NETWORKING DAY 10 (Optical Network, Hybrid Fiber Coax - HFC, Optical cross-connect, Local Area Network, Firewall, Network Attacks, Security Attacks, Services and Mechanisms, Digital Signature

DAY - 10

Network management tools

While these always seem to be left off purchase orders, network management tools are invaluable in providing maximum network uptime. Software that periodically backs up all device configurations to a share on the network is simple but extremely useful. Also, think about the following scenario: Two switches provide IP Default Gateway redundancy on your customer's network. One of them fails, but you don't realize it because the network is redundant. When the other one fails, the customer experiences a total network outage. This can be easily avoided by using a simple tool to ping all network devices and report on their status.

Optical Network

An optical network is a type of data communication network built with optical fiber technology. It utilizes optical fiber cables as the primary communication medium for converting data and passing data as light pulses between sender and receiver nodes.

An optical network is also known as an optical fiber network or fiber optic network.

Through its use of light as a transmission medium, an optical network is one of the fastest communication networks. It works by using an optical transmitter device to convert an electrical signal received from a network node into light pulses, which are than placed on a fiber optic cable for transport to a receiving device.

Unlike copper based networks, the light pulses of an optical network may be transported quite a distance until the pulses are regenerated through an optical repeater device. After a signal is delivered to a destination network, it is converted into an electrical signal through an optical receiver device and sent to a recipient node.

Moreover, an optical network is less prone to external inference and attenuation and can achieve substantially higher bandwidth speeds than copper networks.

Example for optical network:

Hybrid Fiber Coax - HFC

The hybrid fiber coax (HFC) system is an advanced CATV transmission system that uses fiber optic cable for the head end and feeder distribution system and coax for the customers end connection. HFC are the 2nd generation of CATV systems. They offer high-speed backbone data interconnection lines (the fiber portion) to interconnect end user video and data equipment. Many cable system operators anticipating deregulation and in preparation for competition began to upgrade their systems to Hybrid Fiber Coax (HFC) systems in the early 1990’s.

This figure shows a typical cable distribution system that uses a combination of fiber optic cable for the core distribution and coaxial cable for the local connection. This diagram shows that the multiple RF television channels at the head-end of the cable television system are shifted in frequency to allow distribution through high-speed fiber cable. The fiber cable is connected in a loop around the cable television service area so that if a break in the cable occurs, the signal will automatically be available from the other part of the loop. The loop is connected (tapped) at regular points by a fiber hub that can distribute the optical signals on fiber spurs. The fiber spurs end into fiber nodes that convert the optical signals into RF television signals that are distributed on the local coaxial cable network.

Hybrid Fiber Coax Diagram

Optical cross-connect:

An optical cross-connect (OXC) is a device used by telecommunications carriers to switch high-speed optical signals in a fiber optic network, such as an optical mesh network.

There are several ways to realize an OXC:

Opaque OXCs (electronic switching) - One can implement an OXC in the electronic domain: all the input optical signals are converted into electronic signals after they are demultiplexed by demultiplexers. The electronic signals are then switched by an electronic switch module. Finally the switched electronic signals are converted back into optical signals by using them to modulatelasers and then the resulting optical signals are multiplexed by optical multiplexers onto outlet optical fibers. This is known as an "OEO" (Optical-Electrical-Optical) design. Cross-connects based on an OEO switching process generally have a key limitation: the electronic circuits limit the maximum bandwidth of the signal. Such an architecture prevents an OXC from performing with the same speed as an all-optical cross-connect, and is not transparent to the network protocols used. On the other hand, it is easy to monitor signal quality in an OEO device, since everything is converted back to the electronic format at the switch node. An additional advantage is that the optical signals are regenerated, so they leave the node free of dispersion and attenuation. An electronic OXC is also called an opaque OXC.

Transparent OXCs (optical switching) - Switching optical signals in an all-optical device is the second approach to realize an OXC. Such a switch is often called a transparent OXC or photonic cross-connect (PXC). Specifically, optical signals are demultiplexed, then the demultiplexed wavelengths are switched by optical switch modules. After switching, the optical signals are multiplexed onto output fibers by optical multiplexers. Such a switch architecture keeps the features of data rate and protocol transparency. However, because the signals are kept in the optical format, the transparent OXC architecture does not allow easy optical signal quality monitoring.

