TLE (ICT) NARRA

Mrs. Analyn E. Llaban

Topics we reported:
- Assigning IP Addresses to Clients and Servers
- Configuring IP Addresses or TCP/IP Networking
- Enabling Network Security

Leader
Michelle Dollie S. Sison
Members who Participated
Mary Bianca D. Zipagan
Cris Mari M. Sison
Alhyssa Nicole G. Suing
Anne Janica N. Salcedo
Racquel Fatima Nueva
Clarice Joy A. Palce
Jim Edward F. Cleofas
Christian D. Fernandez
Assigning IP address to client and servers:

What is DHCP?

As long as you're learning about your IP address, you should learn a little about something called DHCP—which stands
for Dynamic Host Configuration Protocol. Why bother? Because it has a direct impact on millions of IP addresses, most
likely including yours.

DHCP is at the heart of assigning you (and everyone) their IP address. The key word in DHCP is protocol—the guiding
rules and process for Internet connections for everyone, everywhere. DHCP is consistent, accurate and works the same
for every computer. Remember that without an IP address, you would not be able to receive the information you
requested. As you've learned (by reading IP: 101), your IP address tells the Internet to send the information that you
requested (Web page, email, data, etc.) right to the computer that requested it.

Those incredible protocols

There are more than one billion computers in the world, and each individual computer needs its own IP address
whenever it's online. The TCP/IP protocols (our computers' built-in, internal networking software) include a DHCP
protocol. It automatically assigns and keeps tabs of IP addresses and any "subnetworks" that require them. Nearly all IP
addresses are dynamic, as opposed to "static" IP addresses that never change.

DHCP is a part of the "application layer," which is just one of the several TCP/IP protocols. All of the processing and
figuring out of what to send to whom happens virtually instantly.

Clients and servers

The networking world classifies computers into two distinctive categories:

1) individual computers, called "hosts," and 2) computers that help process and send data (called "servers"). A DHCP
server is one computer on the network that has a number of IP address at its disposal to assign to the computers/hosts
on that network. If you use a cable company for Internet access, making them your Internet Service Provider, they likely
are your DHCP server.

Permission slips

Think of getting an IP address as similar to obtaining a special permission slip from the DHCP server to use the Internet.
In this scenario, you are the DHCP client—whenever you want to go on the Internet, your computer automatically
requests an IP address from the network's DHCP server. If there's one available, the DHCP server sends a response
containing an IP address to your computer.

How DHCP works

The key word in DHCP is "dynamic." Because instead of having just one fixed and specific IP address, most computers
will be assigned one that is available from a subnet or "pool" that is assigned to the network. The Internet isn't one big
computer in one big location. It's an interconnected network of networks, all created to make one-on-one connections
between any two clients that want to exchange information. One of the features of DHCP is that it provides IP addresses
that "expire." When DHCP assigns an IP address, it actually leases that connection identifier to the user's computer for a
specific amount of time. The default lease is five days. Here is how the DHCP process works when you go online: 1. Your
go on your computer to connect to the Internet.

2. The network requests an IP address (this is actually referred to as a DHCP discover message).

3. On behalf of your computer's request, the DHCP server allocates (leases) to your computer an IP address. This is
referred to as the DHCP offer message.

4. Your computer (remember—you're the DHCP client) takes the first IP address offer that comes along. It then
responds with a DHCP request message that verifies the IP address that's been offered and accepted.

5. DHCP then updates the appropriate network servers with the IP address and other configuration information for your
computer.

6. Your computer (or whatever network device you're using) accepts the IP address for the lease term. Typically, a DHCP
server renews your lease automatically, without you (or even a network administrator) having to do anything.

However, if that IP address's lease expires, you'll be assigned a new IP address using the same DHCP protocols. Here's
the best part: You wouldn't even be aware of it, unless you happened to check your IP address. Your Internet usage
would continue as before. DHCP takes place rather instantly, and entirely behind the scenes. We, as everyday, ordinary
computer users, never have to think twice about it. We just get to enjoy this amazing and instantaneous technology that
brings the Internet to our fingertips when we open our browsers. I guess you could say DHCP stands for "darn handy
computer process"...or something like that.
CONFIGURING TCP/IP NETWORKING

A local area connection is created automatically if a computer has a network adapter and is connected to a network. If a
computer has multiple network adapters and is connected to a network, you'll have one local area connection for each
adapter. If no network connection is available, you should connect the computer to the network or create a different
type of connection, as explained in "Managing Network Connections" on page 671.
Computers use IP addresses to communicate over TCP/IP. Windows Server 2008 provides the following ways to
configure IP addressing:
Manually IP addresses that are assigned manually are called static IP addresses. Static IP addresses are fixed and don't
change unless you change them. You'll usually assign static IP addresses to Windows Servers, and when you do this,
you'll need to configure additional information to help the server navigate the network.
Dynamically ,a DHCP server (if one is installed on the network) assigns dynamic IP addresses at startup, and the
addresses might change over time. Dynamic IP addressing is the default configuration.
Alternatively (IPv4 only) When a computer is configured to use DHCPv4 and no DHCPv4 server is available, Windows
Server 2008 assigns an alternate private IP address automatically. By default, the alternate IPv4 address is in the range
from 169.254.0.1 to 169.254.255.254 with a subnet mask of 255.255.0.0. You can also specify a user-configured
alternate IPv4 address, which is particularly useful for laptop users.
Note:
Unless an IP address is specifically reserved, DHCP servers assign IP addresses for a specific period of time, known as an
IP address lease. If this lease expires and cannot be renewed, then the client assigns itself an automatic private IP
address.

