N

See Also data communications equipment (DCE) ,serial transmission

gateway

A term used to describe a variety of networking technologies that enable communication between different networking architectures and protocols.

Overview

Gateways generally operate at the higher levels of the Open Systems Interconnection (OSI) reference model for networking. They are commonly used to provide connectivity between two different protocol stacks that might be running on different systems. Examples include the following:

• E-mail gateways-for example, a gateway that receives Simple Mail Transfer Protocol (SMTP) e-mail, translates it into a standard X.400 format, and forwards it to its destination

• Gateway Service for NetWare (GSNW), which enables a machine running Microsoft Windows NT Server, or Windows 2000 Server to be a gateway for Windows clients so that they can access file and print resources on a NetWare server

• Gateways between a Systems Network Architecture (SNA) host and computers on a Transmission Control Protocol/Internet Protocol (TCP/IP) network, such as the one provided by Microsoft SNA Server

• A packet assembler/disassembler (PAD) that provides connectivity between a local area network (LAN) and an X.25 packet-switching network

A gateway is usually a dedicated device or a set of services running on a dedicated computer. Gateways are essentially devices that direct network traffic in some fashion and translate that information.

See Also network

Gateway Service for NetWare (GSNW)

A feature of Microsoft Windows 2000 Server that allows Windows clients access to NetWare servers.

Overview

When Gateway Service for NetWare (GSNW) is installed and configured on a machine running Windows 2000 Server, the server can act as a gateway to enable Windows clients to access file, print, and directory resources on Novell NetWare servers. The process is totally transparent to the users on the Windows client machines-to them the resources appear to be located on the Windows 2000 server itself instead of the NetWare server.

GSNW can perform gateway functions for all versions of Microsoft Windows client operating systems, including Windows for Workgroups, Windows 95, Windows 98, Windows Millennium Edition (Me), Windows NT Workstation, Windows 2000 Professional, and Windows XP. GSNW can provide gateway access for Windows clients to bindery-based NetWare 2.x and 3.x servers and to NetWare 4.x servers running either NDS (Novell Directory Services) or in bindery emulation mode. A Windows 2000 server that has GSNW installed also must have the NWLink protocol loaded. This protocol, which is an Internetwork Packet Exchange/ Sequenced Packet Exchange (IPX/SPX)-Compatible Transport, makes it possible for the Windows 2000 server to communicate with the NetWare server. If it is not already installed, NWLink will install automatically on the Windows 2000 server when you install GSNW.

Implementation

To prepare the NetWare server for the gateway, you must create a group and a user account as follows:

• Create a group called Ntgateway on the NetWare server and give it the necessary rights for accessing the resources you want to make available on the server.

• Create a user account on the NetWare server and give it the necessary rights for accessing the resources you want to make available on the server. Make this user account a member of the Ntgateway group.

  

  Gateway Service for NetWare (GSNW). How GSNW provides Microsoft Windows clients with access to file and print resources on a Novell NetWare server.

GSNW will use this user account for creating a connection to the NetWare server. The connection will appear on the server running Windows 2000 as a redirected drive that can be shared, as if it were a resource located on the Windows 2000 server. Windows clients can then connect to the shared resource by browsing My Network Places, by mapping a drive using Windows Explorer, or by using the net use command. From the perspective of Windows clients on the network, the shared resources they access appear to reside on the Windows 2000 server. In actuality, the GSNW service on the server is performing protocol conversion between the Server Message Block (SMB) protocol, which the Windows clients understand, and the NetWare Core Protocol (NCP), which the NetWare file server uses.

After GSNW is installed, the first time you log on to the server for connectivity to a NetWare 4.x server using NDS, you are prompted to specify a default tree and context for connecting to the NetWare server. If the NetWare server is running in bindery-emulation mode or is an earlier 2.x or 3.x server, you must specify a preferred server when you log on. You can also configure these settings using the GSNW utility in Control Panel.

Uses

Because GSNW must process all requests directed through the gateway and perform protocol conversion between SMB and NCP, access is slower than if the clients actually had NetWare client software installed and could directly access the NetWare server. You should use GSNW only for occasional or temporary access to NetWare servers by Windows clients-for example, during a process of migrating NetWare servers to Windows 2000. When Windows clients need frequent access to resources on NetWare servers, as in a heterogeneous networking environment, install Client Services for NetWare (CSNW) instead of GSNW on Windows 2000 client machines to allow them direct access to resources on NetWare servers. On other versions of Windows, you can install Client for NetWare Networks to achieve the same result.

Notes

Both GSNW and CSNW are also available on the Windows NT platform.

See Also Client Services for NetWare (CSNW) ,File and Print Services for NetWare (FPNW) ,NetWare protocols

GbE

Stands for Gigabit Ethernet, a form of Ethernet that operates at 1 gigabit per second (Gbps).

See Also Gigabit Ethernet (GbE)

GBIC

Stands for Gigabit Interface Converter, a modular transceiver for Fibre Channel switches and other gigabit networking devices.

See Also Gigabit Interface Converter (GBIC)

gender changer

An adapter with two connectors of the same type and gender.

Overview

A gender changer enables you to change the gender of the connector to which it is joined. For example, you could change the gender of a cable connector from male (with pins) to female (with sockets) or vice versa. This is typically done to allow two male or female cable ends to be joined together to form a longer cable or to allow equipment to be connected to a cable with the wrong gender.

Gender changers come in a variety of types and are specified by the connector type and gender involved. An example would be a V.35 to V.35 male/male gender changer, which can be used to connect two V.35 serial cables (or one cable and a Channel Service Unit/Data Service Unit [CSU/DSU]) that terminate with female connectors.

Gender changer. Examples of V.35 gender changers.

Some gender changers can also act as adapters for different data interfaces. For example, a V.35 to RS-232 male/male gender changer can be used to connect a V.35 connection on a CSU/DSU to a router using an RS-232 serial cable. Be sure that the pinning for such a gender changer is suitable for the type of equipment you want to connect because different pinnings might exist when different serial interfaces are connected.

See Also Channel Service Unit/Data Service Unit (CSU/DSU) ,RS-232 ,V.35

General Packet Radio Service (GPRS)

A 2.5G upgrade to existing Time Division Multiple Access (TDMA) cellular communications systems.

Overview

General Packet Radio Service (GPRS) was designed as an upgrade for existing second-generation (2G) cellular systems such as Global System for Mobile Communications (GSM) and other TDMA systems such as AT&T Wireless. GPRS is a packet-switching overlay that can support Internet Protocol (IP) data transmission at speeds up to 171 kilobits per second (Kbps), which is more than 10 times faster than currently supported data rates for these systems (data transmission on current GSM systems is typically 9.6 Kbps). In practice, however, the maximum data rates are usually more like 52 Kbps downstream and 13 Kbps upstream. This is because of the overhead of combining channels together, throttling of bandwidth by providers to enable more users to share channels, and the power limitations of handsets at the subscriber end.

GPRS will provide the first global high-speed mobile IP communications system and is intended as an interim solution until broadband third-generation (3G) cellular systems can be fully deployed. Using GPRS, a cellular phone can access Internet services by means of Wireless Application Protocol (WAP). WAP provides a richer format for information exchange than the existing Short Message Service (SMS), which is limited to a maximum of 160 characters per transmission. With its higher data rates, GPRS makes possible the kinds of wireless applications and services that simply have not been feasible on existing GSM and TDMA systems. Possible uses for GPRS include wireless mobile Web browsing, discussion groups, chat services, mobile commerce, and home automation through wireless remote control.

The GPRS standard 03.60 was developed by the European Telecommunications Standards Institute (ETSI). Trials of GPRS began in 1999, and the first commercial rollouts appeared in 2000. A number of European and Asian countries and regions are piloting GPRS systems and thus have an edge over the United States in the arena of wireless communication systems running at more than 20 Kbps.

Uses

Besides cellular phones, GPRS can be implemented in a wide variety of devices, including PCMCIA modems for laptops, expansion modules for Personal Digital Assistants (PDAs) and handheld computers. Research in Motion (RIM), makers of the popular BlackBerry handheld e-mail devices, is working with Microcell Telecommunications, a GSM provider, to use GPRS as a transport for its wireless messaging system.

