Organizational Connection Options

Module NG40c

Contents
  • Audience Issues 
    • Types of audiences
    • Connection types
    • Issues of bandwidth
Wherever you see this separator line in the document, clicking on it will return you to the Contents.

Overview

The connectivity needs of organizations are similar in many to those of individuals, but they differ in volume and the need for reliability. See module NG10c "Internet Connection Options" for details on general connectivity options.

Organizations may also need to have an internal communications network, and when they span large areas, things can get trickier. In this module, we'll look at the ways organizations connect, their relations to Internet Service Providers (ISPs) and issues that arise from differences in audiences.

Types of TCP/IP Networks

Overview of Current Network Types 

Local Area Network (LAN)

Confined by wire or transmission length to roughly 1 km.
  • Ethernet is dominant on the wires. Speed: 10 megabits per second (10 Mb/sec) is common; 100 Mb/sec preferred
  • Wireless networks: 
    • via radio frequency (RF)
    • via infrared (IR)

Wide Area Network (WAN)

  • World-wide; theoretically could extend to interplanetary space. 

Other network terms

  • PAN: a Personal Area Network connects devices attached to an individual, such as music devices with headsets, or sensors with eyeglass displays. The most commonly used protocol for PANs is Bluetooth.
  • DAN: Domestic Area Networks connect devices in a home or moderate sized building. In addition to computers, DANs can be used to connect security, environment, lighting, and video monitoring systems, as well as various communication and control devices. DANs mainly use IEEE 802.11 protocols, though some use Bluetooth and others use powerline signalling, which transmits over ordinary AC electrical wires.
  • MAN: a Metropolital Area Network connects users and devices on a city-wide scale. These could be personal computers or devices used to monitor and manage traffic, public safety, highway or utility crews in a given area. At the time of this writing (mid-2005) several wireless protocols are being deployed, but no single standard has emerged as dominant.

An internet

  • Any network designed to bridge two or more other networks

The Internet

  • The TCP/IP based, public-access network of networks that spans the globe 

An intranet

  • A TCP/IP based, private LAN 
  • May give insiders access to the Internet
  • Does not allow access from the Internet

A virtual private network (VPN)

  • A connection between networks which uses the Internet but is secured from outside snooping or interference
  • Has the span of a WAN and the privacy of a LAN or intranet
 

Internet Connection Points 

 

Point of Presence (POP)

Internet Service Providers make their connections available in multiple locations by setting up POPs in various cities. 
  • POPs provide a local phone number for customers to call
  • Each POP has a bank of modems
  • Behind each modem is a wide-area network connection to give customers access to the ISP's servers.

Network Access Point (NAP)

NAPs provide the interconnections between long-distance "trunk" carriers, other long-distance carriers, and the local or regional networks and ISPs. they are like the interchanges on Interstate highways.

 

Virtual Private Networks 

Why?

As business and government increasingly relies on long-distance computer communication, there is a desire to set up secure, private connections between offices in different areas. This can be done with a private leased line, but those are very expensive! Using the Internet is a low-cost alternative that's very tempting, except for the problem of security...

What?

A VPN is a connection between networks which uses the Internet but is secured from outside snooping or interference by use of a secure "tunnel". The tunnel is actually a protocol that encrypts packets and sends them "wrapped" in normal Internet packets.

Four needs must be met in setting up a VPN:

  1. Authentication: how to I know the message came from the person it says it came from?
  2. Access control: how do we keep outsiders out?
  3. Confidentiality: how do we keep outsiders from knowing what we're saying— but also, how do we keep our "tunnel" secret, so outsiders won't know where its endpoints are?
  4. Data integrity: how do we make sure outsiders don't tamper with our messages?

How?

The protocol most commonly used is PPTP (Point-to-Point Tunneling Protocol). For details on how it works, see the Internet Engineering Consortium / Nortel tutorial: http://www.iec.org/tutorials/vpn/.

 

Extranets

Why?

