1 |
Propuesta de segmentación con redes virtuales y priorización del ancho de banda con QoS para la mejora del rendimiento y seguridad de la red LAN en la Empresa Editora El Comercio Planta NorteMolina Ruiz, Julio Edgar January 2012 (has links)
El presente trabajo plantea una propuesta de segmentación con redes de áreas locales virtuales (VLAN) y priorización del ancho de banda con calidad de servicio (QoS) para la mejora del rendimiento y seguridad de la red de área local (LAN) en la Empresa Editora El Comercio – Planta Norte. La Empresa posee una red plana en su diseño lo cual dificulta la administración del tráfico de la red, debido a la ausencia de estándares de calidad en gestión de tráfico LAN, políticas de seguridad no alineadas a las necesidades de la Empresa y desaprovechamiento de la performance de los equipos de comunicación instalados. Esto ha ocasionado la latencia de la red en horas pico, degradándose la velocidad de transferencia por el tráfico desmedido de la información y perjudicando o retardando los procesos más importantes en la empresa en intervalos de 60 a 90 minutos. Asimismo, la información periodística enviada por los corresponsales hacia la planta, ocasiona pérdida de tiempo en acciones de “subida” y “descarga” de archivos (fotos, videos, infografías, avisos publicitarios, etc.). Adicionalmente, los parámetros de seguridad de la red no garantizan la inviolabilidad de los equipos y la manipulación de la información, lo cual representa un riesgo para la integridad y desarrollo de los procesos. Por ello, se rediseñó la red para el soporte de redes LAN virtuales y de esta manera, segmentar las áreas en subredes para un mayor nivel de protección; brindar seguridad (listas de control de acceso ACL, tecnologías emergentes en seguridad Windows Server 20008, nivel de autentificación – Radius); mejorar el consumo de ancho de banda (calidad de servicio QoS, protocolo de agregación de enlaces de control LACP, troncales, etc.); implementar nuevos protocolos en tecnología Cisco; instalar redes inalámbricas y nuevos servicios de transferencia de archivos (protocolo de transferencia de archivos FTP).
|
2 |
Performance Analysis on Dynamic VLAN an OpenFlowGurramkonda, Reddy Kamal Teja January 2015 (has links)
In the current innovative network, to cope with the increased require- ments of customers, there is a rapid increase in the development of dierent protocols and applications. With such increase in networking technology, the security constraints are becoming more and more severe, reducing the accessibility to the actual network for implementing new protocols. This scenario forced for an urgent need of a technology, which can help the re- searchers to implement their developed protocols in the network without inuencing the production trac. This need resulted in a concept called network isolation. This is achieved by VLAN or SDN technologies. In this study, we investigate the performance of VLAN and an API of SDN in the context of establishing dynamic link, in switching setup. For such a link creation, dynamic VLAN (dVLAN) is used in the former case and OpenFLow protocol is used in the later scenario. The main focus in this study is to compare the dynamic behavior of both the protocols in layer-2 context by measuring network level performance metrics of each protocol. Some of the features like, vendor independency and software independency is taken into account while measuring the performance metrics. In order to evaluate the performance, an experimental testbed is implemented. The network level performance metric called protocol setup time is measured. It is the time taken by each protocol to setup an active link between two end-hosts. A two-tire network architecture is implemented with the mentioned features. From the analytical and statistical results obtained, OpenFlow re- sulted in performing relatively better when compared to dynamic VLANs. By carefully examining the protocol setup time of OpenFlow against dVLAN, OpenFlow took less time when compared to dVLAN resulting in faster exe- cution in enabling connectivity. On the other hand, the analytical study on the two protocols reects the simplicity exhibited by dVLAN over Open- Flow.
