 20 and 21 but may be configured to use different portsor port ranges. The FTP Server will listen for incoming connections from a FTP clienton the specified port. Commands are then sent to the server.

The purpose of FTP is to promote file sharing between computers on a network in asecure, efficient and reliable manner.

Cisco catalyst 2960 switch: The Cisco Catalyst 2960 series switches provide FastEthernet and Gigabit Ethernet connectivity in a standalone, fixed-configuration formfactor that can deliver enhanced LAN services to the midmarket and branch office

network environments.

Cisco Catalyst switches features a comprehensive range of products of increasingfunctionality, for Ethernet-based platforms. These switches provide diverse interfaces,high port densities, and extensible functionality suitable for converged networkaccess or backbone applications. Catalyst switches provide the scalable network


10/26


infrastructure with intelligent services that enables organizations to deploy convergedinternet business solutions to maximize their productivity and competitive advantage.

Router 2811:

Benefit

Modular Architecture

A wide variety of LAN and WAN options are available. Network interfaces can beupgraded in the field to accommodate future technologies. Several types of slots are available to add connectivity and services in the future onan "integrate-as-you-grow" basis. The Cisco 2800 supports more than 90 modules, including WICs, VICs, networkmodules, PVDMs, and AIMs (Note: the Cisco 2801 router does not support networkmodules).

Embedded Security Hardware Acceleration

Each of the Cisco 2800 Series routers comes standard with embedded hardwarecryptography accelerators, which when combined with an optional Cisco IOSSoftware upgrade help enable WAN link security and VPN services.

Integrated Dual Fast Ethernet or Gigabit Ethernet Ports

The Cisco 2800 Series provide two 10/100 on the Cisco 2801 and Cisco 2811 andtwo 10/100/1000 on the Cisco 2821 and Cisco 2851

Support for Cisco IOS Software

The Cisco 2800 helps enable end-to-end solutions with full support for the latestCisco IOS Software-based QoS, bandwidth management, and security features. Common feature and command set structure across the Cisco 1700, 1800, 2600,2800, 3700 and 3800 series routers simplifies feature set selection, deployment,management, and training.

Optional Integrated Power Supply for Distribution of Power Over Ethernet (PoE)

An optional upgrade to the internal power supply provides in-line power (802.3af-compliant Power-over-Ethernet [PoE] and Cisco standard inline power) to optionalintegrated switch modules.

Optional Integrated Universal DC Power Supply

On the Cisco 2811, 2821, and 2851 routers an optional DC power supply isavailable that extends possible deployments environments such as central offices andindustrial environments (Note: not available on the Cisco 2801).

Integrated Redundant-Power-Supply (RPS) Connector

On the Cisco 2811, 2821, and 2851 there is a built in external power-supplyconnector that eases the addition of external redundant power supply that can be


11/26


shared with other Cisco products to decrease network downtime by protecting thenetwork components from downtime due to power failures.

Wireless router:

Before deciding on buying a specific router ask yourself if you want computers to beable to connect wired or wirelessly to your network.

A wireless router is a network device that enables you connect several computers tothe Internet without using cables, rather by using wireless access points, or WLAN.Some of the reason we go wireless networking include freedom and affordability. Butyou need to keep other factors in mind.

Advantages of Wireless Routers

a. Wireless routers are equipped with modem, network switch (a device thathas multiple connection ports for connecting computers and other network devices),

wireless access points.

b. Wireless Router can be connected to / from anywhere in your immediateenvironment or house. That means you can log on and surf the Internet fromanywhere around your surrounding.

c. Some of the wireless routers are equipped with a built in firewall to ward ofintruders. The configuration options of the firewall are an important considerationwhen buying a router. Virtually everyone buys and sell online someway or the other,

buying a wireless router with good firewall configuration options can be helpful for

security and privacy.d. The broadband router wireless VoIP technology is a technology that enablesyou to can connect to the Internet, using any ordinary phone device. You can thenmake calls to anybody in the world via your Internet connection. Wireless router

provides strong encryption (WPA or AES) and features the filters MAC address andcontrol over SSID authentication.

The following bullet points outline the different Ethernet media requirements:

10Base250-ohm coax, called thinnet. Up to 185 meters and 30 hosts per segment.

Uses a physical and logical bus with AUI connectors.

10Base5 50-ohm coax called thicknet. Up to 500 meters and 208 users per segment.Uses a physical and logical bus with AUI connectors. Up to 2500 meters withrepeaters and 1024 users for all segments.


12/26


10BaseT EIA/TIA category 3, 4, or 5, using two-pair unshielded twisted-pair (UTP)wiring. One user per segment; up to 100 meters long. Uses an RJ-45 connector with a

physical star topology and a logical bus.

