What type of SOHO Internet access method offers the best bandwidth

One of the oldest ways of communicating with ISPs and remote networks is through dial-up connections. Although this is still possible, dial-up is not used much anymore due to limitations on modem speed, which top out at 56Kbps. Dial-up uses modems that operate over regular phone lines—that is, the plain old telephone service (POTS)—and cannot compare to speeds possible with DSL and cable modems. Reputable sources claim that dial-up Internet connections dropped from 74 percent of all US residential Internet connections in 2000 to three percent in 2014. Three-percent of Americans equals about nine million people, and that still feels like a lot. Most of the people who still use dial-up do it because it’s cheaper than broadband or high-speed access isn’t available where they live.

The biggest advantage to dial-up is that it’s cheap and relatively easy to configure. The only hardware you need is a modem and a phone cable. You dial in to a server (such as an ISP’s server), provide a username and a password, and you’re on the Internet.

Companies also have the option to grant users dial-up access to their networks. As with Internet connections, this option used to be a lot more popular than it is today. Microsoft offered a server-side product to facilitate this called the Routing and Remote Access Service (RRAS), as did many other companies. ISPs and Remote Access Service (RAS) servers would use the Data Link layer Point-to-Point Protocol (PPP) to establish and maintain the connection.

The historical term for a dial-up server is a RAS server, as used in the preceding paragraph. When Microsoft launched Windows 2000, it added routing to its RAS capabilities and renamed it RRAS. Industry wide, however, the term RAS is still widely used.

It seems that dial-up is considered to be a relic from the Stone Age of Internet access. But there are some reasons it might be the right solution:

• The only hardware it requires is a modem and a phone cord.
• It’s relatively easy to set up and configure.
• It’s the cheapest online solution (usually $10 to $20 per month).
• You can use it wherever there is phone service, which is just about everywhere.

Of course, there are reasons a dial-up connection might not be appropriate. The big one is speed. If your client needs to download files or has substantial data requirements, dial-up is probably too slow. In addition, with limited bandwidth, it’s really good only for one computer. It is possible to share a dial-up Internet connection by using software tools, but it’s also possible to push a stalled car up a muddy hill. Neither option sounds like much fun.

One of the two most popular broadband choices for home use is Digital Subscriber Line (DSL). It utilizes existing phone lines and provides fairly reliable high-speed access. To use DSL, you need a DSL modem (shown in Figure 8.4) and a network card in your computer. The ISP usually provides the DSL modem, but you can also purchase them in a variety of electronics stores. You use an Ethernet cable with an RJ-45 connector to plug your network card into the DSL modem (Figure 8.5) and the phone cord to plug the DSL modem into the phone outlet. If you need to plug a land line into the same phone jack as your DSL modem, you will need a DSL splitter (such as the one shown in Figure 8.6) and plug the splitter into the wall.

Figure 8.4 A DSL modem

Figure 8.5 The back of the DSL modem

Figure 8.6 A DSL splitter

Instead of plugging your computer directly into the DSL modem, you can plug your computer into a router (such as a wireless router) and then plug the router into the DSL modem. Most phone companies will tell you that you can’t (or shouldn’t) do this, but if you want to connect multiple computers to the Internet and don’t mind sharing the bandwidth, there is no reason not to.

There are actually several different forms of DSL, including high bit-rate DSL (HDSL), symmetric DSL (SDSL), very high bit-rate DSL (VDSL), and asymmetric DSL (ADSL). Table 8.2 summarizes the general speeds of each. Keep in mind that the maximum speeds decrease as the installation gets farther away from the phone company’s equipment.

Table 8.2 DSL standards and approximate speeds

The most popular in-home form of DSL is ADSL. It’s asymmetrical because it supports download speeds that are faster than upload speeds. Dividing up the total available bandwidth this way makes sense because most Internet traffic is downloaded, not uploaded. Imagine a 10-lane highway. If you knew that 8 out of 10 cars that drove the highway went south, wouldn’t you make eight lanes southbound and only two lanes northbound? That is essentially what ADSL does.

ADSL and your voice communications can work at the same time over the phone line because they use different frequencies on the same wire. Regular phone communications use frequencies from 0 to 4kHz, whereas ADSL uses frequencies in the 25.875kHz to 138kHz range for upstream traffic and in the 138kHz to 1,104kHz range for downstream traffic. Figure 8.7 illustrates this.

Figure 8.7 Voice telephone and ADSL frequencies used

The first ADSL standard was approved in 1998 and offered maximum download speeds of 8Mbps and upload speeds of 1Mbps. The newest standard (ADSL2+, approved in 2008) supports speeds up to 24Mbps download and 3.3Mbps upload. Most ADSL communications are full-duplex.

Many ISPs have moved from ADSL to VDSL, which offers 52Mbps downloads and 16Mbps uploads over telephone wires. In practice, service providers will offer many plans with different speeds, starting at about 10Mbps to 12Mbps download and 1Mbps upload. If you want more speed, you will pay more for it. In addition, just because you pay for a certain speed doesn’t mean you will get it. The farther away you are from the phone exchange, the slower your speed will be. Line quality also affects speed, because poorer lines have more attenuation (signal loss).

One major advantage that DSL providers tout is that with DSL you do not share bandwidth with other customers, whereas that may not be true with cable modems.

To summarize, here are some advantages to using DSL:

• It’s much faster than dial-up.
• Your bandwidth is not shared with other users.
• It’s generally very reliable (depending on your ISP).

There are some potential disadvantages as well:

• DSL may not be available in your area. There are distance limitations as to how far away from the phone company’s central office you can be to get DSL. Usually this isn’t a problem in metro areas, but it could be a problem in rural areas.
• DSL requires more hardware than dial-up: a network card, network cable, a DSL modem, a phone cord, and sometimes a splitter. A DSL modem package usually comes with a network cable and splitter, but many ISPs will make you pay for that package.
• The cost is higher. Lower-speed packages often start off at around $20 to $30 per month, but the ones they advertise with the great data rates can easily run you $100 a month or more.
• If you are in a house or building with older wiring, the older phone lines may not be able to support the full speed you pay for.