|
3 |
Propuesta de segmentación con redes virtuales y priorización del ancho de banda con QoS para la mejora del rendimiento y seguridad de la red LAN en la Empresa Editora El Comercio Planta NorteMolina Ruiz, Julio Edgar January 2012 (has links)
El presente trabajo plantea una propuesta de segmentación con redes de áreas locales virtuales (VLAN) y priorización del ancho de banda con calidad de servicio (QoS) para la mejora del rendimiento y seguridad de la red de área local (LAN) en la Empresa Editora El Comercio – Planta Norte. La Empresa posee una red plana en su diseño lo cual dificulta la administración del tráfico de la red, debido a la ausencia de estándares de calidad en gestión de tráfico LAN, políticas de seguridad no alineadas a las necesidades de la Empresa y desaprovechamiento de la performance de los equipos de comunicación instalados. Esto ha ocasionado la latencia de la red en horas pico, degradándose la velocidad de transferencia por el tráfico desmedido de la información y perjudicando o retardando los procesos más importantes en la empresa en intervalos de 60 a 90 minutos. Asimismo, la información periodística enviada por los corresponsales hacia la planta, ocasiona pérdida de tiempo en acciones de “subida” y “descarga” de archivos (fotos, videos, infografías, avisos publicitarios, etc.). Adicionalmente, los parámetros de seguridad de la red no garantizan la inviolabilidad de los equipos y la manipulación de la información, lo cual representa un riesgo para la integridad y desarrollo de los procesos. Por ello, se rediseñó la red para el soporte de redes LAN virtuales y de esta manera, segmentar las áreas en subredes para un mayor nivel de protección; brindar seguridad (listas de control de acceso ACL, tecnologías emergentes en seguridad Windows Server 20008, nivel de autentificación – Radius); mejorar el consumo de ancho de banda (calidad de servicio QoS, protocolo de agregación de enlaces de control LACP, troncales, etc.); implementar nuevos protocolos en tecnología Cisco; instalar redes inalámbricas y nuevos servicios de transferencia de archivos (protocolo de transferencia de archivos FTP). / Tesis
|
4 |
Atviro kodo programos korporatyvinio tinklo apsaugai / Open source programs for corporative LAN protectionSemionovas, Valentinas 24 September 2008 (has links)
Šiame darbe supažindinama su kompiuterinių tinklų apsaugos problemomis, pagrindiniais tinklo veikimo principais. Išaiškinti pagrindinai kompiuterinių tinklų struktūros modeliai. Išanalizuotos ir išaiškintos pagrindinės kompiuterių tinklo plėtros, sujungimo, maršrutizavimo, vaizdavimo, valdymo ir monitoringo problemos. Išnagrinėjus esamas kompiuterinių tinklų problemas, buvo sukurtas naujas tinklo modelis, užtikrinantis lengvą ir greitą tinklo išteklių ir vartotojų segmentaciją, pastovų ir nepertraukiamą visų tinklo mazgų darbą, o svarbiausiai užtikrinantis didelį visų kompiuterių tinklo vartotojų ir išteklių apsaugą. Taip pat yra numatyta lengva galimybė dėl naujų ar kitų tinklo segmentų prijungimo ir to paties tinklo augimo ir plėtros. Atlikti eksperimentai su naujų kompiuterių tinklų modeliais, aiškinantis teorinius ir praktinius VLAN tinklų kiekius, kuriuos pasiekus ar viršijus, vertėtų atlikti tinklo segmentaciją ir aiškinantis jų įtaką maršrutizatoriaus apkrovai ir veikimui. / In this work you’ll learn about computer network’s problems and basic network operation principles, also the basic computer network’s structure models explained. Analyzed and explained basic problems about computer network development, connection, routers, monitoring and operation. After researching the existing computer network problems there was new network model designed. This model ensures easy and fast users and resources segmentation, constant and continuous work of all the network nodes and above all ensures the reliable protection for computer users and sources. Also there is the opportunity for the new or existing segments to hook up to the main network easily and for its growth and development. There were carried out the experiments with the new models of computer network, which helped to explain the theoretical and practical VLAN numbers. In case of reaching or exciding those VLAN numbers it is necessary to carry out network’s segmentation and clarify its influence on router’s overload and operation.
