Saturday, December 7, 2019

Business Model Innovation Research Technology

Question: Discuss about the Business Model Innovation Research Technology. Answer: Introduction: As mentioned by Hill et al. (2014) an effective business strategy typically involves three basic ideas, those are, the area of competition (the target market segmentation), the competitive techniques (depending on the resources) and the way of implementing those techniques. As mentioned by Eden and Ackermann (2013) for identifying the market opportunity or the most potential target segment, the organizations need to identify the external variables those are influential to the organizational operation (the competitors analysis and the industry analysis and evaluation). For identifying the resources, internal analysis of the organization can be utilized. As mentioned by Harrison and John (2013) by identifying the resources base, the company becomes able to address the external opportunities or threats. On the other hand, for strategy implementation, the organization needs to identify the incentive and compensation policies, the control systems and the organizational structures. As opin ed by Hill et al. (2014) this may include the employee base or skills, motivation and leadership. All these three factors typically support the strategic management of an organization. While creating a strategy for obtaining competitive advantage, the organizations need to focus on all of these three factors simultaneously (Eden and Ackermann 2013). In the empirical cases, the organizations like Foodworks can opt for utilizing this three-faced strategic approach. For identifying the best market opportunity the company can make an external analysis. The company is facing huge competition from the organizations like Coles or Woolworths (FoodWorks Supermarkets | Grocery Specials This Week 2016). However, with the changes in the sociological and demographic pattern the company has an opportunity to attract the customers of Australia as well as the developing economies. Now, for utilizing this market opportunity, the company needs to have the resources. According to the organizational website, it is financially and technologically strong enough for expanding its business, but doesnt have enough employees. However, the financial strength will be helpful in decreasing the price level and attract more customers to the brand. This technique will also be helpful in creating a penetrative pricing policy in the new market segments. Now, imp lement the strategy of expanding the business, the company needs to develop an efficient and motivated employee base. Moreover, for a successful cross-culture management, the organization will need an effective leadership or management base. Thus, Foodworks will be able to attract more customers in the domestic market and successfully execute business in the new geographic segment. Business Model Innovation As mentioned by Leih et al. (2014) the modern business world is significantly volatile that needs quick address to every possible market opportunities. Hence, the business organizations need to concentrate on the innovative strategies. However, innovation does not necessarily involve a whole new idea or the integration of new technologies. As mentioned by Gobble (2014) most of the successful companies have utilized pre-used innovative business models by initiating pragmatic alterations suitable to their own product or service offerings. It has helped them to address the future market opportunity and be a sustainable market player. As discussed by Amit and Zott (2012) innovation helps in increasing the customer value or in reducing the organizational cost and thus gives a competitive advantage to the companies. Hence, the innovation of the business model is crucial for organizational success. For introducing innovation in the business model, the companies need to identify their own bu siness model by categorizing the customer base, the product offerings, the value proposition and the revenue model. The business model innovation needs to change at least two of these dimensions. As discussed by Leih et al. (2014) there are a number of business model pattern those are responsible for all kind of business model innovation. Now, to integrate them an organization needs to follow four steps of initiation, ideation, integration and implementation. In initiation, the current business model needs to be reviewed and by the ideation, it needs to be confronted with various innovative business models. In the integration phase, the consistency of the business model needs to be examined (Amit and Zott 2012). Finally, in the implementation stage, the innovative model can be implemented. However, it is needed to implement in a pilot basis initiate changes according to the challenges. Here, soft factors like managerial failure or industrial resistance needs to be addressed (Gobble 2014). For successful innovation, an organization needs to implement one model at a time, communicate effectively the need of innovation to the stakeholders, setting long-term and flexible KPIs and ensure top management commitment. Thus, the companies can initiate innovative business models and become valid in the future business world. The Australian company Pauls can introduce innovative business models for obtaining competitive advantage. Though the company is successfully operating in the Australian dairy market, business model innovation will help them to collect new customer base by providing increased value proposition ( 2016). For implementing new innovative business model, the company needs to identify its current customer base (the Australian market, no defined demographic segment), the product offerings (milk, cream, custard etc.), the value proposition (high quality and fresh product) and the revenue model (selling of the product). In the ideation phase, the company can introduce the e-commerce strategy (mobile app) for the organization. It will be able to address an extended range of customers with new value proposition (easy to buy). By identifying the consistency of the model, the company can opt for implementing it to a small range of products. However, to initiate innovative the business mo del, the company needs to communicate with the stakeholders and ensure managerial commitment (Amit and Zott 2012). The innovative business model will provide the company a product differentiation, which would be helpful for the company to obtain competitive advantage. With a new business model, the company will be able to provide a new range of value proposition to the customers that will be helpful for addressing an extended range of consumers than before (Leih et al. 2014). Moreover, it will help the company to reduce the organizational cost (by narrowing the supply chain) and validating it to the future market (web availability). References: Amit, R. and Zott, C., 2012. Creating value through business model innovation. MIT Sloan Management Review, 53(3), p.41. Eden, C. and Ackermann, F., 2013.Making strategy: The journey of strategic management. Sage. 2016. FoodWorks Supermarkets | Grocery Specials This Week. [online] Available at: [Accessed 15 Dec. 2016]. Gobble, M.M., 2014. Business model innovation.Research-Technology Management,57(6), pp.58-61. Harrison, J.S. and John, C.H.S., 2013.Foundations in strategic management. Cengage Learning. Hill, C.W., Jones, G.R. and Schilling, M.A., 2014.Strategic management: theory: an integrated approach. Cengage Learning. Leih, S., Linden, G. and Teece, D., 2014. Business model innovation and organizational design: a dynamic capabilities perspective. 2016. Pauls - Home. [online] Pauls. Available at: [Accessed 15 Dec. 2016].

