Computer networks build the foundation of the internet. While reviewing network operations and protocols, we will also-review Microsoft exam network fundamentals 98-366.
In the early days of the internet, people connected via a dial up modem. Typically the speed was 28 KB / second. The connection was over POTS, plain old telephone system. You may remember using AOL dial up and the you got mail message, wow. In the 2000, 70% of the people used dial up.
The next advancement in technology was digital subscriber line. DSL is asynchronous and transmits both voice and data.
The typical Home network consists of broad band and a modem. Broadband uses Data over cable service interface specifications DOCSIS. High bandwidth transmission standard over broadband. DOCSIS supports high bandwidth transfers (1GB) via data modulation techniques. Broadband is a shared medium and will show slow downs during peak usage hours (8 – 12 pm).
ISDN Integrated Service dedicated network or leased lines provide means to connect remotes offices. This technology uses Pharrell digital transmission. This medium supports video transmission at 64 kB / channel.
The two interfaces used are basic rate (hone use) and primary rate. Basic rate has 2 B channels at 64 KB and 1 D channel 16 KB
Primary rate was designed for business. 23 Chanel’s at 64 KB and one D channel at 64 KB. The circuits are T1 circuits. T1 provides internet connection between remote sites, voice connectivity for PBX over leases lines. T1 provides 23 voice channels.
A more affordable option for voice over IP is SIP session intilization protocol trunking.
T1 24 channels 1.5 MB
T2 96 channels 6.3 MB
T3 672 channels 44.76 MB
E standard 32 channels 2 MB
MPLS multiprotocol label switching private routed connection uses label switch routing – route tables to labels. Packets are forwarded based on labels. Label switching results in redundancy and resiliency.
Customers internal network connect to MPLS via virtual routing. MPLS is a layer 3. The on premise network will connect via OSP Open shortest path or BGP border gateway protocol. The dynamic routing protocol will allow companies to easily add new locations. The new routes are added dynamically.
VPLS connectivity virtual private label switching is layer 2 bridging. The edge can be a switch often provided by service provider. VPLS is a cost effective means to connect multiple sites.
VPN and tunnels are cost effective way to connect two remote resources. VPN creates a secure tunnel. Tunnels are typically site to site. A VPN encapsulates the data and securely sends across the network. Once the data arrives it is de-encapsulated.
We can setup unencrypted tunnels which utilizes generic routing encapsulation GRE The protocols used include 47, TCP, UDP, and multicast. This protocol works well with OSPF.
Wireless technologies include fixed based wireless provide by internet service provider. These solution is cost effective and speed may fluctuate. Another option is satellite wireless. This can be utilized access internet and transport data. (Remote location) This service tends to be expensive. Satellite is low bandwidth and high latency. This not good for Voice over IP service.
Wireless services also include 3G and 4G. With a good cell connection, throughout can be 3 – 4 MB per second. These plans can be quite expensive. These services are good for data backups.
Based on this information, we can help plan, design, and integrate your network. The end result will be improved service and overall performance. Please contact us for more information. Thanks
We provide extensive management of passwords and cloud identities. A cloud identity is an object stored in a Active directory database. This contains object attributes. We will Manage then Environment with group policy.
We will setup and manage password policies.
We will utilize PowerShell to automate processing of batch jobs and repetitive tasks.
Add bulk users
Updating bulk user passwords
Manage users licences
We can help improve you Office 365 deployment and experience.
• Registers – points to memory locations that contain next set of instructions to execute.
• Arithmetic logic unit (A.L.U) does the actual execution of instructions.
• Control unit manages and synchronizes system while application code and Operating System instructions are executed.
• General Register – hold variables and temporary results.
• Program status word holds conditional bit, should CPU be working in user mode (problem state) or privileged mode (kernel / supervisor mode).
• To access data, CPU sends fetch request on address bus.
Random Access Memory – temporary storage facility where data & program instructions can be temporarily held and altered. Volatile means that loss of power results in loss of data.