Note To perform most TCP/IP configuration tasks, you must be a member of the Administrators group.

Configuring static IP addresses

When you assign a static IP address, you need to tell the computer the IP address you want to use, the subnet mask for
this IP address, and, if necessary, the default gateway to use for internetwork communications. An IP address is a
numeric identifier for a computer. Ip addressing schemes vary according to how your network is configured, but they're
normally assigned based on a particular network segment.
IPv6 addresses and IPv4 addresses are very different. With IPv6, the first 64 bits represent the network id and the
remaining 64 bits represent the network interface. With IPv4, a variable number of the initial bits represent the network
id and the rest of the bits represent the host id. For example, if you're working with IPv4 and a computer on the network
segment 192.168.10.0 with a subnet mask of 255.255.255.0, the first 24 bits represent the network id and the address
range you have available for computer hosts is from 192.168.10.1 to 192.168.10.254. In this range, the address
192.168.10.255 is reserved for network broadcasts.
If you're on a private network that is indirectly connected to the internet, you should use private IPv6 addresses. Link-
local unicast addresses are private IPv6 addresses. All link-local unicast addresses begin with FE80.
If you're on a private network that is indirectly connected to the internet, you should use private IPv4 addresses. Table
21-1 summarizes private network IPv4 addresses.
ENABLING NETWORK SECURITY

What is network security?

"Network security" refers to any activity designed to protect the usability and integrity of your network and data. It
includes both hardware and software technologies. Effective network security manages access to the network. It targets
a variety of threats and stops them from entering or spreading on your network.

How does network security work?

Network security combines multiple layers of defenses at the edge and in the network. Each network security layer
implements policies and controls. Authorized users gain access to network resources, but malicious actors are blocked
from carrying out exploits and threats.

How do I benefit from network security?

Digitization has transformed our world. How we live, work, play, and learn have all changed. Every organization that
wants to deliver the services that customers and employees demand must protect its network. Network security also
helps you protect proprietary information from attack. Ultimately it protects your reputation.

TYPES OF NETWORK SECURITY

 Access Control - Not every user should have access to your network. To keep out potential attackers,
you need to recognize each user and each device. Then you can enforce your security policies. You can
block noncompliant endpoint devices or give them only limited access. This process is network access
control (NAC).

 Antivirus and Anti-Malware Software - "Malware," short for "malicious software," includes viruses,
worms, Trojans, ransomware, and spyware. Sometimes malware will infect a network but lie dormant
for days or even weeks. The best anti malware programs not only scan for malware upon entry, but also
continuously track files afterward to find anomalies, remove malware, and fix damage.

 Application Security - Any software you use to run your business needs to be protected, whether your IT
staff
 builds it or whether you buy it. Unfortunately, any application may contain holes, or vulnerabilities, that
attackers can use to infiltrate your network. Application security encompasses the hardware, software,
and processes you use to close those holes.

 Behavioral Analytics - To detect abnormal network behavior, you must know what normal behavior
looks like.
 Behavioral analytics tools automatically discern activities that deviate from the norm. Your security
team can then better identify indicators of compromise that pose a potential problem and quickly
remediate threats.

 Data Loss Prevention - Organizations must make sure that their staff does not send sensitive information
outside the network. Data loss prevention, or DLP, technologies can stop people from uploading,
forwarding, or even printing critical information in an unsafe manner.

 Email Security - Email gateways are the number one threat vector for a security breach. Attackers use
personal information and social engineering tactics to build sophisticated phishing campaigns to deceive
recipients and send them to sites serving up malware. An email security application blocks incoming
attacks and controls outbound messages to prevent the loss of sensitive data.

 Firewalls - Firewalls put up a barrier between your trusted internal network and untrusted outside
networks, such as the Internet. They use a set of defined rules to allow or block traffic. A firewall can be
hardware, software, or both. Cisco offers unified threat management (UTM) devices and threat-focused
next-generation firewalls.

 Intrusion Prevention Systems - An intrusion prevention system (IPS) scans network traffic to actively
block attacks. Cisco Next-Generation IPS (NGIPS) appliances do this by correlating huge amounts of
global threat intelligence to not only block malicious activity but also track the progression of suspect
files and malware across the network to prevent the spread of outbreaks and reinfection.
 Mobile device security - Cyber criminals are increasingly targeting mobile devices and apps. Within the
next 3 years, 90 percent of IT organizations may support corporate applications on personal mobile
devices. Of course, you need to control which devices can access your network. You will also need to
configure their connections to keep network traffic private.

 Network Segmentation - Software-defined segmentation puts network traffic into different

 Security Information and Event Management - SIEM products pull together the information that your
security staff needs to identify and respond to threats. These products come in various forms, including
physical and virtual appliances and server software.

 VPN - A virtual private network encrypts the connection from an endpoint to a network, often over the
Internet. Typically, a remote-access VPN uses IPsec or Secure Sockets Layer to authenticate the
communication between device and network

 Web Security - A web security solution will control your staff’s web use, block web-based threats, and
deny access to malicious websites. It will protect your web gateway on site or in the cloud. "Web
security" also refers to the steps you take to protect your own website.
 Wireless Security - Wireless networks are not as secure as wired ones. Without stringent security
measures, installing a wireless LAN can be like putting Ethernet ports everywhere, including the parking
lot. To prevent an exploit from taking hold, you need products specifically designed to protect a wireless
network.