How to Create and Manage Access - Control Lists on Cisco ASA and PIX Firewalls

By Don R. Crawley

Access Control Lists (ACLs) are sequential lists of permit and deny conditions applied to traffic flows on a device interface. ACLs are based on various criteria including protocol type source IP address, destination IP address, source port number, and/or destination port number.
ACLs can be used to filter traffic for various purposes including security, monitoring, route selection, and network address translation. ACLs are comprised of one or more Access Control Entries (ACEs). Each ACE is an individual line within an ACL.
ACLs on a Cisco ASA Security Appliance (or a PIX firewall running software version 7.x or later) are similar to those on a Cisco router, but not identical. Firewalls use real subnet masks instead of the inverted mask used on a router. ACLs on a firewall are always named instead of numbered and are assumed to be an extended list.
The syntax of an ACE is relatively straight-forward:
Ciscoasa(config)#access-list name [line number] [extended] {permit | deny} protocol
source_IP_address source_netmask [operator source_port] destination_IP_address
destination_netmask [operator destination_port] [log [[disable | default] | [level]] [interval seconds]] [time-range name] [inactive]
Here's an example:
asa(config)# access-list demo1 permit tcp 10.1.0.0 255.255.255.0 any eq www
asa(config)# access-list demo1 permit tcp 10.1.0.0 255.255.255.0 any eq 443
asa(config)# show access-list demo1
access-list demo1; 2 elements
access-list demo1 line 1 extended permit tcp 10.1.0.0 255.255.255.0 any eq www
access-list demo1 line 2 extended permit tcp 10.1.0.0 255.255.255.0 any eq https
In the above example, an ACL called "demo1" is created in which the first ACE permits TCP traffic originating on the 10.1.0.0 subnet to go to any destination IP address with the destination port of 80 (www). In the second ACE, the same traffic flow is permitted for destination port 443. Notice in the output of the show access-list that line numbers are displayed and the extended parameter is also included, even though neither was included in the configuration statements.
You can deactivate an ACE without deleting it by appending the inactive option to the end of the line.
As with Cisco routers, there is an implicit "deny any" at the end of every ACL. Any traffic that is not explicitly permitted is implicitly denied.
**Editing ACLs and ACEs**
New ACEs are appended to the end of the ACL. If you want, however, to insert the new ACE at a particular location within the ACL, you can add the line number parameter to the ACE:
asa04(config)# access-list demo1 line 1 deny tcp host 10.1.0.2 any eq www
asa04(config)# show access-list demo1
access-list demo1; 3 elements
access-list demo1 line 1 extended deny tcp host 10.1.0.2 any eq www
access-list demo1 line 2 extended permit tcp 10.1.0.0 255.255.255.0 any eq www
access-list demo1 line 3 extended permit tcp 10.1.0.0 255.255.255.0 any eq https
Notice in the first line of the example above that an ACE is added at line one in the ACL. Notice in the output from the show access-list demo1 command that the new entry is added in the first position in the ACL and the former first entry becomes line number two.
You can remove an ACE from an ACL by preceding the ACE configuration statement with the modifier no, as in the following example:
Asa04(config)#no access-list demo1 deny tcp host 10.10.2 any eq www
In my next article, I'll show you how to use time-ranges to apply access-control lists only at certain times and/or on certain days. I'll also show you how to use object-groups with access-control lists to simplify ACL management by grouping similar components such as IP addresses or protocols together.
Copyright (c) 2008 Don R. Crawley

Don R. Crawley, CCNA-certified, is president and chief technologist at soundtraining.net, the Seattle training firm specializing in business skills and technical training for IT professionals. He works with IT pros to enhance their work, lives, and careers. For more information about soundtraining.net's accelerated Cisco ASA training, visit here

