CCNA4 – Chapter 6
* DSL
 The transfer rates are dependent on the actual length of the local loop, and the
type and condition of its cabling. For satisfactory service, the loop must be less
than 5.5 kilometers (3.5 miles).
 The connection is set up between a pair of modems on either end of a copper
wire that extends between the customer premises equipment (CPE) and the DSL
access multiplexer (DSLAM).
 Fortunately, only relatively small changes to existing telephone company
infrastructure are required to deliver high-bandwidth data rates to subscribers.
 .
* Cable
– A cable modem (CM) on the subscriber end
– A cable modem termination system (CMTS) at the headend of the cable operator
– The actual bandwidth for Internet service over a CATV line can be up to 27 Mbps
on the download path to the subscriber and about 2.5 Mbps of bandwidth on the
upload path.
–
–
Downstream: Transmitting the signals from the cable operator to the subscriber,
the outgoing frequencies are in the range of 50 to 860 MHz.
Upstream: Transmitting the signals in the reverse path from the subscriber to the
cable operator, the incoming frequencies are in the range of 5 to 42 MHz.
* The Data-over-Cable Service Interface Specification (DOCSIS)
 DOCSIS specifies the Open Systems Interconnection (OSI) Layers 1 and 2
requirements:
– Physical layer: For data signals that the cable operator can use,
DOCSIS specifies the channel widths (bandwidths of each channel) .
DOCSIS also specifies modulation techniques
• DOCSIS 1.0: 200 kHz, 400 kHz, 800 kHz, 1.6 MHz, 3.2 MHz,
• DOCSIS 2.0: 6.4 MHz.
– MAC layer: Defines a deterministic access method (time-division multiple
access [TDMA] or synchronous code division multiple access [S-CDMA]).
* Sending Data over Cable, when high usage causes congestion – The cable operator can add additional bandwidth for data services by
allocating an additional TV channel for high-speed data.
– Another option is to reduce the number of subscribers served by each
network segment.
* VPN
 A VPN creates a private network over a public network infrastructure while
maintaining confidentiality and security.
 VPNs use cryptographic tunneling protocols to provide protection against packet
sniffing, sender authentication, and message integrity.
* The 3 foundation of a secure VPN
– Data confidentiality - VPNs achieve confidentiality using encapsulation
and encryption.
– Data integrity - VPNs typically use hashes to ensure data integrity.
• A hash is like a checksum or a seal that guarantees that no one
has read the content, but it is more robust.
– Authentication - VPNs can use passwords, digital certificates, smart cards,
and biometrics to establish the identity of parties at the other end of a
network.
* VPN Components
 The key to VPN effectiveness is security. VPNs secure data by encapsulating or
encrypting the data. Most VPNs can do both.
– Encapsulation - referres to as tunneling, because encapsulation
transmits data transparently from network to network through a shared
infrastructure.
– Encryption - codes data into a different format using a secret key.
Decryption decodes encrypted data into the original unencrypted format.
 Data Encryption Standard (DES) algorithm.
 Triple DES (3DES) algorithm.
 Advanced Encryption Standard (AES).
 Rivest, Shamir, and Adleman (RSA).
* Symmetric and Asymmetric Encryption
– Symmetric key encryption, also called secret key encryption, each computer
encrypts the information before sending it over the network to the other
computer.
– Pre-shared key (PSK)
– DES and 3DES.
– Asymmetric Encryption
– Public key encryption is a variant of asymmetric encryption that uses a
combination of a private key and a public key.
* Two main IPsec framework protocols
– Authentication Header (AH) - AH provides data authentication and
integrity.
– Encapsulating Security Payload (ESP) - ESP authenticates the inner IP
packet and ESP header.
* Broadband Wireless: WiMAX
 WiMAX (Worldwide Interoperability for Microwave Access) is telecommunications
technology aimed at providing wireless data over long distances in a variety of
ways, from point-to-point links to full mobile cellular type access.
 WiMAX operates at higher speeds, over greater distances, and for a greater
number of users than Wi-Fi.
 A WiMAX network consists of two main components:
– A tower that is similar to a cellular telephone tower. A single WiMAX tower
can provide coverage to an area as large as 3,000 square miles, or almost
7,500 square kilometers.
– A WiMAX receiver that is similar in size to a PCMCIA card, or built into a
laptop or other wireless device.
* VPN Tunneling
– Tunneling encapsulates an entire packet within another packet and sends
the new, composite packet over a network.
• The protocol that is wrapped around the original data (GRE, IPsec,
L2F, PPTP, L2TP)
* Types of VPNs
 Site-to-Site VPNs
 Site-to-site VPNs support company intranets and business partner
extranets.
 Remote Access VPNs
 Remote access VPNs can support the needs of telecommuters, mobile
users, as well as extranet consumer-to-business. .