Friday, November 29, 2019

Vietnam MY Lai Massacre

Introduction This paper analyses the vents that happened at My Lai village and why it could have been prevented had the US army followed the principles of war. The paper starts by looking at what really happened and then proceeds to analyze whether the killings could indeed have been prevented.Advertising We will write a custom essay sample on Vietnam MY Lai Massacre specifically for you for only $16.05 $11/page Learn More Many will remember the My Lai massacre as one of the most shocking events of the world and can be described as one of the most infamous events in the history of Vietnam War (Bilton and Siam, 1992). This war took place on March in 1968 in the village of My Lai which had approximately 700 people, located in the southeast of the United State base of Danang (Bilton and Siam, 1992). It is in this village that innocent people were killed on that date by the US Army while they were in search of rebels. The question then becomes whether this a ttack on innocent people was justified; the first part of this paper discusses what happened and the US army conducts at that particular time and is a synopsis of the events of that fateful day. The second part of the discussion looks at whether the principles of war were adhered to and examines whether these deaths would have been prevented had the rules of engagement been followed (Bilton and Siam, 1992) The events at My Lai The US troops conduct during that time was incredible and least expected and the outcomes of that day have left many people dumbfounded. The morning of March 16th saw three platoons of US troops from C Company of the eleventh Brigade arrive in the Son My area (Bilton and Siam, 1992). The Platoon which was commanded by Lieutenant William Calley was on a search and destroy mission that was directed on My Lai village with the sole aim of finding members of the NLF popularly described as Vietcong (Bilton and Siam, 1992). The reason for directing the operation on t hat village is because the area had in the recent past been very active with the Vietcong rebels.Advertising Looking for essay on international relations? Let's see if we can help you! Get your first paper with 15% OFF Learn More As the Platoon troop advanced through the village they started firing towards the village and instantly killed innocent civilians mainly women, children and the elderly who had at the time gone to the paddy fields to carry out their daily chores. By then, Sergeant Michael Bernhardt, 1973 who was at My Lai said that he saw no one who could have been of military age and went on to say that â€Å"the US troops in My Lai met no resistance from the villagers† (Bilton and Siam, 1992). One of the army photographers who had accompanied the platoon also said he â€Å"saw a US soldier shoot two young boys† that were probably just about 5 years old while many of the dead people comprised of other even much younger children (Bilton and Siam, 1992). These facts were collaborated by the people who later returned to the village and claimed it took them several days to bury the dead who included very young children. To make it worse, the bodies had been badly mutilated apart from being shot. This horrifying episode came into public light in November 1969 when a US soldier was interviewed on television; it is during that time that the soldier gave an actual account of the events of that day and admitted to how the platoon had deliberately and systematically shot civilians during that day (Bilton and Siam, 1992). In the wake of this admission, the US military was under pressure to investigate this grave violation of human rights but turned out it was aware of the allegations and had even initiated an inquest into the matter; this was in April 1969, some six months before the public admission made by the soldier (Bilton and Siam, 1992). The actual number people who were killed during that day remains unknown, however the offi cial approximation figure was pegged at 175 but the actual figure is thought to have been much more higher in the region of 500 people (Bilton and Siam, 1992). In fact according to the memorial at My Lai the list actually has 504 people written.Advertising We will write a custom essay sample on Vietnam MY Lai Massacre specifically for you for only $16.05 $11/page Learn More So Could it have been prevented? What happened at My Lai should have been prevented if rules of fair engagement were followed by the US soldiers especially when combat is in civilian locations. Based on universal principles it is illegal to follow orders that are illegal or which borders on illegality even from superiors. Based on this principle of law it was therefore wrong for the US soldiers to have followed illegal orders of attacking the village that clearly contravened the human rights principles. It is always important when fighting war or attacking enemies in civilian locatio ns to take into account careful planning and consideration. There are Principles of War that have been used successfully for many years by military commanders which have always avoided unnecessary death of civilians; the same principles could have been important in this case. Even on its own standards it is clear that the US laws of engagement in civilian locations were not adhered to which led to the death of innocent people. These soldiers should have identified a clear objective and target during this mission which required using precautionary force under the circumstances. In fact one might argue that the soldiers had no clear objective from the start since they obviously attacked the civilians as opposed to the rebels that they were pursuing. Meaning that they confused their target, which is not only acceptable but an indication of incompetence or outright regardless of human life. In fact during the inquest the US army said that â€Å"the people they encountered lacked milita ry skills and were not a threat† ( 2010); which clearly shows that there was no reason for the soldiers to have had used excess force in the first place. Instead they were supposed to have applied diplomacy and only use force where necessary; at the same time the Commanders in the field were supposed to make important decisions and not give orders of civilian’s execution.Advertising Looking for essay on international relations? Let's see if we can help you! Get your first paper with 15% OFF Learn More It was also important for the US soldiers to have had sought permission from the relevant Authorities before attacking the My Lai village. What happened is that the soldiers abruptly opened fire attacked without due diligence or even obtaining prior permission from relevant authorities as the attacks were carried out without prior knowledge from the Vietnam authorities. If permission was first sought then probably the soldiers would have been directed to their targets and the operation wouldn’t have resulted in deaths of the civilians. As a general rule of natural laws on armed conflicts, military attacks should never be directed towards churches, innocent people, agricultural places, water points and all other places that are essential for well being of the citizens of the attacked country ( 2010). But what the US army did in My Lai was in fact contrary to this principle as they also destroyed important resources that are vital to the citizen’s survival. The question is whether it was necessary for these soldiers to have gone about killing women and children in the way that they did; the answer is certainly no especially when you consider that there was no justification at all for doing so, and not even the need to capture the rebels can be cited as the reason for the simple reason that the people killed posed no threat at all. There is no reasonable soldier who will go about killing innocent civilians which is the reason why the actions of this day was so appalling as this was a common sense decision. The only time that civilians can be attacked is if they are trying to engage the soldiers and poses a threat to them (, 2010). Therefore in these attacks reasonable force was not used by the US Army and if the principles of war were followed then innocent children and women wouldn’t have been killed during that day. Reference Bilton, M., Siam, K.(1992).Four Hours in My Lai. New York: Penguin Group. 2010. The U nited Nations Convention on the Protection of Civilian Persons  in Time of War. Web. This essay on Vietnam MY Lai Massacre was written and submitted by user Sonia Whitney to help you with your own studies. You are free to use it for research and reference purposes in order to write your own paper; however, you must cite it accordingly. You can donate your paper here.

