The corporate network uses. Abstract: Corporate networks

A virtual circuit transmission differs from a logical connection transmission in that the connection parameters include a route pre-programmed by the network along which all packets within a given connection pass. The virtual circuit for the next session may follow a different route.

Packets can move on the network in three main ways: datagram transmission, logical connection transmission, and virtual circuit transmission.

In datagram transmission, a single packet is treated as an independent unit of transmission (datagram), no connection is established between nodes, and all packets move independently of each other. Transfer with the establishment of a logical connection involves the establishment communication sessions with the definition of a procedure for processing a certain set of packets within a single session.

Since computers and network equipment can be from different manufacturers, there is a problem of their compatibility. Without the adoption by all manufacturers of generally accepted rules for building equipment, the creation of a computer network would be impossible. Therefore, the development and creation of computer networks can only take place within the framework of approved standards for:

Interaction of user software with a physical communication channel (via a network card) within one computer;

The interaction of a computer through a communication channel with another computer.

In the implementation of communications, there are three levels: hardware, software and information. In terms of hardware and software levels communications- this is the organization of a reliable connection channel and the transmission of information without distortion, the organization of information storage and effective access to it.

Contemporary software computer has a multi-level modular structure, i.e. the program code written by the programmer and visible on the monitor screen (upper level module) goes through several levels of processing before it turns into an electrical signal (lower level module) transmitted to the communication channel.

When computers interact through a communication channel, both computers must comply with a number of agreements (on the magnitude and shape of electrical signals, the length of messages, methods of reliability control, etc.).

In the early 1980s, a number of international organizations developed a standard networking model - Open System Interconnection (OSI) model. In the OSI model, all network protocols are divided into seven layers: physical, channel, network, transport, session, representative, and application.

Formalized rules that determine the sequence and format of messages exchanged between modules that are at the same level, but in different computers are called protocols.

Modules that implement neighboring protocols and reside on the same computer also interact with each other according to well-defined rules and using standardized message formats. These rules are called interface and define a set of services provided by this layer to the neighboring layer.

A hierarchically organized set of protocols for communicating between computers on a network is called a stack of communication protocols, which can be implemented in software or hardware. Lower layer protocols are usually implemented by a combination of firmware and upper layer protocols by pure software.

The protocols of each level are independent of each other, i.e. the protocol of any layer can be changed without affecting the protocol of another layer. The main thing is that the interfaces between the levels provide the necessary connections between them.

In the OSI standard, special names are used to designate the units of data that protocols of various levels deal with: frame, packet, datagram, segment.

The OSI model has published, publicly available specifications and standards adopted by agreement among many developers and users. If two networks are built in compliance with the rules of openness, then they have the opportunity to use hardware and software from different manufacturers that adhere to the same standard, such networks are easily interfaced with each other, easy to learn and maintain. An example of an open system is the global computer network Internet.

In local networks, the following main methods for accessing computers to communication lines for data transmission are used: priority, marker and random. Priority access was implemented in the 100G-AnyLAN standard, and marker access in Token Ring technology. These methods are currently not widely used due to the complexity of the equipment that implements them.

Ethernet is the most common data transmission standard in local networks today, implemented at the data link layer of the OSI model, according to which computers access to the communication line is provided randomly. The standard uses a multiple access method with carrier sense and collision detection. It is used in networks with a "common bus" topology.

Recently, it has become widespread radio ethernet(the corresponding standard was adopted in 1997) for the organization of wireless local network(WLAN - Wireless LAN). Radio networks are convenient for mobile devices, but also find use in other areas (hotel networks, libraries, airports, hospitals, etc.).

Radio Ethernet uses two main types of equipment: a client (computer), an access point that plays the role of a link between a wired and wireless network. Wireless network can work in two modes: "client/server" and "point-to-point". In the first mode, several computers can connect to one access point via a radio channel, in the second mode, communication between end nodes is established directly without a special access point.

The most famous modification of radio Ethernet is WiFi (Wireless Fidelity) technology that provides transmission speeds up to 11 Mbps, and uses the method of multiple access with carrier identification and collision avoidance (the corresponding standard was adopted in 2001). For communication, omnidirectional and narrowly directional antennas are used (the latter for point-to-point connections). An omnidirectional antenna guarantees communication for distances up to 45 meters, and a narrowly directed antenna up to 45 km. Can serve up to 50 clients at the same time.

Unlike wired Ethernet, it is important for radio networks that radio signals from different sending nodes do not overlap at the input of the receiving node. Otherwise, a collision will occur in the network. To prevent collisions in the radio Ethernet, the distances of the radio signal of the individual nodes must be strictly observed.

Using methods on the Internet packet switching made it sufficiently fast and flexible. Unlike circuit switching in packet switching, there is no need to wait for a connection to be established with the receiving computer, the packets move independently of each other. This allows various services (e-mail, www, IP-telephony, etc.) to transmit information.

The Internet is based on the idea of ​​connecting many independent networks of almost arbitrary architecture. An open network architecture means that individual networks can be designed and developed independently, with their own unique interfaces, provided to users and/or other network service providers, including Internet services.

The key to the rapid growth of the Internet has been free, open access to key documents, especially protocol specifications. An important role in the development of the Internet was played by its commercialization, which includes not only the development of competitive, private network services, but also the development of commercial products (hardware and software networking) that implement Internet technologies.

The basis of data transmission on the Internet is a stack of punctures TCP/ IP (Transmission Control Protocol/ Internet Protocol) which provides:

- independence from the network technology of a separate network - TCP/IP defines only the transfer element − datagram and describes how it moves through the network;

- network connectivity, by assigning each computer a logical address that is used 1) by the transmitted datagram to identify the sender and recipient, 2) by intermediate routers to make routing decisions;

- the confirmation - the TCP / IP protocol provides confirmation of the correctness of the passage of information during the exchange of data between the sender and the recipient;

- support for standard application protocols – Email, file transfer, remote access, etc.

The TCP / IP stack defines 4 levels of interaction, each of which takes on a specific function for organizing the reliable operation of the global network

The TCP/IP protocol software module is implemented in the computer operating system as a separate system module (driver). The user can independently configure the TCP / IP protocol for each specific case (the number of network users, the throughput of physical communication lines, etc.).

