Configuring a Wired/Wireless Network

Now in this presentation and in fact, for most of this course, we'll be talking about various network devices in SOHO networks. And SOHO stands for Small Office Home Office, so typically a smaller configuration. But even though it's smaller, the same functions need to be implemented in terms of networking. Now to begin, I do just want to quickly overview the OSI model. And OSI stands for Open Systems Interconnect. And the reason why is because some of the different characteristics of the devices that we'll be discussing are different because of the layer at which they operate in the OSI model.

 

[Video description begins] SOHO Networks - OSI Model Overview. [Video description ends]

 

So for almost all of this course, we'll be focusing on Layers 2 and 3, the Data Link layer and the Network layer. Now just as a basic overview of the OSI model, as you can see, it's seven layers in total.

 

[Video description begins] The 7-layer structure diagram is displayed. Layer 1 is Physical, Layer 2 is Data Link, Layer 3 is Network, Layer 4 is Transport, Layer 5 is Session, Layer 6 is Presentation, and Layer 7 is Application. It is designed to Transmit and Receive message. [Video description ends]

 

But it was designed so that there could be a standard model for all network communication. And this allows various manufacturers and developers to create devices and applications without needing proprietary programming. In other words, as long as your application or your device follows the specifications of the OSI model, then it will work with every other application and device. And again, just very quickly, if you think about, let's just say, two people sending email back and forth, there's one person on the transmit side using an email application. So that's at the very top, Layer 7.

 

When they compose the message and hit send, it travels down the stack. So that's the transmit. So it goes down through all of the layers until ultimately it's ones and zeros, if you will, traveling across a wire. So you know, how do you get from typing in things in an application to ones and zeros or electrical impulses at even a lower level crossing a physical wire? That's what happens in the processing of each layer. Then on the recipient side, it travels up the stack. And everything that was done to it on the way down is, if you will, undone on the way up.

 

So the recipient using their email application sees exactly what I typed in the original message, again, without having any kind of proprietary programming. So it just allows for everything to be compatible. So I don't want to get into what each layer does at this point, but we will focus again on the Network and the Data Link layers because these involve the physical devices that we'll be talking about.

 

[Video description begins] SOHO Networks - Routers and Switches. [Video description ends]

 

So we'll start with SOHO networks and the implementation of routers and switches. So again, SOHO is Small Office Home Office. And almost all of us these days have Internet at home, where we have a router and/or possibly a switch so that we can all access the Internet. So we typically get a router, which may also be wireless, from the Internet service provider.

 

[Video description begins] Internet Service Provider is abbreviated as ISP. [Video description ends]

 

Now some of those models will include extra actual data ports on them as well for switching, but we'll come to that in a little bit. Now you may have a switch provided by the Internet service provider, or it could be requested by the customer depending on how many devices you actually have. The router, as mentioned, may have additional ports for switching, but there may not be enough. In other words, you have more devices that need a physical wired connection than what is provided. So you can get an extra switch in some cases, okay? Maybe you need to buy one yourself, that's fine. Or maybe the ISP will provide you with one, but this allows for just a greater number of devices. But switches only provide switching.

 

Now again, we'll talk about the functionality in a moment of each of those, but that's basically what it looks like. You have the Internet connected to the router. That is essentially the device that connects the two networks, your home or your small office and the Internet. Those are two networks. The router is responsible for connecting networks together. The switch is responsible for connecting computers together. So after the router, you may have a switch, then the devices connect to the switch.

 

[Video description begins] Routers. [Video description ends]

 

So the router operates at the 3rd layer of the OSI model, which is the Network layer. And in that layer, this is where the concept of logical addresses gets implemented. And the most common example of a logical address is an IP address. And it's called logical because it can change. You can assign any IP address to any interface, and you can change it at any time. A physical address, which we'll talk about in a moment, cannot be changed, okay?

 

But the primary function of the router is to connect your network to the Internet. So as mentioned, some models include the extra data ports for switching, in which case you may hear this referred to as a layer 3 switch. And that's because switches, all by themselves, operate at Layer 2, but this is a router. If you will, it's a two in one. It's a router and a switch in the same physical device. So that's why they are sometimes known as layer 3 switches. Switching operates at Layer 2, but routing operates at Layer 3, okay?

 

But every router will always have at least 2 interfaces. One interface has a public IP address assigned by your Internet service provider and provides you with that Internet connectivity. A public IP address is visible to the entire world. Or perhaps another way to state that is that it's visible to the Internet. The other interface has a private address. And private addresses are not visible to the Internet, but that's for your internal network.

 

You can set up whatever address you want using private addresses and the rest of the Internet doesn't care. So, in other words, I can use the exact same address configuration as you. As long as we are both behind our routers, it doesn't matter. The private addresses are never visible to the public Internet.

 

[Video description begins] Switches. [Video description ends]

 

So switching then operates at the 2nd layer of the OSI model, the Data Link layer. And it operates on physical addresses, also known as the MAC address. And MAC stands for Media Access Control, okay? So every network interface that has ever been made has a physical address burned into it, okay? And it does not change. That's why it's called a physical address, but every physical address is unique. And in fact, this is the only truly unique value in networking. So the logical address, the IP address, if you will, gets mapped to the physical so that I can still communicate using a protocol such as TCP/IP. But then there's a means to say, well, this logical IP address at the moment is tied to this physical address.

 

But if you change your IP address, which is fine, that that mapping has to be updated, okay? And there are protocols built into TCP/IP to handle that. But the primary function of a switch is to connect the computers or other devices together on that network. It does not care about routing. So it's simply so that my computer can talk to your computer. And the name switching itself actually comes from the old telephone networks. If you've ever seen an old movie with a telephone operator where they're sitting in front of a big patch panel, that was actually switching.