Monday, November 25, 2019

Abortion3 essays

Abortion3 essays Women must have access to safe abortion. No matter how any of us feel about embryos and fetuses and their "rights"...about women and sex and responsibility...about God's will, Karma, or the Bible...the fact still remains: Women have always used abortion as a last resort to prevent the birth of a child, and they always will, regardless of what the laws say or the rest of us think. But when abortion is illegal, it is unsafe and dangerous. Therefore, abortion must be legal, and it must be accessible too. Here are some reasons why legal abortion is necessary, taken from various sources available online and offline. Even if you disagree, take a look! Laws against abortion kill women. Making abortion illegal has little effect on the number of abortions, as history and present-day evidence from all over the world show. But illegal abortion is much more dangerous. In the 1930s, there was "an epidemic of criminal abortion" in the United States. The number of births dropped by about half, as women who refused to bring children into a depressed economy resorted to illegal abortion to end their pregnancies. As a result, about 2500 women died each year from abortion complications, accounting for nearly one in four maternal deaths.1 From 1950 to 1965 in the US, there were 200 to 250 abortion-related deaths reported each year, a number that is acknowledged to be lower than the true death count.2 But even using these statistics, and assuming that illegal abortion was two or three times as dangerous as legal abortion at that time, a simple calculation shows that there were at least 500,000 illegal abortions each year.3 It's not worth the death of one woman if that's what it would take to cut the number of abortions by 60%, let alone fifty or a hundred women. Thanks to changes in the law, today the mortality rate from legal abortion is almost zero, and abortion accounts for only 3% of maternal d ...

Friday, November 22, 2019

Explaining Childrens Development Essay Example | Topics and Well Written Essays - 1250 words

