WIXLIB

xiiContentsTesting 180Testing with Continuity Testers 180Testing for Signal Quality 180Chapter 6 WIRELESS LANs I181Introduction 182OSI Standards 182802.11 Wi-Fi 182Basic Access Point Operation 183Radio Signal Propagation 184Perfidious Radio 184Frequencies 184Antennas 185Wireless Propagation Problems 186Service Bands and Bandwidth 189Service Bands 189Signal and Channel Bandwidth 190Licensed and Unlicensed Service Bands 192Channel Use and Co-Channel Interference 193The 2.4 GHz and 5 GHz Unlicensed ServiceBands 194Spread Spectrum Transmission 195Normal versus Spread Spectrum Transmission 196Orthogonal Frequency Division Multiplexing (OFDM) SpreadSpectrum Transmission 197802.11 WLAN Operation 197From 802.11 to 802.3 197Wireless Networks with Multiple AccessPoints 198Media Access Control 199 IN MORE DEPTH: Media Access Control (Mac)201802.11 Transmission Standards 203Channel Bandwidth and Service Band Bandwidth 203Speed and Market Status 204Your Service Speed Will Vary. A Lot. 205Multiple Input/Multiple Output (MIMO) 205Beamforming and Multiuser MIMO 207 IN MORE DEPTH: 802.11/WI-FI Notes 208End-of-Chapter Questions211

ContentsChapter 6a HANDS-ON: USING XIRRUS Wi-Fi INSPECTORIntroduction 213The Four Windows 213The Radar Window (Read the Fine Print) 214Connection Window 215The Networks Window 216Signal History 217Other Groups on the Ribbon 218Tests 218Connection Test 218Speed Test 219Quality Test 220Chapter 7 WIRELESS LANs II 223Child’s Play 223802.11i WLAN Security 225802.11i 225802.11i Stages 227Pre-Shared Key (PSK) Initial Authentication Mode in802.11i 228802.1X Initial Authentication Mode Operation 231Beyond 802.11i Security 232Rogue Access Points 232Evil Twin Access Points and Virtual Private Networks(VPNs) 233802.11 Wi-Fi Wireless LAN Management 236Access Point Placement 236Centralized Management 238 IN MORE DEPTH: Expressing Power Ratios in Decibels239Peer-to-Peer Protocols for the Internet ofThings (IoT) 241Bluetooth 243Classic Bluetooth and Bluetooth Low Energy (LE) 243One-to-One, Master–Slave Operation 244Bluetooth Profiles 246Bluetooth Low Energy 246Other Promising IoT Transmission Standards 248Near Field Communication (NFC) 248213xiii

xivContentsWi-Fi Direct 249Zigbee and Z-Wave 250Security in the Internet of ThingsEnd of Chapter Questions 253Chapter 8 TCP/IP INTERNETWORKING I251255Introduction 255IP Routing 257Hierarchical IPv4 Addressing 257Routers, Networks, and Subnets 260Network and Subnet Masks 261How Routers Process Packets 263Switching versus Routing 263Routing Table 265Rows Are Routes for All IPv4 Addresses in aRange 265Step 1: Finding All Row Matches 266Step 2: Selecting the Best-Match Row 269Step 3: Sending the Packet Back Out 270Cheating (Decision Caching) 271Routing Tables for IPv6 Addresses 272 IN MORE DEPTH: Masking When Masks Do Not Break at 8-BitBoundaries 272The Internet Protocol Version 4 (IPv4) Fields 273The First Row 273The Second Row 274The Third Row 274IP Options 275IP Version 6 (IPv6) 275Outgrowing IPv4 275IPv6 275Writing IPv6 Addresses in Canonical Text Notation(RFC 5952) 276The IPv6 Main Header 279Extension Headers 281The Transmission Control Protocol (TCP) 282Fields in TCP/IP Segments 282Openings and Abrupt TCP Closes 283

