Overview of Home Networking
My guess is if you’re reading this, you have a home network with some number of computers and devices connected.
So, let me provide a brief overview of the concepts of setting up a home network. Further posts will provide more details about various aspects.
A home network is typically a consumer version of a Local Area Network or LAN. LANs have been used in business and large corporations for several decades and they can be really complex. Fortunately, for the consumer, a home LAN is a lot less daunting.
The purpose of a Home LAN is to allow several computers and devices to share a single connection to the wider Internet. Also, to move data around within the Home LAN (e.g., to printers and network disks). The single Internet connection is usually a broadband connection of cable, DSL or fiber-to-the-home (e.g., Verizon’s FiOS).
Home LANs have been around for around 15 years, but have become ubiquitous during the past 5. This is due to wide availability of reasonably priced broadband service, coupled with the maturation of reasonably priced WI-FI. WI-FI refers to the wireless access to a local-area network. It also refers to a specific family of standards (IEEE 802.11). Most Home LANs use WI-FI for most of the access to the Home LAN.
The typical home network has the following components:
- Modem – This is the device that connects from the Internet to the router. It typically has two connections: One to connect to the service (which for cable and FiOS is a cable connection) and an Ethernet connection to the home LAN.
- Router – This is the device that provides the service to the internal network. It has an Ethernet connection to connect to the modem, then several Ethernet connections to connect to devices in the network. It also might have wireless WI-FI capability (wireless router).
- Network switch (optional) – This device will connect several devices via Ethernet to one Ethernet connection. Switches are used to expand networks.
- Wireless Access Point (WAP) – This device provides wireless capability away from the router. Adding a WAP to a wireless router solution will expand the wireless coverage in a building, like into that home office that the wireless signal isn’t quite strong enough.
- Range Extender – Similar to a WAP except that instead of using an Ethernet connection, it basically rebroadcasts WI-FI to provide wireless in hard to reach areas.
- Bridge – Allows wired devices to operate in a wireless network.
It has become common for the modem and router to be combined into a single device, especially if you service provider provides the device.
A simple home network would look like this:
Note that some of the devices are connected via Ethernet cable, the others are connected wirelessly by WI-FI.
This network is a little more complicated, but very real. In this case, there is a network switch inserted to grow out additional Ethernet devices. Also, one of the devices is a WAP to increase wireless coverage.
Now that you have some understanding about the terms and concepts, let’s look at insuring that it’s secure. There are really two areas of concern:
- Firewall – This is the technology that protects your LAN from intrusion from the outside world.
- Wireless – This is how to insure that no one is able to snoop on your wireless transmissions or actually wirelessly connect to your network.
If you are using a consumer router and you haven’t explicitly configured the firewall capabilities of the firewall, you don’t need to be concerned. The default configuration of router firewalls will shield you from incoming connections, while permitting outgoing. I’ll discuss this topic in more detail in a later post.
However, the wireless configuration is crucial to insure safety and you have choices when performing the initial configuration of your network. This topic probably requires better treatment but given the criticality of this issue, here are some pointers:
- Encryption – Use it! Older routers default to “none” when configuring encryption. Check your router’s wireless settings to insure that encryption is set. However, that’s not all! The type of encryption is crucial. There are basically two types:
- WEP – This was the original encryption method for WI-FI, but has been shown to be highly vulnerable to be broken. It shouldn’t be used unless there is no other option.
- WPA/WPA2 – This much more secure than WEP, as long as the passcode is long and complex enough. Use the same rules as a password, longer than 8 characters, include numbers, letters and special characters and don’t use obvious words.
- SSID – This is the wireless network identifier. It is how a device can identify and connect to a given network. Without encryption, that’s all a device needs to connect. There are a couple changes that I’d recommend, though neither insures that a sophisticated hacker can’t access your network (that’s why encryption is so important):
- You should change SSID name from the default (e.g., “Linksys”) to a name personal to you. This will allow you to find your network among a list of nearby active networks and inhibit others from guessing the identifier.
- Disable SSID broadcast. This will prevent the casual hacker from seeing your SSID.
Here are some links to various vendors and their home networking products (Note: I’m not recommending any particular product)
- Cisco Valet — One of Cisco’s home networking products. This is basically their lower end family.
- Linksys — This is the higher end Cisco family of home networking products
- Apple Airport Extreme and Airport Express — The first is Apple’s high-end wireless router. It can be purchased with a network disk. The latter is a more compact lower-end wireless router. I actually use both, I use the Extreme for my main WI-FI, then use the Express as a WAP and also carry it to provide wireless when I travel to hotels without wireless support.
- Belkin — Also, Belkin offers products that use your electrical wiring to carry network traffic called Powerline.