34 terms

Network Ch 10 Remote Network Access

ISDN features
Integrated Services Digital Network - digital, dialup, no modem, terminator equipment, old, 64Kbps per channel, pay by month and minute
ISDN terms
BRI, PRI, 2B+D, U interace, Network Terminator 1, S/T interface, termianl equipment, TE1 device, TE2 device, terminal adaper
DSL features
Digital Subscriber Line - variety of services faster than ISDN, differing upstream/downstream speeds, high frequencies on phone line, direct permanent connection
ADSL terms
ADSL Termination Unit Remote (ATU-R) = transceiver = 'modem', Digital Subscriver Line Access Multiplexer (DSLAM)
ADSL speed
Asymmetric, 8.448 Mbps down, 1.088 Mbps up
CATV features
broadband, not dedicated link, bandwidth sharing, neighbors on same network, asymmetrical, requires VPN for connection to remote LAN
leased line T-1 speed
24 channels of 64Kbps = 1.544 Mbps
T-3 speed
672 channels of 64 Kbps = 44.736 Mbps
leased line infrastructure
CSU/DSU channel service unit/digital sercie unit 'digital modem' at each end
Synchronous Optical Network or Synchronous Digital Hierarchy. OC1 - OC192
mainframes to terminals
role of remote networking protocols
WAN data-link layer protocols, end-to-end connction, simple, part of TCP/IP suite, PPP and SLIP, no physical layer specification
SLIP frame
network layer datagram + 1B SLIP end delimiter
Serial Line Internet Protocol
SLIP missing features
addresses, protocol identification (only one protocol allowed during a connection), error detection
Point to Point Protocol replaced SLIP for remote networking
PPP connection establishment protocols
Link Control Protocol LCP to agree on parameters
Authentication - Password Authentication Prot PAP or Challenge Handshake CHAP
establish connections for control protocols IPCP
PPP payload size
1500 B data+pad
PPP establishing connection phases
link dead - physical layer message sent
Link Establishment - PPP frame containing LCP configure request message and replies until one LCP ACK message
Authentication - optional. PAP, CHAP, or others in PPP frame
Link Quality Monitoring - optional. LQRP
Network Layer Protocol Config - network control protocol connections establishment
Link Open - PPP link is operating
Link Termination - exchange LCP termination messages
PAP definition
Password Auth Prot clear text password
CHAP definition
Challenge Handshake Auth Prot - MD5 hashing on password, but doesn't encrypt connection data and is reversible
one-way authentication, encryption based on the password
two-way authentication, encryption key for each connection and direction. Preferred CHAP method
EAP definition
Extensible Authentication Prot - shell allowing other protocols that use more than passwords for Windows
PEAP definition
Protected EAP - account name + password for wireless
MD5-Challenge definition
Message Digest 5 Challenge - in EAP messages. Non-windows clients. Doesn't encrypt connection data
Smart Cart or Other Certificate alternative name
EAP-Transport Layer Security
RADIUS definition
Remote Auth Dial-In User Service - Internet Auth Service (IAS) central server handles all auth requests
Kerberos auth process
1 client sends request to Key Distribution Center KDC
2 KDC sends ticket-granting-ticket TGT including key to client encrypted based on password
3 client enters password to decrypt TGT
4 client uses key from TGT to encrypt request for ticket from Ticket Granting Server TGS
5 TGS received key from KDC and uses it to decrypt ticket request. TGS sends encrypted server ticket to client
Kerberos access granted by auth
client sends pre-encrypted ticket to destination server, which has key from TGS. Ticket includes session key which client and server use to encrypt/decrypt data
PPPoE definition
Point to Point Prot over Ethernet - TCP/IP suite, to establish separate PPP connections for many clients with remote resources on LANS
dialup VPN process
1 client connects to ISP PPP (phone connection to ISP)
2 client makes TCP control connection to target server PPTP (internet connection from ISP to remote resource)
3 PPP frame addressed to target server is encapsulated and encrypted in IP datagram addressed to remote gateway
dialup connection to remote private network
dial its number (long distance phone connection)
Microsoft terminal protocol
RDP Remote Desktop Protocol