Article Source: http://EzineArticles.com/?expert=Don_R._Crawley

Cisco Internetworking Operating System

By Manolis Skoras

Now about the CLI (command line interface), you enter configurations for routers and switches by typing them in, on a console screen. You enter a command and press (Return - enter) and then do it again for all the following commands. Several words can be entered on the same line.
Cisco IOS lesson materials contain really a lot of pictures and step by step instructions that will help you understand all the learning topics very well, even if you do not use a network simulator. However, I strongly recommend you to download and learn how to use the free Cisco Packet Tracer simulator, because this way you will also be able to follow my labs and after gaining the required knowledge, you will be able to create your own network designs and go deeper to the subjects that are more important for you.
It is vital to comprehend the different prompts you can find when configuring a router or switch so you are able to know where you are at any time within configuration mode. In the next lab, you will learn how to move between different prompts on a Cisco router. You must check every time your prompts before making any changes to a router's configuration. You can go to different mode levels interacting with interfaces and devices. Most commands are mode specific. That means that several commands work in one mode but not in a different mode. That is why you have to change modes, when you want to enter a specific command. However, with the do command you can now enter privileged mode commands in global configuration mode.
Most Cisco Internetworking Operating System (IOS) commands do not have to be entirely spelled out. To be able to enter commands faster, you only have to enter part of a command, plus, each word in a command can be shortened. For example the command enable can be shortened to en. A different example is the command show running-config. You can just type in sh run. The router or switch recognizes what you mean and properly understands and carries out that command. You must type in enough letters for each word in a command for the router or switch to properly recognize and interpret what you are trying to do. If you do not, you will get a comment that one or more of your words are ambiguous. This happens because the letters in one or more of the words in your command can be used to spell out other words also.
Usually after making changes to a device you want to permanently save them, so they are not lost after rebooting the device. Your running configuration is only in memory and after a normal reboot or a power failure, running configuration is lost. That is why you must save your running configurations that exist in DRAM, to the permanently stored startup configurations that exist in NVRAM. You can save the configuration file from DRAM to NVRAM by using the command copy running-config startup-config. Of course you can also use the shortcut command copy run start.
Hope you got the basics of Cisco IOS.

Manolis Skoras has highly developed technical skills in problem identification and implementation of effective IT solutions. Comfortable with analyzing and understanding complex network and system environments, working under time pressure and with a proven track record in IT Consulting, IT Training, IT Project Management. Delivered more than 10.000 technical training hours How to study For CCNA

Article Source: http://EzineArticles.com/?expert=Manolis_Skoras

A Comprehensive Guide to Set Passwords on Cisco Routers!

By Amit Kataria

                            Nevertheless, security and preservation is highly crucial now-a-days. When almost everything is driven by the Internet, the chances of hacking and security breach also increase. A lot of IT experts hold the knowledge of extracting confidential information, as it is a legal professional requirement. However since it is difficult to trust people in such an increasingly immoral society, it is wise to take preventive measures and thereby avoid unwanted hassles.

Talking in terms of CISCO router, not having a password for it means serious threat to your privacy. Without passwords, extracting personal information becomes as easy as it is when you casual browse the Internet and out of nowhere lose your entire data and network infrastructure. If you do not have passwords for CISCO routers, it may enable anyone to make configuration changes they want, as well as let them shutting you out of your own network.

In just two minutes you can set passwords for your Cisco routers, which ensures a more secure router and network infrastructure. Along with a Cisco router, you wither need an Ethernet cable or console cable.

Connection Procedure

You first need to connect the CISCO router with a console or an Ethernet cable. In case of console cable, connect it to the console port of your computer. You then have to link it to the console port on the CISCO router that reads "Console," (CISCO 2600 Series Cabling and Setup) in blue writing.

An Ethernet cable needs to be connected to the computer's Local Area Network (LAN) port, which is usually located on the side of a laptop or at the rear of a desktop computer. It then needs to be connected to the Ethernet port labeled "ETHERNET 0/0" (CISCO 2600 Series Cabling and Setup) on the CISCO router.

Configuring Port Settings

Moving to step second, you are required to use the console port to access the CISCO router via the Hyper Terminal program. This program comes preinstalled with the Windows operating system. From the Start menu, select "All Programs" >"Accessories">"Communications" and click on the shortcut to Hyper Terminal.