That said, DSL is a popular choice for both small businesses and residential offices. If it’s available, it’s easy to get the phone company to bundle your service with your land line and bill you at the same time. Often you’ll also get a package discount for having multiple services. Most important, you can hook the DSL modem up to your router or wireless router and share the Internet connection among several computers. The phone companies don’t like the fact that you can do this (they want you to pay for more access), but as of now there’s not a lot they can do about it.

To see if DSL is available in your area, go to www.dslreports.com. You can also talk to your local telephone service provider.

With many people using their cell phones as their home phones and land lines slowly fading into history, you may wonder if this causes a problem if you want DSL. Not really. Many phone providers will provide you with DSL without a land line (called naked DSL). Of course, you are going to have to pay a surcharge for the use of the phone lines if you don’t already use one.

The other half of the popular home-broadband duet is the cable modem. These provide high-speed Internet access through your cable service, much like DSL does over phone lines. You plug your computer into the cable modem using a standard Ethernet cable, just as you would plug into a DSL modem. The only difference is that the other connection goes into a cable TV jack instead of the phone jack. Cable Internet provides broadband Internet access via a specification known as Data Over Cable Service Internet Specification (DOCSIS). Anyone who can get a cable TV connection should be able to get the service.

As advertised, cable Internet connections are faster than DSL connections. You’ll see a wide variety of claimed speeds; some cable companies offer packages with download speeds up to 30Mbps, 50Mbps, or even 100Mbps and uploads of 5Mbps. (For business customers, download speeds can be 400Mbps.) If it’s that fast, why wouldn’t everyone choose it? While cable generally is faster, a big caveat to these speeds is that they are not guaranteed and they can vary.

One of the reasons that speeds may vary is that you are sharing available bandwidth within your distribution network. The size of the network varies, but it’s usually between 100 and 2,000 customers. Some of them may have cable modems too, and access can be slower during peak usage times. Another reason is that cable companies make liberal use of bandwidth throttling. If you read the fine print on some of their packages that promise the fast speeds, one of the technical details is that they boost your download speed for the first 10MB or 20MB of a file transfer, and then they throttle your speed back down to your normal rate.

To see how this could affect everyone’s speed on the shared bandwidth, let’s think about a simplified example. Let’s say that two users (Sally and John) are sharing a connection that has a maximum capacity of 40Mbps. For the sake of argument, let’s assume that they are the only two users and that they share the bandwidth equally. That would mean normally each person gets 20Mbps of bandwidth. If Sally gets a boost that allows her to download 30Mbps, for however long, that leaves John with only 10Mbps of available bandwidth. If John is used to having 20Mbps, that 10Mbps is going to seem awfully slow.

While it may seem as though we are down on cable modems, you just need to understand exactly what you and your customers are getting. In practice, the speeds of a cable modem are pretty comparable to those of DSL. Both have pros and cons when it comes to reliability and speed of service, but a lot of that varies by service provider and isn’t necessarily reflective of the technology. When it comes right down to it, the choice you make between DSL and cable (if both are available in your area) may depend on which company you get the best package deal from: phone and DSL through your telephone company or cable TV and cable modem from your cable provider.

To summarize, here are the advantages to using cable:

• It’s much faster than dial-up, and it can be faster than DSL (particularly for uploads).
• You’re not required to have or use a telephone land line.
• It’s generally very reliable (depending on your ISP).

As with anything else, there are possible disadvantages:

• Cable may not be available in your area. In metro areas this normally isn’t a problem, but it could be in rural areas.
• Cable requires more hardware than dial-up: a network card, network cable, and a cable modem. Most ISPs will charge you a one-time fee or a monthly lease fee for the cable modem.
• Your bandwidth is shared with everyone on your network segment, usually a neighborhood-sized group of homes. Everyone shares the available bandwidth. During peak times, your access speed may slow down.
• Security could be an issue. Essentially you are on a LAN with all the neighbors in your cable segment. Thus, if you (or your cable company) don’t protect your connection, theoretically you could see your neighbors’ computers and they could see yours. The cable companies have made strides in this area and it usually isn’t a problem anymore, but know that it is a possibility.
• The cost is higher. Lower-speed packages often start off at around $20 to $30 per month, but the ones they advertise with the great data rates can easily run you $100 a month or more.

Cable modems can be connected directly to a computer but can also be connected to a router or wireless router just as a DSL modem. Therefore, you can share an Internet connection over a cable modem.

For detailed information about cable Internet availability and performance, check out www.highspeedinternet.net.

Integrated Services Digital Network (ISDN) is a digital, point-to-point network capable of maximum transmission speeds of about 2Mbps, although speeds of 128Kbps are more common. ISDN uses the same two-pair UTP wiring as POTS (but it can transmit data at much higher speeds). That’s where the similarity ends. What makes ISDN different from a regular POTS line is how it uses the copper wiring. Instead of carrying an analog (voice) signal, it carries digital signals. While not nearly as fast as other broadband services, it still is considered a broadband type of access.

A computer connects to an ISDN line via an ISDN terminal adapter (often referred to as an ISDN TA or an ISDN modem). Like DSL and cable modems, an ISDN terminal adapter is not an actual modem because it does not convert a digital signal to an analog signal; ISDN signals are digital. Computers also need a network terminator to connect to the ISDN TA, but most TAs have them built in. If you have multiple users on the network who need Internet access through the ISDN line, you need an ISDN router.

An ISDN line has two types of channels. The data is carried on a channel called a Bearer channel, or B channel, which can carry 64Kbps of data. The second type of channel is used for call setup and link management and is known as the signal channel, or D channel. This channel has only 16Kbps of bandwidth. A typical 144Kbps basic rate interface (BRI) ISDN line has two B channels and one D channel. One B channel can be used for a voice call while the other is being used for data transmissions, or both can be used for data. When the B channels are combined to maximize data throughput (which is common), the process is called bonding or inverse multiplexing. Multiple BRI ISDN lines can also be bonded together to form higher throughput channels.

BRI ISDN is also known as 2B+D because of the number and type of channels used. BRI ISDN is more common in Europe than it is in the United States.

You can also obtain a primary rate interface (PRI), also known as 23B+D, which means it has 23 B channels and 1 D channel. The total bandwidth of a 23B+D ISDN line is 1,536Kbps (23 B channels × 64Kbps per channel + 64Kbps for the D channel). This is typically carried on a dedicated T1 connection and is fairly popular in the United States.

