© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public ITE I Chapter 6 1 Teleworker Services Accessing the WAN – Chapter Cisco Thai Nguyen Networking Academy © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public ITE 1 Chapter 6 2 Objectives  In this chapter, you will learn to: – Describe the enterprise requirements for providing teleworker services, including the differences between private and public network infrastructures. – Describe the teleworker requirements and recommended architecture for providing teleworking services. – Explain how broadband services extend enterprise networks using DSL, cable, and wireless technology. – Describe the importance of VPN technology, including its role and benefits for enterprises and teleworkers. – Describe how VPN technology can be used to provide secure teleworker services to an enterprise network. Cisco Thai Nguyen Networking Academy © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public ITE 1 Chapter 6 3 Business Requirement for Teleworker Services  With advances in broadband and wireless technologies, working away from the office no longer presents the challenges it did in the past. – Organizations can cost-effectively distribute data, voice, video, and real-time applications, across their entire workforce no matter how remote and scattered they might be.  On a broader scale, the ability of businesses to provide service across time zones and international boundaries is greatly enhanced using teleworkers. – Contracting and outsourcing solutions are easier to implement and manage.  From a social perspective, teleworking options increase the employment opportunities for various groups, including parents with small children, the handicapped, and people living in remote areas. – Teleworkers enjoy more quality family time, less travel- related stress, and in general provide their employers with increased productivity, satisfaction, and retention. Cisco Thai Nguyen Networking Academy © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public ITE 1 Chapter 6 4 Teleworker Solution  With the growing number of teleworkers, enterprises have an increasing need for secure, reliable, and cost-effective ways to connect to people working in small offices and home offices (SOHOs), and other remote locations, with resources on corporate sites.  The figure displays 3 remote connection technologies available to organizations for supporting teleworker: 1. Traditional private WAN Layer 2 technologies, including Frame Relay, ATM, and leased lines, provide many remote connection solutions. 2. IPsec Virtual Private Networks (VPNs) offer flexible and scalable connectivity. • Site-to-site connections can provide a secure, fast, and reliable remote connection to teleworkers. • This is the most common option for teleworkers, combined with remote access over broadband, to establish a secure VPN over the public Internet. (A less reliable means of connectivity using the Internet is a dialup connection.) Cisco Thai Nguyen Networking Academy © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public ITE 1 Chapter 6 5 Teleworker Solution: Broadband Services 3. The term broadband refers to advanced communications systems capable of providing high- speed transmission of services, such as data, voice, and video, over the Internet and other networks.  Transmission is provided by a wide range of technologies, including –digital subscriber line (DSL) –fiber-optic cable, –coaxial cable, –wireless technology, –satellite.  The broadband service data transmission speeds typically exceed 200 kilobits per second (kb/s), or 200,000 bits per second, in at least one direction: –downstream (from the Internet to the user's computer) –upstream (from the user's computer to the Internet). Cisco Thai Nguyen Networking Academy © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public ITE 1 Chapter 6 6 Remote Connection Topologies for the Teleworker  In general, broadband refers to telecommunication in which a wide band of frequencies is available to transmit information. –Broadband is generally defined as any sustained speed of 200K or more. –Broadband options include •digital subscriber line (DSL), •high-speed cable modems, •fast downstream data connections from direct broadcast satellite (DBS) •fixed wireless providers. •3G wireless –The most common problem with broadband access is lack of coverage area. • Broadband vs. Baseband. – Baseband: only one signal on the wire at once - time-division multiplexing: • Ethernet networks. – Broadband: multiple signals - frequency division multiplexing. Cisco Thai Nguyen Networking Academy © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public ITE 1 Chapter 6 7 Teleworker Solution  To connect effectively to their organization's networks, teleworkers need two key sets of components: –Home Office Components - The required home office components are a laptop or desktop computer, broadband access (cable or DSL), and a VPN router or VPN client software installed on the computer. • When traveling, teleworkers need an Internet connection and a VPN client to connect to the corporate network over any available dialup, or broadband connection. –Corporate Components - Corporate components are VPN-capable routers, VPN concentrators, multifunction security appliances, authentication, and central management devices for resilient aggregation and termination of the VPN connections. Cisco Thai Nguyen Networking Academy © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public ITE 1 Chapter 6 8 Teleworker Solution  Typically, providing support for VoIP requires upgrades to these components. –Routers need Quality of Service (QoS) functionality. –QoS refers to the capability of a network to provide better service to selected network traffic, as required by voice and video applications.  