Learning Resources

Types of Networks

One way to categorize the different types of computer network designs is by their scope or scale. For historical reasons, the networking industry refers to nearly every type of design as some kind of area network. Common examples of area network types are:

  • LAN - Local Area Network
  • WLAN - Wireless Local Area Network
  • WAN - Wide Area Network
  • MAN - Metropolitan Area Network
  • SAN - Storage Area Network, System Area Network, Server Area Network, or sometimes Small Area Network
  • CAN - Campus Area Network, Controller Area Network, or sometimes Cluster Area Network
  • PAN - Personal Area Network
  • DAN - Desk Area Network

LAN and WAN were the original categories of area networks, while the others have gradually emerged over many years of technology evolution.

LAN - Local Area Network
A LAN connects network devices over a relatively short distance. A networked office building, school, or home usually contains a single LAN, though sometimes one building will contain a few small LANs (perhaps one per room), and occasionally a LAN will span a group of nearby buildings. In TCP/IP networking, a LAN is often but not always implemented as a single IP subnet.

In addition to operating in a limited space, LANs are also typically owned, controlled, and managed by a single person or organization. They also tend to use certain connectivity technologies, primarily Ethernet and Token Ring.

WAN - Wide Area Network
As the term implies, a WAN spans a large physical distance. The Internet is the largest WAN, spanning the Earth. A WAN is a geographically-dispersed collection of LANs. A network device called a router connects LANs to a WAN. In IP networking, the router maintains both a LAN address and a WAN address.

A WAN differs from a LAN in several important ways. Most WANs (like the Internet) are not owned by any one organization but rather exist under collective or distributed ownership and management. WANs tend to use technology like ATM, Frame Relay and X.25 for connectivity over the longer distances.

LAN, WAN and Home Networking
Residences typically employ one LAN and connect to the Internet WAN via an Internet Service Provider (ISP) using a broadband modem. The ISP provides a WAN IP address to the modem, and all of the computers on the home network use LAN (so-called private) IP addresses. All computers on the home LAN can communicate directly with each other but must go through a central gateway, typically a broadband router, to reach the ISP.

Other Types of Area Networks
While LAN and WAN are by far the most popular network types mentioned, you may also commonly see references to these others:

  • Wireless Local Area Network - a LAN based on WiFi wireless network technology
  • Metropolitan Area Network - a network spanning a physical area larger than a LAN but smaller than a WAN, such as a city. A MAN is typically owned an operated by a single entity such as a government body or large corporation.
  • Campus Area Network - a network spanning multiple LANs but smaller than a MAN, such as on a university or local business campus.
  • Storage Area Network - connects servers to data storage devices through a technology like Fibre Channel.
  • System Area Network - links high-performance computers with high-speed connections in a cluster configuration. Also known as Cluster Area Network.

Local Area Network
A Local Area Network (LAN) is a relatively small network that is confined to a small geographic area, such as a single office or a building. Laptops, desktops, servers, printers, and other networked devices that make up a LAN are located relatively close to each other. A key characteristic is that all of the equipment that comprises a LAN, is owned by a single entity.

From a security context, LANs are the point at which trusted users typically access your network and server resources. Often, enterprises extend too much trust to users in LANs who have otherwise unrestricted access to information resources. Consider the plight of an organization that fires an employee, but permits the employee to return to their computer under the guise of removing personal data. With unrestricted access to network resources, the disgruntled employee has the ability to delete or tamper with information that is critical to the organization. Even happy, trustworthy employees can be a critical threat to information security. An employee who is tricked into installing malicious software or accidentally introduces a computer virus or worm to an organization can cause immeasurable damage if he is granted access to critical systems.

Threat Posed to a Local Area Network
For example, an employee of a large corporation logged into their computer and set off a logic-bomb that deleted all the programs that ran the company's engineering operations. Former system administrator turned disgruntled employee, who had been fired from the company shortly before implementing his attack, planted the logic-bomb. The result: the company lost $12 million in revenue and had to lay off 80 employees as a result of their losses.