Explaining Childrens Development - Essay Example His definition of this approach was highly practical. Thus, Watson believed psychology should be a purely objective field of knowledge used to accurately predict and control human behaviour and development. Introspection and self-analysis are useless if applied to psychology and there is no difference between humans and animals. In fact, Watson neglected the concept of the conscious and unconscious as such (Littleton, Toates, & Braisby, 2002). Formulating his views Watson relied primarily on the Ivan Pavlov's discovery of the mechanism of classical conditioning. Pavlov's studies of dog's digestion transformed the common understanding of learning and development. The scientist carried out a series of experiments in order to test his initial conclusions. He provided a sound or light signal that was immediately followed by some food placed in the dog's moth. The dog started to perceive the signal in conjunction with the food and after several repetitions the dog salivated immediately after the signal even without any food. This fact made Pavlov introduce a new psycho-physiological concept of a conditional stimulus in distinction to an unconditioned stimulus (Littleton, Toates, & Braisby, 2002: 170-171). Although Pavlov revealed the phenomenon of classical conditioning during experimental studies, which involved animals, the key principle of this process proved valid in human behaviour too. Watson described an example of the classical conditioning in human beings. Albert, an infant with a pet rat, was not afraid of it until once Watson banged a metal plate while the boy was reaching for his pet. Subsequently, Albert started to demonstrate fear of the rat (Littleton, Toates, & Braisby, 2002: 172). Another good example of the classical conditioning in human behaviour is the bell-and-pad technique that is often used to cope with bed-wetting in children. Two perforated metal sheets connected to a low-tension battery are placed under the bed sheet. When a child moistens the bed urine short-circuits the sheets, and the battery produces a laud alarm making the child wake up. After several alarms the child is able to wake up without the alarm: the sensation of a full bladder is finally conne cted to the necessity of waking up (Lattal & Chase, 2003). Skinner further elaborated on the behaviourist conception of behaviour by paying attention not only to stimuli resulting in certain patterns of behaviour, but also exploring the stimuli affecting the actor after performance. In a series of experiments involving rats and pigeons that were rewarded with food for pressing a lever in the Skinner box, the scientist observed that positive stimuli led to more frequent repetition of the act that caused them; he called such stimuli "reinforcers" (Littleton, Toates, & Braisby, 2002: 175-176). Skinner recognised situational influences as predominant factors that cause different reactions of children. The reactions largely depend upon the previous experience and genetic code of individual. Skinner also believed that analysis of specific mental states, which had been so popular in psychoanalytic

Wednesday, November 20, 2019

India Essay Example | Topics and Well Written Essays - 250 words

India - Essay Example In his finding, he discovered that the Machiguenga gave out the smallest amount possible, and none of the second players rejected the offer no matter how small. Unlike the Machiguenga, the Westerners had a tendency to share things on an equality basis. Other people would reject a high offer. A repeat of the experiment in different parts of the world proved similar results. According to the study, Henrich concludes that humans are not similar throughout the world as believed by social scientists who focused their research in America. A system that works for the Westerners could fail in the east. According to Michael Brown, for thousands of years, spirituality has been, and still is a major factor in the Indians lives (History King 1). Everything they do is in accordance with their belief. In India, the people live together as one despite their diversity. Millions of people celebrating their religions gather in the River Ganges during the Komhala festival every year. The westerner could probably never understand the Indians way of life. How a man could renounce every material thing to pursue a spiritual life is still a puzzle to the British. The answer is the two worlds define civilization differently. The Western culture embraces individualism, materialism, rationality, and masculinity. On the contrary, India bases their civilization on renunciation, the female, and the inner life. It is unfair to judge other people’s culture, customs, and civilization by comparing it to our own. History King. â€Å"Legacy - The Origins of Civilization - Episode 2: India, the Empire of Spirit (Documentary).† YouTube Video Clip. Jul 5, 2014. Web. March 17, 2015. Watters, Ethan. â€Å"We Aren’t the World.† Pacific Standard. Feb 25, 2013. Web. March 17, 2015.

Monday, November 18, 2019

Analyzing the Advertisement Research Paper Example | Topics and Well Written Essays - 750 words

Analyzing the Advertisement - Research Paper Example Sometime, there is also a difference seen in the advertisement of same product on internet, newspaper, magazine and television. People have different attitude towards advertisement while watching television, reading newspaper or magazine and while surfing internet. Following is the descending order of major media through which advertisement reach its viewers, newspapers, television, direct mail, radio, magazines, business publications, outdoor advertising, and lastly farm publications. To catch the attention of the viewer there are different strategies which are used.Therefore, advertisers uses different techniques of colors, texts, images, languages and layout, if put together efficiently can easily catch the reader's attention. It results in influencing the opinion of the viewer, thus persuading them for buying that particular product rather than any other in that particular category. Â  I have chosen this picture advertisement from Diesel's recent advertisement campaign famous as "Global Warming Ready". This ad campaign received a lot of media attention for the fact that they used unique idea for advertising their new clothing range. It used the word Global Warming while trivializing the matter to sell clothe. Personally global warming is noticeably an imminent crisis, which world is threatened of. So I think sometimes by taking a revitalizing step and usually start being ironic about the whole thing can result in catching the attention of the audiences - a moronic way of laughing at ourselves.... So I think sometimes by taking a revitalizing step and usually start being ironic about the whole thing can result in catching the attention of the audiences - a moronic way of laughing at ourselves is also used in stand up comedies. There is actually no harm in using this idea but advertisers use obvious hidden messages and sometime undertones, so that viewer is stopping to read and find out that message. And so it worked wonders in this ad campaign as well. The creative strategy is really effective because the advertisers are using a combination of two three strategies like it looks generic (showing global warming message for the whole range), pre-emptive (in words as well as in pictures) along with the unique selling proposition (people can feel the difference in the campaign when comparing with other brand) keeping the brand equity balanced. Strong resonance is found in the advertisement which is appealing the central theme of the receiver's life by using the word ' Global Warmin g Ready' The advertisement is using complex theme which the background is taking over while the advertisement is stuff with all the connotations which include, status, power, sex and luxury. The language used in the advertisement is figurative. For, the target audience being young women and men, this advertisement iswell designed and juxtaposed to attract the right audience. This advertisement is using colors using earthy color tints like skin which is actually revealing the heat up of 'global warming'. Contrasting is done by using greys and blues in the background which is evoking the required murkiness in the environment and highlighting the rise in the water level in New York in the background. It is showing that