Hardware segmentation – memory is separated physically instead of just logically. This help protect higher level process’s memory space.
Cache memory- high speed writing and reading activities.
Motherboards have different types of cache.
• Level 1 – fastest
• Level 2 – 2nd fastest
• Level 3 – 3rd fastest
L1 & L2 is typically built into controllers and processors.
Having a great understand of all the facets that go into computer Architecture allows you to get the best performing system while providing excellent security.
My goal is to provide excellent information on computer hardware: Personal computers, servers, network, security devices, and mobile devices. Getting the best devices @ the best price is the goal of JBrock Consulting. Shop and see our products at https://jbrock-consulting.azurewebsites.net/shop/
Please subscribe to get the latest information on products, pricing, and features.
Everyone uses email and being more productive can enhance your career. In today’s work environment, email is a mission critical application.
Outlook is a great communication tool. You can load Outlook on your PC, Mac, or mobile device. Here are some of the key task you can do with Outlook:
Manage appointments using calendar features.
Share files via the cloud such as One drive application.
Stay productive and connected any where in the world.
Organize email to focus on key messages.
Use @mentions to get someones attention
How to add @mentions – In the body of the email, add the @ symbol and the first few letters on users name. Outlook will offer a list of contacts to added. This will get the readers attention and probably a response.
Managing your calendar and contacts in Outlook
When scheduling meeting and appointments use the calendar assistant. The calendar scheduling assistant allows you to see when attendees and rooms are available. The bars in the times field will indicated when attendees are busy or free. The rooms tab on the right well let you know when rooms are available. This will make scheduling meeting pain free.
How to collaborate using Outlook
Outlook allows users to share a file attachment so you can collaborate on data files with others. In Outlook, select attach file for email message. Files with a cloud icon are stored in the cloud, such as OneDrive application . This allows multiple uses to make changes to file, enhancing collaboration.
How to setup and online meeting with notes
To setup an online meeting, in Outlook select Skype meeting and choose date and time. Note, you have to be logged into Skype to setup the online meeting. This inserts a link that attendees can use to join/access meeting.
To setup up meeting notes, select meeting notes on Outlook ribbon bar. This allow you to select an OneNote notebook to document minutes for your meeting.
Outlook is an amazing productivity tool. For additional useful tips, please subscribe. We will provide great productivity tips for our valued readers. Thank you and much appreciated.
Training and career development are a crucial component to improving yourself and becoming more successful. During my studies, I have completed and extensive review of available training platforms. I have some very useful and valuable information.
I started reviewing some additional training sponsored by Google through Coursera. The first program was Google IT support professional certificate. Coursera gives users a 7 day free trail with full access to every course in your specialization. I enrolled in the IT support professional certificate specialization and I liked the class very much.
The IT support class was a combination of video lectures, exercises, and module quizzes. I found the material was interesting and informative. The program covered some very interesting material: digital logic, computer architecture, operating systems, networking, software, troubleshooting, and customer care. For some of the hands on exercises, we used Google cloud services to spin using up servers and associated services. I really liked using Google cloud services. The monthly cost for the program was $49 per month. I completed the course and received the following course certificate.
The next program I worked on was System Administration and Information Technology Infrastructure Services. Since this was they type of work I have done for most of my career, I was very interested in this topic. The work I do as a system administration, and the topics covered were: cloud services, server maintenance, infrastructure services, hardware provisioning, system maintenance, virtualization, remote access, SSH, Network services, Software services, File and Print services, Platform services, Directory Services, and Data recovery & Back Ups. The monthly cost for this program was $49 per month. The course material keep me engaged and working hard to complete each module. I felt the cost was well worth the price. I completed the course and received the following course certificate.