The following port settings need to be used when prompted by Hyper Terminal:

· Bits per second: 9600

· Data bits: 8

· Parity: None

· Stop bits: 1

· Flow control: None

As an alternative, you can open a command prompt window by selecting "Run" from the Start menu. Type "cmd," in the space provided and press "Enter". In the command prompt, enter the command "telnet" followed by the IP address of the router. An example of the command line is: C:\telnet 123.156.204.12.

Command Usage

- Prior to making any changes, enter the privileged mode of the router and use the following command. You also need to ensure that the "Router>" is the default router prompt for a CISCO router.

Router>enable

- Once you enter the enable command, it will change your CISCO router prompt to:

Router#

- In order to enter the configuration mode of the CISCO router, the following command needs to be used:

Router#config

- Once you successfully enter the configuration mode, the following message will be received:

"Enter configuration commands, one per line. End with CNTL/Z."

- After you enter the configuration mode of the CISCO router, the following prompt will be visible:

Router(config)#

Password Setting

- Now you need to set the enable password by using the command "enable password". For example, for the password "Changeme2", the command will be as follows:

Router(config)#enable password Changeme2

It is crucial that you use a strong password base when setting the enable password. The enable password is a virtual terminal password that protects access to the router over a network interface. This password is visible in the router configuration and is not stored encrypted on the CISCO router.

- We now come to the last step of setting the password. You need to set the enable secret password with the "enable secret" command.

For instance, for "Newpswd4" as the password, the command will be:

Router(config)#enable secret Newpswd4

While making password settings, it is advisable that you use a different passwords for "enable secret" and "enable password". The enable secret password is more secure and encrypted than the enable password. One can also not view the enable secret password in the CISCO router configuration.

This was a very small aspect of a technical procedure in the Cisco domain. To learn complete technologies, you need to pursue comprehensive certifications. These days a lot of institutes impart Cisco related trainings, such as CCNA courses, CCNP programmes, CCIE trainings etc. Cisco is also pretty much in demand so you can think of a certification in this area.

This article has been written with the aim of providing significant technical information to relevant IT professionals. Amit Kataria, a video editor at Koenig Solutions, has drafted this informational piece. Koenig is the world's # 1 offshore IT training service provider that offers several training programmes to students around the world. Some of these include Cisco training, Project Management training, Microsoft courses, Linux certifications, Oracle programmes etc.

Article Source: http://EzineArticles.com/?expert=Amit_Kataria

Article Source: http://EzineArticles.com/7134369

Cisco's Packet Tracer Better Than Hardware for CCNA Students

By Barry Burdette

I have been creating training labs using Cisco's Packet Tracer for over a year, and I have found it to be a superior routing and switching simulator for CCNA students. Beyond the obvious advantages of portability, taking very little space, low power consumption, and generating no heat this simulator has a number of other powerful features for students and instructors alike. These features include the activity wizard, a simulation mode, and a multiuser mode. Let's take a closer look at these additional features.

Activity Wizard:

This feature permits the lab creator to create standalone labs with built-in instructions and lab testing, making Packet Tracer not only an excellent routing and switching simulator but also an outstanding Training tool and testing engine. The following are some of the capabilities of this training tool:

• Instructions: This feature permits the lab creator to create comprehensive instructions for the lab using HTML to provide step by step instructions on how to proceed through the lab. This also allows the student to work the lab without having additional files or books open.


• Answer Network: This feature allows the lab creator to create an answer network containing the lab solution. Additionally it allows the creator to select assessment points that can compare the solution network to the test network, along with the ability to create connectivity test to provide traffic between devices insuring proper connectivity.Additionally the lab creator can set a countdown timer to limit the time the student has to complete the lab. Finally the creator can password protect the Activity Wizard so that the student cannot access or edit the solution.

Simulation Mode:

This feature permits the student to select different types of traffic, and view the packets as they travel through the network from device to device. This provides a tool similar to WireShark and is an outstanding way to demonstrate how packets move through a network.