The main task of TCP is the delivery of all information to the recipient's computer, control of the sequence of transmitted information, resending of undelivered packets in case of network failures. Reliability of information delivery is achieved as follows.

On the transmitting computer, TCP breaks the block of data coming from the application layer into separate segments, assigns segment numbers, adds a header, and passes the segments to the internetworking layer. For each segment sent, the transmitting computer waits for a special message from the receiving computer - a receipt confirming the fact that the computer received the desired segment. The waiting time for the arrival of the corresponding receipt is called timeout time.

Setting the timeout and the size of the "sliding window" is very important for network performance. The TCP protocol provides for a special automatic algorithm for determining these values, taking into account the throughput of physical communication lines.

The tasks of the TCP protocol include the task of determining what type of application programs the data received from the network belongs to. Special identifiers are used to distinguish application programs − ports. The assignment of port numbers is done either centrally, if the applications are popular and public (for example, the FTP service has port 21, and the WWW service has port 80), or locally, if the application developer simply associates with this application any available, arbitrarily selected number.

The TCP protocol can work as a UDP protocol (User Datagramm Protocol), which, unlike TCP, does not provide reliable packet delivery and protection against failures in information transmission (does not use receipts). The advantage of this protocol is that it requires a minimum of settings and parameters to transfer information.

IP protocol is the core of the entire architecture of the TCP / IP stack and implements the concept of transmitting packets to the desired address (IP address). Corresponding level of interaction ( Internet Level, see fig.4.1 ) provides the ability to move packets through the network using the route that is currently optimal.

The IP addressing of computers on the Internet is based on the concept of a network of hosts. Host represents a network entity that can send and receive IP packets, such as a computer, work station or router. Hosts are interconnected through one or more networks. The IP address of any of the hosts is from the address (number) of the network (network prefix) and the address of the host in this network.

In accordance with the convention adopted at the time of the development of the IP protocol, the address is represented by four decimal numbers separated by dots. Each of these numbers cannot exceed 255 and represents one byte of a 4-byte IP address. The allocation of only four bytes for addressing the entire Internet is due to the fact that at that time the mass distribution of local networks was not foreseen. There was no talk about personal computers and workstations at all. As a result, 32 bits were allocated for the IP address, of which the first 8 bits denoted the network, and the remaining 24 bits denoted the computer on the network. The IP address is assigned by the network administrator during the configuration of computers and routers. For convenience, they are represented as four decimal digits separated by a comma, for example, 195.10.03.01. There are five classes of IP addresses - A,B,C,D,E. Depending on the class of the IP address, the network will have a different number of addressable subnets and the number of computers in a given subnet.

Since it is extremely inconvenient to use digital addressing of networks when working on the Internet, symbolic names are used instead of numbers - domain names. A domain is a group of computers that share the same name. Symbolic names give the user the opportunity to better navigate the Internet, since remembering a name is always easier than a numeric address.

In addition, all countries in the world have their own symbolic name, denoting the top-level domain of that country. For example, de - Germany, us - USA, ru - Russia, by - Belarus, etc.

The structural components of the Internet include:

- routers- special devices that connect individual local networks with each other by directly addressing each of the subnets using IP addresses. The forwarding of packets between subnets, according to destination addresses, is called routing;

- proxy server(from the English proxy - "representative, authorized") - a special computer that allows users of the local network to receive information stored on computers on the Internet. First, the user connects to the proxy server and requests some resource (for example, e-mail) located on another server. The proxy server then either connects to the specified server and obtains the resource from it, or returns the resource from its own memory. The proxy server also allows you to protect the client computer from some network attacks;

- DNS server - a special computer that stores domain names.

To protect the local network from unauthorized access (attacks by hackers, penetration of viruses, etc.), software and hardware systems are used - firewalls. On the network, it filters the passage of information in both directions and blocks unauthorized access to a computer or local network from the outside. Firewall allows you to control the use of ports and protocols, "hide" unused ports to prevent attacks through them, as well as deny / allow access of specific applications to specific IP addresses, i.e. to control everything that can become a tool of a hacker and unscrupulous firms. Firewalls mainly work at the network layer and filter packets, although protection can also be organized at the application or data link layer. Packet filtering technology is the cheapest way to implement a firewall, because in this case, you can check packets of various protocols at high speed. The filter analyzes packets at the network level and is independent of the application being used.

firewall is a kind of software firewall, a means of controlling incoming and outgoing information. Firewall programs are built into standard operating systems.

Provider is an Internet access provider - any organization that provides individuals or organizations with access to the Internet. Providers are generally divided into two classes:

Internet Access Providers (ISPs);

Online Service Providers (OSPs).

An ISP can be an enterprise that pays for a high-speed connection to one of the companies that are part of the Internet (AT&T, Sprint, MCI in the US, etc.). It can also be national or international companies that have their own networks (such as WorldNet, Belpak, UNIBEL, etc.)

OSPs, sometimes simply referred to as "interactive services", may also have their own networks. They provide additional information services available to customers by subscribing to these services. For example, Microsoft OSPs offer users access to an Internet service from Microsoft, America Online, IBM, and others. ISPs are the most common.

Typically, a large provider has its own POP (point-of-presence) "point of presence" in cities where local users connect.

In order to interact with each other, various providers agree to connect to the so-called NAPs (Network Access Points), through which the information flows of networks belonging to a particular provider are combined.

Hundreds of large providers operate on the Internet, their backbone networks are connected through NAP, which provides a single information space for the global computer network Internet.

The main Internet services include:

- e-mail (e-mail);

- WWW (World Wide Wed, World Wide Web);

- FTP (File Transfer Protocol);

- usenet- newsgroups, the corresponding protocol NNTP (Network News Transport Protocol, news transfer protocol) is designed to replicate articles in the UseNet distributed discussion system;

- telnet remote terminal service provides an opportunity to work for remote computer a network that supports the Telnet service;

- IP-telephony service (IP-Telephony)- allows you to use the Internet as a means of exchanging voice information and transmitting faxes in real time using voice compression technology. To ensure the operation of IP telephony, the H.323 protocol stack is used, which splits the data stream into packets, assembles packets in the correct sequence, determines packet losses, ensures synchronization and continuity of data receipt. Voice data is transmitted over the UDP protocol without waiting for a receipt.