ContentsThe Limited Maximum Length of User Datagram Protocol (UDP)Datagrams 284End-of-Chapter Questions 285Chapter 8a HANDS-ON: WIRESHARK PACKET CAPTURE286Introduction 286Getting Wireshark 286Using Wireshark 286Getting Started 286Starting a Packet Capture 287Getting Data 287Stopping Data Collection 288Looking at Individual Packets 289Options 290Chapter 9 TCP/IP INTERNETWORKING II293Introduction 293IP Subnetting 294IPv4 Subnet Planning 294IPv6 Subnetting 296Other TCP/IP Standards 299Network Address Translation (NAT) 299The Domain Name System (DNS) 301DHCP Servers 305Simple Network Management Protocol(SNMP) 306Dynamic Routing Protocols 309Internet Control Message Protocol (ICMP) for Supervisory Messagesat the Internet Layer 310IPsec 311Core IPsec Principles 312VPNs 313Applying ESP Protections 314Security Associations (SAs) 316Creating Security Associations 318SSL/TLS VPNs 319End-of-Chapter Questions 320xv

xviContentsChapter 9a CISCO’S IOS COMMAND LINE INTERFACE (CLI)322Command Line Interfaces (CLIs) 322CLI Essentials 323A More Complex Cisco IOS Interaction 324Chapter 10 CARRIER WIDE AREA NETWORKS (WANs) 327LANs and WANs (and MANs) 328LANs versus MANs and WANs 328Other Aspects of WANs 330Carrier WAN Components and Business Uses 331The Telephone System 332Residential Wired Internet Access 333Residential Asymmetric Digital Subscriber Line (ADSL)Service 333Cable Modem Service 334ADSL versus Cable Modem Service 336Cellular Data Service 336Cellular Service 337Why Cells? 338Cellular Data Speeds 339Cellular Generations: 3G, 4G, and 5G 339Wired Business WANs 340Leased Lines 341Reaching the ISP via a Leased Line 342Leased Line Private Corporate WANs 342Carrier WAN Services 345Carrier Ethernet 345Multiprotocol Label Switching (MPLS) 347WAN Optimization 349End-of-Chapter Questions 351Chapter 11 NETWORKED APPLICATIONS353Introduction 353Networked Applications and Application Architectures 354Application Security 356Netflix Dives into the Amazon 358Netflix 359Virtualization and Agility 361

ContentsInfrastructure as a Service (IaaS) and Software as a Service(SaaS) 362Clients Move into the Cloud 364Rain Clouds: Security 365Networks and The Cloud 365The World Wide Web 366HTTP and HTML Standards 366Complex Webpages 367The Hypertext Transfer Protocol (HTTP) 367Electronic Mail (E-Mail) 370Delivery Standards 370Receiving Standards 371E-Mail File Format Standards 372Cryptographic E-Mail Protections 373Voice Over IP (VoIP) 375CODEC 376External Components 377VoIP Signaling 377The VoIP Transport Packet 378Peer-to-Peer (P2P) Applications 379Skype 381Tor 383End-of-Chapter Questions 385Appendix:MANAGING THE SECURITY PROCESS387Failures in the Target Breach 388The Plan–Protect–Respond Cycle 391Security Planning Principles 392Risk Analysis 392Comprehensive Security 394Defense in Depth and Weakest Links 394Identify and Manage Single Points of Takeover 397Least Permissions 397Identity Management 400Segment the Network 402Organizational System Security 404Policy-Based Security Management 406Policies versus Implementation 406xvii

xviiiContentsOversight 407Implementation Guidance 409Policy-Based Centralized Management 410Response 412Normal Incidents 413Major Incidents 414Rehearsing for Major Incidents 415Real-Time Fail-Over 416Intrusion Detection Systems (IDSs) 417End-of-Chapter Questions 422Online ModulesModule AMORE ON TCPNumbering OctetsOrdering TCP Segments upon ArrivalThe TCP Acknowledgment ProcessFlow Control: Window SizeModule BMORE ON MODULATIONModulationFrequency ModulationAmplitude ModulationPhase ModulationQuadrature Amplitude Modulation (QAM)Module C MORE ON TELECOMMUNICATIONSIntroductionThe PSTN Transport Core and SignalingThe Transport CoreTime Division Multiplexing (TDM) LinesLeased Lines and Trunk LinesAsynchronous Transfer Mode (ATM) TransportSignalingCommunication SatellitesMicrowave TransmissionSatellite TransmissionGeosynchronous Earth Orbit (GEO) Satellites

ContentsLow Earth Orbit (LEO) and Medium Earth Orbit (MEO) SatellitesVSAT SatellitesWiring the First Bank of Paradise Headquarters BuildingFacilitiesTelephone WiringData WiringPlenum CablingPBX ServicesCarrier Services and PricingBasic Voice ServicesAdvanced ServicesTelephone Carriers and RegulationPTTs and Ministries of TelecommunicationsAT&T, the FCC, and PUCsDeregulationVoice Over IPModule DDIRECTORY SERVERSIntroductionHierarchical OrganizationLightweight Directory Access Protocol (LDAP)Directory Servers and the Networking StaffMicrosoft’s Active Directory (AD)Active Directory DomainsDomain ControllersDomains in an Active Directory TreeComplex StructuresAuthentication and Directory ServersGlossary 425IndexCredits449469xix