Architecture

Most existing 2G cellular systems are circuit-switched services in which a dedicated connection must be established in order for communications to take place. As long as the session lasts, the subscriber owns the channel and is billed for its usage even if no data is being sent. By contrast, packet-switching is a more efficient technology because it allows several users to share a channel. No actual connection needs to be established in order to send data-from the point of view of the subscriber the system is "always on" and ready to transmit. And instead of billing for connection time, subscribers are billed according to the amount of data they transmit and receive instead.

GPRS uses the same underlying TDMA time slot architecture as GSM, but instead of assigning only a single time slot to each user for transmission or reception, it can multiplex up to eight slots (the maximum for a TDMA frame) to give a maximum possible data transmission rate of 171 Kbps. In most implementations, however, three or four slots can are multiplexed for downstream transmission and only one for upstream, which makes practical transmission speeds much slower (but still better than GSM alone).

When a GPRS user wants to send data, the handset finds the first available time slot and sends the first chunk of data, sending more chunks as further slots become available. In this respect, GPRS operates like an Ethernet network-the more users sharing the system, the less bandwidth available for each user to transmit or receive data. Collisions do not occur, however, since time-division multiplexing (TDM) prevents contention from occurring.

GPRS was designed to transport both IP and X.25 packet data, but all current implementations use IP to provide connectivity with the Internet. To provide this connectivity, a GPRS mobile phone needs an IP address, which can be either statically or dynamically assigned. All existing application-layer Internet protocols can run over GPRS, including Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), and so on. Most GPRS systems use WAP as their application layer protocol, however, because it is more efficient for devices with limited memory and small displays.

Implementation

Implementation of GPRS requires that existing TDMA hardware be upgraded, including handsets and base stations. In addition to the base stations and mobile switching centers of existing TDMA networks, GPRS adds two additional components:

• Serving GPRS Support Node (SGSN): This transmits and receives IP packets to mobile stations through the existing base stations, and exchanges these packets with the Gateway GPRS Support Node (GGSN) using a special tunneling protocol called GPRS Tunneling Protocol (GTP).

• Gateway GPRS Support Node (GGSN): This acts as a gateway between the SGSN and the Internet, forwarding packets between them.

GPRS handsets are similar to GSM handsets, and they require a Subscriber Identity Module (SID), a form of smart card containing the subscriber's ID, billing address, private key, and other information. GPRS supports several security schemes including Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), Secure Sockets Layer (SSL), and IPsec.

It is probable that GPRS upgrades will be easiest for carriers whose networks operate in the 1800-megahertz (MHz) or 1900-MHz frequency bands, because they usually have sufficient unused capacity to implement channel aggregation without having to upgrade their bearer equipment. Upgrading to GPRS is more expensive for carriers operating in the 800-MHz or 900-MHz bands because of the near-full capacity of those bands.

Another cost involved in the GPRS upgrade process is that of replacing the circuit-switched core network connecting existing base stations with an IP-based backbone network for interfacing between the wireless system and the Internet. You can create an interface between a GPRS network and an IP network by using a GGSN. You can also use GGSNs to connect GPRS networks with legacy X.25 packet-switching networks.

Prospects

GPRS is viewed as an interim solution to give mobile users a measure of access to the Internet. The GSM Alliance, representing 400 GSM providers and their 250 million subscribers worldwide, is a driving force behind the move toward upgrading existing GSM systems to GPRS. As an example, AT&T Wireless plans to migrate its existing TDMA system (a 2G system based on IS-136) in several stages over the next few years, starting first with GPRS, a 2.5G upgrade, then Enhanced Data Rates for Global Evolution (EDGE), an IMT-2000 3G upgrade to GPRS, and finally to Universal Mobile Telecommunications System (UMTS) which will support 3G speeds of 2 megabits per second (Mbps).

In late 2000, a large cellular operator in Hong Kong SAR called Pacific Century CyberWorks (PCCW) launched a 20 kilobits per second (Kbps) GSM-based GPRS overlay, which, in order to access, subscribers need to upgrade their handsets to Motorola P7389i. Other GSM operators around the world are involved in similar upgrades, with GPRS handsets becoming available from Nokia and other vendors. Lucent Technologies and Sun Microsystems are also working together to provide a platform for GSM upgrades to GPRS.

Notes

EDGE is almost identical to GPRS, the main difference being that EDGE uses a more efficient encoding scheme (8-bit phase shift keying or 8-PSK) which encodes three bits per symbol instead of the Gaussian phase shift keying (GMSK) mechanism of GSM (and also GPRS) that encodes only one bit per symbol. The result is that EDGE theoretically supports data transmission rates up to 513 Kbps, three times the maximum possible for GPRS. Real speeds for EDGE systems will be much lower, however, due to protocol overhead, error correction, and bandwidth throttling by providers. Although EDGE speeds are lower than the 2 Mbps limit intended for 3G systems by the IMT-2000 recommendations from the International Telecommunication Union (ITU), EDGE is still classified under IMT-2000 as a 3G system.

GPRS cannot be used to easily upgrade existing Code Division Multiple Access (CDMA) cellular systems, which are widely in use throughout North America and some other parts of the world. These systems are expected to migrate to Wideband CDMA (W-CDMA) instead, a 3G recommendation from the ITU that offers speeds up to 2 Mbps.

See Also 2G , 2.5G ,3G ,cellular communications ,Code Division Multiple Access (CDMA) ,Enhanced Data Rates for Global Evolution (EDGE) , Time Division Multiple Access (TDMA), Wideband Code Division Multiple Access (W-CDMA)

Gigabit Ethernet (GbE)

A form of Ethernet that operates at 1 gigabit per second (Gbps).

Overview

Gigabit Ethernet (GbE) is an evolution of standard Ethernet technologies that supports the transmission of data at 1 gigabit per second (Gbps) or 1000 megabits per second (Mbps) over both fiber-optic cabling and copper twisted-pair cabling. GbE was developed to solve the problem of increasing congestion on local area network (LAN) backbones currently running Fast Ethernet, Fiber Distributed Data Interface (FDDI), and Asynchronous Transfer Mode (ATM). Because of its simplicity and throughput, GbE has become the dominant LAN backbone technology, relegating the slower FDDI to the legacy arena and pushing the complicated ATM back into the wide area network (WAN) environment where it originated. Because of its close similarities to other forms of Ethernet, GbE provides a smooth upgrade path from 10 megabits per second (Mbps) Ethernet and 100 Mbps Fast Ethernet.

The Gigabit Ethernet Alliance is an open forum that promotes cooperation and industry standards for GbE. The Alliance includes a number of prominent companies, including Cisco Systems, Intel Corporation, Sun Microsystems, Nortel Networks, and 3Com Corporation. GbE is standardized by the IEEE specifications 802.3z in 1998 and 802.3ab in 1999.

Uses

GbE's main application is for building high-speed backbones for LANs and campus networks. An example would be for high-speed switch-switch connections where you might connect two 100 Mbps switches with 1 Gbps uplinks to create Fast Ethernet islands joined by a GbE backbone. Alternatively, you could connect several 10/100 switches to one 100/1000 switch. For collapsed backbones, 1000BaseT copper interconnects are sufficient to join switches together, but for campus- wide distributed backbones, 1000BaseLX running over single-mode fiber supports the long distances needed to build such infrastructure. The problem is that many existing FDDI campus backbones use multimode fiber, and GbE does not operate over long distances on this type of fiber. This usually necessitates pulling new fiber to replace existing multimode fiber campus backbones with single-mode fiber to enable GbE to run over these backbones. Single-mode fiber is more expensive than the multimode type, and pulling fiber is an expensive process itself, so these costs generally add a significant amount to the process of converting legacy FDDI campus backbones to newer GbE ones. On the other hand, upgrading switched Fast Ethernet backbones in small and mid-sized companies to GbE may simply be overkill. Overprovisioning of GbE is common by system integrators, and it provides small gains over existing Fast Ethernet networks with considerable added cost.