In addition to these most popular protocols, other protocols are used on the Internet - network file system(NSF), network monitoring and management (SNMP), remote procedure execution (RPC), network printing, and more.

There are several organizations responsible for the development of the Internet:

- Internet Society (ISOC)– a professional community that deals with the growth and evolution of the Internet as a global communication infrastructure;

- Internet Architecture Board (IAB) - an organization managed by ISOC that is responsible for the technical control and coordination of activities for the Internet. The IAB coordinates the direction of research and development for the TCP/IP protocol and is the final authority in defining new Internet standards. It includes: Internet Engineering Task Force (IETF) - an engineering group that deals with the immediate technical problems of the Internet and Internet Research Task Force (IRTF)– coordinates long-term projects on TCP/IP protocols;

- Internet Corporation for Assigned Names and Numbers (ICANN) – international non-profit organization for endowing local and regional networks with a specific IP address . This organization has a special information Center – InterNIC (Internet Network Center);

- World Wide Web Consortium, W3C (W3 Consortium) – coordinating organization for the promotion of the Internet as an environment for the implementation of positive social and economic transformations of society.

The corporate network (CN) is an organization's infrastructure that supports the solution of urgent tasks and ensures its implementation. missions. It combines information systems of all corporation objects into a single space and is created as a system-technical basis. information system, as its main backbone component, on the basis of which other subsystems are constructed.

Creating a corporate network allows you to:

Create a single information space;

Quickly receive information and generate consolidated reports at the enterprise level;

Centralize financial and information data flows;

Collect and process information promptly;

Reduce costs when using server solutions and moving from workgroup solutions to enterprise-level solutions;

Process multimedia data streams between departments;

Reduce the cost of communication between departments and organize a single numbering space;

Provide high-quality communication at high speeds;

Organize a video surveillance system.

The main requirements for modern corporate networks:

- scalability means the possibility of increasing the capacity of servers (performance, volume of stored information, etc.) and the territorial expansion of the network;

- network reliability- is one of the factors determining the continuity of the organization;

- performance- the growth in the number of network nodes and the volume of processed data imposes ever-increasing demands on the bandwidth of the communication channels used and the performance of devices that ensure the operation of the CIS;

- economic efficiency– cost savings for the creation, operation and modernization of network infrastructure with a constant growth in the scale and complexity of corporate networks;

- Information Security - ensures the stability and security of the business as a whole, protection of storage and processing of confidential information on the network.

There are the following basic principles for building a corporate network:

- comprehensive character the network extends to the entire corporation;

- integration - the corporate network provides the ability for its users to access any data and applications, taking into account the information security policy;

- global character - The CS provides information about the life of the organization, regardless of politics and state borders;

- adequate performance- the network has the property of controllability and has a high level of reliability, survivability, maintainability with the support of applications critical for the activities of the corporation;

Maximum use standard solutions, standard unified components.

The corporate network can be viewed from different points of view:

- structures ( system and technical infrastructure );

- system functionality(services and applications);

- performance characteristics to (properties and services).

From a system-technical point of view, it is an integral structure consisting of several interconnected and interacting levels: a computer network, telecommunications, computer and operating platforms, middleware, applications.

From a functional point of view, the CS is an effective medium for the transmission of relevant information necessary to solve the problems of the corporation.

From the point of view of system functionality, the CS looks like a single entity that provides users and programs with a set of services that are useful in their work ( services), system-wide and specialized applications, which has a set of useful qualities and contains services, which guarantees the normal functioning of the network.

Usually, the CS provides users and applications with a number of universal services - a DBMS service, a file service, an information service (Web service), e-mail, network printing, and others.

TO system-wide applications include means of automating individual work used by various categories of users and focused on solving typical office tasks - word processors and spreadsheets, graphic editor etc.

Specialized Applications are aimed at solving tasks that are impossible or technically difficult to automate with the help of system-wide applications, and within the corporation define application functionality.

The corporate network enables the deployment of new applications and their efficient operation while maintaining investments in it, and in this sense, it must have the properties of openness, performance and balance, scalability, high availability, security and manageability. These properties define performance characteristics created information system.

System-Wide Services- this is a set of funds that are not directly aimed at solving applied problems, but necessary to ensure the normal functioning of the CIS. Information security, high availability, centralized monitoring and administration services must be included in the CS.

CS is a network of mixed topology, including several local networks.

Speed ​​and simplicity of local network deployment;

Low costs for the purchase of equipment;

Low cost of operation and no subscription fee;

Saving investments in the local network when moving and changing offices.

The main disadvantage of such networks is the decrease in data transfer rate with increasing distance.

Using the Internet as a transport medium for data transmission when building an enterprise CS (Fig. 4.4) provides the following advantages:

Low subscription fee;

Ease of implementation.

Figure 4.4 - Using the Internet as a transport medium
data transmission

The disadvantages of such a network include low reliability and security, the lack of a guaranteed data transfer rate.

Combining the local area networks of an enterprise into a single corporate network based on leased data transmission channels (Fig. 4.5) brings the following advantages:

High quality provided data transmission channels;

High level of services and services provided by the provider;

Guaranteed data transfer rate.

Figure 4.5 - Consolidation of local networks into a single network based on leased data transmission channels

A properly designed and implemented corporate network, the choice of reliable and productive equipment determines the operability of the CIS, the possibility of its efficient and long-term operation, modernization and adaptation to rapidly changing business conditions and new tasks.

The infrastructure components of the corporate network are:

The cable system that forms the physical medium for data transmission;

Network equipment that provides data exchange between terminal equipment (workstations, servers, etc.).

When creating corporate networks, the main task is to build building-scale networks ( local) and groups of closely spaced buildings ( campus), consolidation using communication channels of territorially remote divisions. The Internet or a city network can act as a unifying means.

When building local and campus networks, switches, and when building geographically distributed networks - routers. Switches provide high-speed exchange within the local network, transmitting information only to the destination nodes. Switches operate with channel protocol addresses, which, as a rule, is Ethernet/Fast Ethernet/Gigabit Ethernet, which ensures "transparent" network operation, and switches can perform their basic functions without time-consuming configuration. Routers, when transmitting information, operate logical addresses - for example, addresses of the IP, IPX protocols, etc., which allows them to use a hierarchical representation of the network structure, which has a significant scale or consists of disparate and heterogeneous segments, when processing information.