PREFACE FOR ADOPTERSSIX QUESTIONSThis preface begins with six questions that adopters have when considering a textbook. What courses is this book used in? Why all the security? Does this book have the content your students need on the job market? Why does it have four principles chapters followed by chapters on specifictechnologies? Does this book have the support you need? Does this book have the support your students need?What Courses use this Book? Introductory networking courses in information systems that prepare graduatesto work in corporate IT departments use this book. It has the kind of knowledgethey need to manage networking in corporations. It is used at both the undergraduate and graduate levels. Due to its extensive security content, some schools use it in a combined networking and security course. This requires covering the Appendix. Compared to thelast edition, the Appendix considerably expands security content. Ideally, schoolswill have separate introductory network and security courses. Unfortunately, notall schools have that luxury. It does not focus on the very different needs of computer science students, who willbuild routers and switches in companies such as Cisco Systems. Instead, it focuseson how to manage and secure them, which is what networking professionals actually do in corporate IT departments. This still requires a lot of technical knowledge but not at the expense of job-required content.Why all the Security?In the last two decades, the need for network security knowledge has grown enormously in networking departments. It must be covered pervasively in networkingcourses. General security courses do not cover network-specific security, such as protecting access points with 802.11i security and knowing ways in which 802.11i securityis bypassed in the real world.Too many IS programs have had to choose between offering an introductorysecurity course and an introductory networking course. This book lets the networkingcourse serve as a decent introduction to security.Does this Book have the Content your Students need?This book is based on discussions with networking professionals and focuses on theircurrent and emerging needs. We are especially concerned with potentially disruptivexxi

xxiiPreface for Adopterstrends such as software-defined networking and high-density Wi-Fi networks. Here is asampling of this type of job-ready content. The Internet of Things. The IoT will keep networking professionals very busy.Obviously, connecting lots and lots of small devices that talk to each other is goingto require a lot of work. More broadly, IoT transmission standards and securityare pretty raw, requiring even more effort to manage them. Chapter 7 deals withthe standards and technologies competing for dominance (or at least survival) inthe new market for the Internet of Things. Network management. Networking, like security, is more about managementthan it is about technology. Chapter 3 focuses on network management principles that must be applied in all networking projects. It also focuses onthe pervasive importance of SNMP and the potentially disruptive impactsof SDN. Security threats and protections. Sun Tzu, in The Art of War, exhorted militaryleaders to know their enemies and to also know themselves. Chapter 4 covers thethreat environment facing firms today and the countermeasures that companiescan put into place to protect themselves. However, security begins with the firstparagraph of the first chapter and continues throughout the book. Ethernet is covered in Chapter 5 with a holistic approach. The chapter covers theexplosion in Ethernet standards, including those driven by Wi-Fi trends. Chapter 6 and much of Chapter 7 deal with Wi-Fi. They again cover technology,which is multifaceted and complex, and they cover wireless management andsecurity. They deal with the current explosion in emerging standards, such asthe potentially disruptive 802.11ax standard. Importantly, they show how 802.11isecurity can be broken. Chapter 7 also covers Internet of Things transmission protocols. IoT transmissionturns many networking ideas on their heads, such as the desirability of high speedand long transmission distance. Chapters 8 and 9 deal with the Internet in context. A special focus is IPv6, whichhas now gone well beyond its infancy in both technology and use. This material isconsiderably updated from the previous edition. The material on IPsec is considerably stronger. Chapter 10 deals with networking beyond the customer premises. It focuses firston access technologies, then on WAN technologies that must be used beyond theInternet with its limited QoS abilities. The WAN technologies section focuses onleased lines, carrier Ethernet, and MPLS. C hapter 11 deals with networked applications—applications that neednetworks to operate. It focuses on management and security. In the past, someschools skipped this chapter because the material was covered in introductory courses. Actually, intro courses did not focus on the needs of networkingprofessionals, and that is even more true today. This chapter brings the student into the worlds of cloud computing, HTTP/HTML, email, VoIP, andpeer-to-peer applications, and it does so in terms of the knowledge that ITprofessionals need.