It is easy to identify employees as the potential inside threat, with all others in the external threat category. The problem with this classification method is that LAN users are not always employees. Contractors, business partners, vendors, and students are all examples of people who might use a company LAN but are not trusted with limitless access to information resources. It is important to consider all access to LAN resources - not just traditional users - when evaluating the internal threat to an organization.

Metropolitan Area Network
The term Metropolitan Area Network (MAN) is typically used to describe a network that spans a citywide area or a town. MANs are larger than traditional LANs and predominantly use high-speed media, such as fiber optic cable, for their backbones. MANs are common in organizations that need to connect several smaller facilities together for information sharing. This is often the case for hospitals that need to connect treatment facilities, outpatient facilities, doctor's offices, labs, and research offices for access to centralized patient and treatment information. MANs share many of the same security threats as LANs, but on a larger scale. The plight of an administrator in a central location granting access to countless offices that are scattered within a city is a difficult one that demands strict access control mechanisms to protect against unauthorized information access.

One example is the Healthlink Miami Valley project in Montgomery Valley, Ohio (U.S.A.). Tasked with providing a community-wide information network to provide universal care to uninsured and marginally insured patients, the Healthlink team developed a MAN to connect partner hospitals, clinics, and doctor's offices to provide coordinated care to patients through a centralized information system, while remaining in compliance with federal regulations regarding confidentiality of patient information.

Wide Area Network
A Wide Area Network (WAN) covers a significantly larger geographic area than LANs or MANs. A WAN uses public networks, telephone lines, and leased lines to tie together smaller networks such as LANs and MANs over a geographically dispersed area. Connecting devices in different geographic areas together for information sharing, WANs are an important piece of enterprise networks. For example, consider the VisaNet global network used by Visa International. The VisaNet network connects locations throughout 150 countries to validate and debit credit-card transactions at over 24 million locations. By providing security and simplicity over a standard-based WAN architecture, Visa International relies on their network infrastructure to provide reliable access to merchants who accept Visa credit cards for transactions.

The Internet
The Internet is an example of a network that connects many WANs, MANs, and LANs into the world's largest global network. Internet Service Providers (ISPs), such as UUNet and QWest connect the networks. These providers are responsible for maintaining the integrity of the Internet while providing connectivity between WANs, MANs, and LANs throughout the world. ISPs provide customers with access to the Internet through the use of points-of-presence (POP), also called network access points (NAP), in cities throughout the world. Customers are provisioned access to POPs from their own WANs, MANs, and LANs to Internet access to their users.

In addition to providing customer access to the Internet, ISPs also provide connectivity between each other at "peering points." Large peering points are called metropolitan area exchanges (MAE, pronounced "may"), where ISPs are able to exchange traffic originating in one ISP that is to be delivered to a different ISP. Three major peering points exist in the United States; they are MAE-East in Washington D.C., MAE-Central in Dallas, Texas, and MAE-West in San Jose, California. Qwest maintains a map that shows the connection of these peering points.

Personal Area Network
A more recent term used to describe a type of network is a Personal Area Network (PAN). PAN networks are usually wireless, established in an on-demand or ad-hoc fashion when needed to communicate between two or more devices. PAN networks can be used between devices owned by two different parties, or between two devices owned by one person, such as a PDA and a laptop or mobile phone. These networks are usually characterized as short-range, often limited to 10 meters or less in range.

An example of a PAN technology is Bluetooth wireless networking. Bluetooth is designed as a cable-replacement technology, allowing users to discard the serial and USB cables used by many of today's peripheral devices and rely on a Bluetooth PAN for communication. Bluetooth PANs support up to 7 devices in a single network and can be used for proprietary protocols (such as PDA synchronization) or standards-based protocols, including Internet access over IP and the Bluetooth Network Encapsulation Protocol (BNEP).

Network can be divided in to two main categories:

  • Peer-to-peer.
  • Server – based.

In peer-to-peer networking there are no dedicated servers or hierarchy among the computers. All of the computers are equal and therefore known as peers. Normally each computer serves as Client/Server and there is no one assigned to be an administrator responsible for the entire network.

Peer-to-peer networks are good choices for needs of small organizations where the users are allocated in the same general area, security is not an issue and the organization and the network will have limited growth within the foreseeable future.