Multiuser Mode:

This is an assume feature, it allows the instructor and students to link their individual labs on their computer together creating one large network. The instructor and students can then send different types of traffic between their labs. The possibilities of this feature are incredible for a classroom training session. Although I have not tried it I am sure that this could be done through the Internet as well creating endless possibilities for an online training course.

In conclusion Packet Tracer may not have all the advanced BGP command available in simulators such as GNS3, but it does have outstanding level 3 switching support which is not available from the competition, and while real hardware can provide all of this, real hardware has none of the features described above so Packet Tracer is not only an excellent routing and switching simulator to model your network, but is by far the superior choice for CCNA students and trainers alike.

More about Packet Tracer 
Download CCNA labs

Article Source: http://EzineArticles.com/?expert=Barry_Burdette

Article Source: http://EzineArticles.com/6796958

All About Cisco Certifications

By Anthony David Hopkins

There are three levels of Cisco certification, Associate, Professional, and Expert. Cisco developers set these three levels in order to meet every requirement of the companies. If a company is small and dealing with small networking then the associate certified professional can do better for them. The company can choose the professionals by keeping in mind their needs.

CCNA

Cisco Certified Network Associate certification gives the basic knowledge of networking. CCNA certified professionals are capable of dealing every problem related to install, configuring and operating the WAN, LAN, and dial access services. They are restricted to handle the problems in no more than 100 modes range. They are familiar with the terms Frame Relay, IP, RIP, IGRP, VLANs, Ethernet and Serial.

CCNP

Cisco Certified Network Professional certification is for the advanced level as the professionals can deal with bigger problems. They usually work for the enterprise organizations, in which they do installing, configuring and troubleshooting the wide rage of the network. They can handle all the problems in the nodes range of 100 to 500. In this certification extra topics then the CCNA are security, converging networks, QoS and VPN.

CCIP

Cisco Certified Internetwork Professional certification enables a person to fine every solution related to the infrastructure IP networking. Service provider companies require these professional to deal with their service provider networking.

CCSP

Cisco Certified Security Professionals deal with all the problems related to the network protection. Their aim is to protect productivity, as this can be helpful in flourishing process of the company. In this certification you can learn how to do perimeter security, intrusion protection and virtual private networks. This enables a person to develop a single and unyielding integrated network security solution.

CCIE (Routing and Switching)

CCIE Routing and Switching experts have to deal with the problems related to the LAN and WAN interfaces. They have the advanced knowledge of routers and switches and their uses. With these equip knowledge they can increase bandwidth and solve the complex connectivity problem that is making hurdle in response time and depressing the performance of the whole network. Their work does not merely to solve the problem but also maintain the equipment for their proper work.

CCIE requirements

In detail and intricacy knowledge can only make a CCIE professional, as it doesn't require the ordinary pathway to get success, the knowledge in depth can save a person from drowning. To pass this certification level you need to make extra effort as these requires some field knowledge. It is recommended to have two or three years of working experience before attempting the CCIE exam.

CCIE (Security)

This is expert level in network security; these experts are in demand as every organization needs to secure their data. Securities experts are getting higher pay then others. For getting the enrollment in this certification you need to have a solid knowledge of IP and IP routing.

CCIE (Storage)

In this certification, experts have to store the data relying on the FCIP, FICON and Fibre Channel techniques.

For more information about Cisco Certification please visit us here: SolarWinds Certification

Article Source: http://EzineArticles.com/?expert=Anthony_David_Hopkins

Article Source: http://EzineArticles.com/6804516

ETHERNET HUBS AND THERE TYPES

ETHERNET HUB:

                                                  Following are the features and purpose of ethernet hub in this networking world.

• A network device.
• Connect multiple ethernet devices together.
• A hub works at the physical layer (layer1) of the OSI model.
• The device is a form of multiport repeater.

TYPES OF HUB1:

1. Active Hub.
2. Passive Hub.
3. Intelligent Hub.

1) ACTIVE HUB:

                              A cental connecting device in a network that regenerate signal on the output side to keep the signal strong.

