Remote Control Remote control allows a remote user on a client computer to control another computer, called the host, across a LAN or WAN connection. This type of remote access first requires a con- nection between the client and host. The connection could be a dedicated WAN line (such as a T1), an Internet connection, or even a dial-up connection established directly between the client’s modem and the host’s modem. Also, the host must be configured to allow access from the client by setting user name or computer name and password credentials. A host may allow clients a variety of privileges, from merely viewing the screen to running programs and modi- fying data files on the host’s hard disk. After connecting, if the remote user has sufficient priv- ileges, she can send keystrokes and mouse clicks to the host and receive screen output in return. In other words, to the remote user, it appears as if she is working on the LAN- or WAN- connected host. Remote control software is specially designed to require little bandwidth, which makes it suitable for use over dial-up connections. One example of such remote control software is Symantec’s pcAnywhere. Another example of remote control software is the Remote Desktop feature that comes with the Windows 95, 98, NT, 2000, XP, and Server 2003 operating systems. Remote Desktop relies on the RDP (Remote Desktop Protocol), which is an Application layer protocol that uses TCP/IP to trans- mit graphics and text quickly. RDP also carries session, licensing, and encryption information. To enable your Windows XP Professional computer as a Remote Desktop host: 1. First log on to the computer as Administrator or another user name with administra- tor-level privileges. 2. Click Start, and then click Control Panel. If necessary, click Switch to Category View. The Control Panel window opens in Category view. 332 Chapter 7 WANS, INTERNET ACCESS, AND REMOTE CONNECTIVITY FIGURE 7-24 Protocols used in a remote access Internet connection NET+ 2.16 3. Click Performance and Maintenance, and then click the System icon. The System Properties dialog box opens. 4. Click the Remote tab. Options for remote connections to your computer appear, as shown in Figure 7-25. Chapter 7 333 REMOTE CONNECTIVITY FIGURE 7-25 Remote tab in the Windows XP System Properties window 5. Check the Allow remote users to connect remotely to this computer option. 6. If this is the first time you’ve enabled remote services, the Remote Sessions window opens, alerting you that accounts used for remote access must have passwords to con- nect to your computer. Click OK. 7. Click Select Remote Users to choose from a list of users who you will allow to con- nect to your computer. The Remote Desktop Users dialog box opens. 8. Click Add to add a user to the list. The Select Users dialog box opens. If you have created multiple user accounts on your computer, these accounts will be listed under “Enter object names to select (examples):” 9. Check the user names that will have access to your computer, and then click OK. 10. Click OK again to close the Remote Desktop Users dialog box. 11. Click OK once more to close the System Properties dialog box and save your changes. The previous steps describe how to establish your computer as a host. To start a remote desk- top session from a Windows XP client: 1. Make sure the remote desktop client software has been installed on the computer. Also make sure that the host and remote computers are connected to networks that can exchange data (for example, the host might be a desktop on a company’s office WAN and the remote client might be a home computer that can connect to that WAN over the Internet). NET+ 2.16 2. Click Start, point to All Programs, point to Accessories, point to Communications, and then click Remote Desktop Connection. The Remote Desktop Connection win- dow opens, as shown in Figure 7-26. 334 Chapter 7 WANS, INTERNET ACCESS, AND REMOTE CONNECTIVITY FIGURE 7-26 Remote Desktop Connection window 3. In the Computer: text box, enter the name of the host computer to which you want to connect. The host computer must be running the Remote Desktop software and you must have permission to log on to it. 4. Click Connect. 5. In the Log On to Windows dialog box, type your user name, password, and domain (if necessary), and then click OK to log on to this host. 6. The Remote Desktop window opens, showing you the desktop of the host computer. At this point, your keystrokes and mouse clicks will act on the host computer, not on your client computer. Although remote control is used less often than other forms of remote access, some situations call for it. For example, suppose a traveling salesperson must submit weekly sales figures to her home office every Friday afternoon. While out of town, she discovers a problem with her spreadsheet program, which should automatically calculate her sales figures (for example, the percentage of a monthly quota she’s reached for any given product) after she enters the raw data. She calls the home office, and a support technician attempts to resolve her issue on the phone. When this doesn’t work, the technician may decide to run a remote control program and “take over” the salesperson’s PC (over a WAN link) to troubleshoot the spreadsheet prob- lem. Every keystroke