The term Client/server refers to the concept of sharing the work involved in processing data between the client computer and the most powerful server computer.
The client/server network is the most efficient way to provide:

  • Databases and management of applications such as Spreadsheets, Accounting, Communications and Document management.
  • Network management.
  • Centralized file storage.

The client/server model is basically an implementation of distributed or cooperative processing. At the heart of the model is the concept of splitting application functions between a client and a server processor. The division of labor between the different processors enables the application designer to place an application function on the processor that is most appropriate for that function. This lets the software designer optimize the use of processors--providing the greatest possible return on investment for the hardware.

Client/server application design also lets the application provider mask the actual location of application function. The user often does not know where a specific operation is executing. The entire function may execute in either the PC or server, or the function may be split between them. This masking of application function locations enables system implementers to upgrade portions of a system over time with a minimum disruption of application operations, while protecting the investment in existing hardware and software.


Network Architectures


Ethernet is the most popular physical layer LAN technology in use today. Other LAN types include Token Ring, Fast Ethernet, Fiber Distributed Data Interface (FDDI), Asynchronous Transfer Mode (ATM) and LocalTalk. Ethernet connection is popular because it strikes a good balance between speed, cost and ease of installation. These benefits, combined with wide acceptance in the computer marketplace and the ability to support virtually all popular network protocols, make Ethernet an ideal networking technology for most computer users today. The Institute for Electrical and Electronic Engineers (IEEE) defines the Ethernet standard as IEEE Standard 802.3. This standard defines rules for configuring an Ethernet network as well as specifying how elements in an Ethernet network interact with one another. By adhering to the IEEE standard, network equipment and network protocols can communicate efficiently.

Fast Ethernet

For Ethernet networks that need higher transmission speeds, the Fast Ethernet standard (IEEE 802.3u) has been established. This standard raises the Ethernet speed limit from 10 Megabits per second (Mbps) to 100 Mbps with only minimal changes to the existing cable structure. There are three types of Fast Ethernet: 100BASE-TX for use with level 5 UTP cable, 100BASE-FX for use with fiber-optic cable, and 100BASE-T4 which utilizes an extra two wires for use with level 3 UTP cable. The 100BASE-TX standard has become the most popular due to its close compatibility with the 10BASE-T Ethernet standard. For the network manager, the incorporation of Fast Ethernet into an existing configuration presents a host of decisions. Managers must determine the number of users in each site on the network that need the higher throughput, decide which segments of the backbone need to be reconfigured specifically for 100BASE-T and then choose the necessary hardware to connect the 100BASE-T segments with existing 10BASE-T segments. Gigabit Ethernet is a future technology that promises a migration path beyond Fast Ethernet so the next generation of networks will support even higher data transfer speeds.

Token Ring

Token Ring is another form of network configuration which differs from Ethernet in that all messages are transferred in a unidirectional manner along the ring at all times. Data is transmitted in tokens, which are passed along the ring and viewed by each device. When a device sees a message addressed to it, that device copies the message and then marks that message as being read. As the message makes its way along the ring, it eventually gets back to the sender who now notes that the message was received by the intended device. The sender can then remove the message and free that token for use by others.

Various PC vendors have been proponents of Token Ring networks at different times and thus these types of networks have been implemented in many organizations.


FDDI (Fiber-Distributed Data Interface) is a standard for data transmission on fiber optic lines in a local area network that can extend in range up to 200 km (124 miles). The FDDI protocol is based on the token ring protocol. In addition to being large geographically, an FDDI local area network can support thousands of users.


A Network topology

A network topology is the geometric arrangement of nodes and cable links in a LAN,

There are three topology's to think about when you get into networks. These are the star, rind, and the bus.

Star, in a star topology each node has a dedicated set of wires connecting it to a central network hub. Since all traffic passes through the hub, the hub becomes a central point for isolating network problems and gathering network statistics.

Ring, a ring topology features a logically closed loop. Data packets travel in a single direction around the ring from one network device to the next. Each network device acts as a repeater, meaning it regenerates the signal

Bus, the bus topology, each node (computer, server, peripheral etc.) attaches directly to a common cable. This topology most often serves as the backbone for a network. In some instances, such as in classrooms or labs, a bus will connect small workgroups