The figure shows an encrypted VPN tunnel connect the teleworker to the corporate network. –This is the heart of secure and reliable teleworker connections. –A VPN is a private data network that uses the public telecommunication infrastructure. –VPN security maintains privacy using a tunneling protocol and security procedures. –This course presents the IPsec (IP Security) protocol as the favored approach to building secure VPN tunnels. Cisco Thai Nguyen Networking Academy © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public ITE 1 Chapter 6 9 Options for Connecting the Teleworker  Split tunneling: –Split tunneling is a computer networking concept which allows a VPN user to access a public network (e.g., the Internet) and a local LAN or WAN at the same time, •The remote user, for example, then downloads his email from the mail server at 10.10.0.5, and downloads a document from the Archive at 10.2.3.4. Next, without exiting the tunnel, the remote user can print the document through the PC's local network interface 192.19.2.32 to the printer at 192.19.2.33. –Advantages •An advantage of using split tunneling is that it alleviates bottlenecks and conserves bandwidth as Internet traffic does not have to pass through the VPN server. –Disadvantages •A disadvantage of this method is that it essentially renders the VPN vulnerable to attack as it is accessible through the public, non-secure network. Cisco Thai Nguyen Networking Academy © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public ITE 1 Chapter 6 10 Connecting Teleworker to the WAN  Teleworkers typically use diverse applications (e-mail, web, voice, and videoconferencing) that require a high-bandwidth connection: –Dialup access - Dialup is the slowest option, and is typically used by mobile workers in areas where high speed connection are not available. –DSL - DSL also uses telephone lines. DSL uses a special modem that separates the DSL signal from the telephone signal and provides an Ethernet connection to a host computer or LAN. –Cable modem - The Internet signal is carried on the same coaxial cable that delivers cable TV. A special cable modem separates the Internet signal from the other signals and provides an Ethernet connection to a host computer or LAN. –Satellite - The computer connects to a satellite modem that transmits radio signals to the nearest point of presence within the satellite network. [...]... drops – At the subscriber end, an RF splitter divides the combined RF signal into video and data portions – The CM receives the data portion of the RF signal – The CM, tuned to the data RF signal channels, demodulates the data RF signal back into digital data and finally passes the data to the computer over an Ethernet connection In the upstream direction, – the CM decodes the digital information from the. .. in either direction at the same time The following frequency scope is used: –Downstream: Transmitting the signals from the cable operator to the subscriber, the outgoing frequencies are in the range of 50 to 860 MHz –Upstream: Transmitting the signals in the reverse path from the subscriber to the cable operator, the incoming frequencies are in the range of 5 to 42 MHz ITE 1 Chapter 6 © 2006 Cisco... between the CPE modem and the CO DSLAM The voice channel is established between the telephone and the voice switch at the CO premises ADSL signals distort voice transmission and are split or filtered at the customer premises –A microfilter filters the ADSL signal from the voice signal This solution eliminates the need for a technician to visit the premises and allows the user to use any jack in the house... Putting It All Together In the downstream path, – the local headend (LHE) distributes TV signals to subscribers via the distribution network – TV signals are received through satellite dishes – The CMTS modulates digital data on an RF signal and combines that RF signal with the TV signals – At the fiber node, the optical signal is converted back to an RF signal and then transmitted over the coaxial network... telephone network, called the local loop or last mile The connection is set up between a pair of modems on either end of a copper wire that extends between the customer premises equipment (CPE) and the DSL access multiplexer (DSLAM) The two key components of DSL connection are: –DSLAM: A DSLAM is the device located at the central office (CO) of the provider The DSLAM is at the central office and combines... IDSL types) The data rate that DSL service can provide depends on the distance between the subscriber and the CO – The shorter the distance: the higher the bandwidth available ITE 1 Chapter 6 © 2006 Cisco Systems, Inc All rights reserved Cisco Public http://www.linktionary.com/d/dsl.html 31 Cisco Thai Nguyen Networking Academy DSL Variants The following properties differentiate DSL variants: –Nature:... service –POTS splitters separate the DSL traffic from the POTS traffic The POTS splitter is a passive device Splitters are located at the CO and, in some deployments, at the customer premises •Figure uses a splitter at the customer premises The actual device is the network interface device (NID) The splitter acts as a low-pass filter, allowing only the 0 to 4 kHz frequencies to pass to or from the telephone... spectrum The same principle applies to the cable system The cable TV industry uses a portion of the RF electromagnetic spectrum –At the subscriber end, equipment such as TVs, VCRs, and High Definition TV set-top boxes tune to certain frequencies that allow the user to view the TV channel or to receive high-speed Internet access A cable network is capable of transmitting signals on the cable in either... G.Lite) The transfer rates are dependent on the actual length of the local loop, and the type and condition of its cabling For satisfactory service, the loop must be less than 5.5 kilometers (3.5 miles) –Data and voice support: Depending on the usage of the available frequency spectrum, certain DSL types support data and voice simultaneously while other types do not –Maximum distance: This describes the. .. services Modern cable operators use an HFC network that deploys fiber in the trunks: –Reduces the number of amplifiers –Thin and lightweight—takes less space –Covers longer distances –Induces less or virtually no noise –Less loss of signal –Immune to external influences, such as thunder or RF interference –Easier to handle ITE 1 Chapter 6 © 2006 Cisco Systems, Inc All rights reserved Cisco Public 22 . used: –Downstream: Transmitting the signals from the cable operator to the subscriber, the outgoing frequencies are in the range of 50 to 860 MHz. –Upstream: Transmitting the signals in the. frequencies across that RF spectrum. The same principle applies to the cable system.  The cable TV industry uses a portion of the RF electromagnetic spectrum. –At the subscriber end, equipment. Public ITE I Chapter 6 1 Teleworker Services Accessing the WAN – Chapter Cisco Thai Nguyen Networking Academy © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public ITE 1 Chapter 6 2