Certain types of business groups, for example what are known as "vertical systems," are often close partnerships between different divisions or corporations. These may need to communicate rapidly and securely, and sometimes using the public Internet infrastructure through a VPN doesn't meet the needs.

For example, in closely linked manufacturing processes, real-time monitoring and control over long distances may be necessary. This can't be done reliably over the public Internet infrastructure, because heavy traffic or other problems may prevent critical packets from reaching their destinations in time to control a process safely.

Another instance where an extranet may be used is when security is absolutely critical, as in some government and military "command and control" networks. In this case, the motiviation may be the added security of not sharing public infrastructure, where even though they are encrypted, the packets are out of the control of the authorities.

What?

An extranet is a private network that uses Internet protocols and the public telecommunication system to securely share part of a business's information or operations with suppliers, vendors, partners, customers, or other businesses.

How?

The organizations that need to set up the extranet usually lease communication lines from long-distance communications providers, though they may actually need to lay cable themselves. Both these options are quite expensive, so they aren't normally used unless the expense can be justified on security or financial grounds. The protocols used are the normal Internet protocols, but they are transmitted without interference from other Internet traffic.

Internet Service Providers

The Role of an ISP

 

As organizations grow, they may think about having their own server. What exactly would they have to provide when they switch from the ISP to do-it-yourself mode? Some or all of these services may be taken over by an organization— it doesn't have to be all or nothing.

Connection to the Internet

The most basic role of an ISP is to provide a connection between the client and the Internet. This may be by phone, cable, or DSL; but with organizational connections it is most often through other broadband connection options.

A server

A Server provides authentication, routing, a gateway, email sending and receiving, and possibly a Web server with space for Web files.

People to maintain the connection and the server 

It's not easy or inexpensive to get technical staff to provide 24 x 7 coverage for the server and Internet connections. This is an important role of the ISP.

Technical help

ISPs provide technical help to their clients— in fact, one measure of the quality of an ISP is the quality of technical help they can provide. 

Virtual Hosting

 

Why?

A domain name is one of the most valuable assets an organization can own these days. Given the amount of service an ISP can provide, many organizations may start by asking themselves, How can we have a domain name of our own, without our own server?

What?

A Virtual Host is an ISP that provides a domain name on a server which has its own, separate domain name. In other words, the Virtual Host is one that allows sharing the server with one or more other domain names.

How?

The Virtual Host shares an IP address with the host server. When email or Web requests arrive for the client domain, the server software passes them on to the appropriate subdirectory on the server machine. Most ISPs offer this service, and many will actually do the paperwork to obtain a domain name for clients (for a fee, of course!).

More detail is available at TechTarget/WhatIs.

Virtual Domain 

Similar to Virtual Hosting, a Virtual Domain includes all the services of a virtual Host, but adds the capability for the user to...

  • add new domain names
  • add users
  • create new Web "root" directories
In other words, it is rather like having a server of your own without the headache, but it's actually shared with other organizations and located at the ISP.

Co-Location

Co-location is rather like virtual hosting, except that the server machine actually belongs to the organization, not the ISP. The ISP provides 24 x 7 support, often including uninterruptible power supply (UPS), repair and upgrading. 

The organization that owns the machine has complete control over the Internet operations, such as Web hosting and email, without having to provide technical support for the hardware.

Proxy Servers

 

Why?

To provide a barrier between the Internet and an intranet

What?

A server-computer that connects between a LAN or intranet and the Internet, providing services such as routing, authentication of messages, and protection from hostile packets. It may also provide a cache of Web pages and images to speed access to popular Web sites.

A cache is space on a local disk containing files that are available on the Internet. By keeping high-demand files in the cache, traffic outside the intranet is reduced, and Internet files can be provided to intranet users more quickly.

How?

The server runs software specially designed to filter packets, and if desired, to store requested Web material on its own hard drive.

Audience Issues
When an organization sets up its Internet connectivity, it needs to consider the audience for which the connectivity is provided. This includes whether the indented audience is internal or external and the type of connectivity they'll have available, as well as more subtle factors such as age and cultural grouping.