GbE is also finding an increasing place in server-switch connections for joining server farms to high-speed backbones. This configuration can theoretically provide users with 1-Gbps access to application or file servers, but there are limitations at present. The problem is that even with newer 1 Gbps network interface cards, most servers still cannot make full use of a gigabit link to a GbE switch. Various factors are at work here, including the existing 64-bit Peripheral Component Interconnect (PCI) bus being too slow to pump data out at gigabit speeds (the upcoming PCI-X standard may help here), hard disk subsystems being unable to keep up with the flow of data to and from the server (even 10,000 RPM hard disks cannot read/write at gigabit speeds), and the Transmission Control Protocol/Internet Protocol (TCP/IP) stacks of operating systems being unable to handle gigabit data transfer rates (though Microsoft Windows 2000 is a considerable improvement in this area over Windows NT). The bottom line is that aggregating two or three Fast Ethernet links is currently sufficient for handling data transfer to most Wintel servers and is a cheaper solution than adding a Gigabit network interface card (NIC) and connecting it to a Gigabit switch. This will probably change around 2002 as 64-bit Windows running on Itanium chips may finally perform to the point of needing a second Gigabit NIC to handle throughput, but keep your eyes on developments in hard disk technologies as their performance is usually the limiting factor or bottleneck in keeping file servers from pumping data at gigabit speeds.

Gigabit-to-the-desktop is a vision of deploying GbE end-to-end across a network, and involves installing 1 Gbps NICs into high-performance workstations to provide them with incredibly fast access to network servers. This is still more a dream than a reality, though, because such workstations suffer from the same limitations that were described for servers above, and even more so. The result is that deploying GbE end-to-end across a network generally results in only a marginal improvement over Fast Ethernet in applications performance and greatly complicates the already difficult task of troubleshooting high-speed switched networks. In the old days of shared Ethernet networks, a "sniffer" could be connected to the main hub and traffic on the entire LAN could be analyzed-capturing and analyzing traffic on a switched LAN is much more complicated, and protocol analyzers operating at gigabit speeds are expensive. In any case, gigabit-to-the-desktop is still several years from everyday reality, and most desktop applications can achieve sufficient bandwidth using only Fast Ethernet.

Another hindrance to completely migrating a network's infrastructure from Fast Ethernet to GbE over copper (1000BaseTX) is cabling. Although GbE can theoretically run over existing Category 5 (Cat5) cabling, such cabling usually has not been installed with the care and precision needed to support gigabit signaling speeds. Also, GbE over copper requires the use of all four pairs of wires, whereas some flavors of Fast Ethernet only needed two pairs of wires. As a result, corporate networks often need considerable rewiring to support GbE, and even new deployments using enhanced Category 5 (Cat5e) or Category 6 (Cat6) wiring require exceptional care in how they are installed to ensure that GbE will perform as expected.

Architecture

Like earlier forms of Ethernet, the GbE standards specify only the physical (PHY) layer and data-link layer of network operation and support any protocols running at higher levels. This means that upgrading from Ethernet or Fast Ethernet to GbE is relatively straightforward and only involves insuring that GbE supports the cabling media, cable lengths, and cabling topology. No changes need to be made to higher-layer protocols such as TCP/IP during such an upgrade (although sometimes such network layer protocols can be "tuned" to provide better performance in a GbE environment).

GbE uses the same connectionless datagram delivery services as earlier forms of Ethernet. It uses the same frame format as other forms of Ethernet and likewise supports both unicast, multicast, and broadcast frames. It can operate in both shared (half-duplex) and switched (full-duplex) modes. GbE employs a line coding scheme called 8B/10B that packs 8 bits (1 byte) of data into 10 baud (symbols) for transmission, a system known as 1000BaseX. This means that in order to achieve a data transmission rate of 1 Gbps, a signaling frequency of 1.25 GHz is required. The 8B/10B encoding scheme for GbE was borrowed from Fibre Channel technologies. GbE actually borrows most of the characteristics of its PHY and data-link layers from the Fibre Channel's FC-0 and FC-1 sublayers, with the exception of using a signaling rate of 1.250 Gbaud instead of Fibre Channel's 1.0625 Gbaud.

GbE uses the same standard 802.3 framing structure as standard Ethernet, with frames between 64 and 1514 bytes in length and using the same 48-bit MAC addresses (jumbo frames up to 9000 bytes are also supported). It also supports the same Carrier Sense Multiple Access with Collision Detection (CSMA/CD) media access method supported by earlier versions of half-duplex Ethernet. To achieve the tenfold speed increase of GbE over Fast Ethernet while maintaining support for reasonably large networks, GbE makes some changes to the Ethernet MAC algorithm and how CSMA/CD operates. These changes are necessary because reducing the transmission time for a frame by a factor of 10 on an Ethernet network normally means that the size of the network (maximum distance between stations) would also decrease by the same factor.

One of the media access control (MAC) layer modifications introduced by GbE is called carrier extension, which involves extending the length of the carrier and slot times to pack out all frames to a minimum carrier length of 512 bytes to ensure that collisions can be properly detected and recovered from. In other words, the smallest possible frame (64 bytes) would have its carrier signal extended until it appears to the physical layer as 512 bytes in length. This is different from merely padding a 64-byte frame with an additional 448 bytes of junk to produce a 512-byte frame-instead, the carrier signal is extended for a time equivalent to 448 additional bytes, but the frame still appears to be 64 bytes in length from the point of view of layers above the MAC layer. As a result, if the frame is bridged from a GbE to a Fast Ethernet network segment, for example, the frame remains 64 bytes in length on the Fast Ethernet segment, instead of 512 bytes if the frame were merely padded. Another MAC layer modification in GbE is support for frame bursting, which allows multiple short frames to be grouped in a way that it allows a station to take temporary control of the wire to send out a number of small packets in succession, arbitrating the signal for the channel only once. This second feature is optional but results in better performance in many situations.

Both of these modifications are done to enable shared half-duplex implementations of GbE to support a network diameter of up to 655 feet (200 meters), instead of the inadequately small 65.5-foot (20-meter) wide network that would result if CSMA/CD were implemented without these modifications. When implementing switched full-duplex GbE, CSMA/CD is not used and these issues are irrelevant because no collisions can occur.

GbE also supports several schemes for autonegotiation, allowing hubs, switches, routers, and NICs capable of supporting 100/1000 Mbps or even 10/100/1000 Mbps speeds.

Implementation

GbE can be implemented in four different PHY layer options, all of which support both half-duplex and full-duplex operation:

• 1000BaseCX: Uses 150-ohm balanced twinax cabling or shielded twisted-pair (STP) cabling with a maximum link length of 82 feet (25 meters). This version is designed primarily for device clustering and is not much used.

• 1000BaseLX: Uses both long wavelength transmissions over single-mode fiber-optic cabling supporting distances of 3 miles (5000 meters) over 10 micron fiber and also short wavelength transmissions over multimode fiber supporting distances of 1640 feet (550 meters) over both 62.5 and 50 micron fiber. The single-mode version is used mainly for long cable runs; for example, to connect LANs across a campus.

  

  Gigabit Ethernet. Simple example of using a 100/1000 Mbps GbE switch.

• 1000BaseSX: Uses short wavelength transmissions over multimode fiber-optic cabling. This version is used mainly for short cable runs of up to 1805 feet/550 meters (over 50-micron fiber) or 900 feet/275 meters (over 62.5-micron fiber) and is intended for connecting workgroup switches in a building to a GbE backbone switch.

• 1000BaseTX or 1000BaseT: Uses twisted-pair Cat5 cabling (all four pairs of wires are needed) with a maximum link length of 328 feet (100 meters), giving a maximum network diameter of 655 feet (200 meters). It is intended mainly for connecting high-speed servers to GbE switches and for switch-switch interconnects in collapsed backbones.

Note that the distances specified above are for full-duplex operation only, because they are the inherent or physical distance limitations of the media for Gigahertz signaling. For half-duplex networks, the distance restrictions are more severe and depend on the round-trip propagation delay supported by the MAC signaling method. For example, the maximum supported link length for 1000BaseLX and 1000BaseSX is only 364 feet (111 meters), well below the physical signaling distances supported by fiber medium.

Shared (half-duplex) implementations of GbE support only two simple topologies: a point-to-point connection between two stations and a star-wired topology with a hub (repeater) at the center, typically with 8, 12, or 24 ports on a hub. Cascaded hub topologies are not supported by shared GbE LANs, though some manufacturers sell stackable hubs whose backplanes can be connected to form a single collision domain. As a result of these topology restrictions, switched (full-duplex) implementations are much more common in real-world networks, and they support virtually any topology you can imagine as long as the length restrictions outlined above are adhered to (there are even ways around these length restrictions at times, as will be mentioned later).