2) PASSIVE HUB:

                              A Passive hub serves simply as conduct for the data, enabling it to go from one device to another.

3) INTELLIGENT HUB:

• Enables administrator to monitor the traffic passing through the hub.
• Enables an admintrator to configure each port in hub.
• Manageable Hub.

Role of IANA and ICANN in Internet Protocol Addressing:

IANA:

• Internet Assigned number Authority.
• IANA oversees global IP address allocation .
• Autonomous system number allocation.
• Root zone managment in the Domain name system (DNS).
• Other internet protocol related symbols and numbers.
• IANA is a department operated by ICANN.

ICANN :

• The Internet Corporation for Assigned Names and Numbers.
• Non Profit organization.
• Headquater in California,United States.
• Created on September 18,1998 and incorporated on September 30,1998.
• To oversee a number of internet related tasks on behalf of the US government.
• IANA is operated by ICANN.

ESSENTIAL NETWORK DEVICES

Following are essential network devices which are use in different types of communications.

• HUB/Repeater
• Switch/Bridge
• Router//MLS

HUB:
                Following are the features of HUB device.

• Layer 1 device
• Physical layer device.
• Non intelligent device.
• Hardware based.
• Use in LAN connectivity.
• HUB is a Broadcast device.
• Disadvantage of HUB are

1. Security break.
2. Extra processing.

Repeater:
                           Repeater is a physical layer device which extent your local area.It extent the digital signal to 75 meters.It is hardware base and layer 1 device.It is use to extent the LAN.

LUXURIES DEVICES

Luxuries devices are not so much important for network but it makes our network more secure.These devices are important when our network require security.Following are luxuries devices of the network such as PIX Firewall, ASA. IPS/IDS, caching engine ,VPN ,Call manager etc.
PIX Firewall: 
                     It is private internet exchange firewall which prevent from hacking.
ASA: 
              Adoptive security appliance (ASA) which is a type of a firewall but more stronger than firewall.
IPS: 
            IPS is a intrusion prevention system which monitor the network .IPS is use to detect or prevent the intrusion attack.
Caching Engine:
                              Those web which are used frequently cache engine host it in local area.It can open it quickly.
VPN:
         VPN is Virtual private network .It provides a secure path to transfer data more securely in a shared network.
Call Manager:
                        Call manager is private branch exchange which transfer data,voice,video etc more securely.For example Voice messenger, chat,video conference.

Devices Use in a Network

Networks Components: 
A Network is a combination of three essential components.

• Media.
• Device.
• Protocol.

Device: 
                      Machine which can pass data or transfer data.There are two types of devices.

• End devices.
• Network devices.

End Devices:
                                 Device which generate data or receive data is called End device.For example Server,Printer,Fax machine,Scanner,LAN card.Without LAN card we cannot transfer data or enter data.LAN card  is a hardware.When program writes on a hardware it is called Firmware.
Network Devices: 
                                             Intermediate device through which we transfer data.There are two types of network devices.

• Luxuries.
• Essential.

Network devices are better Explain  in next Article.

REDUANCY IN NETWORK

Reduancy In Network:
Cisco offers technologies that provide next hop Gateway reduancy.

• HSRP_____Hot standby router protocol.
• VRRP____Virtual router reduancy protocol.
• GLBP____Global load balancing protocol.

HSRP:

• Created by cisco for cisco in 1994.
• uses default Hello timer of 3 seconds.
• uses default Hold time of 10 seconds.

VRRP:

• Created by IETF in 1999.Five years later after HSRP industry standard came.
• Work between multiple vendors.
• Faster than HSRP.
• Default hello timer 1 seconds.
• Default hold timer (Dead timer) 3 seconds.

GLBP:

• Created by cisco for cisco in 2005.
• Identical features to HSRP.
• Load balancing__________Allows Active connection.

ROOT BRIDGE AND ROOT ID

In this article ,I will explain the  concept of root id and how we can choose the root bridge.