UTP Connections (RJ-45)

The RJ-45 connector is clear so we can see the eight colored wires that connect to theconnectors pins. These wires are twisted into four pairs. Four wires (two pairs) carrythe voltage and are considered tip. The other four wires are grounded and are calledring.The RJ-45 connector is crimped onto the end of the wire, and the pin locations of theconnector are numbered from the left, 8 to 1. The UTP cable has twisted wires insidethat eliminate cross talk. Unshielded cable can be used since digital signal protectioncomes from the twists in the wire. The more twists per inch, the farther the digital

signal can Supposedly travel without interference. For example, categories 5 and 6have many more twists per inch than category 3 UTP does. Different types of wiringare used when building internetworks. We will need to use either a straight-through orcrossover cable.

Straight-Through

In a UTP implementation of a straight-through cable, the wires on both cable ends arein the same order. We can determine that the wiring is a straight-through cable byholding both ends of the UTP cable side by side and seeing that the order of the wireson both ends is identical.

We can use a straight-through cable for the following tasks:Connecting a router to a hub or switchConnecting a server to a hub or switchConnecting workstations to a hub or switch

Crossover

In the implementation of a crossover, the wires on each end of the cable are crossed.Transmit to Receive and Receive to Transmit on each side, for both tip and ring. Pin1 on one side connects to pin 3 on the other side, and pin 2 connects to pin 6 on theopposite end.

We can use a crossover cable for the following tasks:


13/26


Connecting uplinks between switchesConnecting hubs to switchesConnecting a hub to another hub

Connecting a router interface to another router interfaceConnecting two PCs together without a hub or switch

When trying to determine the type of cable needed for a port, look at the port and seeif it is marked with an X. Use a straight-through cable when only one port isdesignated with an X. Use a crossover when both ports are designated with an Xor when neither port has an X.

Cabling the Wide Area Network

To connect ourwide area network (WAN), we need to understand the WAN Physicallayer implementation provided by Cisco as well as the different WAN serialconnectors. Cisco serial connections support almost any type of WAN service. Thetypical WAN connections are dedicated leased lines using High-Level Data LinkControl (HDLC), Point-to-Point Protocol (PPP), Integrated Services Digital Network(ISDN), and Frame Relay. Typical speeds are anywhere from 2400bps to 1.544Mbps(T1). HDLC, PPP, and Frame Relay can use the same Physical layer specifications,

but ISDN has different pinouts and specifications at the Physical layer.

Serial Transmission

WAN serial connectors use serial transmission, which is one bit at a time, over asingle channel. Parallel transmission can pass at least 8 bits at a time. All WANs useserial transmission.

Cisco routers use a proprietary 60-pin serial connector, which we must buy fromCisco or a provider of Cisco equipment. The type of connector we have on the other

end of the cable depends on our service provider or enddevice requirements. Thedifferent ends available are EIA/TIA-232, EIA/TIA-449, V.35 (used to connect to aCSU/DSU), X.21 (used in X.25), and EIA-530.

Serial links are described in frequency or cycles-per-second (hertz). The amount ofdata that can be carried within these frequencies is called bandwidth. Bandwidth isthe amount of data in bits-per-second that the serial channel can carry.


14/26


Data Terminal Equipment and Data Communication Equipment

Router interfaces are, by default, Data Terminal Equipment (DTE) and connect intoData Communication Equipment (DCE), for example, a Channel Service Unit/DataService Unit (CSU/DSU). The CSU/DSU then plugs into a demarcation location(demarc) and is the service providers last responsibility.Typically, the demarc is a

jack that has an RJ-45 female connector located close to our equipment. If we report aproblem to our service provider,theyll always tell us it tests fine up to the demarcand that the problem must bethe CPE, or Customer Premise Equipment, which is ourresponsibility.

The idea behind a WAN is to be able to connect two DTE networkstogether through a DCE network. The DCE network includes the CSU/DSU, throughthe providers wiring and switches, all the way to the CSU/DSU at the other end. Thenetworks DCE device provides clocking to the DTE connected interface (the routers

serial interface).

DATA FLOW DIAGRAMS:

INTEGRATED NETWORK SECURITY:


15/26


INTEGRATED SECURITY DIAGRAM:


16/26


NETWORK DOCUMENTATION PROCESS:


17/26



18/26



19/26


Operating Environment:

Cisco IOS (originally Internetwork Operating System) is the software used on thevast majority of Cisco Systems routers and current Cisco network switches. (Earlierswitches ran CatOS.) IOS is a package of routing, switching, internetworking and

telecommunications functions tightly integrated with a multitasking operating system.

The IOS CLI provides a fixed set of multiple-word commands the set available isdetermined by the "mode" and the privilege level of the current user. "Globalconfiguration mode" provides commands to change the system's configuration, and"interface configuration mode" provides commands to change the configuration of aspecific interface. All commands are assigned aprivilege level, from 0 to 15, and canonly be accessed by users with the necessary privilege. Through the CLI, thecommands available to each privilege level can be defined.