and mouse click the technician enters on his PC is then issued to the salesperson’s PC. After the problem is resolved, the technician can disconnect from the sales- person’s PC. Advantages to using the remote control access method are that it is simple to configure and can run over any type of connection. This benefits telecommuters who must use dial-up con- nections and who need to work with processing-intensive applications such as databases. In this scenario, the data processing occurs on the host without the data having to traverse the slower modem connection to the remote workstation. Another advantage to remote control connections is that a single host can accept simultaneous connections from multiple clients. A presenter can use this feature to establish a virtual conference, for example, in which several NET+ 2.16 attendees log on to the host and watch the presenter manipulate the host computer’s screen and keyboard. However, network managers don’t favor remote control connections because they offer minimal security. Although remote control software requires a user to log on with an ID and password, the connection does not go through the network backbone, where stricter secu- rity controls are apt to be in place. If frequent remote access to processing-intensive applica- tions is necessary, a better solution would be to use terminal services, as described in the following section. Terminal Services A popular method for gaining remote access to LANs is by using terminal services. In termi- nal services, multiple remote computers can connect to a terminal server on the LAN. A ter- minal server is a computer that runs specialized software that allows it to act as a host and supply applications and resource sharing to remote clients. As with remote control, in termi- nal services remote users send only keystrokes and mouse clicks and receive screen updates from the host. To the remote user, connecting to a LAN from afar appears no different from being a directly connected LAN user. However, terminal services differ from remote control in a few key ways. First, a terminal server allows multiple simultaneous connections. Second, a termi- nal server is optimized for fast processing and application handling, offering better performance for remote users than could a LAN-connected workstation. Third, implementing terminal ser- vices requires more sophisticated software and significant configuration. For example, it allows users to connect via any type of media (not only a modem and phone line). Also, a terminal server can be situated on the network such that remote user connections must pass through firewalls, switches, and routers and be subject to security, addressing, resource access, and VLAN controls, if applicable. As a result, this option offers much greater flexibility and secu- rity than remote control. Many companies have created software to supply terminal services. In fact, the Microsoft ver- sion of this solution is called Terminal Services. (Windows XP clients connecting to a Microsoft terminal server use the Remote Desktop software described previously.) Another popular option is Citrix System, Inc.’s Metaframe. With the Citrix option, remote worksta- tions rely on software known as an ICA (Independent Computing Architecture) client to connect with a remote access server and exchange keystrokes, mouse clicks, and screen updates. Citrix’s ICA client can work with virtually any operating system or application. Its ease of use and broad compatibility have made the ICA client one of the most popular methods for sup- plying widespread remote access across an organization. Potential drawbacks to this method include the relatively high cost of Citrix’s products and the complex nature of its server soft- ware configuration. A workstation that uses terminal services to access a LAN is often called a thin client, because very little hard disk space or processing power is required of the workstation. In fact, the term thin client can apply to any end-user workstation that relies on another networked computer to bear primary processing and disk access responsibilities, including clients that connect through Web portals, as discussed next. Chapter 7 335 REMOTE CONNECTIVITY NET+ 2.16 Web Portals Another remote access option that’s growing in popularity is running LAN applications from a Web portal. A Web portal is simply a secure, Web-based interface to an application. This option is attractive because it places few requirements on the client. Users merely need an Inter- net connection, Web browser software, and the proper credentials to log on to the application. Any type of Internet connection is sufficient for using Web portals, though of course, a DSL or broadband cable connection performs better than a PSTN connection. On the host side, a Web server supplies the application to multiple users upon request. How- ever, first an application must be designed for Web-based access. Making applications Web- ready typically requires significant programming. However, more and more applications are being designed this way from the start. In addition, managers must carefully configure the access properties for the Web server hosting the application to make sure only authorized users can access the application. In fact, a company