The main advantages of ISDN are as follows:

• The connection is faster than dial-up.
• It runs over phone lines.
• It’s flexible. Each B channel can support voice or data. If you have a BRI ISDN connection, you can have two separate voice conversations happening at once, two data streams, a voice conversation and a data stream, or both channels bridged into one data stream.
• Support for video teleconferencing is easy to obtain.
• There is no conversion from digital to analog.

However, ISDN does have a few disadvantages:

• It’s more expensive than POTS.
• You need an ISDN modem and perhaps an ISDN router.
• ISDN is a type of dial-up connection and therefore the connection must be initiated before use.

BRI ISDN connections were starting to become popular in home applications in the mid- to late-1990s as an alternative to dial-up before broadband really took off. Today you’ll rarely see it used in a home, but it’s occasionally used in an office. You will find PRI ISDN to be more common in office environments. BRI rates start at about $20 to $40 per month, while PRI solutions typically start in the $300-per-month range.

If you need a dedicated Internet connection, which will serve as an Internet-only connection, then one of the other broadband services is likely a better choice. If you want a line that can support both Internet and voice and provide flexibility to go between the two, then ISDN could be the right solution (although VoIP could be as well—but that is beyond the scope of this chapter).

Fiber-optic cable is pretty impressive with the speed and bandwidth it delivers. For nearly all of fiber-optic cable’s existence, it’s been used mostly for high-speed telecommunications and network backbones. This is because it is much more expensive than copper to install and operate. The cables themselves are pricier, and so is the hardware at the end of the cables.

Technology follows this inevitable path of getting cheaper the longer it exists, and fiber is really starting to embrace its destiny. Some phone and media companies are now offering fiber-optic Internet connections for home subscribers.

An example of one such option is FiOS, offered by Verizon. It offers Fiber-to-the-Home (FTTH) service, which means that the cables are 100-percent fiber from their data centers to your home. At the time we were writing this book, the fastest speeds offered for home users were 75Mbps download and 75Mbps upload. Businesses can get 150Mbps down and 150Mbps up. That means you could download a two-hour HD movie in about four minutes. That’s sick. What’s even better is that other providers are claiming to offer 1Gbps implementations.

Other companies may offer a service called Fiber-to-the-Node (FTTN), sometimes called Fiber to the Curb. This runs fiber to the phone or cable company’s utility box near the street and then runs copper from there to your house. Maximum speeds for this type of service are around 25Mbps. These options are probably best suited for small businesses or home offices with significant data requirements, unless online gaming is really important to you.

Some cable companies promise a high-speed, fiber-optic connection for your TV cable as well as cable Internet service. In the vast majority of cases, the fiber is FTTN, and the fiber runs only from their network to the junction box at the entrance to your neighborhood or possibly to your curb. From there, the cable is coaxial copper. If you’re paying for a fiber connection, be sure you’re actually getting a fiber connection.

Are there any downsides to a fiber Internet connection? Really only two come to mind. The first is availability. It’s still pretty spotty on where you can get it. The second is price. That great 150Mbps connection will run you about $200 a month.

One type of broadband Internet connection that does not get much fanfare is satellite Internet. Satellite Internet is not much like any other type of broadband connection. Instead of a cabled connection, it uses a satellite dish to receive data from an orbiting satellite and relay station that is connected to the Internet. Satellite connections are typically a lot slower than wired broadband connections, with downloads often maxing out at around 10Mbps to 15Mbps and uploads at 1Mbps to 2Mbps.

The need for a satellite dish and the reliance upon its technology is one of the major drawbacks to satellite Internet. People who own satellite dishes will tell you that there are occasional problems due to weather and satellite alignment. You must keep the satellite dish aimed precisely at the satellite or your signal strength (and thus your connection reliability and speed) will suffer. Plus, cloudy or stormy days can cause interference with the signal, especially if there are high winds that could blow the satellite dish out of alignment. Receivers are typically small satellite dishes (like the ones used for DirecTV or DishNetwork) but can also be portable satellite modems (modems the size of a briefcase) or portable satellite phones.

Satellite Internet is often referred to as “line-of-sight” wireless because it does require a clear line of sight between the user and the transmitter.

Another drawback to satellite technology is the delay (also called propagation delay), or latency. The delay occurs because of the length of time required to transmit the data and receive a response via the satellite. This delay (between 250 and 350 milliseconds) comes from the time it takes the data to travel the approximately 35,000 kilometers into space and return. To compare it with other types of broadband signals, cable and DSL have a delay between customer and ISP of 10 to 30 milliseconds. With standard web and email traffic, this delay, while slightly annoying, is acceptable. However, with technologies like VoIP and live Internet gaming, the delay is intolerable.

Online gamers are especially sensitive to propagation delay. They often refer to it as ping time. The higher the ping time (in milliseconds), the worse the response time in the game. It sometimes means the difference between winning and losing an online game.

Of course, satellite also has advantages or no one would use it. First, satellite connections are incredibly useful when you are in an area where it’s difficult or impossible to run a cable or if your Internet access needs are mobile and cellular data rates just don’t cut it.

The second advantage is due to the nature of the connection. This type of connection is called point-to-multipoint because one satellite can provide a signal to a number of receivers simultaneously. It’s used in a variety of applications from telecommunications and handheld GPSs to television and radio broadcasts and a host of others.

Here are a few considerations to keep in mind regarding satellite:

It’s expensive compared to other broadband access. The top packages that offer 15Mbps downloads will cost you over $100 a month. That kind of download speed will only cost you about $30 or so for DSL or cable. The low-end satellite packages, with download speeds of around 5Mbps, will run you around $30–40 per month. And, many providers set thresholds on the amount of data you can download per month. Going over that amount can result in extra charges and/or speed throttling. Your speed will be decreased for a certain period, and you will pay more for that data as well!

Installation can be tricky. When installing a satellite system, you need to ensure that the satellite dish on the ground is pointed at precisely the right spot in the sky. This can be tricky to do if you’re not trained, but some have a utility that helps you see how close you are to being right on (you’re getting warmer. . . warmer).

Line of sight is required. Satellite communications also require line of sight. A tree between you and your orbiting partner will cause problems. Rain and other atmospheric conditions can cause problems as well.

