More Effective:
----Unlike Ethernet, Token Ring uses a ring topology whereby the data is sent from one machine to the next and so on around the ring until it ends up back where it started. It also uses a token passing protocol which means that a machine can only use the network when it has control of the Token, this ensures that there are no collisions because only one machine can use the network at any given time.
2. Although security issues were not mentioned in this chapter, every network owner must consider them. Knowing that open networks all data to pass to every node, describe the posssible security concerns of open network achitectures. include the implicatiions of passing logon procedures, user IDs, and passwords openly on the network.
Security concern:
Internet and Network Attacks
Intruders spread viruses through network/internet. eg. email attachent. Without permission from the authoritative supervisors, no network system manager may browse the personal files of users. In case of the discovery of any suspicious events regarding network security, network system managers shall follow the authorization regulations and use automatic search tools to check files.
Unauthorized Access and Use
Unauthorized access is the use of a computer or network without permission. Unauthorized use is the use of a computer or its data for unapproved or possibly illegal activities.Controlling Network
The network administrator, the person overseeing network operations, uses the network OS to add and remove users, computers, and other devices to and from the network. The network administrator also uses the network operating system to install software and administer network security.
Administering Security
The network administrator uses the network OS to establish permissions to resources. These permissions define who can access certain resources and when they can access those resources.
Access Control
3. Remembering the discussion of deadlocks, if you were designing a networked system, how would you manage the treat of deadlocks in your network? Consider all of the following: prevention, detection, avoidance, and recovery.
Deadlock prevention
Attacking Mutex condition
never grant exclusive access. but this may not be possible for several resources.
Attacking preemption
not something you want to do.
Attacking hold and wait condition
make a process hold at the most 1 resource at a time.
make all the requests at the beginning. All or nothing policy. Attacking circular wait
Order all the resources.
Make sure that the requests are issued in the correct order so that there are no cycles present in the resource graph.
Deadlock detection
A method is described for checking deadlock in a telecommunication network including a first activated backup connection for protecting traffic over a first intended connection. The method includes the steps of checking a reversion blocked status of the first intended connection by checking if the segments of the first intended connection are available or not available, in case of detecting the reversion blocked status of the first intended connection identifying activated backup connections using the not available segments of the first intended connection, identifying the corresponding intended connections, checking the reversion blocked status of each identified corresponding intended connection by checking if the corresponding segments are available or not available, in case of detecting the reversion blocked status of an identified corresponding intended connection checking if a corresponding not available segment is included in the first backup connection. The method further provides the indication of the intended connections involved in the deadlock.
Deadlock avoidance
In an apparatus having a network including successive stages of cross-point switches which collectively interconnect a plurality of nodes external to said network, wherein at least one message is carried between one of the nodes and one of the cross-point switches over a route through said network, a method for preventing routing deadlocks from occurring in the network which comprises the steps of: creating a graphical representation of the network; searching for the existence of cycles within the graphical representation; partitioning the graphical representation into at a first subgraph and a second subgraph if cycles exist in the graphical representation; searching for the existence of edges directed from the first subgraph to the second subgraph; and removing the edges directed from the first subgraph to the second subgraph. Preferably the step of partitioning the network into at a first subgraph and a second subgraph is performed such that the first subgraph and the second subgraph have an equal number of vertices, a number of directed edges from the first subgraph to the second subgraph is minimized so as to minimize the number of routes prohibited, and a set of partition constraints are satisfied. The method is recursively applied to the first subgraph and then the second subgraph, thereby removing all of the deadlock prone cycles in the network while minimizing the number of routes prohibited due to remove edges.
Imagine that your network went down. You would likely lose access to mission-critical data, voice, video, and business applications. Your customers might be unable to contact you. Scarier yet, envision your network becoming an “insider threat,” running smoothly while outside parties were using your network like a bot to steal and exploit your critical business information.
No comments:
Post a Comment