Saturday, November 16, 2019

Different Types Of Network Devices

Different Types Of Network Devices Infrastructure security depends on the correct use of the network components. Network components are an essential aspect of the computing environment to improve the performance and security. The network components such as routers, switches and cables connect to the firewalls and gateways that manage communication from the network design to the protocols employed. If security fails then the availability of the system fails. Security failures can occur in two ways as follows: 1. Sometimes unauthorised users access the resources and data, which they are not authorised to use. 2. Security failure prevents the user from accessing the resources and data, the user is authorised to use. Both these security failures are serious. Hence, primary goal of network infrastructure security is to allow all authorised usage and deny all unauthorised usage of resources. 8.2 Devices Todays business environment consists of not only clients and servers but also network devices that are required to connect them. These network devices are called communication devices. These devices are hubs, switches, routers, LAN cards, gateway, modem, hardware firewall and so on. This also includes wireless access points, special-purpose devices such as Virtual Private Network (VPN) devices. Each of these devices has a specific network functions and plays an important role in maintaining network infrastructure security. 8.2.1 Workstations The workstations are client computers in the client-server architecture. This device is used to send and receive e-mail, to create spreadsheets, to write report in a word processing program and to play game. Many threats to information security can start at a workstation when it is connected to a network. Workstation security can be maintained by following basic steps as follows: Remove all share point that is not required. Rename the administrator account and secured it with a strong password. Remove unnecessary user accounts. Install an antivirus program and keep it updated. Disable USB ports in CMOS settings to restrict data transfer through USB devices. Install firewall between the machine and the Internet. Install latest patch for the operating system (OS) and keep the OS up to date. 8.2.2 Servers Servers are the computers in a network that host applications and data for users to share. Servers are available in many sizes, from small single CPU systems to multiple CPU systems such as mainframe computers. Servers use operating system such as Windows Server, Linux, UNIX and other mainframe operating systems. Server OS is more robust than the workstation OS and is designed to service multiple users over a network at the same time. Workstation security basic steps are applicable to server as well. 8.2.3 Network Interface Cards Network Interface Card (NIC) is a hardware device used to connect a server or workstation to a network. A NIC is used for particular type of network connection, either ethernet or token ring. In local area networks, ethernet protocol is the most common network type in use and RJ-45 is most common connector. A NIC is the physical connection between a computer and the network. NICs are available as single-port and multiport NIC. Workstation use single-port NIC, as only a single network connection is required. Whereas, server use multiport NIC to increase the number of network connections that increases the data throughput to and from the network. Every NIC has a 48-bit unique number, referred to as a Media Access Control (MAC) address which is stored in Read Only Memory (ROM). MAC address is used in the addressing and delivery of network packets to the correct system. 8.2.4 Hubs Hub is a central connecting device in a computer network. It connects multiple machines together in a star configuration with the hub as the centre. Hub broadcasts all data packets that are received, to all LAN cards in a network. The intended recipient picks the data and all other computers discard the data packets. Hub has five, eight, sixteen and more ports. One of the ports is called uplink port and this port is used to connect with the next hub. 8.2.5 Bridges Bridges operate at the data link layer of the OSI model. Bridges check the incoming traffic and decide whether to forward or discard it. 8.2.6 Switches Switches are a type of networking device similar to hubs, which connect network equipment together. In todays high-performance network environment switches have replaced both hubs and bridges. Switches operate at the data link layer of the OSI model. It uses MAC address of network cards to route packets to the correct port. Switches are intelligent network devices and are therefore can get hijacked by hackers. Switches are administered using the Simple Network Management Protocol (SNMP) and telnet protocol. Both the protocols have a serious weakness. These two protocols send passwords across the networks in clear text. In such instances hacker can capture the administrative password. The major problem with the switch is that it ship with default passwords. If user does not change this password during setup, hacker can easily access it. Caution: To secure a switch, disable all access protocols other than a secure protocol such as Secure Shell (SSH). Use only secure methods to access switch will limit the exposure to hackers and malicious users. 8.2.7 Routers Router connects two or more computer networks and then exchanges packets of data between them. Each data packet contains address information that a router can use to determine if the source and destination are on the same network, or if the data packet must be transferred from one network to another. Routers operate at the network layer of the OSI model. It has two or more network interfaces through which network traffic is forwarded or blocked. They are used to segment networks into smaller subnets or to link multiple networks together. The router decides how and when to forward packets between the networks based on an internal routing table. Routing table tells the router which packets to forward. Routers allow technicians to explicitly deny some packets the ability to be forwarded between segments. For example, internal security features of some routers can prevent users on the internal network from using telnet to access external system. Telnet is always a security risk as the passwords and all communications are transmitted in clear text. Hence, do not create telnet sessions between the internal network and an external network. Router has the ability to block spoofed packets. Spoofed packets are packets that contain an IP address in the header which is not the actual IP address of the source computer. Hackers used this technique to fool the systems showing that the packet came from an authorised system whereas, it actually came from the hackers system. Router has the ability to drop such packets. Routers are available in various sizes, small and big and from different vendors. Small router is used with cable modem and DSL service. (Figure). Larger routers handle traffic of up to tens of gigabytes per second per channel, using fibre optic cables and moving tens of thousands of concurrent Internet connections across the network. 