Friday, 6 November 2009

RAID part 3 RAID Level 1.

RAID Level 1

RAID level 1 is known as disk mirroring. Disk mirroring uses two or more hard drives and duplicates the data from one drive to the others. The fact that RAID 1 does store a second copy of the data on another member of the volume means that this solution does offer fault tolerance. Fault tolerance is the concept that if one part of the solution fails, the other guy will pick up the workload and the solution will continue to function. If one of the disks in the mirror fails, you can replace the failed disk by breaking the mirror, adding a new functioning disk, and then rebuilding the mirror from the existing disk that did not fail. Once you have reestablished the mirror, you have your fault tolerance back.

The figure below displays the concept of a mirror volume. When a user saves data to a mirrored volume, the data is written to all disks that make up the volume.




RAID level 1 (Mirror) concept.

Creating a Mirrored Volume in Windows Server

In this step-by-step you will create a mirrored volume on a Windows server using two of the dynamic disks created in the preceding walkthrough. Remember that a mirrored volume stores all the data on both members (disks) in the volume. To create a mirrored volume, follow these steps:

RAID part 2 RAID Level 0.

RAID Level 0:

RAID level 0 is called striping or striped volumes. With RAID 0 multiple disks are used to create a volume; when data is saved to the volume, the data is split up and spread across all disks in the volume. The benefit of striped volumes is that all disks are written to at the same time, giving you a performance benefit. For example, if you are saving a 12MB file to drive D and drive D is a striped volume made up of four disks, we can generalize the save operation by saying that each disk will save 3MB of data each and all disks will work at the same time to do the save operation that totals 12MB. If you only had one disk working for that 12MB save operation, it would take four times longer.

RAID 0 "Striped set without parity" or "Striping". Provides improved performance and additional storage but no redundancy or fault tolerance. Because there is no redundancy, this level is not actually a Redundant Array of Inexpensive Disks, i.e. not true RAID. However, because of the similarities to RAID (especially the need for a controller to distribute data across multiple disks), simple stripe sets are normally referred to as RAID 0. Any disk failure destroys the array, which has greater consequences with more disks in the array (at a minimum, catastrophic data loss is twice as severe compared to single drives without RAID). A single disk failure destroys the entire array because when data is written to a RAID 0 drive, the data is broken into fragments. The number of fragments is dictated by the number of disks in the array. The fragments are written to their respective disks simultaneously on the same sector. This allows smaller sections of the entire chunk of data to be read off the drive in parallel, increasing bandwidth. RAID 0 does not implement error checking so any error is unrecoverable. More disks in the array means higher bandwidth, but greater risk of data loss.RAID 0 is strictly for the performance benefit in the read and write operations.



RAID level 0 concept.

Thursday, 5 November 2009

RAID part 1 Introduction.

Introduction:

A Redundant Array of Independent Disks (RAID) controller is a piece of hardware or system software that control and manage the RAID level of the RAID storage, it is largely used in servers because they have a large space of storage that importantly be recoverable and secure.

The RAID controller is also largely used in clustered environments like Network-attached storage (NAS), which are standalone devices, usually SCSI, that have a network interface but no PC. NAS is possibly include a built-in RAID controller to allow all the hard disks to be fault tolerant and function as a single volume.


Monday, 2 November 2009

Network Security Part 9 TACACS+ & AAA.

TACACS+:

In computer networking, TACACS+ (Terminal Access Controller Access-Control System Plus) is a protocol which provides access control for routers, network access servers and other networked computing devices via one or more centralized servers. TACACS+ provides separate authentication, authorization and accounting services.

TACACS+ is based on TACACS, but, in spite of its name, it is an entirely new protocol which is incompatible with any previous version of TACACS. TACACS+ and RADIUS have generally replaced the earlier protocols in more recently built or updated networks, although TACACS and XTACACS are still running on many older systems.



TACACS+ Server.

Network Security Part 8 VPN

Virtual Private Network:

A virtual private network (VPN) is a computer network in which some of the links between nodes are carried by open connections or virtual circuits in some larger network (e.g., the Internet) instead of by physical wires. The link-layer protocols of the virtual network are said to be tunneled through the larger network when this is the case. One common application is secure communications through the public Internet, but a VPN need not have explicit security features, such as authentication or content encryption. VPNs, for example, can be used to separate the traffic of different user communities over an underlying network with strong security features.