Advantages and Disadvantages

Compared to other network backbone technologies, GbE has a number of distinct advantages. The most obvious advantage over FDDI is the superior speed offered by GbE. The result is that GbE has pushed FDDI from the corporate mainstay it was in the mid- 1990s to being legacy technology today that most enterprises are phasing out. Most corporate FDDI network backbones have now migrated to GbE, and the remaining ones are not likely to last beyond a couple of years as chip manufacturers for FDDI equipment stopped producing as of 2001.

GbE also has several advantages over ATM that make it the current favorite for enterprise network backbones. Most ATM backbones operate at 155 or 625 Mbps and fall short of the 1 Gbps for shared half-duplex GbE and 2 Gbps of switched full-duplex GbE. ATM is also more expensive and difficult to deploy and maintain than GbE. Most network architects can transition from Fast Ethernet to GbE technologies as easily as they previously moved from 10BaseT to Fast Ethernet, since the technologies are so similar. On the other hand, ATM still holds the superior hand in the WAN where it can run over Synchronous Optical Network (SONET) for thousands of miles and for delay-sensitive applications such as voice and multimedia where GbE still falls short, although new quality of service (QoS) mechanisms for Ethernet, such as DiffServ and 802.1p VLAN tagging, may help narrow the gap.

Upgrading a Fast Ethernet backbone switch to a GbE 100/1000-Mbps switch is straightforward and will enable you to connect high-speed server farms using GbE NICs. Benefits include increased throughput and performance, more network segments, more bandwidth per segment, and more nodes per segment.

Marketplace

The growth of GbE market in the last few years has been impressive, with GbE port module shipments reaching 4 million in 2000, a quarter of which were 1000BaseTX copper ports. For comparison, however, these port figures only represent 3 percent of the total market for all forms of Ethernet, but the figures for GbE are more than doubling each year.

GbE hubs (repeaters) are not common, but GbE switches and routers are made by a wide variety of vendors. A popular example is the Catalyst 3500 series of switches from Cisco, which have a 10 Gbps backplane that provides high performance, come in 12 and 24 GbE port configurations, and support both full-duplex and half-duplex operation even over copper. 3Com's SuperStack 3 switches are another good choice, with the 4900 series providing 12 copper or fiber gigabit ports for aggregation of Fast Ethernet workgroups. A typical scenario might be to connect a dozen 3300 series 10/100 switches using gigabit fiber uplinks to a core 4900 switch. Enterasys has GbE through its entire product line of switches and routers, and Foundry gigabit products are also popular in the enterprise.

GbE switches come in two basic types:

• Backbone switches: These generally have 8 or 12 copper or fiber GbE ports and one or two GbE uplinks and are used for building collapsed backbones for high-speed networks. A popular example is the 12-port AT-9006LX switch from Allied Telesyn International, which has a lower per-port price than many comparable switches. Other popular backbone switches for mid-sized networks include the Intel 480T, the Catalyst 4908 from Cisco, and the Summit5i from Extreme Networks.

• Workgroup switches: These can have 8, 2, 24, or even 48 Fast Ethernet 10/100 ports and up to four GbE uplinks, and they are used for building Fast Ethernet islands by uplinking many Fast Ethernet switches to a single workgroup switch. Galileo Technologies has managed to cram 48 autosensing 10/100 ports and two GbE uplinks into a 1U rack-mountable device, which is quite an engineering feat.

In the distributed backbone market, the 1805-foot (550-meter) limitation for GbE over multimode fiber can be overcome by a GbE extender such as Allied Telesyn's AT-EX1001SC/GM1, which allows GbE to run over multimode fiber to a distance of 1.25 miles (2 kilometers). Campuses needing to upgrade their old FDDI-based distributed backbones to GbE can save money by using extenders like these instead of replacing existing multimode fiber with single-mode fiber.

Finally, network analyzers for troubleshooting GbE networks are available from Agilent Technologies (a spinoff from Hewlett-Packard), Network Associates, and Fluke Networks.

Prospects

GbE is here to stay. Most new enterprise networks being deployed these days are implemented with GbE backbones instead of FDDI or ATM (Fast Ethernet is still used for backbones in small to mid-sized companies). The only thing that can probably dethrone GbE is the emerging 10 GbE standard, an even faster version of Ethernet that finally discards the inefficient CSMA/CD media access method, operates instead only in switched full-duplex mode, and supports up to 40 kilometers (25 miles) using single-mode fiber. Meanwhile, prices per 1 Gbps port for GbE switches continue to fall, and even though the industry average was around $1,000 per port at the end of 2000, there were some vendors offering switches with prices as low as $300 per port. It will not be long until the price per port drops to the point where network architects may as well buy GbE switches instead of Fast Ethernet ones even if they achieve no immediate performance gains.

Another emerging use for GbE is as a transport for moving data between servers and storage area networks (SANs). GbE SANs encapsulate Small Computer System Interface (SCSI) traffic within Internet Protocol (IP) packets, making it possible to greatly extend the 165-foot (50-meter) limitation of SCSI and to locate SANs at remote data centers.

Gigabit in the metropolitan area network (MAN) is the latest development and provides an attractive alternative to telco T-carrier services to enterprises needing high-speed WAN connections. For more information on this exciting new technology, see the article "metropolitan Ethernet" elsewhere in this book.

Notes

By employing jumbo frames up to 9000 bytes in length, performance of gigabit server-switch connections can generally be improved significantly, provided the hard disk bottleneck has not been reached.

For More Information

You can visit the Gigabit Ethernet Alliance at www.gigabit-ethernet.org

See Also 1000BaseCX ,1000BaseLX ,1000BaseSX ,1000BaseTX ,Carrier Sense Multiple Access with Collision Detection (CSMA/CD) ,Ethernet ,Ethernet switch ,Fast Ethernet ,Fibre Channel ,jumbo frames ,MAC address ,metropolitan Ethernet

Gigabit Interface Converter (GBIC)

A modular transceiver for Fibre Channel switches and other devices.

Overview

Gigabit Interface Converters (GBICs) provide network architects with flexibility in choosing different media options for gigabit-speed switches. They support a variety of different cabling options, including unshielded twisted-pair (UTP) and single-mode or multimode fiber-optic and copper Fibre Channel cabling. By simply plugging the appropriate GBIC module into a port on a Fibre Channel or Gigabit Ethernet (GbE) switch, a different media option can be easily configured for that port, providing flexibility for configuring switches according to need. This is accomplished by having the GBIC convert the signals in the connected media (for example, light signals on a fiber-optic cable) into electrical signals compatible with the 1000BaseX port on the switch. GBICs can also regenerate signals, allowing transmission to occur over distances of 62 miles (100 kilometers) or greater over long-haul single-mode fiber.

Marketplace

An example is 1000BaseT GBIC from Cisco Systems, which can be used to provide flexibility in cabling options for Cisco Catalyst 2900 and 3500 Series XL GbE switches. Cisco 1000BaseT GBICs come in a wide variety of transceiver configurations that support copper, long-haul and short-haul fiber, and backplane interconnects for stacking switches. They are also hot-swappable, allowing cabling to be switched to different types on the fly in a simple plug-and-play fashion.

See Also Ethernet switch , Fibre Channel ,

G.Lite

A splitterless version of Asymmetric Digital Subscriber Line (ADSL).

Overview

G.Lite is a form of ADSL that is targeted mainly for the residential Internet access market. G.Lite is easy to install-so easy that a home user can perform the installation, eliminating the need for a "truck roll" (technician visit) from the telco to the subscriber. This saves the telco considerable costs and allows them to pass this saving on to the subscriber. G.Lite was partly developed as a response to the challenge presented by cable modem technology, where subscribers can usually perform the installations themselves. G.Lite is intended to be a "plug and play" version of Digital Subscriber Line (DSL).

Like other forms of DSL, G.Lite connections are "always on"-once you turn your computer on, the connection is active and you can send or receive e-mail or browse the Web without having to dial up a connection. G.Lite is slower than regular ADSL and supports maximum downstream transmission of 1.536 megabits per second (Mbps) and upstream 384 kilobits per second (Kbps), depending on the implementation.

G.Lite is sometimes called DSL Lite or Universal ADSL, but the International Telecommunication Union (ITU) has endorsed the term G.Lite as official nomenclature for this technology under the G.992.2 standard. Commercial rollouts of G.Lite began in 1999, and the service is gaining popularity among DSL providers.

