A Cable Modem (CM) on the Subscriber End

CCNA4 – Chapter 6

* DSL

§  The transfer rates are dependent on the actual length of the local loop, and the type and condition of its cabling. For satisfactory service, the loop must be less than 5.5 kilometers (3.5 miles).

§  The connection is set up between a pair of modems on either end of a copper wire that extends between the customer premises equipment (CPE) and the DSL access multiplexer (DSLAM).

§  Fortunately, only relatively small changes to existing telephone company infrastructure are required to deliver high-bandwidth data rates to subscribers.

§  .

* Cable

–  A cable modem (CM) on the subscriber end

–  A cable modem termination system (CMTS) at the headend of the cable operator

–  The actual bandwidth for Internet service over a CATV line can be up to 27 Mbps on the download path to the subscriber and about 2.5 Mbps of bandwidth on the upload path.

–  Downstream: Transmitting the signals from the cable operator to the subscriber, the outgoing frequencies are in the range of 50 to 860 MHz.

–  Upstream: Transmitting the signals in the reverse path from the subscriber to the cable operator, the incoming frequencies are in the range of 5 to 42 MHz.

* The Data-over-Cable Service Interface Specification (DOCSIS)

§  DOCSIS specifies the Open Systems Interconnection (OSI) Layers 1 and 2 requirements:

–  Physical layer: For data signals that the cable operator can use, DOCSIS specifies the channel widths (bandwidths of each channel) . DOCSIS also specifies modulation techniques

•  DOCSIS 1.0: 200 kHz, 400 kHz, 800 kHz, 1.6 MHz, 3.2 MHz,

•  DOCSIS 2.0: 6.4 MHz.

–  MAC layer: Defines a deterministic access method (time-division multiple access [TDMA] or synchronous code division multiple access [S-CDMA]).

* Sending Data over Cable, when high usage causes congestion -

–  The cable operator can add additional bandwidth for data services by allocating an additional TV channel for high-speed data.

–  Another option is to reduce the number of subscribers served by each network segment.

* VPN

§  A VPN creates a private network over a public network infrastructure while maintaining confidentiality and security.

§  VPNs use cryptographic tunneling protocols to provide protection against packet sniffing, sender authentication, and message integrity.

* The 3 foundation of a secure VPN

–  Data confidentiality - VPNs achieve confidentiality using encapsulation and encryption.

–  Data integrity - VPNs typically use hashes to ensure data integrity.

•  A hash is like a checksum or a seal that guarantees that no one has read the content, but it is more robust.

–  Authentication - VPNs can use passwords, digital certificates, smart cards, and biometrics to establish the identity of parties at the other end of a network.

* VPN Components

§  The key to VPN effectiveness is security. VPNs secure data by encapsulating or encrypting the data. Most VPNs can do both.

–  Encapsulation - referres to as tunneling, because encapsulation transmits data transparently from network to network through a shared infrastructure.

–  Encryption - codes data into a different format using a secret key. Decryption decodes encrypted data into the original unencrypted format.

§  Data Encryption Standard (DES) algorithm.

§  Triple DES (3DES) algorithm.

§  Advanced Encryption Standard (AES).

§  Rivest, Shamir, and Adleman (RSA).

* Symmetric and Asymmetric Encryption

–  Symmetric key encryption, also called secret key encryption, each computer encrypts the information before sending it over the network to the other computer.

–  Pre-shared key (PSK)

–  DES and 3DES.

–  Asymmetric Encryption

–  Public key encryption is a variant of asymmetric encryption that uses a combination of a private key and a public key.

* Two main IPsec framework protocols

–  Authentication Header (AH) - AH provides data authentication and integrity.

–  Encapsulating Security Payload (ESP) - ESP authenticates the inner IP packet and ESP header.

* Broadband Wireless: WiMAX

§  WiMAX (Worldwide Interoperability for Microwave Access) is telecommunications technology aimed at providing wireless data over long distances in a variety of ways, from point-to-point links to full mobile cellular type access.

§  WiMAX operates at higher speeds, over greater distances, and for a greater number of users than Wi-Fi.

§  A WiMAX network consists of two main components:

–  A tower that is similar to a cellular telephone tower. A single WiMAX tower can provide coverage to an area as large as 3,000 square miles, or almost 7,500 square kilometers.

–  A WiMAX receiver that is similar in size to a PCMCIA card, or built into a laptop or other wireless device.

* VPN Tunneling

–  Tunneling encapsulates an entire packet within another packet and sends the new, composite packet over a network.

•  The protocol that is wrapped around the original data (GRE, IPsec, L2F, PPTP, L2TP)

* Types of VPNs

§  Site-to-Site VPNs

§  Site-to-site VPNs support company intranets and business partner extranets.

§  Remote Access VPNs

§  Remote access VPNs can support the needs of telecommuters, mobile users, as well as extranet consumer-to-business. .