VPN Types:

  • Remote Access VPN.
  • SSL /web based RA-VPN.
  • Client based RA-VPN.
  • Site to Site VPN.


VPN connection types.

Network Security Part 7 Web Application Scanner.

Web Application Scanner:

web application security scanner is program which communicates with a web application through the web front-end in order to identify potential security weaknesses in the web application.

It performs a black-box test. Unlike source code scanners, web application scanners don't have access to the source code and therefore detect vulnerabilities by actually performing attacks.

A web application security scanner can facilitate the automated review of a web application with the expressed purpose of discovering security vulnerabilities, and are required to comply with various regulatory requirements. Web application scanners can look for a wide variety of vulnerabilities, including:
  • Input/Output validation: (Cross-site scripting, SQL Injection)
  • Specific application problems
  • Server configuration mistakes/errors/version

Web Applications Issues :
  • Scripting issues
  • Sources of input: forms, text boxes, dialog windows, etc.
  • Multiple Charset Encodings (UTF-8, ISO-8859-15, UTF-7, etc.)
  • Regular expression checks
  • Header integrity (e.g. Multiple HTTP Content Length, HTTP Response Splitting)
  • Session handling/fixation
  • Cookies
  • Framework vulnerabities(Java Server Pages, .NET, Ruby On Rails, Django, etc.)
  • Success control: front door, back door vulnerability assessment
  • Penetration attempts versus failures

Network Security Part 6 Mail Relay.

Mail Relay:

An SMTP open relay is a mail server that permits an unknown, outside sender to pass mail through the server to unknown, outside recipients, usually without the consent of its manager.


InterScan Messaging Security Appliance 7.0



The Trend Micro InterScan Messaging Security Appliance gives us a very comprehensive solution with built-in spam detection, anti-phishing, and IntelliTrap technology for detecting worms and viruses. We also get more aggressive spyware control by catching it in SMTP and POP3 streams. Since deploying the appliance, we’ve had no unwanted content on the network

Network Security Part 5 IDS

IDS:

The IDS “Intrusion Detection System” is software and/or hardware designed to detect unwanted attempts at accessing, manipulating, and/or disabling of computer systems, mainly through a network, such as the Internet. These attempts may take the form of attacks, as examples, by crackers, malware and/or disgruntled employees. An IDS cannot directly detect attacks within properly encrypted traffic.

Network Security Part 4 Firewall.

Firewall:

A firewall is a device or set of devices configured to permit, deny, encrypt, decrypt, or proxy all computer traffic between different security domains based upon a set of rules and other criteria.

A firewall is a dedicated appliance, or software running on another computer, which inspects network traffic passing through it, and denies or permits passage based on a set of rules.

A firewall's basic task is to regulate some of the flow of traffic between computer networks of different trust levels.


Network Security Part 3 Web Proxy.

Web Proxy:

In computer networks, a proxy server is a computer system “Hardware” or an application program “Software” server which services the requests of its clients by forwarding requests to other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server provides the resource by connecting to the specified server and requesting the service on behalf of the client. A proxy server may optionally alter the client's request or the server's response, and sometimes it may serve the request without contacting the specified server. In this case, it would 'cache' the first request to the remote server, so it could save the information for later, and make everything as fast as possible.



Network Security Part 2 Antivirus System:

Antivirus System:

Is a software system that uses a database or as so called dictionary containing a full description a bout all the malicious files or programs like Viruses, Worms, Trojan and Spyware that attempt to identify, neutralize or eliminate.

Virus:

A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user, The original virus may modify the copies, or the copies may modify themselves, A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or the Internet, or by carrying it on a removable medium such as a floppy disk, CD, or USB drive.

Network Security Part 1 Introduction

Introduction to Network Security:

The network security as a job is a part of the operation unit of the IT department of any company, as companies may have a wide area network (WAN) connecting their entire branches, and may also connect to the Internet, so they have the need to secure their own data from unwanted behaviors.

WAN “Wide Area Network”:

First of all let us take a little and brief explanation about what a WAN is, in simple definition it is a group of LANs “Local Area Networks” connected with each others in such a connection method so that they all can react as a complete unit with the ability of connection to the internet, so in such that complicated way of organization the security term takes its place to accomplish the reliability of transferring data between all network components taking also the out side connection to the outer world as the most important link to be secure.