Translucent OXCs (optical and electronic switching) - As a compromise between opaque and transparent OXC's, there is a type of OXC called a translucent OXC. In such a switch architecture, there is a switch stage which consists of an optical switch module and an electronic switch module. Optical signals passing through the switch stage can be switched either by the optical switch module or the electronic switch module. In most cases, the optical switch module is preferred for the purpose of transparency. When the optical switch module's switching interfaces are all busy or an optical signal needs signal regeneration through an OEO conversion process, the electronic module is used. Translucent OXC nodes provide a compromise of full optical signal transparency and comprehensive optical signal monitoring. It also provides the possibility of signal regeneration at each node.

Examples of cross connects :

Example-1

Optical networks have become an important part of the global telecommunication infrastructure due to the merits of optical fiber, the only medium capable of moving data at multiple gigabits per second (Gb/s) commercially. In these networks, signals are transmitted through optical fiber and switched by cross-connects. Driven by the Internet, the demand for bandwidth is constantly increasing. Transmission technologies have been able keep up with it thanks to dense wavelength division multiplexing. This technology allows more than a hundred wavelengths to be simultaneously launched into a single optical fiber.

But the electronic packet routers in the cross-connects (see Figure 1) face challenges in terms of power consumption, footprint, costs, and switching architectures. All-optical switching is emerging as a promising technology because it could help overcome the challenges of its electronic counterpart.¹ Gradually, more switching functions will be implemented in the optical domain by using photonic integrated circuits. For this reason, all-optical signal-processing technology is essential for future optical packet-switching nodes. Some progress in this field has been reported.^2–5

Figure 1. Schematic diagram of an optical cross-connect in an optical network.

Example -2

Basic configuration of a 1×2 all-optical packet switch.

Local Area Network

---

Your local area network is facing unprecedented challenges: IP-based physical security and building automation systems are rapidly converging onto the same network already supporting voice, video and data services. You need a local area network infrastructure that's built for what's now and what's next.

Corning Optical Communications offers tens of thousands of fiber optic products for virtually any local area network need, and the right tools, services and customer support to help you select them. And thanks to our relationship with leading distributors,  we have the largest inventory of fiber optic connectivity products in North America. So you can do the job right, and right now.

Lifecycle operating and maintenance expenditures for a facility can be up to 40 times
    greater than its design and construction of the facility – that includes your LAN.
•  Bandwidth demand will only grow, not shrink, in your local area network.
    Your LAN must support not only today's demands for voice, video and data,
    but future requirements like security and building automation.
•  Fiber optics are usually the less costly investment for your local area network because
    of its nearly limitless bandwidth capacity and ease of upgrade.
•  Optical fiber has become easier and faster to install – copper can't say the same.

Firewall

Firewall is a barrier between Local Area Network (LAN) and the Internet. It allows keeping private resources confidential and minimizes the security risks. It controls network traffic, in both directions.

The following diagram depicts a sample firewall between LAN and the internet. The connection between the two is the point of vulnerability. Both hardware and the software can be used at this point to filter network traffic.

There are two types of Firewall system: One works by using filters at the network layer and the other works by using proxy servers at the user, application, or network layer. Key Points

Firewall management must be addressed by both system managers and the network managers.

The amount of filtering a firewall varies. For the same firewall, the amount of filtering may be different in different directions.

Network Attacks

Without security measures and controls in place, your data might be subjected to an attack. Some attacks are passive, meaning information is monitored; others are active, meaning the information is altered with intent to corrupt or destroy the data or the network itself.

Eavesdropping

Data Modification

Password-Based Attacks

Denial-of-Service Attack

Man-in-the-Middle Attack

Compromised-Key Attack

Sniffer Attack

Application-Layer Attack

Security Attacks, Services and Mechanisms

To assess the security needs of an organization effectively, the manager responsible for security needs some systematic way of defining the requirements for security and characterization of approaches to satisfy those requirements. One approach is to consider three aspects of information security:

Security attack – Any action that compromises the security of information owned by an organization.

Security mechanism – A mechanism that is designed to detect, prevent or recover from a security attack.

Security service – A service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks and they make use of one or more security mechanisms to provide the service.

Digital Signature

Digital signatures allow us to verify the author, date and time of signatures, authenticate the message contents. It also includes authentication function for additional capabilities.

A digital signature should not only be tied to the signing user, but also to the message.

Applications

There are several reasons to implement digital signatures to communications:

Authentication

Digital signatures help to authenticate the sources of messages. For example, if a bank’s branch office sends a message to central office, requesting for change in balance of an account. If the central office could not authenticate that message is sent from an authorized source, acting of such request could be a grave mistake.

Integrity

Once the message is signed, any change in the message would invalidate the signature.

Non-repudiation

By this property, any entity that has signed some information cannot at a later time deny having signed it.