may decide to outsource its Web portal services to an ISP. In that case, the company pays the ISP to provide connectivity, house and maintain the Web server, make sure the application is operating correctly, and prevent unauthorized access to the application. As you can imagine, making an application accessible via the Web also makes it vulnerable to use by unauthorized individuals. Thus, the use of Web portals calls for secure transmission protocols. Secure transmission protocols are also integral to creating virtual private networks, which are discussed in the following section. VPNs (Virtual Private Networks) VPNs (virtual private networks) are wide area networks logically defined over public trans- mission systems. To allow access to only authorized users, traffic on a VPN is isolated from other traffic on the same public lines. For example, a national insurance provider could estab- lish a private WAN that uses Internet connections but serves only its agent offices across the country. By relying on the public transmission networks already in place, VPNs provide a way of constructing a convenient and relatively inexpensive WAN. In the example of a national insurance provider, the company gains significant savings by having each office connect to the Internet separately rather than leasing point-to-point connections between each office and the national headquarters. The software required to establish VPNs is usually inexpensive, and in some cases is being included with other widely used software. For example, the Windows Server 2003 RRAS allows you to create a simple VPN by turning a Windows server into a remote access server and allowing clients to dial into it. Alternately, clients could dial into an ISP’s remote access server, then connect with the VPN managed by RRAS. For Novell-based networks, you can use BorderManager, a NetWare add-on product, to connect nodes and form a VPN. Third- party software companies also provide VPN programs that work with NetWare, Windows, UNIX, Linux, and Macintosh OS X Server network operating systems. Or VPNs can be 336 Chapter 7 WANS, INTERNET ACCESS, AND REMOTE CONNECTIVITY NET+ 2.16 NET+ 2.16 created simply by configuring special protocols on the routers or firewalls that connect each site in the VPN. This is the most common implementation of VPNs on UNIX-based networks. Figure 7-27 depicts one possible VPN layout. The beauty of VPNs is that they are tailored to a customer’s distance and bandwidth needs, so, of course, every one is different. Chapter 7 337 VPNS (VIRTUAL PRIVATE NETWORKS) FIGURE 7-27 An example of a VPN Two important considerations when designing a VPN are interoperability and security.To make sure a VPN can carry all types of data in a private manner over any kind of connection, spe- cial VPN protocols encapsulate higher-layer protocols in a process known as tunneling.You can say that these protocols create the virtual connection, or tunnel, between two VPN nodes. One endpoint of the tunnel is the client. The other endpoint may be a connectivity device (for example, a router, firewall, or gateway) or a remote access server that allows clients to log on to the network. As you have learned, encapsulation involves one protocol adding a header to data received from a higher-layer protocol. A VPN tunneling protocol operates at the Data Link layer and encapsulates Network layer packets, be they IP, IPX, or NetBEUI. Two major types of tunneling protocols are used on contemporary VPNs: PPTP or L2TP. PPTP (Point-to-Point Tunneling Protocol) is a protocol developed by Microsoft that expands on PPP by encapsulating it so that any type of PPP data can traverse the Internet masked as an IP or IPX transmission. PPTP supports the encryption, authentication, and access services provided by the Windows Server 2003 RRAS (and previous versions of this remote access soft- ware). Users can either dial directly into an RRAS access server that’s part of the VPN, or they can dial into their ISP’s remote access server first, then connect to a VPN. Either way, data is transmitted from the client to the VPN using PPTP. Windows, UNIX, Linux, and Macintosh NET+ 2.16 clients are all capable of connecting to a VPN using PPTP. PPTP is easy to install, and is available at no extra cost with Microsoft networking services. However, it provides less strin- gent security than other tunneling protocols. Another VPN tunneling protocol is L2TP (Layer 2 Tunneling Protocol), based on technol- ogy developed by Cisco and standardized by the IETF. It encapsulates PPP data in a similar manner to PPTP, but differs in a few key ways. Unlike PPTP, L2TP is a standard accepted and used by multiple different vendors, so it can connect a VPN that uses a mix of equipment types—for example, a 3Com router, a Cisco router, and a NetGear router. Also, L2TP can connect two routers, a router and a remote access server, or a client and a remote access server. Another important advantage to L2TP is that tunnel endpoints do not have to reside on the same packet-switched network. In other words, an L2TP client could connect to a router run- ning L2TP on an ISP’s network. The ISP could then forward the L2TP frames to another VPN router, without interpreting the frames. This L2TP tunnel, although not direct from node to node, remains