How WAN can be constructed.

Friday, 30 October 2009

Wireless Network Simulation Using OPNET IT Guru Academic Edition. Part 6 View Results.

6. View Results:

After running simulation for all scenarios we can now view results to compare between the scenarios by clicking on the show results tool on the tool bar, a view results window will appear showing all the selected statistics, selecting the overloaded statistics for all scenarios to be in the same graph with different colors, changing the view to the average type so the graph be in a curve way, finally we can view the graph in a separate window with full information and legend.

  • The HTTP page response time: from this graph comparing our four scenarios we understand that the response time of a HTTP page decreases as the data rate increases. 

Wireless Network Simulation Using OPNET IT Guru Academic Edition. Part 5 Working With Scenarios.

5. Working With Scenarios:

5.1. Selecting the statistics of the scenario:

Now we should select the statistics that we will study in comparing scenarios by right clicking on any empty space in the workspace and choosing the individual statistics option, from the global statistics tree we will select the HTTP Page Response Time, TCP Delay, Wireless LAN Data Dropped, Wireless LAN Delay, Wireless LAN Load, Wireless LAN Media Access Delay, and finally Wireless LAN Throughput.



Wireless Network Simulation Using OPNET IT Guru Academic Edition. Part 4 Configuring Scenario.

4. Configuring Scenario:

Now we will start configuring our nodes by right clicking the wanted node and then choosing edit attributes.

  • The application configuration tool will configured to get the default application definition.
     
  • Then editing the profile configuration of profile configuration tool another window will appear to edit it, selecting the rows, where each row means a configuration entry, naming every entry and then edit their applications, also another window appears to select applications for that entry by selecting rows, here each row means an application entry, so here we can select a web browsing application that is our need in our scenario.

Wireless Network Simulation Using OPNET IT Guru Academic Edition. Part 3 Wireless network Scenario.

3. Wireless network Scenario:

In this case study we will create four scenarios of a wireless network for an office of 20 employee starting with the simple standard IEEE802.11that its data transfer rate operate on 1& 2 Mbps and then we will go up till reach the standard IEEE802.11b that its data transfer rate operate on 11Mbps.

The scenarios will be used to provide an internet connection to use HTTP protocol to work on the main website of the company to enter the data into it by the employees working into that office and so to search about work data that is inside it.

Then we will compare the four scenarios to find the best one to choose in the real work.






Wireless Network Simulation Using OPNET IT Guru Academic Edition. Part 2 2. Wireless Infrastructure:

2. Wireless Infrastructure:

2.1. Wireless network refers to any type of computer network that is wireless, and is commonly associated with a telecommunications network whose interconnections between nodes is implemented without the use of wires. Wireless telecommunications networks are generally implemented with some type of remote information transmission system that uses electromagnetic waves, such as radio waves, for the carrier and this implementation usually takes place at the physical level or "layer" of the network.




Wireless Network Simulation Using OPNET IT Guru Academic Edition. Part1.

1. Introduction:

1.1. What is an OPNET IT Guru:
OPNET IT Guru Academic Edition provides a virtual environment for modeling, analyzing, and predicting the performance of IT infrastructures, including applications, servers, and networking technologies. Based on OPNET's award-winning IT Guru product, Academic Edition is designed to complement specific lab exercises that teach fundamental networking concepts. The commercial version of IT Guru has broader capabilities designed for the enterprise IT environment, documentation, and professional support. OPNET software is used by thousands of commercial and government organizations worldwide, and by over 500 universities.


Thursday, 29 October 2009

The Matrix

A new philosophy of relations between us and the reality, first of all ask yourself “Is life real?”, “of course it is” as you will say, but what reality really means? Is it everything we touch, hear, see, taste and feel? So it is every thing we sense.

Ok the second answer is “Is our sense is real?”, now we get to the point, what is sense? It is a type of translation that our mind do as a response to our interactions with the outer environment that we called life, but if two things interact with each other and one of them response to this interaction, is the response will be the same as the interaction, No it will defer by many ways like force, shape, energy type, direction, time, place or will nothing happens.

Reality of what we sense:

Is all what we sense are real? They are real but not as we think it is.

Why? Because what we sense is a part of interactions responses that may be less or may vanish sometimes, take what we see as an example, it is just a response of light reflection from environment objects entering our eyes.