Implementation

G.Lite is sometimes referred to as splitterless ADSL because a splitter is not required at the customer premises to separate the voice and data signals being carried over the phone line. This is different from ordinary ADSL, which uses a splitter to separate the baseband analog Plain Old Telephone Service (POTS) voice channel from the upstream and downstream DSL simplex bearer signals. The splitter protects the ADSL signal from variations in impedance of the POTS signal and from dial tones and other forms of interference. Likewise, the splitter protects the POTS signal from interference due to intermodulation of the ADSL tones. In ordinary ADSL, a splitter must be installed at both the customer premises and the telco's central office (CO). G.Lite gets around the need for a splitter at the customer premises by incorporating a number of advanced signal processing techniques that help keep the bit error rate (BER) within reasonable tolerances. These advanced techniques include forward error correction, trellis encoding, and interleaving.

To use G.Lite, the customer obtains a G.Lite modem from the DSL provider and simply connects it to her computer and phone line. No second phone line or other form of rewiring of the customer premises is required, since G.Lite uses the existing local loop connection to the customer premises. Customers can make phone calls or send faxes while connected to the Internet over their G.Lite connection.

Notes

The quality of a G.Lite connection to your home can suffer if you have a large number of RJ-11 phone jacks installed. This is because each phone jack acts as a bridged tap that is run off the main phone line as a parallel connection. Signals traveling along your phone line can reflect off these jacks and affect the overall reliability of your G.Lite connection. Also, the farther your home is from the telco CO, the less bandwidth might be available for your G.Lite connection.

See Also Asymmetric Digital Subscriber Line (ADSL) ,Digital Subscriber Line (DSL)

Global.asa

A file that contains global information for Active Server Pages (ASP) applications.

Overview

The Global.asa file is used to manage functions common to all users of an ASP application. Specifically, a Global.asa file includes

• Four event procedures common to all users of an ASP application, namely Application_OnStart, Application_OnEnd, Session_OnStart, and Session_OnEnd.

• Object declarations (using <OBJECT> tags) for defining application-level and session-level objects, variables, and event handlers.

• Type library declarations for COM components used by the application.

Global.asa files should not generate or contain any content that is visible to a client Web browser-Asp.dll will simply ignore any Hypertext Markup Language (HTML) placed in the Global.asa file. Furthermore, you can have only one Global.asa file per ASP application, and the file must be located in the root virtual directory of the application.

Notes

If your Global.asa file generates an error, you should ensure that any object declarations within the file have application-level or session-level scope, that any script in the file is enclosed within <SCRIPT> tags, and that any <OBJECT> tags are placed outside of <SCRIPT> tags.

See Also Active Server Pages (ASP)

global catalog

A Microsoft Windows 2000 or Windows .NET Server domain controller that contains a read-only, partial replica of information from all domains in a forest.

Overview

The global catalog resides on a selected group of domain controllers in your Windows 2000 or Windows .NET Server enterprise called global catalog servers. The global catalog is automatically created the first time you run the Active Directory Installation Wizard and is installed on the first domain controller in the root domain by default. Other domain controllers must then be manually designated as global catalog servers by using the administrative tool Active Directory Sites and Services. The Active Directory directory service replication process then automatically maintains the contents of each global catalog server.

In a geographically distributed enterprise, each physical site should have at least one domain controller to speed network traffic. Most Active Directory-related traffic is the result of queries on Active Directory, so the domain controller for small sites should also be configured as a global catalog server. This will reduce traffic over wide area network (WAN) links to other sites by allowing the global catalog server to locally resolve queries for information on directory objects from other domains.

Every Active Directory object in the entire enterprise is represented in the global catalog, but only a subset of the attributes of each object is stored in the catalog. The properties represented are those most likely to be used as search attributes, such as the user's first or last name. However, administrators can specify storing additional object attributes in the catalog if desired. You can modify which attributes are represented for objects in the global catalog by editing the schema of Active Directory, but you must do so with care.

Uses

The global catalog enables users to easily locate objects in any domain with maximum speed and minimum network traffic. In effect, the global catalog acts as a kind of index for looking up objects stored in Active Directory anywhere on your network. Having the global catalog store only a subset of an object's attributes in Active Directory improves the response time for performing search queries on Active Directory. You can search the global catalog for Active Directory objects by using the Find dialog box in Active Directory Users and Computers. Note that the global catalog also includes the access permissions for directory objects, so if you search for an object and it does not show up, you probably do not have permission to access the object.

The global catalog also has another important function-in native-mode domains, users require access to a global catalog server in order to log on to the domain. If no global catalog server is in the local site, a global catalog server in a remote site may be used. If all global catalog servers are down in a native mode domain, users can only log on using their cached user credentials. An exception to this is that members of the Domain Admins group can log on to native domains even when no global catalog server is available.

See Also Active Directory , domain (DNS) ,domain controller ,

global catalog server

A Microsoft Windows 2000 or Windows .NET Server domain controller that contains a copy of the global catalog.

Overview

Global catalog servers let users search for objects located anywhere in a forest and enable users to log on to the domain in native-mode networks. Information stored on global catalog servers is updated each time Active Directory directory service performs its directory replication process.

Global catalog servers should be located appropriately so that queries on Active Directory can be performed effectively. Ideally, you should have at least one global catalog server in each site within the enterprise. However, in a multidomain environment, the replication traffic generated by maintaining these servers can be a burden on overall network traffic, especially if slow wide area network (WAN) links are involved. In this case, consider placing your global catalog servers as follows:

• Place several global catalog servers in each major site where large numbers of users and resources can be found.

• Place a global catalog server at each small site where there are significant numbers of users and resources or where the WAN connection to major sites is slow.

See Also global catalog

global group

A type of security group in Microsoft Windows NT, Windows 2000, and Windows .NET Server.

Overview

In Windows NT, global groups are used to simplify administration of user accounts by organizing them into groups. For example, you can use them to group users by function (such as the Accountants global group), by location (such as the Third-Floor global group), or by some other criteria. By contrast, local groups are designed to provide users with permissions for accessing network resources and rights for performing system tasks.

Global groups can contain only global user accounts from their own domain. They cannot contain global user accounts from other domains, nor can they contain other groups. Global groups are created on domain controllers and are stored within the Security Accounts Manager (SAM) database.

In Windows 2000 and Windows .NET Server mixed- mode domains, global groups operate much the same as in Windows NT, and they can be granted permissions on resources in any domain in the current forest. In native mode, however, global groups can contain both user accounts and global groups from the same domain.

See Also AGLP , local group

global load balancer

A hardware-based or software-based solution that can direct requests for Web content to multiple geographical locations where the content is stored.

Overview

An example of using global load balancers might be for an e-business that has many data centers scattered around the world to use global load balancers to direct Web customers' traffic to centers that can provide the fastest response time for each customer's location. If a data center goes down as a result of a power outage or some other condition, traffic to that site can be transparently redirected to other sites. The overall effect of implementing global load balancers in an e-business enterprise is an increase in reliability and performance from the customer's point of view.

Implementation

Global load balancers essentially act as intelligent Domain Name System (DNS) name servers, performing name lookups for Uniform Resource Locators (URLs) and directing requests to the most appropriate Internet Protocol (IP) addresses. The five criteria listed below are typically used to determine which address to forward a request to. (Note that not all global load balancers support all of five of these criteria.)

• Proximity of the site to the client, usually measured in router hops and established by using the Border Gateway Protocol (BGP), Internet Control Message Protocol (ICMP), or User Datagram Protocol (UDP)

• Latency (the overall response time of the site), which is usually determined by pinging the site and calculating the delay

• Server load (how busy the site is and how much capacity the server has for responding to clients)

• Server health (whether the site is up and what its CPU and connection load are)

• Packet loss (the average quality of the Transmission Control Protocol [TCP] connection to the site), which is established by using ping

Of course, the DNS standard itself has built-in load balancing in the form of round-robin DNS. If multiple IP addresses are mapped to the same domain name, clients requesting the domain are directed to each IP address in a round-robin fashion. However, this rudimentary load- balancing scheme does not take into account such factors as which IP address belongs to the nearest host, the relative capability of the hosts to respond to requests, the availability of hosts, and so on. This is where global load balancers come in-they take over the role of authoritative name server for a company's domain.

Global load balancers come in three varieties:

• Layer 4 switches or routers with built-in support for global load balancing. Many Layer 4 switches and routers support some form of local load balancing, and software upgrades might be available that add such support. These switches tend to perform faster than appliances or software because they use hardware for packet forwarding and use software for routing purposes only. However, they also tend to be the most expensive solution.