8.2.8 Firewalls A firewall is hardware or a software program that is used to protect an internal network from outside intruders. It is much like a wall with a window. The wall keeps things out, except those permitted through the window. (Figure.). Network security policies act like a glass in the window. Security policies define what traffic is permissible and what traffic is to be blocked or denied. For example, Web server connected to the Internet may be configured to allow traffic only on port 80 for HTTP and have all other ports blocked. Firewall allows only the necessary access for a function, and block or denies all unnecessary functions. 8.2.9 Wireless In wireless device, radio waves or infrared carry data, that allows anyone within range access to the data. Placing a wireless device behind the firewall does not serve, as firewall stops only physically connected traffic from reaching the device. The devices associated with wireless networking are wireless access points. The wireless network cards are used to communicate with the access points. (Figure). Wireless access points have a limited range within which they can communicate with the client systems. When planning a wireless implementation within a new construction, make sure that the external walls contain metal studs that are grounded. Create wireless shield by using thin layers of aluminium under the drywall. This will block radio transmission into and out of the building. This will also interfere with pager and cellular phone usage. Note: Applying secure transmission protocols and configuring the wireless access point to only accept authorised connections will help in securing a network. 8.2.10 Modems Modulator and Demodulator (Modem) converts analogue signals to digital and vice versa. Modems are slow method of remote connection that is used to connect client computers to remote services over standard telephone lines. Modems are becoming less necessary, but many corporate systems still have modems installed for remote access. In corporate network, modems are located in Remote Access Service (RAS) servers and fax servers. Corporate users remotely access their system configuring modem in their PC. This is done when no other remote access solution is available or the existing remote access solution is inconvenient. These types of situations can provide an intruder the entry point to a network. The best solution to avoid this is to implement a security policy to control the installation of modems on corporate systems. Also verify that systems which need modems are properly secure. 8.2.11 Telecom/PBX In the IT security field Telecommunication (Telecom) is often overlooked. Most small companies use a small number of dedicated telephone lines for both incoming and outgoing calls. However, in larger companies having dedicated lines for thousands of employees is both inefficient and expensive. Hence, to overcome these problems install a Private Branch eXchange (PBX). A PBX is a device that handles routing of internal and external telephone lines. This allows a company to have limited number of external lines and an unlimited number of internal lines. PBX systems are cost beneficial to large companies but they also have their own vulnerabilities. PBX s is designed to be maintained by an offsite vendor and therefore have remote access available. The remote access can be through a modem or through a LAN. Hence, disable these remote access methods to limit the susceptibility to direct remote access attacks until the vendor is notified that they need to perform maintenance or prepare an update. 8.2.12 RAS Remote Access Service (RAS) connects the client and server through a dial-up telephone connection. It is slower than cable and Digital subscriber line (DSL) connection. When a user dials into the computer system, authentication and authorisation are performed through a remote access protocols. RAS servers offer security feature such as mandatory callback. This allows server to call back to the client at a set of telephone number for the data exchange. For more information on remote access protocols refer chapter 9, Authentication and Remote Access 8.2.13 VPN VPN allows users to create a secure tunnel through an unsecured network to connect to their corporate network. In large environments, VPNs are less expensive to implement and maintain than RAS servers, because there is no incoming telephone line or modem. In addition, a higher level of security can be implemented as communications are encrypted to create a secure tunnel. 8.2.14 Intrusion Detection Systems Intrusion Detection Systems (IDS) is a device designed to monitor network or system activities for malicious activities or policy violations. They are an essential part of network security. There are two main types of IDS that are used: network-based IDS and host-based IDS. For more information on intrusion detection systems refer chapter 11, Intrusion Detection Systems 8.2.15 Network Access Control Network Access Control is a method of network security that restricts the availability of network resources to endpoint devices as defined in the security policy. There are two main competing methodologies exist: Network Access Protection (NAP) and Network Admission Control (NAC). NAP is a Microsoft technology that controls network access of a computer host whereas, NAC is Ciscos technology that controls network admission. 8.2.16 Network Monitoring or Diagnostic The computer network needs continuous monitoring or diagnostic routine to keep administrators aware of the status of the network and allow them to take corrective actions to potential problems. This can be done through monitoring software or dedicated devices located on the network. Network monitoring or diagnostic equipment that is remotely accessible uses strong password and encrypted sessions to handle security vulnerabilities. 