General Step for Networking Problem-Solving

Step 1
When analyzing a network problem, make a clear problem statement. You should define the problem interms of a set of symptoms and potential causes.To properly analyze the problem, identify the general symptoms and then ascertain what kinds of problems (causes) could result in these symptoms. For example, hosts might not be responding to service requests from clients (a symptom). Possible causes might include a misconfigured host, bad interface cards, or missing router configuration commands.

Step 2
Gather the facts that you need to help isolate possible causes. Ask questions of affected users, network administrators, managers, and other key people. Collect information from sources such as network management systems, protocol analyzer traces, output from router diagnostic commands, or software release notes.

Step 3
Consider possible problems based on the facts that you gathered. Using the facts, you can eliminate some of the potential problems from your list. Depending on the data, for example, you might be able to eliminate hardware as a problem so that you can focus on software problems. At every opportunity, try to narrow the number of potential problems so that you can create an efficient plan of action.

Step 4
Create an action plan based on the remaining potential problems. Begin with the most likely problem, and devise a plan in which only one variable is manipulated. Changing only one variable at a time enables you to reproduce a given solution to a specific problem. If you alter more than one variable simultaneously, you might solve the problem, but identifying the specific change that eliminated the symptom becomes far more difficult and will not help you solve the same problem if it occurs in the future.

Step 5
Implement the action plan, performing each step carefully while testing to see whether the symptom disappears.

Step 6
Whenever you change a variable, be sure to gather results. Generally, you should use the same method of gathering facts that you used in Step 2 (that is, working with the key people affected, in conjunction with utilizing your diagnostic tools).

Step 7
Analyze the results to determine whether the problem has been resolved. If it has, then the process is complete.

Step 8
If the problem has not been resolved, you must create an action plan based on the next most likely problem in your list. Return to Step 4, change one variable at a time, and repeat the process until the problem is solved.

reference : cisco network academy

Network Security : IPS versus IDS

An IPS is typically designed to operate completely invisibly on a network. IPS products do not have IP addresses for their monitoring segments and do not respond directly to any traffic. Rather, they merely silently monitor traffic as it passes. While some IPS products have the ability to implement firewall rules, this is often a mere convenience and not a core function of the product. Moreover, IPS technology offers deeper insight into network operations providing information on overly active hosts, bad logons, inappropriate content and many other network and application layer functions.

IPS - Intrusion Preventive System

IDS - Intrusion Detection System

IPS systems have some advantages over intrusion detection systems (IDS). One advantage is they are designed to sit inline with traffic flows and prevent attacks in real-time. In addition, most IPS solutions have the ability to look at (decode) layer 7 protocols like HTTP, FTP, and SMTP which provides greater awareness. When deploying NIPS however, consideration should be given to whether the network segment is encrypted or not as many products are unable to support inspection of such traffic.

Example of IPS : BlackICE Desktop (a host-IPS for end-user systems) BlackICE Guard (an in-line network IPS) and BlackICE Sentry (a passive, IDS solution).

References :
http://en.wikipedia.org/wiki/Intrusion_prevention_system

Design A Network part 2

A campus network is an autonomous network exists on a university campus or within a local geographic area managed by single entity. It may be used by different organizations or department within the University. Often, a campus network provides and access path into a larger network, such as a metropolitan area network or the Internet.

Design A Network

Basic network design applied in a organization or a campus usually using 3 (three) tier architecture design. Which consist of Core Switch, Distribution Switch and Access Switch.

• Core Switch - One side is to connected to Router or Firewall or Proxy which connect them to other organization building or other campus or the internet. The other side is to the Distribution Switch.
• Distribution Switch - Connected to the core and the other side is to the Access Switch.
• Access Switch - Connected to distribution switch and the other side is to the end users.

Network ?

What are you understand about network ? For me, what i understand about network using the simplest term is 'GROUP' or maybe network ID. Now what do you think ? Networking is use for sharing resources e.g. files, devices and etc ( other things that you can shared on network).

Important things to Networking

• IP Address - used to identify which group your pc/machine belongs to.
• MAC Address - used to identify your pc/machine within the group (Layer 2).

Type of Communication in Networking

IPV4
1. Unicast
One (1) device sending data to another one (1) device and wait until the device to reply to confirm the data transmission.

2. Broadcast
One device sending data to all other devices within the network and may get more than one reply that used for query purpose. e.g. server which can assign IP address to client within the network (DHCP discovery).

3. Multicast
One device send data to specific group within the network(s) and did not required any reply. e.g. video transmission.


IPV6
4. Anycast > Finding the nearest path e.g. nearest routers or servers.