I really enjoyed the first two class, so I continue on my Information Technology specialist track. The next class in the program was computer networking. Designing and building networks is a passion on mine, so learning more about networks was exciting. The class covered the following topics: TCP/IP 5 layer network model, OSI network model, Networking devices, Network Setup, physical layer, Data link layer, Network layer, Sub-netting, Routing, Transport layer, Firewalls, Application layer, Network services, Virtual Private Networks, Wide area network, wireless, Dynamic Name service, Cloud networks, and troubleshooting. The class was great and well worth the price of admission! I completed the course and received the following course certificate.
Conclusion: If you are looking to continue your education and improve your skill set, I recommend Coursera programs. The classes are designed help you stay motivated and on track. For each module there is a dead line, but this can be extended if you need additional time. Feel free to leave any comments on your experience with Coursera. If you need any assistance please contact me. Thanks
Note: I will be covering some these topics in more detail in some future posts.
I have began the process of gaining CISSP security professional certification. The CISSP certification holds a lot of value in todays job market. As security threats, attacks escalate, being able to mitigate these risks is very valuable.
The black market or hacking community is consistently developing tools to penetrate vulnerable networks. Many of these tools are designed to install back door access to corporate networks. Once these back door tools are installed, the hackers has gained access to valuable data. An example of valuable data is credit card numbers, social security numbers, and corporate intellectual property.
Much of the illegal hacking goes undetected or cyber criminals go unpunished. The hackers use many zombie systems to carry out various attacks on institutions. Since a zombie system was used, it is very difficult to track down the hackers. This has become a huge problems for corporations and subsequently law enforcement. Improve security is one mechanism to migrate the risk associated with hacking. I will be reviewing tools available to help protect yourself and your company. Subscribe to stay up to date!
The story of Amazon.com is remarkable. The building of a web empire from the sales of books, video, DVDs, to consumer electronics. As these sales and services flourished, the company continued to build out its computing infrastructure. Once Amazon gained footing in electronics this venture lead to the future of web computing (AWS) or Amazon Web Services.
Last year (2017) AWS generated $18 billion in revenue. AWS continues to expand rapidly as revenues are growing (year over year at 40%). Much of this growth is centered around EC2 cloud virtualization. JBrock Consulting & Enterprises can spin up a server farm in short order to meet growing computing needs.
Amazon Elastic Compute cloud is a secure web service that is resizable to meet most business needs. You can try EC2 for free at https://aws.amazon.com/ec2/ running Windows or Linux fro 750 hours.
JBrock Enterprises provides training on how to utilize AWS platform to help your business increase profits, decrease cost, and improve efficiency.
Please contact us at email@example.com if you have any questions.
Digital companies and individuals are looking for a competitive advantage. We can help companies gain an advantage by implementing Windows Azure platform.
Utilizing technical expertise to lead business transformation and focusing on competitive advantage, we can move the cloud forward to seize improvements.
We are completely focused on providing value to our customers. We partner with business leaders to assist finding new customers, markets, products, and develop new business process while improving performance and how people work.
For Linux guest OSs, you must download and install the latest release of Linux Integration
Services Version 3.4 for Hyper-V from the Microsoft Download Center. As of this writing,
the latest version is 3.4 and is available at http://www.microsoft.com/en-gb/download/
Using Enhanced Session mode
In previous versions of Hyper-V, when you open a Virtual Machine Connection window in
the Hyper-V Manager console, you receive mouse and keyboard connectivity plus a limited
cut and paste functionality. To obtain any further access, such as audio or print functionality,
you could establish a Remote Desktop Services connection to the VM, but this requires the
computers to be connected to the same network, which is not always possible.
USING DYNAMIC MEMORY
In the first versions of Hyper-V, shutting down the VM was the only way to modify its memory
allocation. In the Windows Server 2012 R2 version, however, you can use a feature called Dynamic
Memory to automatically reallocate memory to the VM from a shared memory pool as
its demands change.
Configuring pass-through disks
A pass-through disk is a type of virtual disk that points to a physical disk drive installed on the host computer. When you add a hard drive to any of the controllers in a VM, you have the option of selecting a physical hard disk as opposed to a virtual one.