|
5 |
Analysis of the security of a VXLAN network / Analys av säkerheten för ett VXLAN-nätverkRehnberg, Markus, Ekblad, Erik January 2023 (has links)
Traditionally, VLANs have been the most suitable solution for connecting computers. This, in line with the increased use of cloud services in recent years, has given rise to problems with scalability and security within VLAN networks, which need to be investigated. An alternative to VLAN is VXLAN, which was created specifically to be able to solve the shortcomings brought about by VLAN and to be able to function within a cloud environment.VXLAN has inherited many of VLAN's shortcomings, which is why this thesis concerns the security aspects within a simulated VXLAN network. This has been carried out by attacking the simulation with well-known attacks such as ARP spoofing, Ping of Death, MAC flooding, UDP flood attack, Time to live expiry attack, ICMP port unreachable and Sockstress. The goal of this thesis was to examine the attacks in terms of effectiveness and how well the proposed countermeasures worked. From the results of the study, it can be stated that the proposed measures did not necessarily have to be complicated in design, but as long as they were well-planned and feasible, the measures could defend the network against most of the attacks used in the study. / Traditionellt sett har VLAN varit den mest lämpade lösningen för att ansluta datorer. Detta har i takt med ökad användning av molntjänster de senaste åren gett upphov till problem med skalbarhet och säkerhet inom VLAN-nätverk, som behöver utredas. Ett alternativ till VLAN är VXLAN som skapades särskilt för att kunna lösa de brister som VLAN medfört och att kunna fungera inom en molnmiljö.VXLAN har ärvt många av VLANs brister, vilket var anledningen till varför denna uppsatsberör säkerhetsaspekter inom ett simulerat VXLAN- nätverk. Detta har genomförts genom att angripa simulationen med välkända attacker såsom ARP spoofing, Ping of Death, MAC flooding, UDP flood attack, Time to live expiry attack, ICMP port unreachable samt Sockstress. Målet med denna uppsats var att undersöka attackerna utefter effektivitet och hur väl de föreslagna åtgärderna fungerade. Från studiens resultat kan det konstateras att de föreslagna åtgärderna inte nödvändigtvis behövde vara komplicerat utformade, utan så länge de var välplanerade och genomförbara kunde åtgärderna försvara nätverket mot de flesta av studiens attacker.
|
6 |
WINGS NETWORK ARCHITECTURE FOR THE MISSION SEGMENT DATA DISTRIBUTIONDowning, Bob, Harris, Jim, Coggins, Greg, James, Russell W. 10 1900 (has links)
International Telemetering Conference Proceedings / October 20-23, 2003 / Riviera Hotel and Convention Center, Las Vegas, Nevada / The Western Aeronautical Test Range (WATR) Integrated Next Generation System (WINGS) Mission Segment provides data acquisition, processing, display and storage in support of each project’s mission at NASA Dryden Flight Research Center (DFRC). The network architecture for WINGS Mission Segment is responsible for distributing a variety of information from the Telemetry and Radar Acquisition and Processing System (TRAPS), which is responsible for data acquisition and processing, to the Mission Control Centers (MCCs) for display of data to the user. WINGS consists of three TRAPS and four MCCs, where any TRAPS can drive any one or multiple MCCs. This paper will address the requirements for the TRAPS/MCC network and the design solution.