 

Types of Audiences

 

Internal and External

  • Internal audiences generally...
    • ...have the same or similar hardware, connections, and browsers
    • ...have similar focus or purpose
    • ...have immediate support
  • External audiences...
    • ...may need to be "caught" (have their interest aroused and held)
    • ...require "least common denominator" design

Co-workers, Friends, and Everybody Else

  • Co-workers often communicate via LAN or VPN, and are required to communicate (to some extent)
  • Friends (business partners) may be part of a VPN as well, and may also be required to communicate
  • Everybody Else may connect by fast or slow connection, but we want to pique their interest

Connection Types

 

As an organization considers connecting is parts— or perhaps its telecommuters— the type of connection needs to be considered in terms of three issues:

  • Bandwidth, measured in bits per second (bps) or thousands of bits per second (kbps). This is often generalized into:
    • Broadband: about about 200 kbps
    • Narrowband: 56 kbps and below
  • Cost
  • Location, because not all connection types are available in all locations. The farther you are from an urban center, the fewer (and slower) your options are likely to be.

This table charts the speed and availability of some connection types:

maximum Speed in kbps direction downstream upstream
approximate maximum Distance from
telephone exchange or cable head-end
 feet 10,000 18,000 10,000 18,000
miles
 2 3 2 3
meters 3500 5500 3500 5500
ADSL full (G.dmt) 8000 1000 1500 ?384
ADSL lite (G.lite) 1500 384 384 ?160
Cable (HFC) 3000 ?128
Satellite (DSS) 350 none: needs POTS modem
T3 44,736
T1 1544
ISDN 128
56k-baud modem with POTS 56

 

Issues with Bandwidth

Speed vs. Cost

Want more speed? Expect to pay more money! In spite of rapidly spreading availability of broadband connections, connectivity providers are still able to charge high (or confusing) rates.

Speed vs. Security

One of the hidden tradeoffs: added security slows communication speeds. This is true of any type of encrypted transmission, including SSL and VPN. Why?

  • Before a secure channel can be set up, several authentication hand-shakes, certificate checking steps, and public key verification processes must be completed.
  • Every packet that passes between the communicating machines goes through extra encryption and decryption steps, involving fairly intense mathematical computation. And remember— this includes the images on a secure Web page, too.
  • Extra bits are often thrown into the communication stream to make code-breaking more difficult.

This all adds up. Security is necessary in many types of transaction— but be aware that it comes at a cost in speed. The actual speed reduction depends on the protocol being used and the equipment doing the work, so it's difficult to quantify it. The goal is to keep the exchange of information from becoming slow enough to be annoying or hinders productivity.

About this document...
Link to Review
 Click here for review questions related to this module's objectives.

Audience:

 For people who are familiar with connection options in general and for individuals (see module NG10c in this series), and would like to learn about options useful to larger organizations.

Objectives:

 When you successfully complete this lesson, you will be able to...
  1. define co-location
  2. define VPN
  3. define virtual domain
  4. discuss types of audiences
  5. identify issues of bandwidth
  6. identify issues of Internet connection points
  7. identify issues of audience access
  8. identify issues of Internet service providers (ISP)
  9. identify issues of connection types.
  10. define proxy server

Module NG40c:

 This document is part of a modular instruction series in Computer Information Systems. For more information, see the overview or the list of modules in this series, NG: Networking — General. This document has been used in the following classes: INP 160

Author:

 Laurence J. Krieg

Institution:
Department of Computer Information Systems, Washtenaw Community College
History: Original: 18 Oct 2000
Last modification:  Monday, 31-Aug-2009 11:48:00 EDT
Copyright: Copyright © 2000-2005, Laurence J. Krieg, Washtenaw Community College .
Instructors: You may point to this file in your Web-based materials.
Students: you may make a copy for your personal use.
All other uses: contact the author, Laurence J. Krieg for permission. Email krieg@ieee.org