To add a physical hard disk to a VM, the VM must have exclusive access to it. This means
that you must first take the disk offline in the parent OS by using the Disk Management
Modifying virtual disks
Windows Server 2012 R2 and Hyper-V provide several ways for administrators to manage
and manipulate VHD images without mounting them in a VM. Once you have created a VHD,
whether you have attached it to a VM or not, you can manage it by using the Edit Virtual
Hard Disk Wizard in Hyper-V Manager.
1. In Server Manager, on the Tools menu, select Hyper-V Manager to open the Hyper-V
2. In the left pane, select a Hyper-V server.
3. In the Actions pane, select Edit Disk. The Edit Virtual Hard Disk Wizard starts, displaying
the Before You Begin page.
4. Click Next to open the Locate Disk page.
5. Type or browse to the name of the VHD or VHDX file you want to open and click Next.
The Choose Action page appears.
6. Select one of the following functions:
■■ Compact Reduces the size of a dynamically expanding or differencing disk by
deleting empty space while leaving the disk’s capacity unchanged
■■ Convert Changes the type of format of a disk by copying the data to a new disk
■■ Expand Increases the capacity of the disk by adding empty storage space to the
Configuring server roles and features
Objective 2.1: Configure file and share access
Creating folder shares
sharing strategy in place by the time you are ready to create your shares. This
strategy should consist of the following information:
■■ What folders you will share
■■ What names you will assign to the shares
■■ What permissions you will grant users to the shares
■■ What Offline Files settings you will use for the shares
If you have the necessary permissions for a folder, you can share it on a Windows Server
2012 R2 computer by right-clicking the folder in any File Explorer window, selecting Share
With, Specific People from the shortcut menu,
You can specify only that the share users
receive Read permissions or Read/Write permissions to the share. If you are not the Creator
Owner of the folder, you can access the Sharing tab of the folder’s Properties sheet instead.
Clicking the Share button launches the same File Sharing dialog box.
Windows Server 2012 R2 supports two types of folder shares:
■■ Server Message Blocks (SMB) SMB is the standard file sharing protocol used by all
versions of Windows.
■■ Network File System (NFS) NFS is the standard file sharing protocol used by most
UNIX and Linux distributions.
To create a folder share by using Server Manager, use the following procedure.
1. In Server Manager, click the File and Storage Services icon and, in the submenu that
appears, click Shares. The Shares home page appears.
2. From the Tasks menu, select New Share. The New Share Wizard starts, displaying the
Select The Profile For This Share page, as shown in Figure 2-3.
3. From the File Share Profile list, select one of the following options:
■■ SMB Share–Quick Provides basic SMB sharing with full share and NTFS permissions
■■ SMB Share–Advanced Provides SMB sharing with full share and NTFS permissions
and access to services provided by File Server Resource Manager
■■ SMB Share–Applications Provides SMB sharing with settings suitable for
Hyper-V and other applications
■■ NFS Share–Quick Provides basic NFS sharing with authentication and permissions
■■ NFS Share–Advanced Provides NFS sharing with authentication and permissions
and access to services provided by File Server Resource Manager
4. Click Next. The Select The Server And Path For This Share page appears.
5. Select the server on which you want to create the share and either select a volume on
the server or specify a path to the folder you want to share. Click Next. The Specify
Share Name page appears.
6. In the Share Name text box, specify the name you want to assign to the share and click Next.
7. Select any or all of the following options:
■ Enable Access-Based Enumeration Prevents users from seeing les and foldersthey do not have permission to access
■ Allow Caching Of Share Enables of ine users to access the contents of this share
Enable BranchCache On The File Share Enables BranchCache servers to cache les accessed from this share
Encrypt Data Access Causes the server to encrypt remote le access to this share
Click Next to move to the Specify Permissions To Control Access page.
Modify the default share and NTFS permissions as needed and click Next. The Confirm Selections page appears.
Click Create. The View Results page appears as the wizard creates the share.