• Network appliances, which are essentially self- contained, stripped-down servers running global load-balancing software on top of operating systems optimized for this particular function.

• Software that can run on standard servers running Microsoft Windows 2000, Windows NT, or UNIX that enables the servers to function as global load balancers. If you use this solution, be sure that your server is dedicated to running this software and does not run any other applications.

Global load balancers talk only to the local DNS server configured for the client, not to the client itself. This works well, except when mobile users travel to other cities and use their laptops to try to access the site. In this situation, if the client is still using a preconfigured DNS server at the home location, the global load balancer thinks that the client is still there as well. Also, once a DNS-based global load balancer has directed a client to the appropriate site or server, it is no longer involved in the client's session and cannot tell whether the server goes down or whether some problem occurs with the connection.

For this reason, some global load balancers also use Hypertext Transfer Protocol (HTTP) redirects to masquerade as the target site and redirect HTTP requests to different servers. The client actually talks to the load balancer itself, and performance is faster than using DNS because fewer TCP connections are required. If the client's connection to the server is interrupted, the global load balancer can redirect the client to a different server with minimal interruption. The downside of using HTTP redirects is that they work only with HTTP and not with other Internet protocols, such as File Transfer Protocol (FTP) or Network News Transfer Protocol (NNTP), or with streaming multimedia. This can be a limitation if your e-business delivers this type of content to the customer.

Other mechanisms can be used to perform global load balancing, including cookie-based and proprietary schemes. Windows NT 4, Enterprise Edition, provides a load-balancing service called Windows NT Load Balancing Service (WLBS). This IP load-balancing service employs a fully distributed clustering design that is ideal for creating highly available and scalable IP-based services such as Web, virtual private networking (VPN), streaming media, and proxy services.

See Also Domain Name System (DNS) ,Hypertext Transfer Protocol (HTTP) ,Uniform Resource Locator (URL)

globally unique identifier (GUID)

In Microsoft Corporation operating system platforms and programming, a 128-bit value based on time and space that can be used to uniquely identify a component.

Overview

Globally unique identifiers (GUIDs) are employed by the Component Object Model (COM) to uniquely identify classes and interfaces so that naming conflicts will not occur. A GUID is virtually guaranteed to be unique across all systems at any time. For example, every object, class, and attribute in Active Directory directory service is assigned a unique GUID when it is created. The GUID of an entity in Active Directory never changes, even if the entity itself is renamed or moved to another location. The GUID acts as a kind of permanent name for the entity within the directory to ensure that it can be positively identified when needed.

Microsoft BackOffice products such as Exchange Server and SQL Server also use GUIDs to uniquely tag objects. For example, the information store in Exchange Server has a base GUID that is used to generate individual GUIDs for all messages, attachments, and folder contents kept in the store. If you restore the information store from a backup, you need to run the command isinteg-patch before restarting the information store to change the base GUID. Running this patch ensures that new objects created in the information store do not accidentally end up with GUIDs that are identical to those of objects already existing in the information store. This could cause inconsistencies in the information store database.

Notes

You can also manually generate GUIDs for components using the console-based Uuidgen utility or the Microsoft Windows-based Guidgen utility in Microsoft Visual C++.

See Also Active Directory ,Component Object Model (COM)

Global System for Mobile Communications (GSM)

A second-generation (2G) digital cellular communications technology popular in Europe, Asia, and other parts of the world.

Overview

Global System for Mobile Communications (GSM) is the only truly worldwide cellular communications system. More than 400 different GSM carriers have implemented GSM systems in more than 200 countries and regions, and there are more than 250 million subscribers worldwide (all other cellular systems combined account for only 150 million subscribers worldwide).

GSM cellular supports voice communications rivaling the analog Advanced Mobile Phone Service (AMPS) system in speech quality. GSM also supports other services, including

• Group 3 fax (ITU recommendation T.30)

• Circuit-switched and packet data communications at speeds up to 14.4 kilobits per second (Kbps)

• Short Message Service (SMS), a two-way paging service that supports store-and-forward delivery of short text messages up to 160 characters in length.

GSM also supports other services including caller ID, call waiting, call forwarding, and conference calling.

GSM operates in different frequency bands and is described by different names depending on the band used, including the following:

• GSM 900 or simply GSM: This is the original GSM system that began operation in 1992.

• GSM 1800 or PCN (Personal Communications Network): This is a high-frequency version of GSM found in parts of Europe and gradually becoming the standard there.

• GSM 1900 or PCS (Personal Communications System): This is the counterpart of GSM 1800 in the United States and Canada.

History

GSM began as an initiative of the Conference of European Posts and Telegraphs (CEPT) to develop a pan- European digital communications system that would allow users to roam between different countries and regions with no interruption in service. Work on the new standard was begun in 1982 by a body called Groupe Sp ciale Mobile, which gave the technology its acronym, GSM (later on GSM was changed to mean Global System for Mobile Telecommunications). GSM standards development was turned over to the European Telecommunications Standards Institute (TESI) in 1989.

GSM was deployed in several phases, starting with GSM Phase 1, which was first commercially deployed in 1991 and which supported call forwarding, global roaming, call barring, and similar features. These initial 900-megahertz (MHz) GSM systems spread rapidly to 22 different countries and regions by 1993. GSM Phase 2 added additional features such as short message service, call holding, call waiting, caller ID, multiparty calling supporting up to five parties per call, and mobile fax and data services. GSM Phase 2+ deployments currently underway include support for data transmission at 64 Kbps and higher, packet radio, virtual private networks, enhancements to the Subscriber Identity Module (SIM) card, higher spectral efficiency, integration with satellite links, and even GSM services in the local loop.

Architecture

GSM uses a combination of Frequency Division Multiple Access (FDMA) and Time Division Multiple Access (TDMA) media access control methods to provide full-duplex communication. In the 862-to-960- MHz World Association of Radio Communications (WARC) portion of the electromagnetic spectrum, GSM communicates using two separate frequency bands:

• The 890- to 915-MHz band for mobile-to-base (uplink) communication

• The 935- to 960-MHz band for base-to-mobile (downlink) communication

Carrier signals are spaced 200 kilohertz (kHz) apart within these bands based on frequency-division multiplexing (FDM) to provide 124 pairs of superchannels (carriers). Each superchannel is then subdivided using time-division multiplexing (TDM) into eight traffic channels (time slots), some of which are used as communications channels and others as control channels. Each communications channel carries either digitized voice at 13 Kbps or data at either 9.6 or 14.4 Kbps. Altogether GSM provides 992 full-duplex channels for voice communication. By comparison AMPS cellular systems, which also use TDMA, employ three time slots instead of eight.

A single GSM time slot can carry a payload of 156 bits and is 0.577 microseconds in duration, a time interval called the burst period. This suggests that the total data carrying capacity of GSM could theoretically be 33.8 Kbps, but much of this is used for protocol and error correction overhead, reducing the maximum possible data transmission rate to only 14.4 Kbps. The short duration of a GSM time slot also restricts the maximum distance at which a GSM phone can communicate with its base station to about 22 miles (35 kilometers) regardless of the power used.

Power classes for GSM mobile units range from 0.8 through 2.0 watts transmission power for handsets to 8 through 20 watts for vehicle-mounted units. Approximately half of a GSM transmission consists of overhead for signaling, such as synchronization and error handling. Such high overhead is typical in cellular phone systems and is necessary-not so much because of external interference of buildings and other structures, but because of internal interference due to crosstalk between channels and across cell boundaries.

Global System for Mobile Communications (GSM). The authentication process for GSM.

Implementation

A basic GSM communications system consists of three parts:

• Mobile station (MS): This is a cellular phone or vehicle-mounted phone used for sending and receiving calls. The MS also contains the user's SIM, a small "smart card" about the size of a postage stamp that is issued when a user subscribes to a GSM service. The SIM contains a unique number called an International Mobile Subscriber Identity (IMSI) that uniquely identifies the MS, the user's private key for encrypting transmissions, and billing information, such as the subscriber's address. The MS itself is uniquely identified by a number called an International Mobile Equipment Identity (IMEI), and the IMEI and IMSI are independent of each other. When a user moves from his home location to one where a different GSM system is used, the user can simply remove the SIM from his own GSM phone and install it in a GSM phone rented from a service in that location.