 

They had to take a cable and connect the two phones together so that they could communicate with each other. Literally, manually patching one cable into one line and the other end of the cable into another line, and that created a circuit. And then, once your conversation was finished, that was disconnected and connected to another one. In other words, switching, this all happens automatically now, of course, using the internal electronics, but that's quite literally what is happening.

 

Switching is completing the circuit between the two devices that want to communicate. So all devices connected to the same switch can communicate with each other with minimal or no configuration. Then the router is also plugged into the switch, and now everyone can see the router, which of course, gives us access to the Internet. Now the switch can have a varying number of data ports depending on the needs.

 

Usually between 4 and 32 for most SOHO networks is more than sufficient. Again, small office home office typically doesn't tend to have hundreds of computers. But you can also just have switch to switch communications. So if, for example, you only had 8 port switches, but you had 20 systems. Well, you could get 3 switches, and they can be linked to each other.

 

So again, everyone can still see everyone. And we have a few extra ports in that case, in case some additional systems come along. But that's the basic structure of the SOHO network. The router provided by the ISP with possibly a few ports for switching. And then if you need more ports, then you could add some switches. But that allowed you to set up your network on the inside with the switches then the router to connect to the Internet. And from that point, everyone has full Internet connectivity.

 

 In this presentation, we'll take a look at some of the steps involved with configuring a SOHO router. Now, with respect to that configuration, there are probably two different scenarios here that you may still encounter. Most Internet service providers these days will provide you with the router. So if you call up for a brand new subscription to their service, they'll show up at your house with the router. And in many cases, they'll set it up for you as well. And it would have sort of a default configuration that probably works just fine.

 

But might not be ideal, at least in terms of some of the security. But the other scenario is that the ISP does not give you a router. They just give you the modem, which gets you the service. But with that, only a single computer can use it. So you might have gone to the store and purchased your own router. In which case, it definitely needs to be set up so that, of course, everyone can get onto the Internet. But regardless of the scenario, the routers typically come with a pre-configured private IP address.

 

[Video description begins] Configuring a Router. [Video description ends]

 

Usually something like 192.168.1.1. Now, it's not always that. That's just a common example. So with that, you can log into it using a browser.

 

[Video description begins] Login using a browser with default credentials. [Video description ends]

 

And you just need to know the administrative username, which is often Admin. And then some kind of default password. So what you would do, is you would physically connect to the router using a laptop or a desktop. So you would go grab a network cable and plug it into your laptop. Plug the other end into the device, and then type in that IP address into a browser page.

 

That would then open the page where you could sign in and start your configuration. Now, when you do physically connect to the router. Your computer, generally, should get an IP address that is in the same network. In other words, if the router is 192.168.1.1, it's very likely you would get an address, such as 192.168.1.100. That's in the same network, so they can communicate with each other. If for some reason that did not happen, you could manually configure your own computer to any address in the same network.

 

And it wouldn't have to be 192.168.1.100, for example. Any address that's in the same range would be fine. So you could set your address to be 192.168.1.2. That's perfectly fine as long as your device, and the router, all within the same network range, then you're usually fine. Now, all of these default configurations should be supplied to you either by the Internet service provider, if they are giving you the router. Or if it's one that you purchased, it would be in the documentation.

 

Okay, in terms of what the default IP address is. What is the administrative username and of course, the password? You need to know all that. Many of them would have a label right on the device itself. Usually on the back, or maybe on the underneath that told you all of those values, okay? So one way or another, you need to know but it should be available to you. So now that I have all default information, as mentioned, you just plug in your computer directly to the device. If necessary, configure an IP address but then open a browser page. Go to that default address, and you should see a site that allows you to sign in and start the configuration.

 

[Video description begins] Basic Configuration. [Video description ends]

 

So then in terms of that basic configuration, one common task is to immediately change the router's SSID, or Service Set Identifier. Now, we commonly just think of that as the network name. But this is what people would see if they want to connect to the wireless, for example. So if your friends come over and ask which network is yours, you specify this name. Then, you would also want to change the administrative user name and password.

 

Ensure that the password is strong. If you don't secure the wireless signal, for example. Anyone on the outside, your neighbor or anyone passing down the street, could connect to the wireless. And once they have a connection, they could access the configuration page of the device, and change anything that they want, okay? So you certainly want to configure security as well, which we'll come to in a moment. But it is always recommended to change the username and password away from the default, okay? Because people could guess it very easily. Then, you can enable or even disable the wireless connectivity if you want. If you're in a little more of a secure configuration, and you flat out do not want the wireless.

 

You can generally turn that off. If, of course, you do want it, then, by all means, you will want to configure wireless security. So you choose an encryption method and you set a passphrase, which, again, should be very difficult to guess. Then, you can also configure client access, which means you can enable and then configure Dynamic Host Configuration Protocol, or DHCP. Which then allows the client devices to receive an IP address configuration automatically. Now, again, this is probably on by default.

 

But if, for any reason, it isn't, you can just enable it. Then, you can specify which addresses you want devices to receive. So again, if, for example, the router itself was 192.168.1.1. Then, you can set the client devices to receive values, maybe between 192.168.1.100 to 200. Something like that. Now, again, that's up to you. But typically, you should see some kind of default configuration. Then, you just decide for yourself if that's acceptable.

 

[Video description begins] Additional Configuration. [Video description ends]

 

Some additional configuration can involve enabling what's known as Universal Plug and Play, or UPnP. This enables devices to automatically announce their presence to other devices on the network, such as printers. If you have a wireless printer, it can connect to the Wifi like any other device. In which case, all of the other systems will pick up on it automatically.