8.2.17 Mobile Devices Mobile phones and Personal Digital Assistants (PDAs) are the latest devices used to send and receive e-mail, connect to remote network applications, browsing the Web and so on. Many of the devices have word processor and spreadsheet applications and the ability to store limited amounts of data. Since these devices can be connected to the Internet, they are remotely accessible to potential attackers. Hence, use data encryption which is available in newer mobile devices built into their OS or use third-party software. 8.3 Media Media is used for transmitting data to and from network devices. The media can be either in the form of wire, fibre or radio frequency waves. There are four common methods used to connect devices at the physical layer as follows: Coaxial Cable Twisted-pair Cable Fibre Optics Wireless Coaxial Cable Coaxial cables are used for cabling televisions, radio sets and computer networks. The cable is referred to as coaxial because both the centre wire and the braided metal shield share a common axis. It is less susceptible to interference. Today, coaxial cable is replaced by faster and cheaper twisted-pair cable. UTP/STP Twisted pair cables replaced coaxial cables in ethernet networks. Single pairs of twisted cables reduce electrical crosstalk and electromagnetic interference. Multiple groups of twisted pairs are then bundled together and easily wired between devices. Twisted pairs are of two types: Unshielded Twisted Pair (UTP) and Shielded Twisted Pair (STP). STP has a foil shield around the pairs to provide extra shielding from electromagnetic interference. Whereas, in UTP twist itself eliminates interference. Depending upon the data transmission, twisted pair cables are classified into three different categories as follows: Category 3 (Cat 3) It is used for data and voice transmission and for 10Mbps Ethernet. Category 5 (Cat 5/ Cat 5e) It is used for 100 Mbps fast ethernet. Cat 5e is an enhanced version of the Cat 5 specification to address far end crosstalk. Category 6 (Cat 6) It is used for gigabit ethernet. Fibre Fibre is a very thin piece of glass or plastic that has been stretched out and enclosed in a sheath. Fibre optic cable uses beams of laser light to connect devices. It transfers data over long distances and at higher speeds. Since it does not contain any metal part to conduct current, it is not vulnerable to electromagnetic interference. This also protects it from lightening strikes. Two major drawbacks using these cables are their high cost. Other drawback is the connection has to be optically perfect or performance will be downgraded or the cable may not work. Figure: Unguided Media Unguided media does not use any physical connector between the two devices for communication. The data transmission and reception is through the air or antenna and is referred to as wireless. The three types of wireless media are as follows: Radio waves Microwaves Infrared waves 8.4 Transmission Media Security 8.5 Removable Media Removable media is a type of storage device that can be removed from a computer while the system is running. These media introduces virus when they are attached back to the network. Theft or loss of organisation secret information stored on a media can be severe financial problem or it will effect on organisations reputation. These issues can be rectified by using security policies and software. The removable media are of three types: magnetic, optical and flash memory. Magnetic Media Magnetic media devices are hard drives, floppy disks, zip disks and magnetic tape. Each device is sensitive to external magnetic field. These devices are also affected by the high temperatures and by exposure to water. For the security concern about the critical and important organisational data, do not allow users to bring floppy disk inside the organisation, as they could contain viruses or other malicious programs. Another security policy can be applied by removing floppy disk drive from users computers. Encrypting the contents of a hard drive and tape ensures the security of data. Optical Media Optical media such as CD, DVD, blu-ray and optical jukebox hold the data in digital form. The data on the physical media is read and write by laser. Optical disks are not vulnerable to magnets hence, they are more reliable and durable than the magnetic tape. CDs are very vulnerable to being scratched. If the plastic disk from the media is scratched too much, the laser will be unable to reflect through the plastic and the data will not be readable. For security of data, do not allow personal CDs inside office premises. Only authorised users should have the access to these devices and for other users these devices should be disabled or physically removed from the computers. Electronic Media The electronic media uses integrated circuit technology to store the data hence they are more stable. Since these devices are small and portable, they can be used to store limited amounts of data when portability or reliability are key necessities. Smart cards, flash cards, memory sticks and CompactFlash devices are examples of electronic media. These devices are commonly used in digital cameras, mobile phones, MP3 player, video game consoles and so on. These devices are also used to transfer data between computers. Hence, they can easily carry the virus and worms with data. For security purpose run the antivirus software before transferring any data. 8.6 Security Topologies Multiple hardware devices are connected within a network and a key characteristics of a network is its layout or topology. Security topology is implemented in such a way that it provides the internal security and public access. For example, to place an online order the organisation will require Web servers which can be accessed by the users. Then the Web servers will require access to internal database servers and internal users will require access to different servers and Internet. 