isolated from other traffic. Because of its many advantages, L2TP is more commonly used than PPTP. PPTP and L2TP are not the only protocols that can be used to carry VPN traffic. For net- works where security is critical, it is advisable to use protocols that can provide both tunneling and data encryption. Such protocols are discussed in detail in Chapter 14, which focuses on network security. Chapter Summary ◆ WANs are distinguished from LANs by the fact that WANs traverse a wider geo- graphical area. They usually employ point-to-point, dedicated communications rather than point-to-multipoint communications. They also use different connectiv- ity devices, depending on the WAN technology in use. ◆ A WAN in which each site is connected in a serial fashion to no more than two other sites is known as a bus topology WAN. This topology often provides the best solution for organizations with only a few sites and access to dedicated circuits. ◆ In a ring topology WAN, each site is connected to two other sites so that the entire WAN forms a ring pattern. This architecture is similar to the LAN ring topology, except that most ring topology WANs have the capability to reverse the direction data travels to avoid a failed site. ◆ In the star topology WAN, a single site acts as the central connection point for sev- eral other points. This arrangement allows one connection to fail without affecting other connections. Therefore, star topology WANs are more fault-tolerant than bus or ring WANs. ◆ A mesh topology WAN consists of many directly interconnected sites. In partial mesh WANs, only some of the WAN sites are directly interconnected. In full mesh WANs, every site is directly connected to every other site. The full mesh topology is the most fault-tolerant and also the most expensive WAN topology to implement. 338 Chapter 7 WANS, INTERNET ACCESS, AND REMOTE CONNECTIVITY NET+ 2.16 ◆ A tiered topology WAN is one in which sites that are connected in star or ring for- mations are interconnected at different levels, with the interconnection points being organized into layers to form hierarchical groupings. ◆ The PSTN (Public Switched Telephone Network) is the network of lines and switching centers that provides traditional telephone service. It was originally com- posed of analog lines alone, but now also uses digital transmission over fiber-optic and copper twisted-pair cable, microwave, and satellite connections. The local loop portion of the PSTN is still primarily UTP; it is this portion that limits throughput on the PSTN. ◆ A remote user can use the PSTN to access a remote server via a dial-up connection. In a dial-up connection, the user’s modem converts the computer’s digital pulses into analog signals. These signals travel through PSTN to the receiving computer’s modem, which then converts the analog signals back into digital pulses. Unlike other types of WAN connections, dial-up connections provide a fixed period of access to the network. Throughput is limited to a maximum of 53 Kbps. ◆ X.25 is an analog, packet-switched technology optimized for reliable, long-distance data transmission. It can support 2-Mbps throughput. X.25 was originally developed and used for communications between mainframe computers and remote terminals. Though less common in North America, it remains a WAN standard around the world. ◆ Frame Relay, like X.25, relies on packet switching, but carries digital signals. It is digital, and it does not analyze frames to check for errors, but simply relays them from node to node, so Frame Relay supports higher bandwidth than X.25, offering a maximum of 45-Mbps throughput. ◆ Both X.25 and Frame Relay are configured as PVCs (permanent virtual circuits), or point-to-point connections over which data may follow different paths. When leas- ing an X.25 or Frame Relay circuit from a telecommunications carrier, a customer specifies endpoints and the amount of bandwidth required between them. ◆ ISDN (Integrated Services Digital Network) is an international standard for proto- cols at the Physical, Data Link, and Transport layers that allows the PSTN to carry digital signals. ISDN lines may carry voice and data signals simultaneously, but require an ISDN phone to carry voice traffic and an ISDN router and ISDN termi- nal adapter to carry data. ◆ Two types of ISDN connections are commonly used by consumers in North Amer- ica: BRI (Basic Rate Interface) and PRI (Primary Rate Interface). Both use a combi- nation of bearer channels (B channels) and data channels (D channels). B channels transmit and receive data or voice from point to point. The D channel carries infor- mation about the call, such as session initiation and termination signals, caller iden- tity, call forwarding, and conference calling signals. ◆ BRI uses two 64-Kbps circuit-switched B channels and a 16-Kbps D channel. The maximum throughput for a BRI connection is 128 Kbps. PRI uses 23 B channels and one 64-Kbps D channel. The maximum potential throughput for a PRI connection is Chapter 7 339 CHAPTER SUMMARY 1.544 Mbps. Individual subscribers rarely use PRI, preferring BRI instead, but PRI may be used by businesses and other organizations that need more throughput. ◆ T-carrier technology uses TDM (time division multiplexing) to divide a single chan- nel