Comp tia n+_session_10

CompTIA N+ Certification: Remote Networking and Disaster Recovery
Installing Windows XP Professional Using Attended Installation

Objectives

In this session, you will learn to:
Identify the components of remote access networking
implementations.
Identify the major components of a VPN implementation.
Identify the components of a disaster recovery plan.
Identify the primary tools and technologies used to back
up and recover data.
Identify tools and technologies used to implement fault
tolerance.

Ver. 1.0 Session 10 Slide 1 of 50


Remote Access Networking Implementations

Remote access networking is a popular remote networking
architecture
The components and the processes commonly found in
remote access networking implementations are:
Remote Access Protocols
Serial Line Internet Protocol (SLIP)
Point-to-Point Protocol (PPP)
The Remote Access Authentication Process
Password Authentication Protocol (PAP)
Challenge Handshake Authentication Protocol (CHAP)
The CHAP Process
Remote Authentication Dial-In User Service (RADIUS)




• A remote access protocol is a type of protocol that
enables users to log on to a computer or network within an
organization from an external location.
• Remote access protocols provide:
Direct dial-in connections via modems
Connections via ISPs and the Internet

Client configured for Server configured to
direct dial-up access receive dial-up connections




• SLIP is a legacy remote access protocol.
• SLIP is used for sending IP byte streams over serial lines such as
modem/phone connections.
• In SLIP transmission, both ends of communication channel need to
convert data to and from IP datagrams.
• SLIP is also referred to as packet-framing protocol.




• PPP is an Internet standard for sending IP datagram over serial
point-to-point link.
• PPP is used in synchronous and asynchronous connections.
• PPP supports the use of NetBEUI, IP, IPX, and AppleTalk network
protocols.
• PPP server needs to be configured to provide PPP services.




There are several steps that must occur to authenticate a
remote dial-up connection, as shown in the following figure:

Remote user Remote client dials a Remote server
1 initiates 2 remote access server 3 answers the call
a dial-up session

Request for client authentication, and
4 agreement to send

Connection established; authentication
credentials requested, received, and
5
accepted




• PAP is an authentication method that sends client IDs and
passwords as cleartext.

Client identifies itself

Server requests verification

Client provides password

• Shiva Password Authentication Protocol (SPAP)
enables remote connections between Windows and Shiva
machines.




• CHAP is an encrypted authentication method that enables
connections from any encrypted authentication method that
the server requests.

Logon requested

Challenge

Response

Remote client Remote
access server
Logon accepted



The CHAP Process

In the challenge-response authentication process, the
password is never sent across the network, as shown in the
following figure:
Remote client requests
1 connection

Remote server sends a
2 random value as a challenge

Client encrypts challenge with its
3 password and sends the result

Server verifies response and
4 allows access to resources




• RADIUS provides standardized, centralized authentication
of remote users.
Dial-up servers receive requests
Remote clients
and
connect
pass credentials to RADIUS
to dial-up servers
server

RADIUS server
accepts
and processes all
authentication
requests

RADIUS server

Dial-up servers
Remote clients
configured as
RADIUS clients

• In Windows, RADIUS implementation is accomplished through the
Internet Authentication Service.


Activity 12-2

Activity on Implementing a
Remote Access Solution



Tunneling

• Tunneling is a data-transport technique in which a data
packet from the passenger protocol, is transferred inside the
frame or packet of the carrier protocol.
• Tunnel types are: Carrier

Voluntary protocol
(IP) moves
IP data
the data
Compulsory unencaps
ulated

Passenger
protocol
enters the Passenger
network protocol
leaves the
network
ISP

IP data
encapsulated



VPNs

• A virtual private network (VPN) is a private network that is
configured by tunneling through a public network such as the
Internet. VPN endpoint

VPN endpoint
VPN endpoint

Private network Private network
Public network

VPN endpoint
VPN endpoint

Private network



VPNs (Contd.)

• VPN protocols provide the VPN tunneling, security, and
data encryption services.
Tunneling protocols Encryption protocols
secure the path secure the data

T-I

CSU/DSU

VPN server
ISP

Encryption protocols
secure the data



Activity 12-3

Activity on Investigating VPNs



Point-to-Point Tunneling Protocol (PPTP)

PPTP is a Microsoft VPN protocol that increases the
security of PPP by providing tunneling and data encryption
for PPP packets.
PPTP is the most widely supported VPN method among
older Window clients.
PPTP encapsulates any time of network protocol and
transports it over IP networks.