8.6.1 Security Zones Modern secure network have different layers of protection with outermost layer provides basic protection and the innermost layer provides the highest level of protection. Trade-offs between access and security are handled through zones with successive zones guarded by firewalls. The outmost zone is the Internet is guarded by the firewall. The internal secure corporate network and the Internet is an area where computers are considered at risk. This zone is called as Demilitarised Zone (DMZ). DMZ DMZ acts as a buffer zone between the Internet and organisations internal secure network. To differentiate the zones, a firewall is placed at both sides of the DMZ. The firewalls are placed in such a way that the Internet users cannot directly access the organisations secure data (Refer to Figure ). Web servers, remote access server and external e-mail servers are fall in DMZ area. Domain name servers and database servers which has organisation important data should not be accessible to the Internet users. As well as application servers, file servers and print servers of trusted network zone should be placed behind both the firewalls. The main idea behind using the DMZ topology is to force an outside user to get across DMZ before user can access information inside the trusted network zone. Internet The Internet is a worldwide connection of networks. It is used to transfer e-mail, Web pages, files, financial records between networks. It is an untrusted network as it is not possible to apply security policies. Hence a firewall should be present between organisations trusted network and the Internet. Intranet Intranet resides inside the trusted area of a network and network administrators can manage its security. Intranet Web servers contents are not available to the Internet users. The organisation data can be published to outside users with two methods as follows: 1. Information can be duplicated onto computers in the DMZ so that untrusted users can access it 2. Extranets can be used to publish data to trusted users. Extranet Extranet allows outside users such as companys partners, vendors, customers and resellers to share some of the business information with authentication and authorization. Extranet allows to access data available on the intranet mainly in the DMZ. To provide security and privacy of the information, extranet requires firewall server management or digital certificates or user authentication, encryption of messages. To protect it from unauthorised access use the VPN. VLAN Virtual LAN (VLAN) is network of computers and these computers are connected to the same broadcast domain, even though they are physically located on different location. VLAN s are configured through software hence they are more flexible. When system is physically moved to different location, without any hardware reconfiguration the system stay on the same VLAN. Increased network performance, easy manageability, less configurations and higher security is the advantages of VLAN.   Note: A broadcast domain is a network (or portion of a network) that will receive a broadcast packet from any node located within that network. NAT Network Address Translation (NAT) is developed by Cisco. It is commonly used in TCP/IP network. It works at OSI layer 3 which is network layer. It uses two sets of IP addresses, one set for internal use and other for external use.   NAT is a feature of firewalls, proxies and routing capable systems. It has ability to hide the IP address and the internal network from the Internet users. This feature of NAT reduces the risk of strangers to collect important information about the network such as structure of a network, the network layout, the names and IP address of systems, and so on. Hence, they cannot gain access of the network. NAT enables internal users within an organisation to use nonroutable IP addresses which means that these IP addresses will not be routed across the Internet. These IP address is called private IP address. The private address ranges are as follows: Class A Class B Class C After NAT configuration, external malicious users can access only the IP address of the NAT host that is directly connected to the Internet. The users are not able to access any of the internal systems that go through the NAT host to access the Internet. When NAT is used to hide internal IP addresses (Refer to Figure), it is called a NAT firewall. Internal users communicate with outside networks through the NAT device such as NAT router (Refer to Figure). This NAT router has a routing table. This table keeps track of all connection requests that have come from internal network. Each outgoing request proceeds through NAT and replaces the internal users IP address with its own IP address. This IP address then forwards to the final destination. Returned packets look up in the routing table and forward the information to the correct internal user.   8.7 Chapter Review Questions 1. Which layer of the OSI model switches operate? (A) Physical layer (C) Network layer (B) Data link layer (D) Transport layer Ans: B 2. Which layer of the OSI model router operates? (A) Physical layer (C) Network layer (B) Data link layer (D) Transport layer Ans: C 3. DSL stands for ________. (A) Domain Subscriber Line (C) Digital Specific Line (B) Domain Specific Line (D) Digital Subscriber Line Ans: D 4. What should you do to secure data on the hard drive if the drive is removed from the site? (A) Encrypt the data (C) Archive the data (B) Compress the data (D) Keep strong password to log into all computers at the site Ans: A 5. Which is the most secure cable for implementing a secure network infrastructure? (A) Coaxial cable (C) Fibre cable (B) Twisted-pair cable (D) None of these Ans: C 6. What network topology area will contain public Web servers? (A) VPN (C) Firewall (B) VLAN (D) DMZ Ans: D 7. What network topology area will contain critical servers such as private Web servers, domain controllers or SQL servers? (A) Intranet (C) Internet (B) Extranet (D) DMZ Ans: A 8. What network topology area will allow business partners, customers to access the owners intranet? (A) Intranet (C) Internet (B) Extranet (D) DMZ Ans: B 9. Network access control is associated with which of the following? (A) NAT (C) IPv6 (B) IPsec (D) NAP Ans: D 10. The purpose of twisting the cables in twisted-pair circuits is to _____. (A) reduce crosstalk (C) increase bandwidth (B) increase speed (D) None of these Ans: A 8.7.1 Answers 1. B 2. C 3. D 4. A 5. C 6. D 7. A 8. B 9. D 10. A Summary In the chapter, Infrastructure Security, you learnt about Different types network devices such as Workstations, Servers, NIC, Hubs, Bridges, Switches, Routers, Firewalls, Wireless, Modems, Telecom/PBX, RAS, VPN, IDS, Network Access Control, Network Monitoring and Diagnostic and Mobile Devices. Different types of communication media between the devices such as Coaxial Cable, UTP/STP Cable, Fibre Cable and Unguided Media. Different types of removable media such as Magnetic Media, Optical Media and Electronic Media. Different types of security topologies such as DMZ, Internet, Intranet, Extranet, VLAN and NAT.