People have more flexible time due to wireless network. Thanks to the invention of wireless. People can now work from home while taking care of their kids or doing house works. No more stress from traffic jam anymore. Is this great?
Well, there is something you should realize. Working from home while using a wireless local area network (WLAN) may lead to theft of sensitive information and hacker or virus infiltration unless proper measures are taken. As WLANs send information over radio waves, someone with a receiver in your area could be picking up the transmission, thus gaining access to your computer. They could load viruses on to your laptop which could be transferred to the company's network when you go back to work.
Believe it or not! Up to 75 per cent of WLAN users do not have standard security features installed, while 20 per cent are left completely open as default configurations are not secured, but made for the users to have their network up and running ASAP. It is recommended that wireless router/access point setup be always done though a wired client.
You can setup your security by follow these steps:
1. Change default administrative password on wireless router/access point to a secured password.
2. Enable at least 128-bit WEP encryption on both card and access point. Change your WEP keys periodically. If equipment does not support at least 128-bit WEP encryption, consider replacing it. Although there are security issues with WEP, it represents minimum level of security, and it should be enabled.
3. Change the default SSID on your router/access point to a hard to guess name. Setup your computer device to connect to this SSID by default.
4. Setup router/access point not to broadcast the SSID. The same SSID needs to be setup on the client side manually. This feature may not be available on all equipment.
5. Block anonymous Internet requests or pings. On each computer having wireless network card, network connection properties should be configured to allow connection to Access Point Networks Only. Computer to Computer (peer to peer) Connection should not be allowed.
Enable MAC filtering. Deny association to wireless network for unspecified MAC addresses. Mac or Physical addresses are available through your computer device network connection setup and they are physically written on network cards. When adding new wireless cards / computer to the network, their MAC addresses should be registered with the router /access point. Network router should have firewall features enabled and demilitarized zone (DMZ) feature disabled.
All computers should have a properly configured personal firewall in addition to a hardware firewall. You should also update router/access point firmware when new versions become available. Locating router/access point away from strangers is also helpful so they cannot reset the router/access point to default settings. You can even try to locate router/access point in the middle of the building rather than near windows to limit signal coverage outside the building.
There is no guarantee of a full protection of your wireless network, but following these suggested tips can definitely lessen your risk of exposing to attackers aiming at insecure networks.
Showing posts with label services. Show all posts
Showing posts with label services. Show all posts
Saturday, December 27, 2008
Monday, December 22, 2008
CCNP Certification / BCMSN Exam Tutorial: QoS Service Types
To pass the CCNP exams, you’ve got to master Quality of Service, and the first step in doing so is knowing the differences between the different QoS types.
Now this being Cisco, we can't just have one kind of QoS! We've got best-effort delivery, Integrated Services, and Differentiated Services. Let's take a quick look at all three.
Best-effort is just what it sounds like - routers and switches making their "best effort" to deliver data. This is considered QoS, but it's kind of a "default QoS". Best effort is strictly "first in, first out" (FIFO).
An entire path from Point A to Point B will be defined in advance when Integrated Services are in effect. Integrated Services is much like the High-Occupancy Vehicle lanes found in many larger cities. If your car has three or more people in it, you're considered a "priority vehicle" and you can drive in a special lane with much less congestion than regular lanes. Integrated Services will create this lane in advance for "priority traffic", and when that traffic comes along, the path already exists. Integrated Services uses the Resource Reservation Protocol (RSVP) to create these paths. RSVP guarantees a quality rate of service, since this "priority path" is created in advance.
Integrated Services is defined in RFC 1613. Use your favorite search engine to locate a copy online and read more about this topic. It's a good idea to get into the habit of reading RFCs!
Of course, if you've got a lot of different dedicated paths being created that may or not be used very often, that's a lot of wasted bandwidth. That leads us to the third QoS model, the Differentiated Services model. Generally referred to as DiffServ, there are no advance path reservations and there's no RSVP. The QoS policies are written on the routers and switches, and they take action dynamically as needed. Since each router and switch can have a different QoS policy, DiffServ takes effect on a per-hop basis rather than the per-flow basis of Integrated Services. A packet can be considered "high priority" by one router and "normal priority" by the next.
Believe me, this is just the beginning when it comes to Quality of Service. It's a huge topic on your exams and in the real world's production networks, and as with all other Cisco topics, just master the fundamentals and build from there - and you're on your way to CCNP exam success!
Now this being Cisco, we can't just have one kind of QoS! We've got best-effort delivery, Integrated Services, and Differentiated Services. Let's take a quick look at all three.
Best-effort is just what it sounds like - routers and switches making their "best effort" to deliver data. This is considered QoS, but it's kind of a "default QoS". Best effort is strictly "first in, first out" (FIFO).
An entire path from Point A to Point B will be defined in advance when Integrated Services are in effect. Integrated Services is much like the High-Occupancy Vehicle lanes found in many larger cities. If your car has three or more people in it, you're considered a "priority vehicle" and you can drive in a special lane with much less congestion than regular lanes. Integrated Services will create this lane in advance for "priority traffic", and when that traffic comes along, the path already exists. Integrated Services uses the Resource Reservation Protocol (RSVP) to create these paths. RSVP guarantees a quality rate of service, since this "priority path" is created in advance.
Integrated Services is defined in RFC 1613. Use your favorite search engine to locate a copy online and read more about this topic. It's a good idea to get into the habit of reading RFCs!
Of course, if you've got a lot of different dedicated paths being created that may or not be used very often, that's a lot of wasted bandwidth. That leads us to the third QoS model, the Differentiated Services model. Generally referred to as DiffServ, there are no advance path reservations and there's no RSVP. The QoS policies are written on the routers and switches, and they take action dynamically as needed. Since each router and switch can have a different QoS policy, DiffServ takes effect on a per-hop basis rather than the per-flow basis of Integrated Services. A packet can be considered "high priority" by one router and "normal priority" by the next.
Believe me, this is just the beginning when it comes to Quality of Service. It's a huge topic on your exams and in the real world's production networks, and as with all other Cisco topics, just master the fundamentals and build from there - and you're on your way to CCNP exam success!
Subscribe to:
Posts (Atom)
