1. Veille technologique en TIC Aspects stratégiques des réseaux Eric Vyncke [email_address] Dernière mise à jour: 7 novembre 2007

4. Introduction to Network

6. The Acronyms Soup Or a small touch of technology

9. Modèle d’une couche couche n couche n couche n +1 couche n-1 protocole de couche n services de la couche n services de la couche n-1

33. IP Routing at Home Access Point ADSL Router Your ISP Internet = All other ISP 192.168.100.2 Default route => 192.168.100.1 I’m 192.168.100.1 & 192.168.1.2 Route to 192.168.100.0/24 via WiFi Default route to 192.168.1.1 I’m 192.168.1.1 and 80.123.34.89 Route to 192.168.100.0/24 via 192.168.1.2 Default route via ADSL Network Printer I’m 192.168.1.3 Route to 192.168.100.0/24 via 192.168.1.2 Default route to 192.168.1.1

36. Wide Area Network Layer 3 Service or In House Network? SP Layer 3 Services

40. Delay Variation—“Jitter” t t Sender Transmits B Receives C B A C B A d1 d2 D1 = d1 D2 = d2 Jitter

42. QoS in Action Campus Backbone Multimedia Training Servers Order Entry, Finance, Manufacturing Finance Manager Remote Campus Classification Classification Enforcement

44. The Security Impact

45. The Security Dilemma Security Risks Internet Business Value Explosion in E-Business!! Internet Access Corporate Intranet Internet Presence Customer Care E-Learning Supply Chain Management E-Commerce Workforce Optimization

46. 100% Security The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete bunker, and is surrounded by nerve gas and very highly paid armed guards. Even then, I wouldn’t stake my life on it…. Gene Spafford—Director, Computer Operations, Audit, and Security Technology (COAST), Purdue University “ ”

47. Threat Capabilities: More Dangerous & Easier To Use Sophistication of Hacker Tools Packet Forging/ Spoofing 1990 1980 Password Guessing Self Replicating Code Password Cracking Exploiting Known Vulnerabilities Disabling Audits Back Doors Sweepers Sniffers Stealth Diagnostics High Low 2000 DDOS Internet Worms Source: Carnegie Mellon University, 2002 Technical Knowledge Required

50. Insiders… Over 75% of hacking is done by insiders and it’s easy to see why. The person on the inside is on the right side of the firewall—they know the computer systems and they have access to the passwords Neil Barrett, Bull Information Systems, ‘ Computer Crime Fighter’—Personal Computer World, Feb 1999 “ ”

52. Attack against Confidentiality telnet foo.bar.org username: dan password: m-y-p-a-s-s-w-o-r-d d-a-n

53. Attack on Integrity Bank Customer Deposit $1000 in Bob’s Account Deposit $900 in Mallet’s Account and $100 in Bob’s Account

54. Attacks of Integrity: Web Defacing

69. Technical Controls Security Perimeter Trusted Zone Untrusted Zone firewall

70. Technical Controls Usual Firewall Locations Internet intranet Partner X Partner Y HR Network Source: Cisco Systems

72. Impact of Voice

76. What Is a CODEC? Analog to Digital Conversion Analog Audio Source = 0101 G.711 Pulse Code Modulation (PCM) is the DS0 Everything Is Bits Sample Compand Quantize Encode Frame 4000 Hz Analog Signal = Sample 8,000/sec Nyquist Frequency Quantize 256 Steps Using 8 Bits DS0 64 Kbps

82. Wireless Network

85. GSM Architecture OMC Home Location Register AuC Equipment ID Network Management Center BTS BTS BTS ME ME ME Subscriber Identity Module Subscriber Identity Module Subscriber Identity Module BSC PSTN Mobile switching center Data communication network BTS = Base Transceiver Station BSC = Base Station Controller AuC = Authentication Center OMC = Operation and Maintenance Center PSTN = Public Switched Telephone Network ME = Mobile Equipment Source: Stallings, 313 Source: Mehrotra, 27 Visitor Location Register BTS

89. WiFi GSM UMTS WiMAX 120 Mbps 2 – 14 Mbps 9.6 kbps -> 384 kbps 11 Mbps -> 54 Mbps Bandwidth Licensed Licensed Licensed Unlicensed Spectrum 30 km WiMAX Mostly worldwide UMTS Worldwide (except Japan) GSM 100 m WiFi Range

90. Mobile Systems 802.11n 4G 3G HSDPA Zigbee 802.15.4 BT UWB NFC RFID Proximity Personal Local Wide Data Rate (bps) 1G 1M 10K 10M 100M 2G 3G 802.16 802.16e 802.11g 802.11b 802.11a

93. How to Deploy a Network? Or the right questions to be asked?