Latency can be a problem. Because of the long distance the message must travel, satellites can be subject to long latency times. While it happens with wired connections, it disproportionately affects satellite transmissions. Have you ever watched a national news channel when a reporter is reporting from some location halfway across the world? The anchor behind the desk will ask a question, and the reporter will nod, and nod, and finally about five excruciating seconds after the anchor is done, the reporter will start to answer. That’s latency.

The cell phone, once a clunky brick-like status symbol of the well-to-do, is now pervasive in our society. It seems that everyone—from kindergarteners to 80-year-old grandmothers—has a cell. The industry has revolutionized the way we communicate and, some say, contributed to furthering an attention-deficit-disorder-like, instant-gratification-hungry society. In fact, the line between cell phones and computers has blurred significantly with all of the new smartphones on the market. It used to be that the Internet was reserved for “real” computers, but now anyone can be online at almost any time.

Regardless of your feelings about cell phones, whether you are fanatical about checking in every time you visit a local eatery to ensure you’re the “mayor” or you long for the good old days when you could escape your phone because it had a functional radius as long as your cord, you need to understand the basics of cell technology.

In regular life, tethering means connecting two things together. In computing, it means hooking your laptop up to your cell phone and using the cell phone’s connection and data plan to get on the Internet. Technically speaking, the device that’s being used for the connection can get on the Internet using a wired connection, Wi-Fi, or Bluetooth as well, but the cell phone and laptop example is the most common scenario. The cellular-enabled device that is making the Internet connection is often known as a mobile hotspot.

Several mobile carriers prohibit the use of your mobile phone for tethering, unless explicitly permitted in your data plan.

Many cell phone providers offer network cards (or they will incorrectly call them modems) that allow your laptop computer or other device to connect to the Internet from anywhere you can get a cell signal. Some will bundle that service with your normal monthly cell service at no additional charge, while others will charge you an incremental fee. The term you’ll hear a lot in connection with this is MiFi. Figure 8.8 shows a Verizon MiFi hotspot.

Figure 8.8 MiFi hotspot

A MiFi card such as this allows you to connect up to eight Wi-Fi-enabled devices (usually 802.11g/n) as a MiFi cloud to get Internet access. Some MiFi cards allow up to 10 connections. The MiFi card then makes the connection back to the cell phone provider.

After you purchase a MiFi device, you first connect it to your laptop via USB cable for activation and setup. Once that step is complete, you can go entirely wireless. MiFi supports Wi-Fi security such as WEP, WPA, and WPA2.

Table 8.3 summarizes the connection types we have discussed in this chapter.

Table 8.3 Common Internet connection types and speeds

Connection Type	Approximate Basic Package Cost	Download Speed Range	Description
Dial-up	$10–20	Up to 56Kbps	Plain old telephone service. A regular analog phone line.
DSL	$20–30	Up to 50Mbps	Inexpensive broadband Internet access method with wide availability, using telephone lines.
Cable	$20–30	Up to 50Mbps	Inexpensive broadband Internet access method with wide availability, using cable television lines.
ISDN	$20–40	Up to 1.5Mbps	Integrated Services Digital Network. Once popular for home office Internet connections.
Fiber	$40–50	Up to 1Gbps	Incredibly fast and just as expensive.
Cellular	$30–50	Up to 20Mbps	Great range; supported by cell phone providers. Best for a very limited number of devices.
Satellite	$30–40	Up to 15Mbps	Great for rural areas without cabled broadband methods. More expensive than DSL or cable.

Before you decide which broadband connection sounds the most appealing to you, you should also factor in something very important: what is available in your area. DSL is available at different rates of connectivity based on distance from a central station. If you live far enough from a central station, or near a central station that has not been updated lately (such as in the middle of rural America), DSL may not be an option.

Similarly, not all cable providers are willing to take the steps necessary to run a connection in all situations. One of the authors once had a small business in a section of an old industrial building. The cable provider said the office where the modem was desired was too far from their nearest pole and there was nothing that could be done about it. He offered to pay the expense to have an additional pole placed closer to the location, but they would not discuss it further.

Make certain you know the available options—not just the technological options—before you spend too much time determining what is best for you.

Wired connections form the backbone of nearly every network in existence. Even as wireless becomes more popular, the importance of wired connections still remains strong. In general, wired networks are faster and more secure than their wireless counterparts.

When it comes to choosing a wired network connection type, you need to think about speed, distance, and cost. You learned about several types of wired connections in Chapter 6, “Networking Fundamentals,” such as coaxial, UTP, STP, and fiber- optic, but the only two you’ll want to go with today are twisted pair and fiber. You’ll run one of the two (or maybe a combination of the two), with UTP being by far the most common choice, as an Ethernet star network. Table 8.4 shows a summary of the more common Ethernet standards along with the cable used, speed, and maximum distance.

Table 8.4 Common Ethernet standards

Looking at Table 8.4, you might have noticed that the number in the standard corresponds to the maximum speed in megabytes (unless it says 10G, where the G is for gigabytes). This can help you remember what the standard’s maximum speed is without a lot of rote memorization. For example, if you see 100Base anything, you know the maximum speed is 100Mbps. The letter T always indicates twisted pair, and F is always fiber.

The first question you need to ask yourself is, “How fast does this network need to be?” There really is no point installing a 10BaseT network these days because even the slowest wireless LAN speeds can deliver that. For most networks, 100Mbps is probably sufficient. If the company has higher throughput requirements, then you can start looking into Gigabit Ethernet (1Gbps) or faster (10Gbps).

The second question is then, “What is the maximum distance I’ll need to run any one cable?” In most office environments, you can configure your network in such a way that 100 meters will get you from any connectivity device to the end user. If you need to go longer than that, you’ll definitely need fiber for that connection unless you want to mess with repeaters.

As you’re thinking about what type of cable you will go with, also consider the hardware you’ll need. If you are going to run fiber to the desktop, you’ll need fiber network cards, routers, and switches. If you are running UTP, you need network cards, routers, and switches with RJ-45 connectors. If you’re going to run Gigabit, all devices that you want to run at that speed need to support it.

The third question to ask yourself is, “How big of a deal is security?” Most of the time, the answer lies somewhere between “very” and “extremely”! Copper cable is pretty secure, but it does emit a signal that can be intercepted, meaning people can tap into your transmissions (hence the term wiretap). Fiber-optic cables are immune to wiretapping. Normally this isn’t a big deal because copper cables don’t exactly broadcast your data all over as a wireless connection does. But if security is of the utmost concern, then fiber is the way to go.

