I think I have already given up this blog, HAHA!

There is my Chinese Blog, http://neversummer.net

Introduction to VoIP

1. PSTN
2. VoIP Components
3. Voice codec
4. Call Manager
5. IP protocol
6. SIP

• VoIP is the tech that places voice traffic onto the IP network
• VoIP utilizes the IP network and PSTN for telephone conversations.

Advantages:

1. Lower toll charges for overseas calls
2. One network to purchase and maintain
3. One line to pay instead of phone & IP
4. Provide more value-added services

2 types of VoIP service providers

1. fixed
2. nomadic

ITUT = standards for the PSTN

IETF =  standards for Internet

E.164 = The worldwide prefix scheme was developed by the ITU to standardize telephone numbering plans

Network Security – Study notes - 3

Trust and Identity Technology

1. AAA

• Authentication: Prove you are users
• Authorization: Decide the resources you can use
• Accounting: Records what the user actually did

AAA supports three widely standardized security protocols:

1. Remote Authentication Dial-In user Service(RADIUS);
2. Terminal Access Controller Access Control System Plus(TACACS+);
3. Kerberos

RADIUS or TACACS+ is used with a device such as a network access Server(NAS)

RADIUS

• Distributed security system that secures remote access to networks
• UDP-port:1812
• Using shared secret keys
• Passwords encrypted using MD5
• Using local database or query a LDAP server
• The NAS operates as the client of RADIUS
• Only Dial-up

TACACS+

• TCP-port:49
• Own database
• Packets containing TACACS+ protocol values is encrypted
• Provides AAA support for remote Dial-up and LAN access

Kerberos

• Unix-based systems
• Relies on a combination of key encryption and cryptographic protocols
• A user authenticates with a Ticket Granting Server(TGS) to obtain a special ticket known as a Ticket Granting Ticket(TGT)

Static password: remain same until Admin and user change it

S/Key: one time password using MD4 or MD5

S/Key System Components:

• Client: Provides the login shell, does not contain any password information
• Host: stores current OIP and login sequence in a file
• Password caculator: function that is easy compute

Token Card: One-time network entry password

• Credit-card size password generator: with an unique PIN
• synchronous and asynchronous

Token card and Server Method

• Time-based
• Challenge-response

IEEE 802.1x

• Supplicant
• Authenticator
• Authentication server

Features:

• 802.1x authenticator support
• MAC address authentication
• Default authorzation policy
• Multiple DHCP pools

Topologies:

Point-to-point: only one client can be connected

Wireless Lan: mutiple-host port

Network Security - Study notes - 2

Security Planning and Policy

A security policy is a formal statement of the rules by which people who are given access to an organization’s technology and assets must abide.

Features:

• Statement of authority and scope


• Acceptable use policy


• Identification and authentication policy


• Internet access policy


• Campus access policy


• Remote access policy


• Incident handling policy

Network Security - Study notes - 1

Introduction to Network Security

The importance of Network Security:

1. Protect the company assets


2. Gain a competitive advantage


3. Comply with regulatory requirements and fiduciary


4. Keep your job