Wireless office networks serve as an alternative to traditional cable systems. Their main difference from cable systems is that data between computers and network devices is transmitted not through wires, but through a highly reliable wireless channel. Through the use of a wireless network built in accordance with the Wi-Fi specification, the flexibility and scalability of the local network is provided, the ability to easily connect new equipment, workplaces, mobile users, regardless of the type of computer used. The use of wireless network technologies allows you to receive Additional services: Internet access in a conference room or meeting room, organization of a Hot-Spot access point, etc.

Advantages of using wireless networks:

Speed ​​and ease of deployment of a wireless network;

Network scalability, the ability to build multi-cell networks;

Saving investments in the local network when changing the location of the office;

Rapid restructuring, changing the configuration and size of the network;

Mobility of users in the network coverage area.

On fig. Figure 4.6 shows an office network consisting of several wireless cells centered on access points connected by a single wired channel or wireless bridges. Such a network provides the highest performance, scalability, free movement of users within the radio visibility zones of access points.

To organize uninterrupted operation and ensure data security in the CS, it is necessary to have a network administration service. Administration- This is a management process, the activity of managing the assigned work area through administrative management methods.

Figure 4.6 - Wireless network in the organization

Administration of a computer network involves information support for users, allows you to minimize the influence of the human factor on the occurrence of failures in its operation.

System Administrator- an employee who ensures the network security of the organization, creating the optimal performance of the network, computers and software. Often, the functions of a system administrator are performed by companies engaged in IT outsourcing.

The administrator decides network planning, selection and acquisition network equipment, supervises the progress of the network installation and ensures that all requirements are met. After installing network equipment, he checks it and installs network software on servers and workstations.

The administrator's duties include monitoring the use of network resources, registering users, changing user access rights to network resources, integrating heterogeneous software used on file servers, database management system (DBMS) servers, workstations, timely copying and backing up data and restoring the normal operation of network equipment and software after failures.

In large organizations, these functions may be distributed among several system administrators ( security administrators, users, Reserve copy , databases and etc.).

Web Server Administrator - installs, configures and maintains web server software.

Database Administrator- specializes in database maintenance and design.

Network administrator- Develops and maintains networks.

System engineer(or system architect) - is engaged in building a corporate information infrastructure at the application level.

Network Security Administrator- deals with information security issues.

When administering a network connected to the Internet and on which Internet services are installed, the following problems occur:

Networking based on TCP/IP protocols;

Connecting a local or corporate network to the Internet;

Routing of information transmission in the network;

Obtaining a domain name for the organization;

E-mail exchange within the organization and with recipients outside it;

Organization of information services based on Internet and Intranet technologies;

Network security.

Timely exchange of information within the team members is an important component successful work any company, regardless of its specifics and scale.

The spread of digital technologies in all industries contributes to the widespread introduction of corporate networks at different levels of business, from small firms to holdings.

Design and construction of a corporate network

The popularity of corporate networks is due to a number of their advantages.

Reducing system downtime in the event of hardware, software and technical errors requires stable, uninterrupted data exchange between all participants.

Special programs and fine-tuning of access rights to individual documents, functions and sections reduce the risk of information leakage and loss of confidential data. In addition, violators are easy to track using software solutions.

The process of designing a corporate network includes the integration of local networks of departments within the company and the creation of a material and technical base for further planning, organizing and managing the core activities of the enterprise.

Building a corporate network is based on a consistent and developed architecture of data, platforms and applications that provide information exchange between users. Obtaining a functioning corporate network additionally involves the development of database maintenance and protection tools.

Companies engaged in the creation of corporate networks

Among the companies involved in the creation of corporate networks, it is worth noting:

1. Altegra Sky is a Moscow-based company providing a full range of services related to the creation of an internal network, from drafting a basic architecture to commissioning. The company is engaged in the purchase, installation, commissioning of all necessary equipment and conducts training events for its customers.


2. Universum is a Moscow-based provider of system integration services, the creation of secure local networks for a wide range of enterprises. Specialization - installation and fine-tuning of all functional elements of local networks and ensuring uninterrupted operation.


3. Open Technologies is a provider of innovative solutions for data exchange within the company. The company specializes in the creation of an optimal hierarchical structure that will ensure a consistently high speed of transferring documents, images and multimedia using the available server capacities.

Structure, architecture, technologies of enterprise corporate networks

The corporate network of an enterprise is characterized by two elements.

LAN is a local computer network that provides stable exchange of necessary data and management of user access rights. To create it, you need hardware - structured cable networks, then SCS.

SCS is a telecommunications infrastructure - a set of all computer devices of the company, between which data is exchanged in real time.

Creating a corporate network consists of choosing:

• working group;


• modeling environments;


• software and hardware solutions for its creation;


• configuration and maintenance of the finished architecture.

Building the architecture and choosing the technology of a corporate network consists of several stages:

• selection of elementary objects included in the corporate data exchange network. As a rule, these are certain products, services of the company and information on them;


• selection of functional, information and resource models for the future network. At this stage, the "internal logic" of the functioning of the future network is determined;


• further, on the basis of already selected parameters, languages ​​and modeling methods are determined that can solve the tasks.

For example, when forming a corporate network of a small manufacturing company, the most accessible, undemanding modeling languages ​​are used. Conversely, creating an architecture for large companies with a wide range of activities involves the use of powerful tools.

Corporate LANs over VPN and Wi-Fi

VPN, or Virtual Private Network, is an option for creating a virtual network within an enterprise that uses the capabilities of the global network. A feature of building such a network is the ability to access the Internet from anywhere in the world using a registered login and password.

The solution is popular among IT companies, design bureaus and other enterprises hiring employees for remote work. The disadvantage of this method of organizing a local network is the threat of unauthorized access and loss of user data.

Wi-Fi is a more technologically advanced and modern option for creating a corporate network that is not tied to hardware capabilities and the physical location of users. With the help of routers, access to the network is configured for all employees, while you can “get” into the network from any device.

The main advantage of Wi-Fi is easy integration and scaling of the created network for any number of users. With the help of Wi-Fi, the network bandwidth is dynamically redistributed between individual nodes, depending on the level of applied load.