Fourth, “Is there a lot of electrical interference in the area?” Transmissions across a copper cable can be ravaged by the effects of electromagnetic interference (EMI). Fiber is immune to those effects.

Finally, ask yourself about cost. Fiber cables and hardware are more expensive than their copper counterparts. Table 8.5 summarizes your cable choices and provides characteristics of each.

Table 8.5 Cable types and characteristics

Understand that the costs shown in Table 8.5 are approximate and are for illustrative purposes only. The cost for this equipment in your area may differ. Fiber has gotten considerably cheaper in the last 5 to 10 years, but it’s still far more expensive than copper.

Fiber-optic cabling has some obvious advantages over copper, but as you can see it may be prohibitively expensive to run fiber to the desktop. What a lot of organizations will do is use fiber sparingly, where it is needed the most, and then run copper to the desktop. Fiber will be used in the server room and perhaps between floors of a building as well as any place where a very long cable run is needed.

People love wireless networks for one major reason: convenience. Wireless connections enable a sense of freedom in users. They’re not stuck to their desk; they can work from anywhere! (We’re not sure if this is actually a good thing or not.) Wireless isn’t typically as fast and it tends to be a bit more expensive than wired copper networks, but the convenience factor far outweighs the others.

Bluetooth is not designed to be a WLAN but rather a wireless personal area network (PAN). In other words, it’s not the right technology to use if you want to set up a wireless network for your office. It is, however, a great technology to use if you have wireless devices that you want your computer to be able to communicate with. Examples include smartphones, mice, keyboards, headsets, and printers.

Nearly every laptop comes with built-in Wi-Fi capabilities, and most also come Bluetooth enabled. If not, you will need to use a USB Bluetooth adapter to use your Bluetooth devices. Almost all smartphones and other mobile devices today support Bluetooth.

There are several Bluetooth standards that have been introduced into the market. Version 1.2 was adopted in 2003 and supported data rates of up to 1Mbps. Newer versions have increased speed and compatibility with technologies such as Wi-Fi, LTE, and IPv6 as well as reduced power requirements and increased security. The newest version is Bluetooth v4.2, which was released in December 2014. Bluetooth currently supports maximum data rates of 24Mbps. It can achieve these rates by using available 802.11 signals as a transmission medium. Otherwise, the maximum transmission speed of Bluetooth is about 3Mbps. Table 8.6 summarizes the Bluetooth versions and maximum data rates.

Table 8.6 Bluetooth versions and data rates

Version	Data rate
1.2	1Mbps
2.0 + EDR	3Mbps
3.0 + HS	24Mbps
4.0	24Mbps

There are three classes of Bluetooth devices, which differ in their transmission range and power usage; the specifications are shown in Table 8.7. Most mobile Bluetooth devices are Class 2 devices, which have a maximum range of 10 meters (33 feet) and power usage of 2.5mW. When studying Bluetooth, it’s easy to get the versions and classes mixed up. Remember that they are independent of each other. Most devices you see will be Class 2, regardless of the Bluetooth version they support. Also, remember that the version affects the data rate but not the maximum distance.

Table 8.7 Bluetooth device classes and specifications

Class	Distance	Power usage
1	100m	100mW
2	10m	2.5mW
3	1m	1mW

Like 802.11b/g/n, Bluetooth uses the unlicensed 2.4GHz range for communication. To avoid interference, Bluetooth can “signal hop” at different frequencies to avoid conflicts with devices using other technologies in the area. Thanks to technology improvements, interference with Wi-Fi is unlikely, but it can still occur.

One of the unusual features of Bluetooth networks is their temporary nature. With Wi-Fi, you need a central communication point, such as a WAP or router. Bluetooth networks are formed on an ad hoc basis, meaning that whenever two Bluetooth devices get close enough to each other, they can communicate directly with each other. This dynamically created network is called a piconet. A Bluetooth-enabled device can communicate with up to seven other devices in one piconet.

Infrared waves have been around since the beginning of time. They are longer than light waves but shorter than microwaves. The most common use of infrared technology is the television remote control, although infrared is also used in night-vision goggles and medical and scientific imaging.

In 1993 the Infrared Data Association (IrDA) was formed as a technical consortium to support “interoperable, low-cost infrared data interconnection standards that support a walk-up, point-to-point user model.” The key terms here are walk-up and point-to-point, meaning you need to be at very close range to use infrared and it’s designed for one-to-one communication. Infrared requires line-of-sight, and generally speaking, the two devices need to be pointed at each other to work. If you point your remote away from the television, how well does it work?

More information on the IrDA standard can be found at the organization’s website: http://www.irda.org.

Some laptops have a built-in infrared port, which is a small, dark square of plastic, usually black or dark maroon. For easy access, infrared ports are located on the front or sides of devices that have them. Figure 8.9 shows an example of an infrared port.

Figure 8.9 Infrared port

Current IrDA specifications allow transmission of data up to 1Gbps, and IrDA claims that 5Gbps and 10Gbps standards are in the works. Because infrared does not use radio waves, there are no concerns of interference or signal conflicts. Atmospheric conditions can play a role in disrupting infrared waves, but considering that the maximum functional range of an IrDA device is about 1 meter, weather is not likely to cause you any problems.

Security is not an issue with infrared. The maximum range is about 1 meter with an angle of about 30 degrees, and the signal does not go through walls, so hacking prospects are limited. If someone is making an attempt to intercept an infrared signal, it’s going to be pretty obvious. The data is directional, and you choose when and where to send it.

You might have read the 1-meter distance limitation in the section on infrared and thought, “But my television remote works at longer distances than that,” and you are right. Television and other consumer electronics remote controls are not governed by IrDA. They use a different infrared technology, based on the RC-5 protocol developed by Philips in the late 1980s. The maximum functional distance of these remote controls is about 15 to 20 feet, depending on the device.

Computer communications standards using infrared are managed by IrDA, and the maximum distance is about 1 meter. There are methods that IR manufacturers can use to modify this, but the general specification guarantees data rates at only 1 meter.