Layer Two Tunneling Protocol (L2TP)

• L2TP is an Internet-standard protocol for tunneling PPP
sessions across a variety of network protocols, such as IP,
frame relay, or ATM.
• L2TP is designed to provide tunneling and security
interoperability for client-to-gateway and gateway-to-
gateway connection.



VPN Data Encryption

VPN data encryption is accomplished by:
MPPE that has the following features:
• Is used with PPTP
• Provides strong and standard data encryption
• Requires the use of MS-CHAP, MS-CHAPv2, or EAP remote
authentication
IPSec that has the following features:
• Is used with L2TP
• Provides DES or 3DES data encryption to provide data
confidentiality



VPN Types

• VPNs can be one of three types:
Access VPN
Intranet VPN
Extranet VPN

VPN on the basis of implementation can be classified into:
Hardware-based
Firewall-based
Software-based



Disasters and Disaster Recovery

• A disaster is a catastrophic loss of system functioning due
to a cause that cannot reasonably be prevented.
• Disaster recovery is the administrative function of
protecting people and resources while bringing a failed
network or system back online as quickly as possible.

Administrator

Protect Restore
Disaster
Recovery



Disaster Categories

Disasters that can affect network functioning fall into one of
three main categories, such as:
Natural disaster
Data disaster
Equipment disaster

Natural disaster Data destruction Equipment failure



Disaster Recovery Plans

• A disaster recovery plan is a policy and set of procedures
that documents:
How people and resources will be protected in case of
disaster.
How the organization will recover from the disaster and restore
normal functioning.
Components that are included in the disaster recovery plan
are shown in the following figure:

Network reconstruction plan
Responsible individuals Hardware and software inventory



Responsible Individuals

• Individuals responsible for various elements of the network
is documented as a contact list that speeds the disaster
recovery process, such as:
Network administrators
Office managers
Security officials
Vendors
Service providers and contractors
Manufacturers
Past IT personnel



Critical Hardware and Software Inventory

Hardware and software inventory provides insurance
documentation and helps determine what is required to
rebuild the network, such as:
Hardware inventory:
• Standard and specialty workstation
• Basic and specialty server
• Connectivity hardware
• Backup hardware
Software inventory:
Operating system software
Productivity and application software
Maintenance utilities
Backup documentation
Overall corporate inventory



The Network Reconstruction Plan

The network reconstruction plan provides all the steps
needed to bring the network back online, even if the original
administrators are unavailable, such as:
Network diagram
Fall-back plan
Data restoration plan



Data Backup

The primary tools and technologies used to back up and
recover data are:
Backup Policies
Backup Media Types
Rotation Methods
Backup Types
Data Backup System Maintenance
Specialized Data Backups



Backup Policies

Backup policies are specific to each organization that
documents its own backup requirements, procedures, and
systems.

Software

Hardware and media

Backup
policy

Testing

Administration



Backup Media Types

Backup media are of following types:
Magnetic Tape Formats
USB Ports on Removable Drives

Tapes Hard disks CD- and DVD-ROMs Removable drives



Activity 13-3

Activity on Backing Up Data



Activity 13-4

Activity on Restoring Data



Rotation Methods

• A backup rotation method is the schedule that determines
how many backup tapes or other media sets are needed,
and the sequence in which they are used and reused.
• Types of backup rotation methods:
• The Grandfather-Father-Son (GFS) Rotation Method
• The Towers of Hanoi Rotation Method



Rotation Methods (Contd.)

The GFS rotation method:

Daily tapes: 4 for Mon – Thur, plus Weekly tapes: 4 Fridays, plus 1 extra
1 extra

Monthly tapes: 12 plus 1 extra



Rotation Methods (Contd.)

The Towers of Hanoi rotation method:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Day
A A A A A A A A
Media Set

B B B B

C C

D

E

Media Set Used Every

A 2 days

B 4 days

C 8 days

16 days alternating between set D
D&E
and E



Backup Types

Backup types determine which files on a volume are backed
up in a given backup operation, and also affect the
requirements for restoring the data.