Choose the Root Bridge:


1) Each Switch has a bridge ID (BID) of priority value fallowed by MAC address.
             Bridge ID= combination of priority + MAC address
2) Switches exchange bridge protocol data units (BPDU) to compare bridge ids.
3)  The switch with the lowest bridge id become the root bridge.
4) Administrator can set the priority to fix the selection.


Bridge ID:

• The bridge id consist of bridge priority,extended system id, and MAC address.
• By default the priority is 32768.
• Lowest priority wins.
• Value 1------65536,multiples of 40960.
• Extended system id identifies VLAN.
• MAC address used,if priority is same.Better not to rely on MAC address.

SPANNING TREE PROTOCOL

In this article ,I want to explain the concept of spanning tree protocol ( STP )
What is Spanning tree?

• A tree ( Extended star) topology
• A tree has no loops
• Spanning all devices.
• All devices are connected..

Spanning tree Algorithm:

Switches uses this algorithm to decide which ports should be shutdown.

• Choose one switch to be " root bridge".
• Choose a "root port" on each other switch.
• Choose a "designated port"  on each segment.
• Choose down all ports.

 Working of STP:

• Election of root bridge.
• Root ports.
• Designated ports.
• Forwarding ports.
• Blocking ports.

PORT SECURITY

In this article ,I want to explain the concept of port security.In Cisco environment ,port security is an essential  feature of  Cisco device .In these days, security is a big challenge for network administrator.So with the help of port security, network administrator  can decide which computer of  an organization can access the internal network of the organization and which computer can not access the internal network.
Port Security:
 1) Remember the Ethernet MAC address connected to the switch port.
2) Allows only that MAC address to communication on that port.
3) If any other MAC address tries to communicate through the port, port security will disable the port.
Port Security Violation:
Violation - tells the switch what to do when number of MAC address on the port has exceeded the maximum.
1) Shutdown
2) Restrict
3) Protect
1) Shutdown:  The default is to shut down the port.
2) Restrict: alert the network administrator.
3) Protect: only allow traffic from the secure port and drop packets from other MAC address.

Internet, Intranet and Extranet

In this article ,I want to explain the basic difference of internet, Extranet and intranet.because some one can not understand the simple concept of Internet, intranet and extranet.
Internet:
              Simple definition of internet is type of network which is a  combination of interlinked computers and any one can connect it through ISP.There is no restriction in internet.Public can connect to internet anywhere from the world .Internet is a public network.
 
Intranet: 
                      Network of an organization which can not be accessed by anywhere outside the network. Intranet is a type of private network which is locally accessed in the organization.Intranet connects to internet but fire walled so no one can connect to intranet from outside the organization.
 

Extranet:
               The main difference between intranet and extranet is that extranet can also be accessed outside the organization.Accessing other organization network is called extranet.For example In extranet  users,employees of organization and clients, accessing the network from other network.It involves LAN and WAN. IF a telecom company of Pakistan  access the NADRA network for verification of customer identification, it will achieve through extranet.  

Wide Area Network(WAN)

WAN Wide Area Network:
                                          When we want to connect one LAN local area network to another LAN ,it is connect through WAN wide area network."Connectivity to some one LAN is called WAN wide area network".Accessing another LAN is WAN for us.For example ,if we want to access yahoo server from our Local area network LAN,actually we connect to anther LAN ,so accessing yahoo LAN is WAN for us.In the same way,if we want to access Google LAN or Hotmail LAN,these LAN are also WAN for us.
Connectivity procedures in WAN:
                                                     We can connect through WAN through two methods
1) Point to point
2) Point to multipoint

1) Point to Point Connectivity:
                                                            When we want to connect two branches through WAN, this is called point to pint connection.For example,We connect two branches of National bank of Pakistan.
 Technologies use in point to point connections are PPP and HDLC

 2) Point to Multipoint Connectivity:  
                                                                       When we want to connect many branches to single branch through WAN,this is called point to multipoint connectivity.For example,We connect many branches of National bank of Pakistan to main branch of National bank of pakistan.
Different technologies are use in it such as ISDN , frame relay, ATM , X.25, MPLS