In the old days (1980s) of personal computers, NICs were a pain to install. Not only did you have to configure the hardware manually, you had to configure the network protocol stack manually. This usually involved a configuration program of some kind and was very cumbersome. Fortunately, installing a NIC today is pretty straightforward.

Now that your NIC is installed, it’s time to configure it with the right IP address and TCP/IP configuration information. There are two ways to do this. The first is to automatically obtain IP configuration information from a Dynamic Host Configuration Protocol (DHCP) server, if one is available on the network. The other way is to manually enter in the configuration information yourself.

Imagine that you have found yourself in a situation in which you have a small network of no more than 10 computers and do not have a DHCP server. You want to minimize the administrative hassle of configuring TCP/IP, so you want your computers to configure themselves automatically. What do you do?

The answer is to set the NIC up to get its IP information from the DHCP server anyway. Microsoft Windows operating systems will automatically configure themselves with an Automatic Private IP Addressing (APIPA) address if they are unable to locate a DHCP server. With an APIPA address, computers on the local network will be able to communicate with one another. The limitation is that the computers will not be able to communicate with any remote devices (those not on the local network) and will not be able to get on the Internet.

To configure your NIC in Windows 7, open Control Panel in Category view and click View Network Status And Tasks under Network And Internet. In the left pane, click Change Adapter Settings. You’ll see the name of a connection, such as Local Area Connection. Right-click that, and click Properties. Figure 8.10 shows you what the Properties screen will look like.

Figure 8.10 Wireless Network Connection properties

On that screen, highlight Internet Protocol Version 4 (TCP/IPv4) and click Properties. This will take you to a screen similar to the one in Figure 8.11.

Figure 8.11 TCP/IP properties

As you can see in Figure 8.11, this computer is configured to obtain its information from a DHCP server. (If you have a wireless router, as many people do on their home networks, it can function as a DHCP server. We’ll talk more about that in a few sections.) If you wanted to configure the client manually, you would click Use The Following IP Address and enter in the correct information. To supply the client with a DNS server address manually, click Use The Following DNS Server Addresses.

If you manually configure the IP address, you must also configure the DNS server address manually. Otherwise, the client will not have access to a DNS server. Client computers can broadcast to find a DHCP server, but they cannot broadcast to find a DNS server.

Installing a wireless NIC is just like installing a normal, wired NIC. The only difference is in the configuration of the NIC. You must configure the NIC to connect to your preferred wireless network (by its SSID) and configure any security settings (such as wireless encryption keys).

To configure a wireless card under Windows 7, you must first install the wireless card. For a desktop, this usually means powering off the computer, removing the case cover, and inserting the card into an open slot (assuming the wireless card expansion card type and bus slot type match). Then you can power the computer back up, and the computer should recognize that a new card was installed and prompt you to install the driver. Most desktops also have USB ports for installation of wireless NICs. The process will be nearly identical to the one you followed in Exercise 8.2.

On a laptop, simply insert the wireless PC Card or USB NIC into any open PC Card slot or USB port with the laptop powered up. Once you have done this, Windows PnP will recognize the card and ask you to install the driver. (Note that some NIC manufacturers ask you to insert the CD and install the drivers before physically installing the NIC. Not doing so could cause installation issues. Always check your documentation!) Nearly every laptop processor chipset made today (such as the Intel Core i5) comes with integrated wireless, so no external adapter needs to be added. USB-attached NICs are an option for desktop computers as well.

Once the NIC is in and the driver is installed, you may have to reboot (but only in very unique cases). Then the wireless card should be ready to use.

Bear in mind that these are general steps. Always consult the documentation that comes with the hardware to ensure that there isn’t a special step that is unique to that card.

Now that your wireless card is installed in your computer, you can configure the connection so you can use it. Windows versions from XP on are beautiful for wireless use because they have utilities for connecting to wireless networks built into the operating system. Windows uses the Wireless Zero Configuration Service (also called Wireless Auto Configuration or WLAN AutoConfig) to automatically connect to wireless access points using IEEE 802.11 standards.

To configure a wireless connection, you can simply bring a Windows (XP or newer) laptop or computer within range of a wireless access point and Windows will detect and alert you to the presence of the access point. Alternatively, if you would like control over the connection, in Windows 7, you can choose Start Control Panel Network And Internet and then choose Connect To A Network. You will get a screen similar to the one shown in Figure 8.12

Figure 8.12 Available wireless connections

If you have a wireless signal strength indicator in the system tray next to the clock, you can click on it and see the same screen as is shown in Figure 8.12.

From this screen you can view the SSIDs of the available wireless networks, including the one to which you are connected (the one that says “Connected” next to it). The bars in the far-right column indicate the relative signal strength of each connection. The more green bars showing, the stronger the signal and the better (and faster) the connection.

If the connection shows a lock icon next to the signal indicator, it is a secured wireless network and you will need to enter some sort of password to gain access to it. It can be dangerous to join unsecured networks; you have no way of knowing who is on them or what are their intentions. Wireless attacks on unsecured networks are becoming more common, so be careful with joining unsecured networks!

To connect to any network, double-click it and Windows will try to connect. You’ll see a window similar to the one in Figure 8.13 that shows you the connection attempt is in progress. Once you are connected, Windows will display “Connected” next to that connection.

Figure 8.13 Connecting to a wireless network

The weaker the signal, the longer the connection will take. Authentication will also slow down the initial connection time.

Network cables are not the most fun thing to install. Proper installation of network cables generally means running them through ceilings and walls and making a mess of the office. Thank goodness for wireless!

Be sure to use plenum cable if you are running cables through spaces where there is air ventilation, such as drop ceilings. PVC-coated cables will produce poisonous gas when burned. Also be sure that you have the proper permission to run the cables and that you aren’t violating any building codes.

If you are installing a wired network in an existing office space, you may want to look into hiring out the cable installation to a third party. You’ll find many companies that have the tools needed to properly install a wired network.

When installing a wired network yourself, always be aware of the maximum cable lengths, as outlined in Table 8.4. In addition, utilize cable troughs in ceilings and walls or another conduit in walls to keep your cables organized. Figure 8.14 shows a cable trough; they come in a variety of lengths and quality.

Figure 8.14 Cable trough

Finally, if you must run cables across the floor in a walkway (which isn’t recommended), use a floor cable guard to avoid creating a trip hazard and to protect your cables. A floor cable guard is shown in Figure 8.15.