Corporate satellite network

The functioning of this type of corporate local area network is based on the use of the HUB capacity - a satellite terminal located in the network control centers.

Each participant accesses the network using an IP address and a relay satellite that transmits a signal for other users.

This option for organizing a corporate network allows you to:

• quickly connect new users to the existing network;


• remotely monitor its functioning, compliance with the security policy by the participants;


• guarantee the safety of data and fine-tuning privacy.

Satellite networks are the most stable, expensive and technologically advanced way to organize data exchange between employees of the same structure.

Corporate multiservice network

A feature of a multiservice network is the ability to transmit text, graphics, video and audio information using the same communication channels. As a rule, companies that provide services for building multiservice networks create turnkey solutions that allow you to transfer all the necessary types of information to IP addresses.

In technical terms, separate subsystems are created designed to transmit certain types of information, while switches, routers and signal amplifiers are used to transmit data. Thus, the network is more stable, tolerates a high level of loads well and allows peripheral devices to access the central server as quickly as possible.

Corporate computer network

A computer network within a company is an adaptation of Internet technologies for use at the level of an individual company. The main purpose of building such networks is the joint use of information for intracorporate work: simultaneous access and editing of documents, data exchange.

The functioning of a computer network involves the use of an operating system that is compatible with all equipment and software connected to it. It is important to ensure the rational distribution of information and equip employees with the tools to plan and manage workflow.

The stage of building the architecture of a corporate computer network involves constant communication with future users in order to identify their needs. A successfully built corporate computer network is a convenient software and hardware solution for use in daily work.

Corporate social network

Creating a tool for messaging and sharing information within the same company gives employees the opportunity to maintain real-time contact between departments. At the same time, the product is based on the principle of operation of ordinary social networks with “cut down” functionality, which does not distract the attention of employees from their professional duties.

Typically, access to corporate social network have employees of the company located in the office or working remotely, while the discussion of confidential work issues is carried out over secure communication protocols. This ensures prompt and secure communication between company departments without interrupting production and the threat of data leakage.

Remote access to the corporate network

The basis for remote access to the capabilities of a corporate network is the configuration of the VPN protocol, which ensures the use of company servers by running a virtual machine.

The technology is based on a terminal server, free subnets and a secure guest network. The user does not need to purchase and configure additional programs: access via VPN is carried out in the Team Viewer application, which is compatible with all versions of Windows OS.

Such a solution is secure due to the ability to fine-tune access rights to data stored on the company's servers.

Security of corporate networks: threats and protection

Unauthorized access to data stored on corporate servers and the threat of their loss are the two main dangers against which it is necessary to protect the enterprise network.

For these purposes are used:

• anti-virus systems;


• operational blocking of unauthorized access manually;


• fine-tuning VPN networks that cut off unauthorized users by entering a login and password.

Real-time protection is carried out using firewalls that monitor the functioning of all elements of the network in real time.

Read our other articles:

Introduction

One of the basic human needs is the need for communication, which becomes possible when people understand each other. To do this, they study languages, master the culture of communication, use modern means and methods of communication. Communication in a broad sense is understood as the process, way and means of transferring an object or message from one place to another. Communications can be organized using different transmission media, such as water and air communications, gas pipelines, railways and highways, etc.
Computer networks provide invaluable help to people, the appearance of which marked a new era in the history of communications development. With the advent of computer networks, they began to talk about computer communications, meaning by this the exchange of all kinds of information using computers. They are increasingly entering our lives, in some cases crowding out, and in others - supplementing those already available. Being far apart, you exchange letters by mail - in a computer network, this type of communication is known as e-mail. To discuss some important issue, you organize a meeting, meeting, conference. There is a corresponding type of communication in a computer network. This is a teleconference. Computer communications in many ways resemble traditional ones, but at the same time, mail delivery time is significantly reduced, communication is organized more quickly, the ability to communicate with a large circle of people expands, and there is quick access to the world's information repositories.
Computer communications are provided with the help of computer networks: local, regional, corporate, global.
At the lecture, you will learn how they differ from each other and what their hardware is, namely: what components ensure the operation of the network, what communication channels are used, what a modem and network adapter are, what role protocols play in computer networks, and much more.

Computer networks. Basic information.

Telecommunication(from Greek tele - "far", far ~ and Latin communicato- "communication") - this is the exchange of information at a distance.
The radio transmitter, telephone, teletype, facsimile, telex and telegraph are the most common and familiar examples of telecommunications technology today.
Later, another tool was added to them - these are computer communications, which are now becoming more widespread. They promise to oust facsimile and teletype communications, just as the latter ousted the telegraph.

computer communications– information exchange at a distance using computer networks.

Nowadays, computer networks are becoming increasingly important in the life of mankind, their development is very promising. Networks can unite and make available information resources of both small enterprises and large organizations occupying premises remote from each other, sometimes even in different countries.

Computer networks- a system of computers connected by channels of information transmission.

The purpose of all types of computer networks is determined by two functions:
- ensuring the sharing of hardware and software resources of the network;
- providing shared access to data resources.
For example, all members of the local network can share one common printing device - a network printer, or, for example, hard drive resources of one dedicated computer - a file server. Similarly, software can be shared. If the network has a special computer dedicated to the sharing of network members, it is called a file server.

networks by dimension are divided into local, regional, corporate, global

the local network(LAN - Local Area Network) - connection of computers located at short distances from each other (from several meters to several kilometers). PCs in such networks are located in the same room, at the same enterprise, in closely spaced buildings.
Local networks do not allow sharing information with users located, for example, in different parts of the city. They come to help regional networks, connecting computers within the same region (city, country, continent).

regional net(MAN - Metropolitan Area Network) - combining PCs and local networks to solve a common problem of a regional scale. Regional A computer network connects computers located at a considerable distance from each other. It may include computers within a large city, an economic region, a separate country. Typically, the distance between subscribers of a regional computer network is tens to hundreds of kilometers.
Many organizations interested in protecting information from unauthorized access (for example, military, banking, etc.) create so-called corporate networks. A corporate network can unite thousands and tens of thousands of computers located in different countries and cities (Microsoft's network can be used as an example)

corporatenetworks - association of local networks within one corporation.