 

You might also want to configure port forwarding. This specifies that a particular request coming in from the Internet should be directed to a specific computer on the network. And a very common example of this is if you are traveling, and you would like to get to your own desktop computer at home. You can use the remote desktop application if it's a Windows computer. So you create a rule on the router to forward Internet requests that come in over port 3389. That's the default port for the remote desktop application, to be delivered to the IP address of your desktop computer at home. Now, if that's the case, if you're going to do this, you should configure your computer with a static address. In other words, an IP address that does not change.

 

That way you'll always be assured that the remote desktop requests always go to your computer, and not someone else's if the address did change. And finally, you might also want to configure parental controls, which can specify which devices are controlled. And then you can set a password to bypass or allow content. You can specify that it should check for updates. They're generally current when installed, but you can check periodically. You might be able to perform a speed test in some cases to see how fast the connection is.

 

And lastly, once you do have it all configured exactly the way you want. You can export that configuration to a file, which then saves everything. And this allows for a very fast and easy reconfiguration if for any reason the device needed to be reset back to its initial state. And that sometimes is necessary if you feel like something has gotten changed, or just compromised. You can usually press a button on the device to reset it back to its default state. Then, you can import that configuration file and it goes right back to the configuration that you just had.

 

Now in this presentation, we'll take a look at the basic IP address configuration that you will typically find in a SOHO network. But every device on every network running TCP/IP needs an IP address to communicate, and the basic required settings include an IP address itself, a subnet mask, and a default gateway.

 

[Video description begins] Basic IP Addressing. [Video description ends]

 

And we'll talk about those two in a moment, but the IP address might look something like 192.168.1.100. And again, that's just an example. And the subnet mask probably looks like 255.255.255.0. And the default gateway is the IP address of the router, so that's something like 192.168.1.1, in many cases.

 

Now if you have enabled and configured DHCP on the router, or if it was enabled by default, then most devices will receive these values automatically. They just request an IP address configuration from the router, and it says, here you go. That's perfectly fine, okay, but statically configured devices will need these values configured manually. So I did mention in the previous presentation, a scenario where if you wanted to create a port forwarding rule that says requests from the Internet, using something like the Remote Desktop application, should always be sent to computer x.

 

Then computer x should have a static IP address, because DHCP does not guarantee that you will always get the same address, okay? So in other words, it could change, and if that happens, your port forwarding rule will no longer work, okay? But that's up to you, you don't have to have statically configured devices.

 

[Video description begins] IP Address. [Video description ends]

 

So then looking at the IP address itself, this is a 32-bit logical address. Logical means that it can change, you can assign any IP address that you want. And 32 bits, at a binary level, 1s and 0s, it takes 32 bits to express an IP address. Now we don't ever see it in binary. We see it in what's known as dotted decimal notation using 4 octets of 8 bits each. So again, 192.168.1.100, in reality, means 8 bits to express 192, 8 bits to express 168, 8 bits to express 1, and 8 bits to express 100, okay? Now, we don't really have time to get in to the binary conversions here, but each value there requires 8 bits to express that number.

 

But even though it has four numbers, every IP address has a division, if you will, which creates two sections. One portion is the network ID, and one portion is the host ID. And this is actually not a difficult concept if you just think about your own home address. Everyone who lives on the same street as you uses the same street in their address, but each house on a street has a different number.

 

So if I'm 123 Oak Street, my neighbor is probably 125 Oak Street, but we both have Oak Street in the address, that's the Network ID. But I'm 123, my neighbor is 125. So each unit on the street has a unique number, and that's the exact same as in TCP/IP. Each host has a unique number, but the network portion is the same for everyone on the network. So the division between the two is determined by the subnet mask.

 

[Video description begins] Subnet Mask [Video description ends]

 

So looking at the subnet mask, this is a value that works in conjunction with the IP address, and ultimately determines the size of the network. Or another way to state that is the number of hosts that can be accommodated on that network. Now most SOHO networks will have a default configuration of 255.255.255.0.

 

This configuration splits the IP address, that division, into the network and host portions after the third octet, where the 255 changes to 0. So again, if it was 192.168.1, that's the first 3 octets, that would be the same for everyone. Then the 100 indicates that specific host, okay? So this allows for 8 bits to be used to address your host, because again, remember, each value, each octet, was 8 bits in length.

 

If you have 8 bits available to address your hosts, it translates into 254 usable addresses. Now this comes from the fact that 2 to the power of 8 is 256. Why is it 2? Well, 1 or a 0, those are the two options, so it's known as base 2. And if you have 8 bits, then you can create 2 to the power of 8 possible combinations. Imagine a sequence of light switches on a wall. If there were 8 switches, they can be rearranged in 256 unique combinations.

 

That's how binary works. Again, on and off are the only positions. So that's 2, the base 2, 8 switches, 2 to the power of 8 combinations, so that's 256. But the reason it's -2 is because the first and the last addresses of any subnet are not used for regular host addressing. The very first address, which translates into the 0 value, so 192.168.1.0, is used by the router to indicate that this is simply the network address. 192.168.1, that's it, ignore the 0.

 

That's how routers indicate that this is your network, or another way to put that again is just the street. Forget about any specific house on the street, it's just, here's the street, okay? So again, it's just, here's the network, so the 0 means no host on that network, just the network. The other value is the 255 value. If you start counting at 0, which is perfectly acceptable to a computer, the last value is 255, okay? 0 through 255 is 256 possible combinations, but the 255 value is the exact opposite. If 0 is no host, 255 is every host. In other words, the broadcast address.

 

So when you want to send a broadcast, you send it to 192.168.1.255, and everyone hears it. So regular systems do not use the 0 address, nor do they use the 255 address, okay? You get everything else in between, so 254 usable addresses. So that's usually plenty for a SOHO network. There aren't too many SOHO networks that would have, let's say, you know 300 devices on them, so 254 is usually more than adequate.