Operating System Supporting Components :-

CPU


20/26


The CPU executes operating system instructions, such as system initialization, routingfunctions, and switching functions.

RAM

RAM stores the instructions and data needed to be executed by the CPU. RAM isused to store these components: Operating System Running Configuration File IP Routing Table ARP Cache Packet Buffer

ROM:

ROM is a form of permanent storage. Cisco devices use ROM to store:

The bootstrap instructionsBasic diagnostic softwareScaled-down version of IOS.

Flash Memory:

Flash memory is nonvolatile computer memory that can be electrically stored anderased. Flash is used as permanent storage for the operating system, Cisco IOS. Flashmemory does not lose its contents when the router loses power or is restarted.

NVRAM:

NVRAM is used by the Cisco IOS as permanent storage for the startup configurationfile (startup-config). All configuration changes are stored in the running-config file inRAM, and with few exceptions, are implemented immediately by the IOS. To savethose changes in case the router is restarted or loses power, the running-config mustbe copied to NVRAM, where it is stored as the startup-config file.

2.3 Design and Implementation Constraints

HARDWARE REQUIREMENT:

We can use the Cisco three-layer model to determine what type of product to buy for

our internetwork. By understanding the services required at each layer and whatfunctions the internetworking devices perform, We can then match Cisco products toyour academic requirements. To select the correct Cisco products for our network,start by gathering information about where devices need to operate in theinternetworking hierarchy, and then consider issues like ease of installation, port-capacity requirements and other features. If we have remote offices or other WANneeds, we need to first find out what type of service is available? It wont do us any


21/26


good to design a large Frame Relay network only to discover that Frame Relay isonly supported in half the locations we need. After our research and find out aboutthe different options available through our service provider, we can choose the Cisco

product that fits your requirements. We have a few options, typically: dial-upasynchronous connections, leased lines up to 1.544Mbps, Frame Relay, and ISDN,which are the most popular WAN technologies. However, xDSL is the new front-runner to take over as the fastest, most reliable, cheapest WAN technology. We needto consider our usage before buying and implementing a technology.

For example, if our users at a remote branch are connected to the office more thanthree to four hours a day, then we need either Frame Relay or a leased line. If theyconnect infrequently, then we might get away with ISDN or dialup connectivity.

A) Hubs.Before we buy any hub, we need to know which users can use a shared 10Mbps orshared 100Mbps network. The lower-end model of hubs Cisco offers supports only10Mbps,while the middle-of-the-road one offers both 10 and 100Mbps auto-sensing

ports. The higher-end hubs offer network-management port and console connections.If we are going to spend enough to buy a high-end hub, we should consider just

buying a switch. Different hub products Cisco offers. Cisco 1500 Micro Hub Cisco 1528 Micro Hub 10/100 Cisco FastHub100

Cisco FastHub200 Cisco FastHub300 Cisco FastHub400

These are the selection issues we need to know:

Business requirements for 10- or 100Mbps Port density Management Ease of operation

B)Routers

A key criterion when selecting router products is knowing what feature sets us needto meet our requirements. For example, do we need IP, Frame Relay, and VPNsupport? How about IPX, AppleTalk, and DECnet? The other features we need to


22/26


think about when considering different product-selection criteria are port density andinterface speeds. As we get into the higher-end models, we see more ports and fasterspeeds. For example, the new 12000 series model is Ciscos first gigabit switch andhas enormous capability and functionality. Cisco 700/800 series Cisco 1600/1700 series Cisco 2500 series Cisco 2600 series Cisco 3600 series Cisco 4000 series Cisco 7000 series Cisco 12000 GSR series AS 5000 series

We can tell how much a product is going to cost by looking at the model number. Astripped-down 12000 series switch with no cards or power supplies starts at about$12,000. The price can end up at well over $100,000 for a loaded system. We alsoneed to think about WAN support when buying a router. We can get anything wewant in a router, but we just have to be familiar with the service provided for ourarea. The Cisco 800 series router has mostly replaced the Cisco 700 series becausethe 700 series does not run the Cisco IOS. In fact, I hope Cisco will soon stop sellingthe 700 series routers altogether. They are difficult to configure and maintain.

The main selections involved in choosing Cisco routers are listed below:

Scale of routing features needed Port density and variety requirements Capacity and performance Common user interface

C) Switches

It seems like switch prices are dropping almost daily. About four years ago a 12-port10/100 switch card for the Catalyst 5000 series switch was about $15,000. Now wecan buy a complete Catalyst 5000 with a 10/100 card and supervisor module forabout $7500 or so. My point is that with switch prices becoming reasonable,It is noweasier to install switches in our network. We must consider whether we need 10/100


23/26


or 1000Mbps for each desktop or to connect between switches. ATM (asynchronoustransfer mode) is also a consideration; however, with Gigabit Ethernet out and10Gbps links just around the corner, who needs ATM? The next criteria to considerare port density. The lower-end models start at 12 ports, and the higher-end modelscan provide hundreds of switched ports per switch.