Figure 8.15 Floor cable guard

When running cables through a ceiling, never run the cables directly across fluorescent lights. These lights emit electromagnetic radiation (EMI) that can interfere with network communications. Utilize your cable troughs to keep cables in one place and away from lights. Also remember that fiber-optic cables are immune to EMI!

Instead of using switches and hubs, wireless networks use either a wireless access point (WAP) or a wireless router to provide central connectivity. A WAP functions essentially like a wireless hub, whereas wireless routers provide more functionality, similar to that of a wired router. Based on looks alone, they are pretty much identical, and physically installing them is similar. The differences come in configuring them because they will have different options.

In the following sections, we’re going to talk about installing and configuring WAPs and wireless routers interchangeably; just remember that a lot of the features available in a wireless router may not be available in a WAP.

After unwrapping the device from its packaging (and reading the instructions, of course), you must choose a place for it. If it is supplying wireless access to your home network and the Internet, locate it where you can receive access in the most places. Keep in mind that the more walls the signal has to travel through, the lower the signal strength.

In addition, you may choose to have some computers plug directly into the device using a UTP cable. If so, it makes sense to locate the device near the computer or computers you will want to physically connect.

Place the WAP in the center of your home, close to a network connection. Or if you have only one computer, place it close to the broadband Internet connection you are using (i.e., the cable modem or DSL line).

In many offices, WAPs and wireless routers are often placed in the ceiling, with the antennae pointed downward through holes in the ceiling tiles. You can purchase metal plates designed to replace ceiling tiles to hold these devices. The plates have holes precut in them for the antennae to stick through, are designed to securely hold the device and easily open for maintenance, and often lock for physical security. There are also Wi-Fi ceiling antennas you can purchase that basically look like a little dome hanging from the ceiling.

For wireless connectivity devices placed in a ceiling (or other places with no easy access to an electrical outlet), Power over Ethernet (PoE) is a very handy technology to supply both power and an Ethernet connection.

Once you have chosen the location, plug the unit into a wall outlet and connect the two antennae that come with the unit (as needed; many newer devices contain built-in antennae). They will screw onto two bungs on the back of the unit. Once the unit is plugged in, you need to connect it to the rest of your network.

If you are connecting directly to the Internet through a cable modem or DSL or to a wired hub or router, you will most likely plug the cable into the Internet socket of the device, provided it has one. If not, you can use any of the other wired ports on the back of the device to connect to the rest of your network. Make sure that you get a link light on that connection.

At this point, the device is configured for a home network, with a few basic caveats. First, the default SSID (for example, Linksys) will be used, along with the default administrative password and the default IP addressing scheme. Also, there will be no encryption on the connection. This is known as an open access point. Even if you have nothing to protect except for the Internet connection, you shouldn’t just leave encryption turned off. It just makes you an easy and inviting target for neighbors who want to siphon off your bandwidth or even worse. Many wireless manufacturers have made their devices so easy to configure that for most networks it is Plug and Play.

If you have personal data on your home network and more than one computer, you should never keep the default settings. Anyone could snoop your access point from the road in front of or behind your house and possibly get on your home network. It’s too easy for identity theft!

From a computer on the home network, insert the device’s setup CD into the computer’s CD-ROM drive. It will automatically start and present you with a wizard that will walk you through setting the name of the SSID of this new access point as well as changing the default setup password, setting any security keys for this connection, and generally configuring the unit for your network’s specific configuration. Then you’re done!

Earlier in the chapter in the section on 802.11g, we brought up the concept of wireless channels. There are 11 configurable channels in the 2.4GHz range, which is what 802.11b/g uses to communicate. If you look back at Figure 8.20, you’ll see that the channel is set to auto. Most of the time, you won’t have a need to change that.

But let’s say you’re in a situation where you have too many users for one WAP to adequately service (about 30 or more) or your physical layout is too large and you need multiple access points. Now you need to have more than one access point. In a situation like this, here’s how you should configure it:

• Set up the WAPs so they have overlapping ranges. The minimum overlap is 10 percent, and 20 percent is recommended. This way, if users roam from one area to another, they don’t lose their signal.
• Configure the WAPs with the same SSID.
• Configure the WAPs with non-overlapping channels.

2.4GHz channels need to be at least five numbers apart to not overlap. So, for example, channels 2 and 7 do not overlap, nor do 4 and 10. There are 11 configurable channels, so you can have a maximum of three overlapping ranges on the same SSID, configured with channels 1, 6, and 11, and not have any interference. Wireless clients are configured to auto-detect a channel by default, but they can be forced to use a specific channel as well.

On the example router we were using, you could also configure the 5GHz network. In this case, you can choose from 20MHz or 40MHz channel widths, as well as choose the channel. Figure 8.21 shows the channels available. Each of the 20MHz channels shown is non-overlapping.

Figure 8.21 5GHz channels available to select

Network Address Translation (NAT) is a very cool service that translates private IP addresses on your internal network to a public IP address on the Internet. If you are using your wireless router to allow one or more clients to access the Internet but you have only one external public IP address, your router is using NAT.

Most routers have NAT enabled by default, and there might not be any specific configuration options for it. That’s true in the case of the EA3500 router we’ve been using as an example. You can enable or disable it on the Advanced Routing tab in Connectivity, but otherwise the only options you can configure are the internal IP addresses that the router hands out to clients.

To be technically correct, NAT is specifically a one-to-one translation of a private IP address to a public IP address. If you have multiple client computers with private addresses accessing the Internet using one public address (called many-to-one), that is a specific form of NAT known as overloading, Port Address Translation (PAT), or port forwarding. The A+ exam does not test you on the differences between NAT and PAT, but other tests do, such as the Network+ exam.

Another type of NAT is called Dynamic Network Address Translation (DNAT), which translates a group of private addresses to a pool of routable addresses. This is used to make a resource that’s on a private network available for consumption on public networks by appearing to give it a publicly available address. For example, if a web server were behind a NAT-enabled router and did not have its own public IP address, it would be inaccessible to the Internet. DNAT can make it accessible.