 

[Video description begins] Default Gateway. [Video description ends]

 

And finally, the default gateway is the IP address of the router. It's still a host on the network. You communicate with the router like any other system, but it is responsible for, again, identifying that this is your network so that other routers can find you, but it still has an interface. I need to talk to the router, so it's usually the first address, 192.168.1.1. It doesn't have to be, it might be the last address, the 254 address.

 

Again, it really doesn't have to be that either, but it's very common for it to be the first address on the network, and this simply allows your host device to access the Internet. So the subnet mask determines then if a request should be sent to the default gateway. In other words, if one host wants to connect to another host on the same network, the subnet mask can calculate, by their respective IP addresses, and determine that they are in fact on the same network. In which case, packets are just delivered directly to each host. I don't need the gateway to talk to another host on the same network. But if a host wants to connect to another host on the Internet, for example, the subnet mask can calculate that they are not on the same network.

 

And as soon as the subnet mask determines that, packets are then forwarded to the default gateway. So your system will be connected to the router, in which case, off you go onto the Internet. Now a default gateway is actually not required for pure communication if you only want the host to communicate on just the internal network. In other words, you want to isolate that network. That's common in maybe in a lab or a classroom where you just don't want any kind of Internet connectivity. So if that's the case, you can just leave the gateway blank, and hosts can talk to each other, but they cannot get outside of their network.

 

Now, in this demonstration, we'll take a look at how you can actually configure the IP address properties of one of the devices on any given network. Now, in my case, I'm using a Windows 10 computer. So this, of course, would vary if you are using a Mac system or perhaps a tablet or a phone. But the values themselves, of course, would still be consistent. So on a Windows system you can go to your Control Panel then the Network and Sharing Center to access your Ethernet properties.

 

[Video description begins] He opens the Control Panel and then the Network and Sharing Center under the All Control Panel Items. It consists of a navigation pane and a content pane. The navigation pane consists of the options: Control Panel Home, Change adapter settings and Change advanced sharing settings. The content pane is divided into two sections: View your active networks and Change your networking settings. He points at the Ethernet option under the View your active networks section. [Video description ends]

 

So again, if it's a Mac or a mobile device, they probably won't call it that. But there's still usually somewhere in the settings to access the network interface. And then maybe there's an advanced or an option to simply configure. But again, once you get into the configuration interface, the values are the same. So in my case, I'm looking for this Ethernet connection here, so I can just click on that.

 

[Video description begins] He clicks on the Ethernet option. The Ethernet Status dialog box opens. It contains the General tab and Close button. The tab is divided into two sections: Connections and Activity. The Connections section displays the details of IPv4 Connectivity, IPv6 Connectivity, Media State, Duration, and Speed. Below this, it contains a Details button. The Activity section contains three buttons: Properties, Disable, and Diagnose. [Video description ends]

 

And this shows me the general status of the connection. And I've got the properties button down here, which allows me to actually configure it. So let's go ahead and click properties, and we are looking for IP Protocol Version 4.

 

[Video description begins] He clicks on the Properties button. The Ethernet Properties dialog box opens. It contains two tabs: Networking and Sharing. The Networking tab is selected. It contains three sections. The second section consists of various checkboxes such as: Client for Microsoft Networks, File and Printer Sharing for Microsoft Networks, QoS Packet Scheduler, Internet Protocol Version 4 (TCP/IPv4) and Internet Protocol Version 6 (TCP/IPv6). It also consists of three buttons: Install, Uninstall, and Properties. [Video description ends]

 

 Version 6 is enabled by default on all Windows systems, so I believe, since Vista, but you don't have to use it if you don't want to. You can just uncheck the checkbox, that doesn't remove it but it does disable it. But again, we are looking at Internet Protocol Version 4 here, and you can just click the Properties button here or double-click that, either one.

 

[Video description begins] He points to the Internet Protocol Version 4 (TCP/IPv4) and clicks on the Properties button. The Internet Protocol Version 4 (TCP/IPv4) Properties dialog box opens. It contains two tabs: General and Alternate Configuration. The General tab is selected. It shows the general properties of the Internet Protocol Version 4 (TCP/IPv4). It consists of four radio buttons: Obtain an IP address automatically, Use the following IP address, Obtain DNS server address automatically, and Use the following DNS server addresses. The radio buttons: Obtain an IP address automatically and Obtain DNS server address automatically are selected. It also consists of the OK and Cancel buttons. [Video description ends]

 

And there you see is the interface to configure this. Now, what you see here is the default Windows systems, mobiles, Mac systems, they probably all have this set by default where it simply says, obtain an IP address automatically. In other words, use DHCP, with that set, then this device will boot up. It will see that this is its state, and it will request an IP address configuration. The DHCP server or the router, whatever you are using for DHCP, will hear that request because it's sent out as a broadcast. Everyone hears broadcasts, and it will respond, and it will give you the values, okay? But if you want to set it statically, then you use this option, okay?

 

[Video description begins] He selects the radio button, Use the following IP address and it contains three text boxes: IP address, Subnet mask, and Default gateway. The radio button, Use the following DNS server addresses automatically gets selected. It contains two text boxes: Preferred DNS server and Alternate DNS server. [Video description ends]

 

Use the following IP address, and you simply enter in the values here, okay? So you need to know which values to use, so you'd have to find out what are the valid values in terms of your network configuration, but would typically be something like this and in a SOHO environment. So 192, and you can see it skips over to the next octet automatically if you enter in three numbers, 168. Now, if it's only one number here, such as a 1, it's waiting for me to enter another number here but then if you hit the period, it will skip over. And I'll go with, let's just say, 150 as an example.