|
7 |
Reliability and Load Handling Problem in Internet Service Provider’s NetworkAbrar, Mirza Kashif, Pervaiz, Imran January 2009 (has links)
<p>This thesis puts forward a new solution to provide the reliable network to the Internet Service Provider (ISP). This study mainly focuses on the ISPs network to provide reliability and the load balancing. It offers a guide line for the best reliable solution to the ISPs, individual organizations or other types of service providers which are engaged in providing reliable communications to their subscribers. These reliable services may be real time communications which include weather forecasts, tracking systems, online Internet protocol TV (IPTV) programs and many other ISPs services which are totally depend on the reliable network.</p><p>With the appearance and expansion of Internet subscribers all over the world, ISPs services are becoming more popular. The rapid increase of connection-demand and highly traffic network is the main reason behind the need to scale reliable network. To offer better solutions, a new theoretical and practical approach should be considered that can cover the reliable network.</p><p>The suggested network structure monitors the links, spreads the network traffic with multiple devices and takes a backup (redundant) link automatically when changes occur in the network topology. In order to support the redundancy, load balancing and reduce the failover time, the hot standby routing protocol (HSRP) is implemented on the suggested network. As we have analyzed that in any network, scalability bringing to raised the network traffic broadcast issue. Broadcast storms can be prevented by setting threshold values of traffic-filters. The threshold level helps to control broadcast traffic in networks.</p><p>With regard to suggested solutions, it is necessary to observe the limitations and advantages of the recommended reliable network structure. Therefore, this research will include the advantages and limitations of the techniques used to offer ISP services such as scalability, security and IPv6.</p>
|
8 |
Reliability and Load Handling Problem in Internet Service Provider’s NetworkAbrar, Mirza Kashif, Pervaiz, Imran January 2009 (has links)
This thesis puts forward a new solution to provide the reliable network to the Internet Service Provider (ISP). This study mainly focuses on the ISPs network to provide reliability and the load balancing. It offers a guide line for the best reliable solution to the ISPs, individual organizations or other types of service providers which are engaged in providing reliable communications to their subscribers. These reliable services may be real time communications which include weather forecasts, tracking systems, online Internet protocol TV (IPTV) programs and many other ISPs services which are totally depend on the reliable network. With the appearance and expansion of Internet subscribers all over the world, ISPs services are becoming more popular. The rapid increase of connection-demand and highly traffic network is the main reason behind the need to scale reliable network. To offer better solutions, a new theoretical and practical approach should be considered that can cover the reliable network. The suggested network structure monitors the links, spreads the network traffic with multiple devices and takes a backup (redundant) link automatically when changes occur in the network topology. In order to support the redundancy, load balancing and reduce the failover time, the hot standby routing protocol (HSRP) is implemented on the suggested network. As we have analyzed that in any network, scalability bringing to raised the network traffic broadcast issue. Broadcast storms can be prevented by setting threshold values of traffic-filters. The threshold level helps to control broadcast traffic in networks. With regard to suggested solutions, it is necessary to observe the limitations and advantages of the recommended reliable network structure. Therefore, this research will include the advantages and limitations of the techniques used to offer ISP services such as scalability, security and IPv6.
|
9 |
Differenzierte Bereitstellung von Internetdiensten in öffentlichen Bereichen der UniversitätBreiler, Andre 26 January 2001 (has links)
Die vorliegende Arbeit entwickelt und implementiert
ein System für die Bereitstellung von Internet-Diensten
an öffentlichen Orten. Besonderer Wert wurde auf eine
einfache Handhabung für den Nutzer, eine breite
Unterstützung von Klienten und ein breites Spektrum
möglicher Privilegien (von der vollen Internetkonnektivität
bis zu einer Art Infoterminalstatus) gelegt.
|
10 |
Dokumentation Netzwerk Chemnitzer Linux-Tag 2004Kratzert, Sebastian, Möller, Manuel 26 May 2004 (has links)
Während sich der Chemnitzer Linux-Tag über die vergangenen fünf Jahre mit jedem Mal in der Zahl der Aussteller, Helfer und Gäste steigerte, wuchs auch in jedem Jahr das Tagungsnetzwerk.
Den Informatikern wird häufig nachgesagt, daß sie wenig dokumentieren würden. Dieses Vorurteil traf auch für das Netzwerk der vergangenen Chemnitzer Linux-Tage zu. Unter anderem, um diesem Mißstand abzuhelfen, haben wir uns bemüht, möglichst detailliert Informationen über Konzept, eingesetzte Technologieen und konkrete Konfiguration des Tagungsnetzwerks des Chemnitzer Linux-Tags 2004 zusammenzutragen.
|
Page generated in 0.02 seconds