Metropolitan Area Network(MAN)

In this article ,I will explain "what is Metropolitan Area Network?.Types of MAN and  Advantages of  Metropolitan area network". 
Metropolitan Area Network (MAN)
                                                MAN is an abbreviation  of  Metropolitan area network and define as "A network under a single administrative body".
"Single administrator is used for whole city."
"A network which is greater than 100 meters of LAN but smaller than WAN wide area network is called MAN."
"It is also define as a large computer network which extends to a city or large university campus."
                          "MAN is also characterized as high speed connection using fiber optic cable or other digital media." For example
1) Metro Ethernet 
2) Wireless MAN(example of wireless MAN is Wateen )
Types of MAN :
                              Following are three types of MAN technologies.
1) ATM
                    ATM (Asynchronous Transfer Mode) combines the characteristics of circuit switching and packet switching, which allows it to transfer even the real time data


2)FDDI
          FDDI (fiber distributed data interface ) use fiber optic cable for its basic infrastructure.Concept of FDDI is well explain in my previous article.


3)SMDS
                     SMDS (Switched multi megabit data service) allows the transmission of data over large geographical areas in the form of datagrams.


Advantages:


1) It is high speed connection
2) It has low Cost
3) Remove the cost of fiber by using high speed of 1000mbps wireless.
4) Centralized administrator. 

Procedures of making LAN

In this article , i want  to explain the concept of LAN and procedure of making LAN.Simply LAN is a abbreviation of local area network and explain as area in a 100 meters of network is called LAN or local area network.

Procedures of making LAN

                   Following are four procedures use in making LAN.

1)Ethernet

2)Token Ring

3)FDDI

4)Local talk(use only for apple computers)

1)Ethernet:

Interchange of data locally is called ethernet.

Attach LAN card in all computer.

we have to use central entity.

It can be hub or switch.

Following are types of making ethernet LAN.

!Star topology:We can make  ethernet LAN through star topology.Topo means network and logy means study

1) Central entity use in star topology

2) RJ45 connector use in it.

3) Use LAN card which support this technology.

4) It has IEEE 802-3standard .

5) single point of failure.

6) Multiple point of failure

!Token ring topology:

1) Logically entity in Token ring.

2) To share data  ring topology  can be used.

3) Maximum 255 computers can be attached

4) To transfer data we use ticket that name is token.

5)Token can move clockwise as well as anticlockwise.

6) Data transfer is slow

7) Other client have to wait for token

8) single point of failure

9) Co_axial cable use in it.

10) BNC connector use in it

11) It has standard 802-5

12) Hacker can break the security.

FDDI:

1) Fiber data distributed interface topology

2)Same topology of ring is use in it.

3)Two token use in it

4)one is clockwise and other is anticlockwise

5) Fiber cable use in  it.

6) speed is high but security also breaak in it.

Are Cisco Packet tracer and GNS3 simulators or emulators?.

Today I want to explain you that "Are Cisco Packet tracer and GNS3 simulator or emulators?. What is the difference between simulators and emulators?."
In other field of world, simulators and emulators have same meaning.A simulator is a software that provide the environment to the user to do work which is not real.A famous example for a simulator is the flight simulator that simulates the functionality of an aircraft . It is help full in the development process.


A emulator is a hardware which provides the real environment and functionality of  image operating system which work as a actual system.


Cisco Packet tracer is a simulator because it only provide environment to the user  to do work which is not real.It has limited functionality and completely help full for CCNA level but not completely help full of CCNP level.Cisco Packet tracer commands does not support completely.There is weak point exist in Cisco Packet tracer.


You can download Cisco packet tracer free from here.
http://www.packettracer.info/cisco-packet-tracer-version-5-2-software-downloads.html


GNS3 is a network emulator which provides the real environment and functionality of image operating system which work as actual system.Real operating systems run in to GNS3. A lot of RAM consume in GNS3. but it is completely help full at CCNP level.


You can download GNS3 free from here.
http://www.gns3.net/download