Amount of
data 1 2 3 4 5

Full backup

1 1
0 Amount of 0
Amount of

0 data 0
data

%
5 %
5
0 0
% %

1 2 3 4 1 5 2 3 4 5

Full Differential Full Incremental




To ensure that data is secured and it can be restored
properly, the following regular backup system maintenance
procedures can be followed:
Verify backups
Test restoration
Review logs
Replace tapes on schedule
Maintain tapes and tape drives
Clean tape drives
Replace damaged tapes




Certain data types may require specialized procedures or
additional software components to perform a successful
backup, such as:

Email
Open files Database

Enterprise
Power user Mobile users
backups
workstations



Fault Tolerance Methods

The various tools and technologies used to implement fault
tolerance are:
Fault Tolerance
Uninterruptible Power Supplies (UPSs)
Partitions
Redundant Array of Independent Disks (RAID) Standards
Striping (RAID Level 0)
Mirroring or Duplexing (RAID Level 1)
Striping with Parity Spread Across Multiple Drives (RAID Level
5)
Link Redundancy
Enterprise Fault Tolerance



Fault Tolerance

• Fault tolerance is the ability of a network or system to
withstand a foreseeable component failure and continue to
provide an acceptable level of service.

100% of clients

One system fails, one takes over



Uninterruptible Power Supplies (UPSs)

• UPS is a device that provides backup power when the
electrical power fails or drops to an unacceptable voltage
level.
• Types of UPS :
Online UPS
Offline UPS

Power source UPS Server



Partitions

• A partition is a logical area of disk space that you can
format and treat as a single storage unit.

Primary partitions
C
Physical disk
D
Extended partition with
logical drives
E F G



Redundant Array of Independent Disks (RAID) Standards

• RAID standards are a set of vendor-independent
specifications for fault-tolerant configurations on multiple-
disk systems.
• In RAID, if one or more disk fails, data can be recovered
from other disks.

Data can be restored if one
disk fails

Data written to
multiple disks



Striping (RAID Level 0)

• RAID level 0 implements striping, which is the process of
spreading data across multiple drives.

Data

D A T A



Mirroring or Duplexing (RAID Level 1)

• In RAID level 1, data from an entire partition is duplicated on
two identical drives by either mirroring or duplexing.
• In mirroring, the two disks share a drive controller.
• In duplexing, each disk has its own drive controller.
Mirroring Duplexing

Data Data

Disk controllers

DATA DATA DATA DATA

Drive 0 Drive 1 Drive 0 Drive 1



Striping with Parity Spread Across Multiple Drives (RAID Level 5)

RAID level 5 systems spread data byte by byte across
multiple drives, with parity information also spread across
multiple drives.

Data

D A T A Parity

Parity D A T A
D A T Parity A

D Parity A A

D A Parity A



Link Redundancy

• Link redundancy is a network fault-tolerance method that
provides alternative network connections that can function,
if a critical primary connection is interrupted.

T1

T3

Customer
ISP



Enterprise Fault Tolerance

A well-defined enterprise-wide fault tolerance plan balances
service community and fault tolerance costs, by:
Power protection
Disk fault tolerance
Backup planning
Service redundancy
Link redundancy
Hot and cold spares Service continuity Fault tolerance costs



Summary

In this session, you learned that:
The various components that are used in remote access
networking to support remote users are:
The CHAP Process



Summary (Contd.)

A virtual private network (VPN) is a private network that is
configured by tunneling through a public network such as the
Internet.
The various components that are used in VPNs:
Tunneling
VPNs
Point-to-Point Tunneling Protocol (PPTP)
Layer Two Tunneling Protocol (L2TP)
VPN Data Encryption
VPN Types



Summary (Contd.)

The various components of disaster recovery plan are:
• Disasters and Disaster Recovery
• Disaster Categories
• Disaster Recovery Plans
• Responsible Individuals
• Critical Hardware and Software Inventory
• The Network Reconstruction Plan
The primary tools and technologies that are used to back up
and recover data are:
Backup Policies
Backup Media Types
Rotation Methods
Backup Types



Summary (Contd.)

The various tools and technologies used to implement fault
tolerance are:
• Fault Tolerance
• Uninterruptible Power Supplies (UPSs)
• Partitions
• Redundant Array of Independent Disks (RAID) Standards
• Striping (RAID Level 0)
• Mirroring or Duplexing (RAID Level 1)
• Striping with Parity Spread Across Multiple Drives (RAID Level 5)
• Link Redundancy
• Enterprise Fault Tolerance


Comp tia n+_session_10

Recommended

Recommended

More Related Content

What's hot

What's hot (19)

Viewers also liked

Viewers also liked (20)

Similar to Comp tia n+_session_10

Similar to Comp tia n+_session_10 (20)

More from Niit Care

More from Niit Care (20)

Recently uploaded

Recently uploaded (20)

Comp tia n+_session_10

Editor's Notes