into multiple channels for carrying voice, data, video, or other signals. Devices at the sending end arrange the data streams (multiplex), then devices at the receiving end filter them back into separate signals (demultiplex). ◆ The most common T-carrier implementations are T1 and T3. A T1 circuit can carry the equivalent of 24 voice channels, giving a maximum data throughput of 1.544 Mbps. A T3 circuit can carry the equivalent of 672 voice channels, giving a maxi- mum data throughput of 44.736 Mbps. ◆ The signal level of a T-carrier refers to its Physical layer electrical signaling charac- teristics, as defined by ANSI standards. DS0 is the equivalent of one data or voice channel. All other signal levels are multiples of DS0. ◆ T1 technology can use UTP or STP. However, twisted-pair wiring cannot ade- quately carry the high throughput of multiple T1s or T3 transmissions. For T3 transmissions, fiber-optic cable or microwave connections are necessary. ◆ The CSU/DSU is the connection point for a T1 line at the customer’s site. The CSU/DSU provides termination for the digital signal, ensures connection integrity through error correction and line monitoring, and converts the T-carrier frames into frames the LAN can interpret, and vice versa. It also connects T-carrier lines with terminating equipment. A CSU/DSU often includes a multiplexer. ◆ DSL uses advanced phase or amplitude modulation in the higher (inaudible) fre- quencies on a phone line to achieve throughputs of up to 51.8 Mbps. DSL comes in eight different varieties, each of which is either asymmetrical or symmetrical. In asymmetrical transmission, more data can be sent in one direction than in the other direction. In symmetrical transmission, throughput is equal in both directions. The most popular form of DSL is ADSL. ◆ DSL technology creates a dedicated circuit. At the consumer end, a DSL modem connects computers and telephones to the DSL line. At the carrier end, a DSLAM (DSL access multiplexer) aggregates multiple incoming DSL lines before connecting them to the Internet or to larger carriers. ◆ Broadband cable is a dedicated service that relies on the cable wiring used for TV signals. The service can theoretically provide as much as 36-Mbps downstream and 10-Mbps upstream throughput, though actual throughput is much lower. The asym- metry of cable technology makes it a logical choice for users who want to surf the Web or download data from a network. ◆ Broadband cable connections require that the customer use a special cable modem to transmit and receive signals over coaxial cable wiring. In addition, cable companies must have replaced their coaxial cable plant with hybrid fiber-coax cable to support bidirectional, digital communications. 340 Chapter 7 WANS, INTERNET ACCESS, AND REMOTE CONNECTIVITY ◆ SONET is a high-bandwidth WAN signaling technique that specifies framing and multiplexing techniques at the Physical layer of the OSI Model. Its four key strengths are that it can integrate many other WAN technologies (for example, T- carriers, ISDN, and ATM technology), it offers fast data transfer rates, it allows for simple link additions and removals, and it provides a high degree of fault tolerance. Internationally, SONET is known as SDH. ◆ SONET depends on fiber-optic transmission media and uses multiplexers to con- nect to network devices (such as routers or telephone switches) at the customer’s end. A typical SONET network takes the form of a dual-ring topology. If one ring breaks, SONET technology automatically reroutes traffic along a backup ring. This characteristic, known as self-healing, makes SONET very reliable. ◆ Wireless Internet access can be achieved through one of several technologies. Libraries, universities, coffee shops, and airports might offer access by allowing the public to connect with their IEEE 802.11 (a, b, or g) access points. These organiza- tions, in turn, connect their access points to dedicated, high-speed Internet connec- tions such as T1 links. ◆ IEEE 802.16a (WiMAX) is a wireless Internet access technology designed for MANs. It relies on antennas that do not require line-of-sight paths to exchange data and have ranges up to 20 miles. WiMAX can achieve throughputs of up to 70 Mbps using the 2–10GHz frequency range. ◆ Geosynchronous satellites are used to provide Internet access. This type of setup requires a stationary antenna at the customer’s premises, which is connected to a modem connected to the customer’s computer. Downstream throughput for satellite Internet access is advertised at throughputs of 400 Kbps, but is often higher. In the case of a dial return arrangement, upstream throughputs are limited by the analog telephone line’s 53-Kbps maximum throughput. ◆ As a remote user, you can connect to a LAN or WAN in one of several ways: dial- up networking, connecting to a remote access server, remote control, terminal ser- vices, Web portals, or through a VPN (virtual private network). ◆ Dial-up networking involves a remote client dialing into a remote access server and connecting via a PSTN, X.25, or ISDN connection. The client must run dial-up software to initiate the connection and the server runs specialized remote access software to accept and interpret the incoming signals. The Microsoft RAS software provides dial-up connectivity on Windows 95, 98, NT, and 2000 client operating systems and its Windows NT and 2000 network operating systems. ◆ Remote access servers accept incoming connections from remote clients, authenti- cate users, allow them to log on to a LAN or WAN, and exchange data by encapsu- lating higher-layer protocols, such as TCP and IP in specialized protocols such as PPP. The Microsoft RRAS (Routing and Remote Access Service) is the remote access software that comes with the Windows XP and Server 2003 operating systems. Chapter 7 341 CHAPTER SUMMARY [...]