WAN Technologies

Virtual Circuits

A virtual circuit (also called a communication path) is a logical pathway or circuit created over

a packet-switched network between two specific endpoints. Within packet-switching systems are two types of virtual circuits:

_{Permanent virtual circuits (PVCs)}

_{Switched virtual circuits (SVCs)}

A PVC is like a dedicated leased line; the logical circuit always exists and is waiting for the customer to send data. An SVC is more like a dial-up connection because a virtual circuit has to be created before it can be used and then disassembled after the transmission is complete. In either type of virtual circuit, when a data packet enters point A of a virtual circuit connection, that packet is sent directly to point B or the other end of the virtual circuit. However, the actual path of one packet may be different from the path of another packet from the same transmission. In other words, multiple paths may exist between point A and point B as the ends of the virtual circuit, but any packet entering at point A will end up at point B.

WAN links and long-distance connection technologies can be divided into two primary categories:

dedicated and nondedicated lines. A dedicated line (also called a leased line or point-to-point link)

is one that is indefinably and continually reserved for use by a specific customer (see Table 4.3). A dedicated line is always on and waiting for traffic to be transmitted over it. The link between the customer’s LAN and the dedicated WAN link is always open and established. A dedicated line con- nects two specific endpoints and only those two endpoints together.

A nondedicated line is one that requires a connection to be established before data transmission can occur. A nondedicated line can be used to connect with any remote system that uses the same type of nondedicated line.

T A B L E 4 . 2 Circuit Switching vs. Packet Switching

Circuit Switching Packet Switching

Constant traffic Bursty traffic

Fixed known delays Variable delays

Connection oriented Connectionless

Sensitive to connection loss Sensitive to data loss Used primarily for voice Used for any type of traffic

150 Chapter 4 Communications Security and Countermeasures

To obtain fault tolerance with leased lines or with connections to carrier net- works (that is, Frame Relay, ATM, SONET, SMDS, X.25, and so on), you must deploy two redundant connections. For even greater redundancy, purchase the connections from two different telcos or service providers. However, when you’re using two different service providers, be sure they don’t connect to the same regional backbone or share any major pipeline. If you cannot afford to deploy an exact duplicate of your primary leased line, consider a nondedicated DSL, ISDN, or cable modem connection. These less-expensive options may still provide partial availability in the event of a primary leased line failure. Standard modems, DSL, and ISDN are examples of nondedicated lines. Digital subscriber line (DSL) is a technology that exploits the upgraded telephone network to grant consumers speeds from 144Kbps to 6Mbps (or more). There are numerous formats of DSL, such as ADSL, xDSL, CDSL, HDSL, SDSL, RASDSL, IDSL, and VDSL. Each format varies as to the specific downstream and upstream bandwidth provided. For the exam, just worry about the general idea of DSL instead of trying to memorize all the details about the various DSL subformats. The max- imum distance a DSL line can be from a central office (that is, a specific type of distribution node of the telephone network) is approximately 1,000 meters.

Don’t forget about satellite connections. Satellite connections may offer high-speed solutions even in locales that are inaccessible by cable-based, radio-wave-based, and line-of-sight-based communications. However, satellites are considered insecure because of their large surface footprint. Communications over a satellite can be intercepted by anyone. However, if you have strong encryption, satellite communications can be reasonably secured. Just think of satellite radio. As long as you have a receiver, you can get the signal anywhere. But without a paid service plan, you can’t gain access to the audio content.

T A B L E 4 . 3 Examples of Dedicated Lines

Technology Connection Type Speed

Digital Signal Level 0 (DS-0) Partial T1 64Kbps up to 1.544Mbps

Digital Signal Level 1 (DS-1) T1 1.544Mbps

Digital Signal Level 3 (DS-3) T3 44.736Mbps

European digital transmission format 1 El 2.108Mbps

European digital transmission format 3 E3 34.368Mbps

Cable modem or cable routers 10+Mbps

WAN Technologies 151

Integrated Services Digital Network (ISDN) is a fully digital telephone network that supports both voice and high-speed data communications. There are two standard classes or formats of ISDN service: BRI and PRI. Basic Rate Interface (BRI) offers customers a connection with two B channels and one D channel. The B channels support a throughput of 64Kbps and are used for data transmission. The D channel is used for call establish- ment, management, and teardown and has a bandwidth of 16Kbps. Even though the D channel was not designed to support data transmissions, a BRI ISDN is said to offer consumers 144Kbps of total throughput. Primary Rate Interface (PRI) offers consumers a connection with two to twenty-three 64Kbps B channels and a single 64Kbps D channel. Thus, a PRI can be deployed with as little as 192Kbps and up to 1.544Mbps. However, remember that those numbers are bandwidth, not throughput, because they include the D channel, which cannot be used for actual data transmission (at least not in most normal commercial implementations).

In document CISSP Certified Information Systems Security Professional Study Guide, 4th Ed pdf (Page 196-198)