Universal Plug and Play (UPnP) is a standard designed to simplify the process of connecting devices to a network and enable those devices to automatically announce their presence to other devices on the network. If you remember when Plug and Play was new to computers, it was revolutionary. You simply plugged in a peripheral (such as a USB network card or mouse) and it was detected automatically and it worked. UPnP is the same idea, but for networking. From a standards standpoint, there’s not a lot to configure. The client needs to be a DHCP client and the service uses UDP port 1900.

The concept is great. It lets devices connect to the network and discover each other automatically with the Simple Service Discovery Protocol. It can be used for any networked device you can think of, from routers and printers to smartphones and security cameras.

The problem is, UPnP has no authentication mechanism. Any device or user is trusted and can join the network. That is obviously a problem. The security consulting firm Rapid7 did a six-month research study in early 2013 and found that over 6,900 network-aware products, made by 1,500 different companies, responded to public UPnP requests. In total, they found nearly 81 million individual devices responded to requests. The United States Department of Homeland Security and many others immediately began requesting people to disable UPnP.

Since that time, the UPnP forum (www.upnp.org) has released statements saying that the security holes have been patched and that the system is more secure than ever. As of the time of writing, skeptics still abound and UPnP does not appear to be a safe option. Regardless of if and when it gets fixed, the reputation of UPnP is not a good one.

The biggest risk is for open UPnP connections to be exploited by unknown systems on the Internet. Therefore, you should configure your router to not allow UPnP connections from its external connection. Many ISPs have also taken steps to help prevent issues. If you’re concerned about devices on your network posing security risks via UPnP, visit www.rapid7.com/resources/free-security-software-downloads/universal-plug-and-play-jan-2013.jsp

to download and run the UPnP exploit scanner. If you’re unsure about your router, disable UPnP just to be safe.

Figure 8.22 Option to clone a MAC address

Before we get into configuring your wireless router as a firewall, let’s be sure you know what firewalls can do for you. A firewall is a hardware or software solution that serves as your network’s security guard. For networks that are connected to the Internet, they’re probably the most important device on the network. Firewalls can protect you in two ways. They protect your network resources from hackers lurking in the dark corners of the Internet, and they can simultaneously prevent computers on your network from accessing undesirable content on the Internet. At a basic level, firewalls filter packets based on rules defined by the network administrator.

Firewalls can be stand-alone “black boxes,” software installed on a server or router, or some combination of hardware and software. Most firewalls will have at least two network connections: one to the Internet, or public side, and one to the internal network, or private side. Some firewalls have a third network port for a second semi-internal network. This port is used to connect servers that can be considered both public and private, such as web and email servers. This intermediary network is known as a demilitarized zone (DMZ), an example of which is shown in Figure 8.23. Personal software-based firewalls will run on computers with only one NIC.

Figure 8.23 A network with a demilitarized zone (DMZ)

We’ve already stated that firewalls can be software- or hardware-based or a combination of both. Keeping that in mind, there are two general categories of firewalls: network-based and host-based.

Network-based firewalls A network-based firewall is what companies use to protect their private network from public networks. The defining characteristic of this type of firewall is that it’s designed to protect an entire network of computers instead of just one system. It’s generally a stand-alone hardware device with specialized software installed on it to protect your network.

Host-based firewalls In contrast to network-based firewalls, a host-based firewall is implemented on a single machine so it protects only that one machine. This type of firewall is usually a software implementation because you don’t need any additional hardware in your personal computer to run it. All current Windows client operating systems come with Windows Firewall, which is a great example of a host-based solution. Norton Security and many other security products come with software firewalls too. Host-based firewalls are generally not as secure as network firewalls, but for small businesses or home use, they’re an adequate, cheap solution.

Firewalls are configured to allow only packets that pass specific security restrictions to get through them. They can also permit, deny, encrypt, decrypt, and proxy all traffic that flows through them, most commonly between the public and private parts of a network. The network administrator decides on and sets up the rules a firewall follows when deciding to forward data packets or reject them.

The default configuration of a firewall is generally default deny, which means that all traffic is blocked unless specifically authorized by the administrator. While this is very secure, it’s also time consuming to configure the device to allow legitimate traffic to flow through it. The other option is default allow, which means all traffic is allowed through unless the administrator denies it. If you have a default allow firewall and don’t configure it, you might as well not have a firewall at all.

The basic method of configuring firewalls is to use an access control list (ACL). The ACL is the set of rules that determines which traffic gets through the firewall and which traffic is blocked. ACLs are typically configured to block traffic by IP address, port number, domain name, or some combination of all three.

Packets that meet the criteria in the ACL are passed through the firewall to their destination. For example, let’s say you have a computer on your internal network that is set up as a web server. To allow Internet clients to access the system, you need to allow data on port 80 (HTTP) to get to that computer.

Another concept you need to understand is port triggering. It allows traffic to enter the network on a specific port after a computer makes an outbound request on that specific port. For example, if a computer on your internal network makes an outbound Telnet request (port 23), subsequent inbound traffic destined for the originating computer on port 23 would be allowed through.

Nearly every wireless router sold today provides you with some level of firewall protection. On the router used in this example, the firewall options are on two separate tabs. Enabling the firewall and setting a few basic options is done from the Security section, as shown in Figure 8.24. More advanced options, such as configuring port forwarding and port triggering, are on the DMZ and Apps And Gaming tabs.

Figure 8.24 Enabling the firewall

Quality of Service (QoS) is a strategy that allows an administrator to control traffic to maintain a certain service level. By using QoS, an administrator can set different priorities for one or more types of network traffic based on different applications, data flows, or users. For example, if the engineering group needs to have a certain amount of guaranteed network bandwidth, QoS can make that happen. This is not typically implemented on small or home office networks but rather for larger enterprise networks.

QoS focuses on dealing with five different types of problems that can affect data on a network:

• Delay, usually caused by congested routes that prevent critical data from arriving on time
• Dropped packets, which often causes delay
• Error, or corrupted data
• Jitter, or variation in packet delay in a data stream
• Out-of-order delivery, which can cause performance issues in time-sensitive applications such as VoIP.

Before each session, a QoS level is established as part of a service-level agreement (SLA). This is a simply priority setting. Higher-level numbers indicate higher priority, and administrators can set priority levels 0 through 5. Table 8.8 shows the eight levels of QoS.

Table 8.8 QoS levels

As more and more real-time business-critical applications hit the market, QoS will become a bigger topic.