• Base station subsystem (BSS): This is a fixed radio transmitter that provides coverage for a specific cell and handles call setup and tear down for mobile stations in the area.

• Mobile switching center (MSC): This is a switching center that coordinates the operation of all BSSs in its coverage area, coordinates billing for subscribers, handles roaming and handoffs between cells, and provides gateway connectivity with the Public Switched Telephone Service (PSTN) or Post, Telephone, and Telegraph (PTT) land-based telephone system.

GSM communications are secured by employing key- based encryption for authentication traffic (and optionally for data transfer as well). The diagram shows the process that occurs when a mobile user wants to place a call. When the user dials a number, the mobile unit connects with the base station requesting authorization. The base station generates a random number and transmits it to the mobile unit, which then combines the random number with the owner's secret key stored in the phone's SIM by using a secret ciphering algorithm called A3. The result of this process is transmitted to the base station. Meanwhile, the base station, which has the private keys for all its subscribers stored in a database, follows the same steps, using the A3 algorithm to combine the generated random number with the caller's private key. The result is compared with the result transmitted by the user. If the two results agree, the user is logged on to the system. Encryption of message traffic is similar to encrypted authentication, except that each transmitted frame is encrypted using a different random number. This makes encrypted GSM messages extremely difficult to crack, so much so that some countries and regions prohibit GSM providers from encrypting user messages!

Marketplace

Although GSM is the dominant cellular communications system in Europe and a major player in other parts of the world, such as Asia and the Pacific Rim, it ranks a distant third in North America behind the popular Code Division Multiple Access (CDMA) digital cellular systems such as Sprint PCS and behind Time Division Multiple Access (TDMA) systems best represented by AT&T Wireless Services and SBC Communications. This is changing, however, as U.S. GSM carriers such as VoiceStream Wireless Corporation (now owned by Deutsche Telekom) expand their coverage across areas connecting urban centers, especially in California, the Eastern seaboard states, Florida and the South, and the Texas- Minneapolis corridor.

With interoperability between these competing systems being a major issue for U.S. subscribers needing to travel abroad, QUALCOMM, the company behind CDMA cellular systems, has announced it plans to develop a chip that will enable cellular phones to work with both CDMA and GSM systems.

Prospects

GSM has fared well as a global standard communications technology apart from garnering little support in the United States. Initiatives are underway to enhance this 2G system into one capable of carrying data at speeds of 64 Kbps and higher. Two such upgrades are the General Packet Radio Service (GPRS) and High Speed Circuit Switched Data (HSCSD), both of which operate by multiplexing GSM's existing TDM slots. These 2.5G initiatives are stepping stones toward the next generation high-speed third-generation (3G) broadband cellular systems that are just beginning to appear in parts of the world.

Notes

GSM has a counterpart service called Digital Communication Service (DCS) that works in essentially the same way as GSM, except at a higher 1.8-gigahertz (GHz) frequency band. DCS provides a total of 2992 channels for voice communication. One advantage DCS has over GSM is that it uses much lower power levels for mobile units, ranging from 0.25 to 1.0 watts transmission power.

For More Information

Visit the GSM Association at www.gsmworld.com

See Also 2G , 2.5G ,3G ,Advanced Mobile Phone Service (AMPS) ,cellular communications ,Code Division Multiple Access (CDMA) , High-Speed Circuit Switched Data (HSCSD), Time Division Multiple Access (TDMA)

global user account

A Microsoft Windows NT account that has a domain-wide scope.

Overview

In Windows NT, global user accounts are stored in the Security Accounts Manager (SAM) database on domain controllers. You can create them using User Manager for Domains, a Windows NT administrative tool. Global accounts allow users to take full advantage of the Windows NT Directory Services (NTDS). Users who have global accounts can access resources anywhere in the domain, provided they have permissions for those resources.

The other type of user account in Windows, the local user account, exists only within the directory database of the machine on which it is created. Use only global accounts for users when implementing Windows NT domains as your security model. User Manager for Domains creates global accounts by default.

Notes

In Windows 2000 and Windows .NET Server, global user accounts are instead called domain user accounts and they are managed using the Active Directory Users and Computers snap-in for the Microsoft Management Console (MMC).

See Also local user account ,user account

GNOME

Stands for GNU Object Modeling Environment, a graphical desktop for UNIX and Linux platforms.

See Also GNU Object Modeling Environment (GNOME)

GNU General Public License (GPL)

The open source licensing scheme of the Free Software Foundation (FSF).

Overview

The GNU Project was started in 1984 with the aim of developing a UNIX-like operating system that could be freely distributed. The acronym GNU itself recursively stands for GNU's Not UNIX (recursion is a feature of the UNIX operating system). The GNU General Public License (GPL) allows developers to freely copy and make changes to software as long as they provide the source code freely upon request and do not add any additional copyright restrictions to the modified software.

GPL is the licensing scheme used in all distributions of Linux, the popular free operating system developed by Linus Torvalds. The GNU gcc compiler is also the only C compiler that can be used to compile the Linux kernel. GPL forms the basis for licensing much of the free software that drives the Internet. GPL has also been chosen by Sun Microsystems as the licensing scheme for its free StarOffice suite of business applications.

See Also Linux ,UNIX

GNU Object Modeling Environment (GNOME)

A graphical desktop for UNIX and Linux platforms.

Overview

GNU Object Modeling Environment (GNOME) is an open-source graphical user interface (GUI) developed by the GNOME Foundation under the GNU General Public License (GPL) licensing scheme. The GNOME Foundation was modeled after the Apache Foundation and includes such members as the Free Software Foundations (the originators of GPL), IBM, Hewlett- Packard, Compaq Computer Corporation, Sun Microsystems, Red Hat, and many others.

GNOME's purpose is to make UNIX and Linux platforms easier to use. GNOME is a highly configurable windows-based user environment that includes a desktop with application icons, a status panel, a set of tools, and other elements. The GNOME session manager allows a user's desktop settings to be maintained across user sessions.

Prospects

A competing open-source alternative to GNOME is the K Desktop Environment (KDE) developed under the auspices of the KDE League. KDE has many supporters, but GNOME is backed by industry heavyweights and has been selected by Hewlett-Packard as the standard graphical user interface for HP-UX and by Sun as the GUI for Solaris.

For More Information

You can visit the GNOME Developer's Site at developer.gnome.org

See Also GNU General Public License (GPL) ,K Desktop Environment (KDE) ,Linux ,UNIX

Gopher

A legacy Internet protocol used for distributed storage of documents.

Overview

Gopher is similar to another Internet protocol, File Transfer Protocol (FTP), because it remotely accesses files over a Transmission Control Protocol/Internet Protocol (TCP/IP) internetwork such as the Internet. But although an FTP site exists on only one server and there can be many different FTP sites, there's really only one distributed Gopher file system. The Gopher file system is a single collection of all Gopher servers in the world (although private Gopher subnetworks could also exist).

Gopher was popular in the late 1980s and early 1990s as a mechanism for storing and disseminating information across the Internet, especially for libraries and universities, but it has fallen out of favor because of the rising popularity of the World Wide Web (WWW). Not many Gopher servers still work, and most of them are not regularly updated with new information.

Gopher. The simple interface of the legacy Gopher protocol.

Implementation

Any Gopher server can act as a logical root of the hierarchical Gopher distributed file system. To access a file or document, a person using a Gopher client (a standard Web browser such as Microsoft Internet Explorer will do) types the Uniform Resource Locator (URL) of an accessible Gopher server. For example, gopher://gopher.tc.umn.edu takes the user to a Gopher server for the University of Minnesota (where Gopher originated). The Gopher file system is presented as a series of folders, each of which can contain

• Additional folders

• Individual documents

• Links to other Gopher servers (displayed as folders)

Users then work their way down the "gopher hole" (to use the metaphor) until they locate the document they want, and then they display or download it. They can also use a search tool developed at the University of Nevada called Veronica (Very Easy Rodent-Oriented Netwide Index to Computerized Archives) to perform keyword searches to locate documents on the worldwide Gopher network.

See Also Uniform Resource Locator (URL) ,World Wide Web (WWW)

GPL

Stands for GNU General Public License, the open source licensing scheme of the Free Software Foundation.

See Also GNU General Public License (GPL)

GPRS

Stands for General Packet Radio Service, a 2.5G upgrade to second-generation (2G) Time Division Multiple Access (TDMA) cellular communications systems.