... data-switching centers across the Internet AT&T, PSINet, Sprintlink, and UUNET (MCI Worldcom) are all examples of network service providers Customers, including ISPs, can lease dedicated private or public Internet connections from an NSP NT1 (Network Termination 1)—A device used on ISDN networks that connects the incoming twisted-pair wiring with the customer’s ISDN terminal equipment NT2 (Network Termination... consistent support from its manufacturer? In addition to assessing each NOS according to your needs, you should test an NOS in your environment before making a purchase You can perform such testing on an extra server, using a test group of typical users and applications with specific test criteria in mind Bear in mind that trade magazine articles or a vendor’s marketing information cannot accurately predict... Banyan VINES) Some LANs include a mix of NOSs, making interoperability a significant concern When choosing an NOS, you should certainly weigh the strengths and weaknesses of the available options before making a choice Nevertheless, your decision will probably depend largely on the operating systems and applications already running on the LAN In other words, your choice may be limited by the existing infrastructure... topology WAN—A type of WAN in which sites that are connected in star or ring formations are interconnected at different levels, with the interconnection points being organized into layers to form hierarchical groupings transponder—The equipment on a satellite that receives an uplinked signal from earth, amplifies the signal, modifies its frequency, then retransmits it (in a downlink) to an antenna on earth... controlled from a client running the Windows 95, 98, Me, NT, XP, 2000, or Server 2003 operating system Remote Desktop is also the program Windows XP clients use to connect with computers using Windows Terminal Server Remote Desktop Protocol—See RDP ring topology WAN—A type of WAN in which each site is connected to two other sites so that the entire WAN forms a ring pattern Routing and Remote Access service... channel is used to carry information about the call, such as session initiation and termination signals, caller identity, call forwarding, and conference calling signals data service unit—See DSU dedicated—A continuously available link or service that is leased through another carrier Examples of dedicated lines include ADSL, T1, and T3 dial return—A satellite Internet access connection in which a subscriber... over the PSTN This page intentionally left blank Chapter 8 Network Operating Systems and Windows Server 2003-Based Networking After reading this chapter and completing the exercises, you will be able to: ■ Discuss the functions and features of a network operating system ■ Define the requirements for a Windows Server 2003 network environment ■ Describe how Windows Server 2003 fits into an enterprise-wide... systems N During your career as a networking professional, you will probably work with more than one NOS (network operating system) At the same time, you may work with several versions of the same NOS To qualify for Network+ certification, you must understand the inner workings of network operating systems in general In addition, you must be familiar with the major network operating systems: Windows Server... and line monitoring Typically, a CSU is combined with a DSU in a single device, a CSU/DSU CSU/DSU—A combination of a CSU (channel service unit) and a DSU (data service unit) that serves as the connection point for a T1 line at the customer’s site Most modern CSU/DSUs also contain a multiplexer A CSU/DSU may be a separate device or an expansion card in another device, such as a router D channel In ISDN,... than full mesh WANs permanent virtual circuit—See PVC plain old telephone service (POTS)—See PSTN Point-to-Point Protocol—See PPP Point-to-Point Protocol over Ethernet—See PPPoE Point-to-Point Tunneling Protocol—See PPTP POTS—See PSTN PPP (Point-to-Point Protocol)—A communications protocol that enables a workstation to connect to a server using a serial connection PPP can support multiple Network layer . PVC. plain old telephone service (POTS)—See PSTN. Point-to-Point Protocol—See PPP. Point-to-Point Protocol over Ethernet—See PPPoE. Point-to-Point Tunneling Protocol—See PPTP. POTS—See PSTN. PPP (Point-to-Point. WAN in which sites that are connected in star or ring for- mations are interconnected at different levels, with the interconnection points being organized into layers to form hierarchical groupings. transponder—The. already in place, VPNs provide a way of constructing a convenient and relatively inexpensive WAN. In the example of a national insurance provider, the company gains significant savings by having