 

Now, if I hit Tab right now, watch what happens to the subnet mask. It goes in by default, and that's usually fine. TCP/IP has set configurations depending on the IP addresses that you enter, there are some default values. So essentially, Windows knows that 192.168.1.150 implements its division between network and host after the third octet. So it by default gives me the 255.255.255, three octets, then the 0 on the fourth octet. That marks that divisionary point between network and host, okay, so chances are, you won't have to change that at all. And then I can tab again to the default gateway and I can plug in something like 192.168.1.1, okay?

 

[Video description begins] He enters the values: 192.168.1.150, 255.255.255.0, and 192.168.1.1 in the text boxes: IP address, Subnet mask, and Default gateway respectively. [Video description ends]

 

Again, the values themselves are certainly going to vary, but that statically sets this system now, and it will not change. So that's again very good, if you want to set up something like a port forwarding rule to this computer. So again, going back to my example of using remote desktop, I would now go to the router. And go into the configuration interface of the router, and say that port 3389, which is the remote desktop protocol, should be forwarded to 192.168.1.150. That ensures that those requests are sent to this system and that the IP address of this system will never change. Again, DHCP does not guarantee the same address every time okay? So again, you need to know what these values should be, but that's where you can set them.

 

[Video description begins] He points to the values: 192.168.1.150, 255.255.255.0, and 192.168.1.1 in the text boxes: IP address, Subnet mask, and Default gateway. [Video description ends]

 

Now, on a Windows based system, you can see that as soon as I told it to use the following IP address configuration, the DNS server down below here also wants me to set it a static value. For most SOHO networks, the DNS server to resolve names is the default gateway, okay? So this would also be 192.168.1.1, most SOHO routers include a DNS service to resolve names. So again, in almost every case, for a SOHO network environment, a static IP address configuration would use the same value for default gateway and the DNS server.

 

[Video description begins] He enters the value: 192.168.1.1 in the text box: Preferred DNS server. [Video description ends]

 

if you aren't certain about that, you can check with the documentation or maybe contact your Internet service provider, but that usually is the case most of the time, okay? So you can just hit OK at that point, and basically that implements that static configuration on this device. And then you just do the same thing for any other device that wants to have a static configuration. Or if you are relying on DHCP, then just verify that they are set to obtain automatically, and that tells them to use DHCP.

 

And of course, they typically connect using a wireless connection. So the first thing to do is to ensure that wireless is enabled on the device. Now that's usually in the settings somewhere, but could vary, depending on the make and model. And then, once the wireless is enabled, the network name or the service set identifier should appear, okay?

 

So you just choose the appropriate one. And of course, enter the passphrase to establish your connection. And that might take a minute or two. But once that's done, the device should receive its IP address configuration from the router automatically, using DHCP. So then once connected, the end user devices can access any other network resource, just like any other system. Or of course, the Internet itself. Now, if the device requires manual configuration or does not recognize the SSID, look for an option to configure networking manually. Or maybe choose other under the available networks.

 

This should allow you to enter in the name of the SSID manually. And then specify the other configuration options. And I have seen that a number of times. It just doesn't seem to want to pick up on the network name. So you have to enter it manually, but that usually works. Now, there are other devices, of course, that you might want to connect, including printers. Many recent printers are also able to connect using Wi-Fi. So typically you would use the manufacturer supplied software to configure Wi-Fi on the printer.

 

Or there's maybe interface right on the device itself. So there's a screen and a menu where you can set this up. But depending on the make and model of the router you may have Universal Plug and Play. And if that's enabled, most current operating systems should recognize the printer automatically. In other words, the printer announces that here I am. And all of the other devices on that same network pick up on that, and can print to it pretty much right away. But if it doesn't appear, then you just go to the device itself, such as your laptop. And you just go through the process of installing a printer, like any other one. But you specify the IP address of the printer. Now this is another example where you might want the printer to have a statically set IP address so that it never changes.

 

Now again, if this is set up through Universal Plug and Play, then that really shouldn't be an issue, okay? The printer, every time it makes a new connection for any reason, should still advertise itself. And essentially advertise the IP address it has along with anything else, okay? But again, you might need to set a static address on the printer to ensure that you can always connect to it. But again, the list of devices that are able to connect over Wi-Fi just continues to grow. So whatever other types of devices you want to configure, generally it's the same process. Just specify the name of the network, of course the passphrase. And then, if necessary, determine if there are any other values that need to be set statically.

 

And quite literally, it can be just about anything with an electronic chip. So in terms of our day to day lives, it might include things like a thermostat, a security system, the lights in your house, an entertainment system. Any type of electronic appliance, and even your vehicle. But of course, with all of those types of devices wanting to communicate with each other, we certainly need to have some means of configuring and managing them all.

 

[Video description begins] Configuration. [Video description ends]

 

So in terms of the configuration, most IoT devices themselves will just connect to your network using Wi-Fi. And then in most cases, you can configure each device using either a built-in interface that comes with the device, or an app for a mobile device, and that's probably a little more common. So you go and you purchase, let's say, a thermostat that can connect.

 

Then there's probably a mobile app that goes along with it, so that you can configure it. So while this might provide you with an awful lot of flexibility, you do have to make sure that there are enough available addresses on your network, okay? Referring back to the IP address configuration that was referenced in an earlier presentation, the default configuration of most SOHO networks provides for 254 usable addresses. Now, again, that's usually plenty in a SOHO environment. But if you then start including your thermostat, your entertainment system, your car, your lighting system, you know a lot of addresses can start getting used up rather quickly. So again, you just need to ensure that you do have enough.

 

And depending on the device itself, simpler devices may not support encryption, so they simply can't communicate if there's encryption. So you would actually have to disable the encryption of your network for those devices to participate. Clearly, that's not recommended, so just be mindful of that if and/or when you are adding another device to your network. But like any other device, once they connect, they can network along with anything else. There are some considerations, of course.