11. Close the New Share Wizard.
Share permissions Control access to folders over a network. To access a le over a network, a user must have appropriate share permissions (and appropriate NTFS permissions if the shared folder is on an NTFS volume).
■ NTFS permissions Control access to the les and folders stored on disk volumes formatted with the NTFS le system. To access a le, either on the local system or over a network, a user must have the appropriate NTFS permissions.Understanding the Windows permission architecture
To store permissions, Windows elements have an access control list (ACL). An ACL is a collection of individual permissions in the form of access control entries (ACEs). Each ACE consists of a security principal (that is, the name of the user, group, or computer granted the permis- sions) and the specic permissions assigned to that security principal. When you manage per- missions in any of the Windows Server 2012 R2 permission systems, you are actually creating and modifying the ACEs in an ACL.
Understanding basic and advanced permissions
The permissions protecting a particular system element are not like the keys to a lock, which provide either full access or no access at all. Permissions are designed to be granular, enabling you to grant speci c degrees of access to security principals.
Prior to Windows Server 2012, basic permissions were known as standard permissions and advanced permissions were known as special permissions. Candidates for certi cation exams should be aware of these alternative terms.
For example, the NTFS permission system has 14 advanced permissions you can assign to a folder or le. However, there are also six basic permissions, which are various combinations of the 14 advanced permissions. You can also assign both types of permissions in a single ACE, combining a basic permission with one or more advanced permissions, to create a customized combination. In most cases, however, administrators work only with basic permissions. Many administrators rarely, if ever, have reason to work directly with advanced permissions.
Allowing and denying permissions
■ Additive Start with no permissions and then grant Allow permissions to individual security principals to give them the access they need.
■ Subtractive Start by granting all possible Allow permissions to individual security principals, giving them full control over the system element, and then grant them Deny permissions for the access you don’t want them to have.
The most important principle in permission management is that permissions tend to run downward through a hierarchy. This is called permission inheritance. Permission inheritance means that parent elements pass their permissions down to their subordinate elements.
Turn off inheritance When you assign advanced permissions, you can con gure an ACE not to pass its permissions down to its subordinate elements. This effectively blocks the inheritance process.
■ Deny permissions When you assign a Deny permission to a system element, it overrides any Allow permissions that the element might have inherited from its parent objects.
Understanding effective access
A security principal can receive permissions in many ways, and it is important for an adminis- trator to understand how these permissions combine. The combination of Allow permissions and Deny permissions a security principal receives for a given system element—whether ex- plicitly assigned, inherited, or received through a group membership—is called the effective access for that element. Because a security principal can receive permissions from so many sources, it is not unusual for those permissions to overlap.
Allow permissions are cumulative. When a security principal receives Allow permissions from more than one source, the permissions are combined to form the effective access permissions.
Deny permissions override Allow permissions. When a security principal receives Allow permissions—whether explicitly, by inheritance, or from a group—you can over- ride those permissions by granting the principal Deny permissions of the same type.
Explicit permissions take precedence over inherited permissions. When a security principal receives permissions by inheriting them from a parent or from group memberships, you can override those permissions by explicitly assigning contradicting permissions to the security principal itself.
Setting share permissions
Windows Server 2012 R2, shared folders have their own permission system, which is independent from the other Windows permission systems. For network users to access shares on a le server, you must grant them the appropriate share permissions.
NOTE BYPASSING SHARE PERMISSIONS
Many le server administrators simply leave the Allow Full Control share permission to the Everyone special identity in place, essentially bypassing the share permission system, and rely solely on NTFS permissions for granular le system protection. NTFS permissions con- trol access by both local and remote users, rendering share permissions redundant.
NOTE NTFS PERMISSIONS
NTFS permissions are not limited to shared folders. Every le and folder on an NTFS volume has permissions. Although this procedure describes the process of assigning permissions to a shared folder, you can open the Properties sheet for any folder in a File Explorer window, click the Security tab, and work with its NTFS permissions in the same way.