Different switches available

Cisco 1548 Micro Switch 10/100 Catalyst 1900/2820 series Catalyst 2900 series XL Catalyst 2900 series Catalyst 3000 series Catalyst 8500 series

Catalyst 5000 series

The selection issues you need to know when choosing a Cisco switch are listedbelow:

Business requirements for 10,100 or even 1000Mbps Need for trunking and interswitch links Workgroup segmentation (VLANs) Port density needs Different user interfaces

SOFTWARE REQUIREMNTS

The Packet Tracer

Packet Tracer is a self-paced, visual, interactive teaching and learning tool. It isdesigned to increase interaction between students and instructors, promote studentlearning, and enhance instructor presentations. Lab activities are an important part ofnetworking. However, lab equipment can be a scarce resource. Packet Tracer

provides a visual simulation of equipment and network processes to offset the


24/26


challenge of limited equipment. Network designers can spend as much time as theylike completing standard lab exercises through Packet Tracer, and have the option towork from home.Although other simulation products for Cisco equipment are available, they do notinclude the unique visualization features of Packet Tracer. This technology is a newand fun way to expand teaching and learning experiences beyond the limitations ofthe traditional lab environment. Packet Tracer helps resolve some common challengesthat instructors face on a daily basis, while enabling us to explore new frontiers innetworking education.

Key Features

In the Simulation and Visualization Mode, we can see and control time intervals, theinner workings of data transfer, and the propagation of data across a network. Thishelps us understand the fundamental concepts behind network operations. A solidunderstanding of network fundamentals can help accelerate learning about relatedconcepts.The physical view of devices such as routers, switches, and hosts, presents graphicalrepresentations of expansion cards and identifies the capabilities of each card. The

physical view also provides geographic representations, including multiple citiesbuildings, and wiring closets.

Additional Features

Lab grading function Modular devices User-friendly CLI and integrated help feature Different device models for creating custom networks Tutorial International language support Simple mode

Wireshark


25/26


Wireshark is a free and open-source packet analyzer. It is used for networktroubleshooting, analysis, software and communications protocol development, andeducation. Originally named Ethereal, in May 2006 the project was renamedWireshark due to trademark issues.

FunctionalityWireshark is very similar to tcpdump, but it has a graphical front-end, and many moreinformation sorting and filtering options. It allows the user to see all traffic being

passed over the network (usually an Ethernet network but support is being added forothers) by putting the network interface into promiscuous mode.

3. System Features

Visibility: Enables quick response to reduce the impact of attacks. EnablesNetwork Operations Center (NOC) and Security Operations Center (SOC) staff

to focus on actionable information rather than struggle to interpret millions ofdaily events generated by network security appliances, switches, routers,servers and applications.

Risk Management: Helps universities and research centers to get visibilityand control over the risks in their networks. Enterasys DSCC integrates withEnterasys Dragon intrusion prevention (IPS), network access control (NAC),and automated security management (ASM) solutions to provide a unified,real-time view of the threat landscape and effectively detect, isolate andautomatically remediate threats.

Quarantine: minimizes risks by isolating dangerous users, devices, andmachines. Uses advanced surveillance and forensics analysis to deliversituational awareness of both external and internal threats includinginappropriate content, IM file transfers, traffic from undesirable geographies,data theft, and malicious worm infections.

Efficiency: enables proactive network management, facilitating prevention,notification, and simplified correction. Enterasys DSCC leverages existing


26/26


investments in network and security infrastructure while accelerating time tovalue through out-of-box functionality, rapid deployment, and staff efficiencygains.

QOS: QoS involves prioritization of network traffic. QoS can be targeted at a

network interface, toward a given server or router's performance, or in terms ofspecific applications. A network monitoring system must typically be deployedas part of QoS, to insure that networks are performing at the desired level.

QoS is especially important for the new generation of Internet applications such asVoIP, video-on-demand and other consumer services. Some core networkingtechnologies like Ethernet were not designed to support prioritized traffic orguaranteed performance levels, making it much more difficult to implement QoSsolutions across the Internet.
http://compnetworking.about.com/cs/voicefaxoverip/g/bldef_voip.htmhttp://compnetworking.about.com/library/glossary/bldef-ethernet.htmhttp://compnetworking.about.com/cs/voicefaxoverip/g/bldef_voip.htmhttp://compnetworking.about.com/library/glossary/bldef-ethernet.htm

Chandan Minor Project

Documents

Transcript of Chandan Minor Project