 

[Video description begins] Considerations. [Video description ends]

 

An increased number of IoT devices increases the management overhead of your network. You have to do more stuff to maintain everything. Again, many IoT devices are not secure. They might support the encryption of the network, but that doesn't necessarily mean the physical device is all that secure. So it might be possible for someone to actually connect to the device physically depending on what it is and where they are.

 

In which case, they might actually be able to use that device to get to information that might be considered a little more secure, but again, it's just something to be mindful of. Also, many IoT devices are not patched or updated. So after a while, they just get a little bit out of date, and there's really no way to correct it, no way to fix it. So you might end up having to replace it entirely, depending on what problems might arise. And as your IoT network grows, a management solution may be required. In other words, you have an application that can monitor traffic patterns, monitor the device health, discover any vulnerabilities, and maybe download and distribute updates to all of your devices. Now, that, again, is dependent on the device itself being manageable.

 

Typically, you have some kind of an agent that has to be installed on the device so that it can report back to the management solution. Now, again, that's probably not all that common in a home scenario, but you never know. As things evolve and grow, they will get a little more complicated, and we will start to see more and more devices that are attaching to our networks. Smart TVs, for example, are another example. You may have already installed a smart TV on your network, but maybe it's not able to be updated or patched, maybe it still represents a security loophole. So these are just things to be mindful of as you do start getting more and more devices attached to your network.

 

In this presentation, we'll compare and contrast the DSL and cable modem high speed Internet services. And beginning with DSL, again, this is the Digital Subscriber Line. And it uses a DSL modem that itself utilizes existing phone lines. So the DSL modem would be supplied by your Internet service provider. And it connects to a standard phone jack using a standard RJ-11 connector. Then your computer or a router, if you have one, connects to the modem with a standard ethernet cable using an RJ-45 connector. Kind of looks like the RJ-11, but it's larger.

 

And then if you want to connect a land line into the same jack as the DSL modem just so you don't lose one, then a DSL splitter is required. Now phone service itself is not interrupted by DSL, okay? They don't interfere with each other because they operate on different frequencies. So you can still be on the phone while you are using the DSL service. And of course this was not the case for dial-up. You could not be on the phone while you had a dial-up connection. But a filter was often required in early implementations simply because there was a little bit of crosstalk if you will. You could hear some noise in many cases on the phone while the DSL was being used. But that has been largely mitigated these days.

 

[Video description begins] DSL Variations. [Video description ends]

 

Now the DSL service itself did come in a few different variations. The original implementation was known as asynchronous or ADSL. And this meant that there were different speeds for uploading versus downloading. It was only around 1 megabit per second upload and 8 megabits per second down when it was first released. But that is typically what you want in a home environment. Most of the traffic is coming from the ISP to you, that's downloading.

 

And uploading, of course, is the other way around. So most home users did not need really any kind of tremendous speed going from them to the Internet service provider. You know sending an email certainly would go that direction, but that's not very much data. I want my speed when I'm watching videos or downloading movies. But they did have SDSL which was synchronous. And this was equal speeds for both uploads and downloads, and it was originally up to around 2.5 megabits per second. Now this is useful if you're doing anything that requires real-time communications, such as voice over IP or video conferencing. In this case, both parties are transmitting and receiving pretty much the same amount of data. So having those equal speeds on both sides translated into a much better experience, again, for the real time aspect of that.

 

Then later we had HDSL which was high bit-rate. And again, this was asynchronous, but we got much better speed. So 8 megabits up, 42 down. And finally, VDSL is very high bit-rate, which was 16 megabits up and 52 down. So since the upload speeds are so much higher in these later implementations, the synchronous component wasn't really necessary anymore. That was still more than enough to support the real-time communications. So VDSL would be a current standard for DSL service these days.

 

[Video description begins] DSL: Pros and Cons. [Video description ends]

 

But looking at the overall pros and cons, in terms of advantages, DSL was certainly much faster than dial-up, and the bandwidth is not shared. So once you have your connection to the ISP, whatever the bandwidth is, that's what you always get. And in terms of reliability, it was generally as reliable as the phone service was. Disadvantages, may not be available in certain areas, rural areas in particular, and that may still be the case today. Maybe more hardware is necessary if you needed those splitters or filters. It's certainly more expensive than dial-up, but usually not a mitigating factor these days. And an older building with older wiring may not support DSL speeds. It will probably still work, but you might not get the speed that is advertised.

 

[Video description begins] Cable. [Video description ends]

 

Now cable used a cable modem which itself, again, utilized the existing cable TV lines. The modem was still supplied by your ISP and it connects to the cable TV jack using a coaxial connector. Then your computer or the router would connect to the modem with a standard ethernet cable, again, an RJ-45. And this also does not interfere with your cable TV service because they operated on different frequencies. So you could absolutely watch TV while using the Internet.

 

[Video description begins] Cable: Pros and Cons. [Video description ends]

 

Now pros and cons for cable. Again, generally faster than DSL currently, okay? There has been a lot of back and forth between the two services but at the moment most cable services are offering upto around 400 megabits per second speed. Now that could certainly cost more, but you can get it. It does not require the use of a phone or a splitter of any kind. And in terms of reliability, again, generally as reliable as TV services. But still has some disadvantages. Like DSL, still may not be available in certain areas, again, usually rural. It's certainly more expensive than dial-up, again, but typically not an issue these days.

 

But the overall bandwidth is actually shared with other users in your segment. So those advertised speeds are not guaranteed. Things may slow down a little bit during peak periods. And in terms of security, all users in your segment are actually on a LAN. So it is possible to see other systems. Now again, that's probably going back a few years. They've addressed that concern in newer implementations. But it's still something to be mindful of. So if you happen to know that your neighbor across the street also has the same cable service, you may be able to get to their computer or vice versa. So again, it's just a consideration that's probably not that much of an issue any more. But depending on the age of your service and how up to date the provider is, it's still something to be mindful of.