Preface for AdoptersPrinciples Chapters:1. High-Level Matters2. Standards3. Network Management4. SecurityAppendix. Security ManagementApplying Principles Chapters to Wi-FiFIGURE P-1Technology Chapters:5. Ethernet6-7. Wi-Fi7. loT Transmission8-9. The Internet10. Wide Area Networks11. Networked ApplicationsPrinciples and ApplicationsWhy have four Principles Chapters followed by Chapterson Specific Technologies?Networking professionals want students to be able to apply principles to real networkingsituations. The book begins with four chapters that cover core network principles. It thenapplies these principles in a series of chapters that deal with Ethernet, Wi-Fi, Internetof Things transmission, the Internet, wide area networks, and networked applications.Figure P-1 illustrates this logical flow for Wi-Fi in Chapters 6 and 7. These chaptersdeal with how 802.11 Wi-Fi is used in business, how Wi-Fi operates at the physical anddata link layers, Wi-Fi security threats and countermeasures, and key points in networkmanagement. This approach not only has students deal with technologies holistically. Italso reinforces difficult core concepts such as layering.Traditionally, networking books go “up through the layers.“ At the end of the course,students have all the knowledge of concepts and principles they need. However, theyhave limited experience in applying them, which is the whole point of the networking job.Does this Book have the Support you need?Teaching is hard. Teaching networking is harder. This book tries to make it a little easier.PowerPoint Presentations and the Centrality of Figures The PowerPointpresentations are full lectures, not “a few significant figures.“ A core design principleof this book is that all key concepts are expressed in figures. Most of these figures areIllustrations. Some are “Study Figures,“ which essentially take notes for the student inareas that do not lend themselves to illustrations.A core design principle of this book is that all key concepts are expressed in figures.In line with this focus, the PowerPoint presentations are created directly from thefigures. Figures are designed for this. Font size is larger in the PowerPoint slides, andseveral slide builds are often used to cover a figure well, but making them consistentwith the figures has proven to be a great help for both teachers and students.Adopters get an annotated version of each PowerPoint presentation. This can helpyou present the material in the slide. Sometimes we even add a little extra informationfor you to present.xxiii

xxivPreface for AdoptersThe Instructor’s Manual: The Usual Suspects with a Twist Of course, thereis an Instructor’s Manual with chapter teaching hints and answer keys for chapter questions. There is also a multiple-choice test item file and a test generator for exams.Test Your Understanding Questions Now for the twist. Each chapter is broken into fairly small and highly targeted sections that end in a handful of Test YourUnderstanding questions. The Test Item File questions are linked to specific Test YourUnderstanding Questions. This means that you can assign certain questions for studyand exclude others from exams. This lets you tailor exams to exactly the content pointsyou wish your students to be responsible for.Chapter-Opening Caselets Most chapters begin with brief caselets thatstudents find interesting. In Chapter 1, for example, the caselet deals with howKrebsOnSecurity.com was hit with a denial-of-service attack that used small Internet ofThings devices. Try assigning them for reading before the class and go over them as aninteraction starter.Does this Book have the Support your Students Need?Let’s face it. Networking and security are tough. They are highly conceptual. It is notprimarily a matter of building cumulative skills as in programming courses. There area lot of concepts, and they are often abstract or require the student to understand multiple steps. Networking professionals know that their careers are governed by the fewthings they need to know but don’t in particular situations. Students must understanda lot just to be minimally competent.Guided Reading One way the book helps students is by guided reading. Thereusually is a chapter-opening caselet to get the juices flowing. The flow that follows isbroken up into fairly small pieces, with many headings. This helps the student focuson specific points. Figures show them how they fit together in a broader framework.Important concepts are displayed as key words. The index and glossary are linked tothese key words. In addition, critically important concepts are often shown as callouts:Students quickly learn to pay special attention to these callouts.Fun Footnotes? Then there are fun footnotes. No, that is not an oxymoron. Welimit chapter content to what all students should be able to master in an introduction tonetworking course. Sometimes, it is useful for some students if a bit more informationis available to satisfy their curiosity. We put them in footnotes. They are not requiredreading, so they are not deadly detailed. Sometimes, footnotes are used for illustrative(semisnarky) comments.Test Your Understanding Test Your Understanding questions help studentsstop after a section and see if they understood it. The best students learn that this is thebest way to learn because networking is so cumulative, and moving on too fast is a capital mistake. At the end of the chap

BRIEF CONTENTS Preface for Adopters xxi Preface for Students xxxv About the Authors xli Chapter 1 Core Network Concepts and Terminology 1 Chapter 1a Hands-On: A Few Internet Tools 36 Chapter 2 Network Standards 37 Chapter 3 Network Management 73 Chapter 3a Hands-On: Microsoft Office Visio 102 Chapter 4 N