.

Introduction

While studying for the CISSP exam, you need to be familiar with the different network topologies that exist. If you do not know how a network is laid out or how the devices communicate on that network, it is extremely difficult for you to protect that network. This paper discusses the difference between the two. We define physical and logical topology and discuss the various types that exist in each category.

Physical Topologies

Physical topology defines how the systems are physically connected. It represents the physical layout of the devices on the network. There are five main types of physical topologies that can be used and each has its own strengths and weaknesses. These five types include:

• Bus
• Ring
• Star
• Hybrid or tree
• Mesh

Bus

The bus topology exists when each of the systems is connected in a line, as seen in Figure 1. In this topology, all the systems are chained to each other and terminated in some form on each end. This topology was used in the early days of networking because it was inexpensive to use and relatively easy to set up.

Figure 1--Bus Network

When a packet is sent in a bus topology, there is no intermediary to determine who the packet should go to. Because of this, every packet that is sent in a bus topology is received by all systems on the network. Normally, if the packet is not for a particular system, the computer would simply disregard the packet; however, you can see the security implications of this type of network. If a malicious user were on this network and utilized a packet capture program, he could see every conversation that occurred between machines.

The following table identifies additional advantages and disadvantages of the bus topology:

Ring

The ring topology exists when each of the systems is connected to its respective neighbor forming a ring, as seen in Figure 2. This physical topology has many of the same strengths and weaknesses of the bus topology. The main difference between the bus and ring is that the ring topology does not require termination. Because the systems are connected all together in a loop, there is no beginning and end point as there is with the bus topology. For additional fault tolerance or performance enhancements, you can add a second ring. This configuration is seen in Fiber Distributed Data Interface (FDDI) networks.

Figure 2--Ring Network

The following table identifies additional advantages and disadvantages of the bus topology:

Star

In the previous two topologies, the systems in the network were connected to each other. In the star topology, instead of being connected to each other, the systems are now connected to some central device, as seen in Figure 3. In the star topology, one of the biggest advantages is that when one system goes down, it does not bring the rest of the network down with it as it does in the bus or ring topologies. The star topology is the most prevalent topology in use today. The strengths and weaknesses of the star topology can be seen in Table 3.

Figure 3--Star Network

The following table identifies some additional advantages and disadvantages of the bus topology:

Hybrid or Tree

The hybrid or tree topology is simply a combination of the other topologies. Figure 4 shows an example of a hybrid network. In this layout, we have three star networks that are connected to each other through a bus topology shown by the red line.

Figure 4--Hybrid Network

Mesh

The mesh topology is the last topology we discuss. In this layout, every system is connected to every other system. The main advantage of this topology is high availability. The main disadvantage of this topology is cost, both administrative and physical. Because each system is connected to each other, the amount of cabling and maintenance necessary can be prohibitive, especially in larger networks. The formula for determining the amount of cable needed in a mesh network is:

• (N x (N - 1))/2, where N is the number of systems to be interconnected

In our example in Figure 5, we have six systems that require 15 cables to create a mesh network. This topology is mainly used in Wide Area Network environments or in environments where high availability outweighs the costs associated with this amount of interconnection.

Figure 5--Mesh Network

The following table identifies additional advantages and disadvantages of the mesh topology:

Logical Topologies

The Logical topology defines how the systems communicate across the physical topologies. In CISSP terms, you may hear logical topology referred to as the LAN media access method or network access method. There are two main types of logical topologies:

• shared media topology
• token-based topology

Shared Media

In a shared media topology, all the systems have the ability to access the physical layout whenever they need it. The main advantage in a shared media topology is that the systems have unrestricted access to the physical media. Of course, the main disadvantage to this topology is collisions. If two systems send information out on the wire at the same time, the packets collide and kill both packets. Ethernet is an example of a shared media topology.

To help avoid the collision problem, Ethernet uses a protocol called Carrier Sense Multiple Access/Collision Detection (CSMA/CD). In this protocol, each system monitors the wire, listening for traffic. If traffic is detected, the system waits until it hears no traffic before it sends packets out. If a situation occurs where two systems send out packets at the same time and a collision occurs, each system waits for a period of time before it retries. This time period is different for each system, so that the collision does not occur again.

For small networks, the shared media topology works fine; however, as you begin to add more systems to the network, there is a greater opportunity for collisions. To help reduce the number of collisions, many networks are broken up into several smaller networks with the use of switches or hubs, and each network is then referred to as its own collision domain.

Shared media networks are typically deployed in a bus, star, or hybrid physical topology.

Token Based

The token-based topology works by using a token to provide access to the physical media. In a token-based network, there is a token that travels around the network. When a system needs to send out packets, it grabs the token off of the wire, attaches it to the packets that are sent, and sends it back out on the wire. As the token travels around the network, each system examines the token. When the packets arrive at the destination systems, those systems copy the information off of the wire and the token continues its journey until it gets back to the sender. When the sender receives the token back, it pulls the token off of the wire and sends out a new empty token to be used by the next machine.

Token-based networks do not have the same collision problems that Ethernet-based networks do because of the need to have possession of the token to communicate. However, one problem that does occur with token-based networks is latency. Because each machine has to wait until it can use the token, there is often a delay in when communications actually occur.

Token-based network are typically configured in physical ring topology because the token needs to be delivered back to the originating machine for it to release. The ring topology best facilitates this requirement.

Summary

Understanding the different physical and logical topologies is an important skill set for the information security professional. Knowing how a network is laid out and how the devices communicate on that network can help you make better security decisions to protect your environment and prevent incidents from occurring.