 

In this presentation, we'll take a look at some of the basic settings of a firewall. And again, a firewall is designed to protect the internal network, by helping to prevent attackers on the Internet from accessing your internal resources. Or to prevent your internal computers from accessing undesirable content on the Internet, so in fact, they can work in both directions. But ultimately, a firewall filters packets passing through the firewall based on a set of defined rules.

 

[Video description begins] Types of Firewalls. [Video description ends]

 

Now there are two primary types, a network-based firewall, which is generally a stand-alone hardware device and it's designed to protect the entire network. In other words, it stands at the point where your network meets the Internet, so everything behind the firewall is protected. Or you can have a host-based firewall, which is generally a software application running on a single machine, and that's designed to protect only that machine. So this would not be considered as secure as network-based firewalls, because an attacker can get into your network, okay?

 

Plus any given system on the network may have the firewall disabled, so you'd have to make sure that they were always enabled, but it's still not considered as secure. But it can offer adequate protection for SOHO networks, it's better than nothing. Now that said, most routers that are supplied by Internet service providers will usually have some kind of firewall built-in. So, you generally will have a network-based firewall even in a SOHO environment.

 

[Video description begins] Configuring a Firewall. [Video description ends]

 

But in terms of configuring the firewall as mentioned, they operate based on a set of defined rules. So you have to decide what those rules are, but the firewall may come in one of two default states. Now, neither of these are particularly practical, they're just starting points. So a default deny blocks everything, that's certainly very secure but not very functional, everything is blocked.

 

Conversely, the default allow allows everything, and essentially defeats the purpose of having a firewall in the first place. But again, they're just starting points, so you can approach it from either direction. You can say, all right, let's start with blocking everything, default deny, and then selectively allow this, allow this, allow this. Or just reverse that logic entirely, allow everything, and then selectively block this, this and this, okay, so that's up to you. But the rules to override the default state are based on characteristics such as the IP address, the port number, and the domain name, or any combination of the above.

 

So you can explicitly state that if a request comes in from an IP address that you know to be bad, we can block it. If it's coming in over a protocol that we don't want to use, we can block that. If it's coming from a domain name that we know is undesirable, we can block that, okay? So any combination of those can be used and I should mention that it's not always about blocking, of course, you can specifically state that this particular rule will allow something. So again, it really just depends on your logic, but packets that match the criteria of the rule, are allowed or blocked depending on the type of rule. Again, you can create an allow rule or a deny rule, so that's up to you. But one other option to know about is what's known as port triggering.

 

So if a client on the internal network issues a request over a specific port, then the firewall expects traffic to return to that client over the same port, okay? So port triggering creates a temporary rule to allow that traffic in the return direction. So just a very simple example would be that if I want to see a webpage, I'm requesting that information over port 80, HTTP. So, it can create a temporary rule that will say all right, well, I'm expecting HTTP traffic to come back for that client. Therefore, we'll allow it, but only for the duration of that request, once it's been satisfied, the rule is essentially gone, okay?

 

So again, now this depends on the make and model and the features, but that's a common setting for a lot of firewalls. So, you do have to know about which ports, which protocols are valid and which ones, you know, you want to use. So coming up with the complete firewall configuration can take some time. But once it's in place, again, whatever criteria you set will determine whether or not that traffic is allowed or denied.

 

[Video description begins] Configuring a Demilitarized Zone (DMZ). [Video description ends]

 

And finally, one other term that is commonly used in conjunction with firewalls is what's known as the Demilitarized Zone or DMZ. Now you may also hear terms such as perimeter network or screened subnet, but this configuration uses two firewalls to create a separate network between the internal LAN and the Internet. And this allows for systems that need to be exposed to the Internet to be isolated from your LAN. Systems that are in the DMZ can be accessed from either direction without exposing other systems in the internal LAN.

 

So again, with respect to considering a specific example, if you have a web server that is hosting the website of your company, then that system needs to be exposed to the Internet for at least port 80, HTTP, okay? But if you only have a single firewall, then that web server is in the corporate LAN along with everything else, okay? So, if someone were able to get through the firewall using HTTP, which is allowed.

 

They might still be able to still compromise that system, you know skilled intruders know how to manipulate protocols so that they can still compromise the system. And if they can compromise that system, then they can possibly compromise any other system, because they're all on the same network. So, again you know having at least one firewall is certainly better than no firewall. But those systems that have to be exposed to the Internet essentially can still be compromised. So all of your internal network is still a little bit at risk. With the DMZ, you take that web server and you remove it from the internal network.

 

You place it out in the DMZ network along with any other system that needs to be exposed, and essentially you then put up another firewall. So now, if an attacker does compromise that web server, they would still have to get through another firewall to get to the internal network. And typically what happens, is that it's not the same protocol that is used to get from the internal to the DMZ, as it is for the Internet to the DMZ. So, the attacker might get to the web server using port 80, HTTP, but when we want to access that same web server from the inside, we would use a different port. Maybe it hosts our corporate Intranet site as well.

 

For that, we can use a different port than the rest of the world uses for Internet access, so it's much greater security. Again, two firewalls are better than one, just like one firewall is better than none, okay? Now, this would be a little more of an advanced configuration. You probably wouldn't see this in a SOHO network, but it is considered to be the most secure configuration when it comes to firewalls.

 

In this presentation, we'll talk about what's know as quality of service, or QoS. Now, this is a networking strategy that allows for the management of the network traffic that is running around on your network, to maintain a desired level of performance. And what you can do is to prioritize the traffic based on which applications or services demand more bandwidth.

