Comprehensive yet succinct, Connecting to the Internet is a guide to the entire process of connecting a private network to the Internet and then maintaining that connection. This practical handbook provides essential information without the burden of extraneous detail. Using a step-by-step approach, the text covers the processes of planning, designing, implementing, and maintaining an effective and secure LAN-to-Internet connection-from TCP/IP essentials, to choosing the most appropriate Internet Service Provider, to setting up a firewall. The book includes coverage of: TCP/IP essentials; standard Internet service protocols, such as DNS, FTP, Mail, News, Telnet, the Web, and SSL; and security technologies-packet filters, circuit proxies, application gateways, network address translation, firewalls, vendors, security policies, and auditing.
Table of Contents
Preface-Look before You Leap.
1. TCP/IP Internetworking and Internet Services.
Comparing TCP/IP to the OSI Reference Model.
Media Access Control (MAC).
Unicast, Broadcast, and Multicast Packets.
Communication in IP Networks.
Address Resolution Protocol (ARP).
Route Advertisement and Learning.
Internet Control Message Protocol (ICMP).
Emphasis on TCP and UDP.
UDP Data Streams.
Request for Comments (RFC).
Standard Internet Service Protocols.
Domain Name System (DNS).
File Transfer Protocol (FTP).
Terminal Emulation (Telnet).
Non-TCP-Based and Non-UDP-Based Services.
IP in IP Encapsulation.
Generic Routing Encapsulation (GRE).2. Selecting Your Internet Service Provider.
Types of ISPs.
Network Service Providers.
Internet Service Providers (Resellers).
Which Type of ISP Is Right for You?
Basic Access Products.
Internet Services Provided.
Connection Capacity (Bandwidth).
Access Provisioning (WAN Circuits).
Equipment Selection and Provisioning.
Installation and Setup Services.
Domain Name Registration.
Mail Exchange (MX) Records.
Allocation of an IP Address Pool.
Activation Support (Installation).
Virtual Private Networks.
Multicasting and MBone.
Knowledge Services (Consulting).
Capacity Scaling and Oversubscription.
Fixed versus Usage-Based Pricing.
Checklist-Selecting the ISP.3. Provisioning Your Wide Area Network.
Circuit Capacity (Bandwidth).
DS-1 Circuits (E-1 and T-1).
Dual DS-1 Circuits.
DS-3 Circuits (T-3 and E-3).
Components of WAN Circuits.
Delivering the Circuit.
North American T-1.
North American T-3.
Premise Equipment Configuration and Connections.
ISDN Network Termination.
Checklist-WAN Provisioning.4. Planning Your Security.
The Real Need for Security.
World View, Default Stance, and Direction.
Access Control Technologies.
Network Address Translation.
Firewall Products Explained.
Encryption and Virtual Private Networks.
Event Logging and Intrusion Notification.
Other Integrated Services.
Checklist-Security.5. Designing Your Network Architecture.
Delineate Your Service Objectives.
Services Accessed from the Internet.
Services Provided to the Internet.
Assess Your Design Factors.
Select a Prototype Design.
Design 1-Single Filter for Screening Internal Hosts.
Design 2-Single Filter for Screening Servers.
Design 3-Single Filter with Screened Subnet.
Design 4-Dual Filter with Screened Subnet.
Determine Your IP Architecture.
Configuring IP Routing (Tips and Traps).
WAN Interfaces for Routers.
Reiterating the Design Process.
Checklist-Network Architecture and Equipment Selection.6. Staging and Testing Your Design.
Assemble Your Tools.
Test Your Routing.
Test Your Security (Filtering).
Test Mandatory Services.
Checklist-Staging and Testing.7. Implementing and Validating Your New Connection.
Complete the WAN Circuit.
Going Live with the ISP.
Deactivate Your Security.
Test WAN Connectivity.
Test Routing to the Internet.
Test Connectivity to DNS and Mail Servers.
Troubleshooting the WAN.
Validating Operation and Security after Start-Up.
Checklist-Implementation and Validation.8. Managing Your Connection.
Evaluating New Services.
Checking for Security Breaches.
Usage Monitoring and Baselining.
Addressing Performance and Connectivity Issues.
Moving to a New ISP.
Your Internet Connection on Autopilot.Appendix A: Network Address Translation. Appendix B: Virtual Private Networks. Appendix C: How the Internet Functions.
Domain Name System.
The Internet Management and Services.
Obtaining IP Addresses and Domain Names.
Predicted Growth and Capacity Planning.
IP Address Depletion.Appendix D: Dynamic Host Configuration Protocol. Appendix E: Helpful Web Sites.
Internet Administration Sites.
Internet Service Providers.Bibliography. Glossary. Index. 0201379562T04062001
System and network administrators faced with the challenge of building and maintaining permanent LAN-to-Internet connections are often in need of additional information in order to complete this complex task. This practical handbook is a guide to the entire process of connecting a private network to the Internet and then maintaining that connection.
Comprehensive yet succinct, Connecting to the Internet provides essential information without the burden of extraneous detail. Using a step-by-step approach, this book covers the processes of planning, designing, implementing, and maintaining an effective and secure LAN-to-Internet connection--from TCP/IP essentials, to choosing the most appropriate Internet Service Provider, to setting up a firewall.
Specifically, you will find coverage of:
- TCP/IP essentials and standard Internet service protocols, such as DNS, FTP, Mail, News, Telnet, the Web, and SSL
- Criteria for choosing an Internet Service Provider, including connection capacity, installation services, Web hosting, security, VPNs, remote access, multicast, knowledge services, and pricing
- Circuitry and equipment configuration for your WAN
- Security technologies--packet filters, circuit proxies, application gateways, network address translation, firewalls, vendors, security policies, and auditing
- Network design and equipment selection
- Staging and testing the design, including how to run routing diagnostics and security testing
- Implementing the new connection, going live with the ISP, and troubleshooting the WAN
- Managing the LAN-Internet connection, with discussions on security breaches, usage monitoring, and performance issues
Each technical chapter contains checklists to help you track critical steps in the process. In addition, experienced-based tips throughout the book will keep you from falling into expensive and time-consuming pitfalls.
Andrew F. Ward works as a network administrator for 3Com Corporation. He is responsible for Internet connectivity, security, and LAN and WAN design and operations. Previously Mr. Ward worked as a Novell system administrator and software developer. He holds a B.S. in mechanical engineering from the University of Rochester.