The need for the formation of a single global information space led to the creation of the global computer network Internet.

global networks(WAN - Wide Area Network) – a system of interconnected local networks and PCs of users located at remote distances for the general use of world information resources .
Information networks create a real opportunity for quick and convenient user access to all the information accumulated by mankind throughout history.

According to the type of transmission medium, networks are divided into:

Wired (coaxial cable, twisted pair, fiber optic);
- wireless with the transmission of information via radio channels or in the infrared range.
By the method of organizing the interaction of network computers are divided into peer-to-peer and with a dedicated server (hierarchical networks).
All computers in a peer-to-peer network are equal. Any network user can access data stored on any computer.
The main advantage of peer-to-peer networks is the ease of installation and operation. The main disadvantage is that in the conditions of peer-to-peer networks it is difficult to solve information security issues. Therefore, this method of organizing a network is used for networks with no large quantity computers and where the issue of data protection is not fundamental.
In a hierarchical network, when installing a network, one or more servers are pre-allocated - computers that manage the exchange of data over the network and the distribution of resources. Any computer that has access to server services is called a network client or workstation.

The general scheme for connecting computers to local networks is called network topology. There are only 5 main types of network topology:

1. BUS topology. In this case, the connection and data exchange is carried out via common channel communication, called a common bus. The bus-type structure is simpler and more economical, since it does not require an additional device and consumes less cable. But it is very sensitive to cable system failures. If the cable is damaged in at least one place, then there are problems for the entire network. The fault location is difficult to locate.

2. Topology STAR. In this case, each computer is connected by a separate cable to a common device called a hub (hub), which is located in the center of the network. To malfunctions of the cable system, the "star" is more resistant. A damaged cable is a problem for one particular computer; it does not affect the operation of the network as a whole. No troubleshooting effort required. The disadvantages of a star topology include the higher cost of network equipment due to the need to purchase a hub. In addition, the ability to increase the number of nodes in the network is limited by the number of hub ports. At present, such a structure is the most common type of communication topology in both local and global networks.

3. Topology RING. In networks with a ring topology, data in the network is transmitted sequentially from one station to another along the ring, usually in one direction. If the computer recognizes the data as intended for it, then it copies it to itself in an internal buffer. In a network with a ring topology, special measures must be taken so that in the event of a failure or disconnection of a station, the communication channel between the other stations is not interrupted. The advantage of this topology is the ease of management, the disadvantage is the possibility of failure of the entire network if there is a failure in the channel between two nodes.

4. Mesh topology. A mesh topology is characterized by a computer connection scheme in which physical communication lines are established with all adjacent computers. In a network with a mesh topology, only those computers between which intensive data exchange takes place are directly connected, and for data exchange between computers that are not connected by direct connections, transit transmissions through intermediate nodes are used. Mesh topology allows the connection of a large number of computers and is typical, as a rule, for wide area networks. The advantages of this topology are in its resistance to failures and overloads, since there are several ways to bypass individual nodes.
5. Mixed topology. While small networks tend to have a typical star, ring, or bus topology, large networks tend to have random connections between computers. In such networks, it is possible to single out separate arbitrary subnets with a typical topology; therefore, they are called networks with a mixed topology.

The principles of operation of various electronic networks are approximately the same:

1. The network consists of interconnected PCs
In most cases, the network is built on the basis of several powerful computers called servers. Servers and, accordingly, networks of the second order (regional), third order (corporate), fourth order (local) are usually connected to the servers of the global network, and users of individual computers are connected to them - subscribers(clients) networks. Note that networks of not all intermediate levels (for example, corporate) are required.

2. PCs are interconnected by communication channels
The main purpose of creating any computer network is to ensure the exchange of information between the objects (servers and clients) of the network. To do this, you need to connect computers to each other. Therefore, the mandatory components of any network are all kinds of communication channels (wired and wireless), for which various physical media are used. In accordance with this, networks distinguish such communication channels as telephone and fiber optic lines, radio communications, space communications, etc.
The purpose of communication channels in a computer network is easy to understand if we compare them with the transport channels of a freight or passenger transportation system. Passengers can be transported by air, by rail or by water (sea or river) routes. Depending on the medium of transportation, a means of transportation is chosen. Information is transported through computer networks. The environments in which network computers communicate determine the means by which computers are connected. If this is an environment that requires telephone communication, then the connection is made through a telephone cable. Computer connections are widely used with electrical cables, radio waves, fiber optic cables, etc.

Consider the main types of channels. Some of them are mutually exclusive, some may describe one channel from different angles.
Channels are digital and analog.
TO analog channels can be attributed to an ordinary telephone channel. To use it, you need a special device - a modem that converts digital information into analog. Analog channels are highly susceptible to interference and have a low bandwidth (several tens of kilobytes per second). Now there is a tendency to replace all analog channels with digital ones, not only in computer networks, but also in telephone networks.
Channels are also divided into dedicated and switched.
Using switched line, the connection is formed for the duration of the data transfer, and at the end of this transfer, it is disconnected. Switched communication is conventional telephone line.

Dedicated line works differently:
The connection is permanent, always allowing you to transfer data from one computer to another. Leased lines differ from dial-up lines in high speed (up to tens of megabits per second) and high rental prices.
Channels are subdivided by physical device on the electrical wire, optical and radio channels.
Wired channels are a connection with an electrical cable, possibly complex. All such channels use data transmission using electrical impulses.

Optical channels connections are based on light guides. The signal is transmitted using lasers.

radio channels operate on the same principle as radio and television.
All these are different channels of communication. The efficiency of communication in computer networks essentially depends on the following main characteristics (parameters) of communication channels:
- throughput (data transfer rate), measured by the number of bits of information transmitted over the network per second (bits per second is called baud);
Average throughput - measured on average over a certain period of time (for a large file)
Guaranteed bandwidth - the minimum bandwidth that the channel provides (for video files)
- reliability - the ability to transmit information without distortion and loss;
- cost;
- expandability (connection of new computers and devices).

To transmit information over communication channels, it is necessary to convert computer signals into signals of physical media.
For example, when information is transmitted over a fiber optic cable, the data presented in the computer will be converted into optical signals, for which special technical devices- network adapters.