 

In other words, you can allocate additional bandwidth to the services that need it. And by contrast, you can take bandwidth away from applications or services that really don't need much bandwidth. Now, this is certainly something that's a little more common in larger networks because, of course, there's a lot more traffic in general. Smaller networks really just don't suffer from these kinds of issues. But the five issues themselves that are primarily addressed, and I shouldn't say that there's just five, but these are the main five issues.

 

Delay, dropped packets, errors, jitter, and sequence, and we'll talk about each of those in the next slide. But typically, again, in a small network, you just don't have enough traffic to result in these kinds of problems. But it's possible to still implement on really any network.

 

[Video description begins] QoS Issues. [Video description ends]

 

So as mentioned, the issues that can be addressed by quality of service include delay, which is usually the result of congestion. In other words, there's simply too much traffic. So you know again, just relate this to vehicle traffic on a highway. If there's too much, you are, of course, delayed. A dropped packet often results in delay as, dropped packets need to be transmitted. So any kind of packet that arrives at a system that for any reason seems like there's something wrong with it is quite simply dropped. So they need to be transmitted.

 

This, of course, causes more congestion, which in turn, results in more delay. Errors are usually the result of corrupted packets. Anything can happen between the point where a network adapter creates the packet and it actually gets onto the wire and then passes through any number of internetworking devices. There could be problems with just the electrical system itself, but essentially packets can simply become corrupted, they're just not readable. Jitter is a variation of delays in the packet stream. So it still delays, but the delays aren't consistent. If there was a consistent delay, it would still take a little more time.

 

But ultimately, the stream of packets would still arrive in what would maybe be considered to be an acceptable timeframe. But jitter means you get a delay of X on one packet and then a delay of Y on the other. So it can take a lot more time for the receiving system to reassemble them into the correct order. So this will certainly seem to take more time. And sequence is just simply the packets arriving out of order. And this most notably affects real-time communication, such as VoIP or video conferencing.

 

[Video description begins] Voice over IP is abbreviated as VoIP. [Video description ends]

 

You literally will see one packet arrive ahead of another one that should have been received after it. So everything will, quite literally, blip or back up and seem like it repeated itself. So clearly, this is not very good for these real-time communications. So ultimately, administrators can set priorities on the type of service to allocate more bandwidth where it's needed.

 

Without quality of service, essentially, it's everyone for themselves. So you can just assign X amount of bandwidth to, let's say, your VoIP system or your video conferencing. And that can be typically by percentage. So it gets more bandwidth than, let's say, submitting a print job, which typically is not particularly critical, or just transferring a file to a server. So the more important services get more bandwidth. And ultimately, this seems to smooth everything out and result in a much better quality of service.

 

Now, in this presentation, we'll take a look at some of the basic wireless settings that should be configured when setting up a SOHO Wi-Fi router. Now, we'll talk about many of these in much greater detail in some upcoming presentations. But, again, these are just the basic options. So once you essentially get this up and running, really, one of the first choices is which Wi-Fi standard will be used?

 

[Video description begins] Configuring Basic Wireless Settings. [Video description ends]

 

And this is 802.11a, b, g, n, or ac. Now, each one of those specifications has variances in terms of the speed and the distance it is expected to travel. And typically, of course, you want the best of both, but it does depend on the devices that you have that will be connecting to it. In other words, you might have some older devices that just aren't compatible with the newer settings. So generally, it's a matter of finding the best possible setting.

 

Then you have to decide which frequency will be used. And the common options include 2.4 Gigahertz or 5 Gigahertz. And again, there are pros and cons of each one. And as I mentioned, we will talk about these in greater detail. In general, 5 Gigahertz is newer and typically results in a cleaner signal, less interference. But again, older devices may not support it. Then which encryption method will be used? And really, this is the same approach.

 

You want the strongest available, but that may not be supported by all devices. So in many cases, you have to try to find a happy medium, something that supports all of your devices while still giving you the best possible features.

 

[Video description begins] Initial Configuration. [Video description ends]

 

Also, you would want to assign a service set identifier, or the SSID, what most people will generally call the SID, but this is the name that clients will see when connecting. So I'm sure you've used some kind of device to connect to a wireless network before.

 

It literally is the name that appears. Now, in fact, you actually do not have to broadcast the name. Because if you are, then anyone in range sees that this signal is available. Now, of course, you can still secure it so that they can't just connect. But you can make it even a little more secure by not broadcasting it, and telling your clients to configure manually, and then you just give them the name.

 

This way, anyone who wants to connect would have to manually set up a connection and know the name. So it's another layer of security. Typically, you want to change the administrative username and password of the device itself. They almost all come with a default username and password that's fairly obvious.

 

The administrator account is usually called admin or administrator. And the password is usually something fairly simple. So again, you would just want to change these because if someone does connect, and they just guess the administrative credentials, then they, of course, can reconfigure the router however they like. And finally, of course, you do want to configure the encryption method and the passphrase. Now, there are several different standards available, and depending on the circumstances, you might certainly choose one over the other.

 

Open, of course, is no security. But in many cases, this is exactly what you want if it's going to be a Wi-Fi hotspot such as a restaurant or a coffee shop. You just want people to be able to connect. W-E-P, or WEP, is the Wired Equivalent Privacy setting. And this was essentially one of the first attempts to add Wi-Fi security. It's better than no security, but quite weak by today's standards. WPA is Wi-Fi Protected Access, and this is stronger than WEP, but still a little bit out of date by today's standards. So WPA2 is simply version 2 of WPA.

 

And this is the current standard and does offer what we would consider to be acceptable security by today's standards. And then WPA3 is version 3, which is not yet generally available at the time of this recording, but likely to come out soon. And, of course, it's just stronger yet in its encryption capabilities. So again, you typically want to try to find the strongest setting that will still support all of your devices. And some older ones just may not support the newer implementations, so it's always about finding that happy medium so that everyone is able to access the service.