Network adapters (network cards) - technical devices that perform the functions of interfacing computers with communication channels.
If the communication channel – telephone line, then a modem is used when receiving and transmitting information.

Modem- (modulator - demodulator) - a device for converting digital PC signals into audio (analogue) signals of a telephone line and vice versa.
The main characteristic of the modem: the speed of receiving - transmitting information (measured by bits per second). Modern modems have a speed of receiving and transmitting information - 33600 bits per second, 57600 bits per second.

3. Network operation is carried out according to protocols
In order for the information transmitted by one PC to be understood by another PC, it was necessary to develop uniform rules called protocols.

Protocol- a set of agreements on the rules for the formation and transmission of messages, on the methods of exchanging information between PCs, on the rules for the operation of various equipment in the network

There are 2 types of Internet protocols: basic and application protocols.

basic protocols for physical forwarding electronic messages of any type between Internet computers (IP and TCP). These protocols are so closely related that they are most often referred to as the "TCP/IP protocol";

applied higher-level protocols responsible for the functioning of specialized Internet services: HTTP protocol (hypertext messaging), FTP protocol (file transfer), e-mail protocols, etc.
Technically, TCP/IP is not one, but two network protocols. TCP is a transport layer protocol. It controls how information is transferred. The IP protocol is addressable. It defines where the data is transferred to.

4. The operation of a PC on a network is provided by network programs, usually organized according to the client-server model:

server- a program that provides services, customer- a program that consumes server services - programs

IP-addresses

The information exchanged between PCs is divided into packages. A PACKET is a "piece" of information containing the address of the sender and recipient.
A. A lot of packets form a stream of information that is received by the user's PC
B. Then the "scattered packets" that arrived from the network are collected into a single "bundle" by the client program of your PC (for example, the Microsoft browser Internet Explorer)
C. In order for the package to find its destination, each PC is assigned an IP address (when registering with the provider). An IP address contains 4 bytes (32 bits) separated by dots or 4 numbers from 0 to 255. It is easy to calculate that the total number of different IP addresses is more than 4 billion: 232 = 4294967296.

lP address is "read" from right to left. Typically, the rightmost digit indicates a specific computer, while the remaining digits indicate the numbers of networks and subnets (i.e., local networks).
Sometimes this may not be the case, but in any case, if the address is represented in binary form, then some of the rightmost bits identify a particular computer, and the rest indicate the networks and subnets to which the computer belongs.

Example. 192.45.9.200. Network address - 192.45; subnet address - 9; computer address - 200.
The packet contains the address of the recipient and the address of the sender, and then thrown into the network.
Routers determine the route that packets take.

Domain name system

Computers can easily communicate with each other by a numeric IP address, but it is not easy for a human to remember a numeric address, and the Domain Name System (DNS) has been introduced for convenience.
Domain name system maps each computer's numeric IP address to a unique domain name. Domain addresses are assigned by the Internet Network Information Center (InterNIC).

Domain (domain- region, district) - defines a set of PCs belonging to any section of the Internet, within which computers are combined according to one attribute.

Domain address defines an area representing a set of host computers. Unlike a numeric address, it is read in reverse order. First comes the name of the computer, then the name of the network on which it is located.
A computer name includes at least two levels of domains. Each level is separated from the next by a dot. To the left of the top-level domain are the subdomains for the general domain.
In the Internet address system, it is customary to represent domains by geographic regions. They have a two-letter name.
Example. Geographical domains of some countries: France - fr; Canada- sa; USA - us; Russia - en; Belarus - by.
There are also domains divided by thematic signs. Such domains are three-letter abbreviation.
Example. Schools - edu. Government agencies - gov. Commercial organizations - com:

tutor.sp tu.edu . Here edu- a common domain for schools and universities. Tutor- subdomain sp tu , which is a subdomain edu.

world wide web

The most popular Internet service is the World Wide Web (abbreviated as WWW or Web), also called the World Wide Web. The presentation of information on the WWW is based on the possibilities of hypertext links. Hypertext is text that contains links to other documents. This makes it possible, when viewing a certain document, to easily and quickly switch to other information related to it in meaning, which can be text, an image, sound file or have any other form accepted in the WWW. At the same time, linked documents can be scattered around the globe.
Numerous cross links between WWW documents span the planet - hence the name. Thus, the dependence on the location of a particular document disappears.
The World Wide Web service is designed to access a special kind of electronic documents called Web documents or simply Web pages. A web page is an electronic document that, in addition to text, contains special formatting commands, as well as embedded objects (pictures, audio and video clips, etc.).
Browsing web pages with special programs called browsers, so the browser is not just a WWW client for interacting with remote Web servers, it is also a Web document viewer. So, for example, if a Web page has been saved to your hard drive, you can view it using a browser without an Internet connection. Such browsing is called offline.
Unlike printed electronic documents, Web pages have not absolute, but relative formatting, that is, they are formatted at the time of viewing in accordance with which screen and with which browser they are viewed. Strictly speaking, the same Web page may look different when viewed in different browsers, depending on how the browser responds to the commands that the author has embedded in the Web page.
Each Web document (and even each object embedded in such a document) on the Internet has its own unique address - it is called uniform resource locator URL (Uniformed Resource Locator) or, for short, URL. By contacting this address, you can get the document stored there.
There are a lot of Web documents stored on the Internet. In the last seven years, the content of the WWW has doubled every year and a half. Apparently, this rate will decrease somewhat in the coming years, but will remain quite high, at least until the 10 billion milestone. With so many Web documents on the Web today, there is an important problem of finding and selecting them - we will consider this separately, but for now let's get acquainted with how a URL formally looks like.
Example URL: http://klyaksa.net/htm/exam/answers/images/a23_1.gif
Here is the URL of a picture located on one of the Web pages of the www.klyaksa.net portal.
A document URL consists of three parts and, unlike domain names, is read from left to right. The first part specifies the name of the application protocol by which the resource is accessed. For the World Wide Web service, this is the HyperText Transfer Protocol (HTTP). Other services have different protocols. The protocol name is separated from the rest of the address by a colon and two forward slashes.
The second element is the domain name of the computer on which the document is stored. We are already familiar with the structure of a domain name - its elements are separated by dots. The domain name is followed by a slash.
The last element of the address is the path to the file containing the Web document on the specified computer. With a record of the path to the file in the operating Windows system we are already familiar with, but there is an important difference. On Windows, it is customary to separate directories and folders with a backslash character "\", while on the Internet it is customary to use a normal forward slash "/". This is due to the fact that the Internet originated on computers running the UNIX operating system, and it is customary to separate directories in this way.
Each hyperlink on the Web is associated with the Web address of some document or object (file with a picture, sound recording, video clip, etc.). When a hyperlink is clicked, a request is sent to the Web for the supply of the object pointed to by the hyperlink. If such an object exists at the specified address, it is loaded and played. If it does not exist in nature (for example, it ceased to exist for some reason), an error message is displayed - then you can return to the previous page and continue working.

Basic Internet Services

1. E-mail (E-mail).
E-mail (E-mail - Electronic mail, English mail - "mail") is the most common and until recently the most popular use of the Internet. According to the International Telecommunication Union, the number of e-mail users exceeds 50 million. The popularity of e-mail is explained not only by its capabilities, but also by the fact that it can be used with any type of Internet access, even the cheapest one.
When using e-mail, each user is assigned a unique mailing address, which is usually formed by appending the user's name to the name of the computer itself. The username and computer name are separated by the @ special character. For example, if the user has the login name emsworth on the computer blondings.corn, then their email address will look like [email protected]

3. Teleconferencing service (Usenet)
Another widely used service provided by the Internet is usenet news- Usenet news, which is also often called newsgroups (they have nothing to do with television, and the prefix "tele" means "remote", "acting at a long distance"). They allow you to read and post messages to public (open) discussion groups.
usenet is a virtual, imaginary network through which news is transmitted between computers - news servers using a special protocol NNTP (Network News Transfer Protocol).

4. File Transfer Service (FTP) is engaged in receiving and transmitting files of large volumes. The FTP service has its own servers in the world wide web, where data archives are stored. These archives may be commercial or restricted, or they may be public.

5. Access to a remote computer (Telnet)
If we recall the history of the development of computers, then there was a time when the computer itself was large and stood in a special machine room. The terminals (i.e. keyboard displays) that allowed the computer to be operated were located in a different room. The displays were alphanumeric, so the dialogue with the computer consisted in entering symbolic commands, in response to which the computer printed the corresponding data on the screen.
When creating a remote access system, it was decided to keep this method of dialogue with a computer.
The remote access program is called Telnet.
For its functioning, as for all Internet services, the existence of two parts is necessary - a server program installed on a remote computer, and a client program - on local computer.
To connect to a remote system, you must be a registered user, that is, have a login name and password. To establish a connection, you must specify the name of the remote computer. After a successful connection on the remote computer, you can do the same operations as on the local computer, i.e. browse directories, copy or delete files, run various programs that have an alphanumeric interface.

6. IRC (Internet Relay Chat) Service designed for direct communication of several people in real time. This service is also called chat conferencing or just chat.

7. ICQ service. Its name comes from the expression I seek you - I'm looking for you. The main purpose is to enable communication between two people, even if they do not have a permanent IP address.
8. World Wide Web (WWW) Service is a single information space consisting of hundreds of millions of interconnected electronic documents stored on Web servers. Individual documents are called Web pages. Groups of thematically grouped Web pages are called Web sites or Web sites.

When developing a corporate network, it is necessary to take all measures to minimize the amount of transmitted data. Otherwise, the corporate network should not impose restrictions on which applications and how they process the information transferred over it.

Applications are perceived as system software - databases, mail systems, computing sources, file services, and more - as well as tools with which the final user works.

The main tasks of the corporate network are the interaction of system applications located in different nodes, and access to them by remote users.

The first task that needs to be solved when creating a corporate network is the organization of communication channels. If within one city it is allowed to count on the lease of leased lines, including high-speed ones, then when moving to geographically remote nodes, the cost of renting channels becomes primitively astronomical, and their quality and safety often turn out to be extremely low. On fig. Figure 3.1 shows a corporate network as an example, including local and regional networks, public access networks and the Internet.

The natural solution to this snag is to use existing global networks. In this case, it is enough to provide channels from offices to the nearest network nodes. In this case, the global network will take over the task of delivering information between nodes. Even when creating a small network within one city, one should keep in mind the possibility of subsequent expansion and use special technologies that are compatible with existing global networks. Often the first, if not the only such network that comes to mind is the Internet.

Rice. 3.1. Combining different network channels communications to the corporate network.

On fig. 3.2. several topologies of local networks are given.

Rice. 3.2. Methods for connecting computers to a network.

Every, even the tiniest, network must have a manager (Supervisor). This is a person (or a group of persons) who set it up and ensure smooth operation. Managers' tasks include:

• distribution of information among working groups and between certain customers;
• Creation and support of a universal data bank;
• protection of the network from unauthorized penetration, and protection of information from damage, etc.

If we touch on the technical aspect of building a local computer network, then it is possible to single out the following elements:

• · Interface board in users' computers. This is a device for connecting a computer to a shared LAN cable.
• · Cabling. With the support of special cables, a physical connection is organized between devices on a local network.
• · LAN protocols. In general, protocols are programs that allow data to be transported between devices connected to a network. On fig. 3.3. schematically shows the rule of operation of any protocol, local network or Internet network:

Rice. 3.3. The rule for transmitting data over the network.

network operating system. This is a program that is installed on a file server and serves to provide an interface between users and data on the server.

• · File server. It serves to store and host programs and data files that are used for shared user access.
• · Network printing. It allows many users on a local network to share one or more printing devices.
• · Local network protection. Network security is a set of methods used to protect data from damage by unauthorized access or some kind of accident.
• · Bridges, gateways and routers. They allow networks to be interconnected.
• · Local network management. This is all that relates to the tasks of the manager listed earlier.

The core function of any local network is the sharing of information between certain workers, so that two data are performed:

• 1. Any information must be protected from its unauthorized use. That is, any employee should work only with the information to which he has rights, regardless of which computer he entered the network on.
• 2. Working in the same network and using the same technical means of data transmission, network clients are obliged not to interfere with each other. There is such a representation as network load. The network must be built in such a way that it does not fail and work fairly quickly with any number of customers and requests.