See Also General Packet Radio Service (GPRS)

grep

Stands for global regular expression print, a powerful UNIX command.

Overview

Grep lets you search a file or multiple files for a specific pattern or string of characters and, if desired, replace it with a different string. Grep is also useful for searching for specific entries in text files such as log files, UNIX system error logs, or C program code files.

You can use wildcards and other meta-characters to perform complex search and replace operations with grep. The output of grep is a display of each line of the file that contains the desired character string.

Examples

Typing grep 'a[b-f]' log.txt searches the text file called log.txt for any lines that contain the character a immediately followed by b , c , d , e , or f.

Notes

Shareware versions of the grep utility are available from third-party vendors for Microsoft Windows platforms. Grep can also be combined with other UNIX commands in scripts that can perform more complex search functions. For example, you can pipe the output of a verbose command into grep to display a more selective form of output.

See Also UNIX

ground loop

A condition created when two or more parts of a network are grounded at separate points, causing a voltage difference between connected networking components.

Overview

Voltage differences between different parts of a computer network typically occur because of nonuniformities in the electrical characteristics of the grounding at different locations. For example, consider two computers that are located some distance apart and are connected by coaxial cabling. Each device is also connected to the earth by the ground wire of its AC power cable, but the two devices are plugged into different power outlets. These power outlets are connected to different parts of your building's electrical distribution system, and these different parts are under different loads (have different currents being drawn from them by different configurations of devices). Thus they provide slightly different voltages.

You might also find slight differences in the ground potential at the two locations. These voltage differences can cause currents to be induced through the shielding of the network cabling, and these currents can be large because of the cable's low resistance. Large pulses of current can occur when other devices on the power circuits are switched on or off abruptly. This situation can be potentially damaging to sensitive networking components and might cause them to reset or lock up.

Implementation

You can prevent ground loops in two main ways:

• By using nonconducting fiber-optic cabling instead of copper cabling, especially for longer cable runs

• By employing opto isolators or isolation transformers to break electrical connections between networking components

One might think that you could eliminate ground loops entirely by not grounding networking equipment, but this is wrong for several reasons. Ground connections are essential for electrical equipment to ensure their safety in the case of a short, and all electrical equipment should be properly grounded to ensure against shock hazard. Grounding also reduces noise due to electromagnetic interference (EMI) that can affect the performance of hubs, switches, and cables. Noise can result in corrupted packets leading to retransmissions that eat up network bandwidth, and grounding equipment properly can reduce such noise and boost throughput.

Notes

Ground loops are especially problematic with serial connections such as RS-232 because cables using this interface have a second signal ground path between the devices. Ground loops can also be a problem with shielded cabling such as shielded twisted-pair (STP) cabling or coaxial cabling. These loops will occur if the cable's shielding is grounded by a direct connection to the chassis of the devices, because this provides a second ground path between the devices in addition to that produced by the ground portion of the AC power connection. The resulting current loops can build up until they are potentially damaging to the connected equipment. To prevent such damage, the shielding in a shielded cable should be grounded only at one end of its connection. Finally, when grounding a metal rack or cabinet that houses networking equipment, you should ground it using the same AC power cable ground connection that you used for the equipment itself. Note that ground loops are not a significant problem with unshielded twisted-pair (UTP) cabling because the wiring is transformer-isolated in the hub and network interface card (NIC) connections.

See Also opto isolator

group

A collection of user accounts.

Overview

Groups simplify the task of network administration by allowing administrators to group similar user accounts together in order to grant them similar rights and permissions. In Microsoft Windows 2000 and Windows .NET Server, there are two types of groups:

• Security groups: Can contain members and can be granted permissions in order to control user access to network resources. Security groups can contain users, other groups, and even computers.

• Distribution groups: Used for nonsecurity functions, such as grouping users together to send mass e-mail. Unlike security groups, these groups cannot be used to control user access to network resources.

In Windows NT there is only one type of group, which is equivalent to security groups in Windows 2000 and Windows .NET Server.

Implementation

In Windows 2000 and Windows .NET Server, you create groups using the Active Directory Users and Computers console, and these are stored as group objects within Active Directory directory service. In Windows NT, you create groups using User Manager for Domains, and they are stored in the Security Accounts Manager (SAM) database. Users can belong to multiple groups at the same time. A group does not actually contain its member user accounts; it is merely a list of user accounts.

The scope of a group is the portion of the network where the group can be granted rights and permissions. For example, a group whose scope is global can be granted permissions to resources in its own domain and to resources in trusting domains. On the other hand, a group whose scope is local can be granted permissions to resources only on the machine where it was created. In Windows 2000 and Windows .NET Server, there are three levels of scope for security groups:

• Universal groups: Can contain members from any domain and can be granted permissions to resources in any domain in the current domain forest. Universal groups can contain user accounts, global groups, and universal groups from any domain in the current forest. Note that you can create universal groups only when the domain is in native mode and not in mixed mode.

• Global groups: Can contain members only from their own domain but can be granted permissions to resources in any trusting domain. When the domain is in native mode, global groups can contain user accounts and global groups from the same domain. When the domain is in mixed mode, these groups can contain only user accounts.

• Domain local groups: Can contain members from any domain but can be granted permissions only to resources in their own domain. However, unlike the local groups of Windows NT, a domain local group can be granted permissions to resources on all servers (both the domain controllers and member servers) in its domain. When the domain is in mixed mode, domain local groups can contain user accounts and global groups from any domain in the forest. When the domain is in native mode, they can also contain domain local groups from their own domain and universal groups from any domain in the forest.

On Windows 2000 and Windows .NET Server member servers and client computers and Windows XP machines, you can also create a fourth scope of group called a local group, one that exists only within the local security database of the machine on which it is created. Local groups in Windows 2000, Windows .NET Server, and Windows XP are similar to local groups in Windows NT. They can contain user accounts that are local to the machine and user accounts and global groups from their own domain. A local group can be granted permissions only to resources on the machine where it was created. You use Local Users and Groups, a snap-in for Microsoft Management Console (MMC), to create local groups on a machine.

Windows NT groups have only two levels of scope:

• Global groups: A global group can be granted permissions to resources in its own domain and to resources in trusting domains. A global group can contain user accounts only from its own domain. Global groups are created on Windows NT domain controllers and exist in the domain directory database.

• Local groups: A local group created with Windows NT Workstation can be granted permissions only to resources on the machine where it was created. A local group created with Windows NT Server (on a domain controller) can be granted permissions only to resources on the domain controllers of its own domain. A local group can contain user accounts and global groups both from its own domain and from trusted domains. Network administrators of enterprise-level Windows NT networks can use a resource-access strategy called AGLP (Accounts are organized by placing them in Global groups, which are then placed in Local groups that have appropriate Permissions and rights assigned to them) to plan and implement local groups in their network.

  

  Group. Nesting of groups in Windows NT and in Windows 2000 and Windows .NET Server.

In Windows 2000 and Windows .NET Server, you can change the scope of a group if you want (you cannot do this in Windows NT). For example,

• Global groups that are not members of other global groups can be converted to universal groups.

• Domain local groups that do not contain other domain local groups can be converted to universal groups. Do this if you want to enable users in other domains to access resources that have been made accessible to the domain local group under consideration.

Groups can also be nested by adding groups to other groups, with certain restrictions. For example, in Windows NT a local group can contain global groups (but not other local groups) as members, but a global group can contain only users as members, not other global or local groups. With Windows 2000 and Windows .NET Server, the nesting of groups is more complicated, as shown in the diagram. Furthermore, when running Windows 2000 or Windows .NET Server in native mode, you can nest groups inside groups to any level, although nesting to one level is the recommended practice for effective administration.

Notes

If your Windows 2000 or Windows .NET Server network has a single domain, use global groups and domain local groups to grant permissions to network resources. Create global groups according to function, add users to the global groups, create domain local groups according to groups of common resources, assign permissions to the domain local groups, and finally, place the global groups in the appropriate domain local groups. If you have a domain tree, use global and universal groups instead in a similar administrative approach.

On high-speed Windows 2000 and Windows .NET Server networks, using only universal groups simplifies network administration. But if you have slower wide area network (WAN) links within your enterprise, using global and domain local groups can reduce the size of the global catalog at each site and significantly reduce the WAN traffic required to keep the global catalog current. Using global and domain local groups further reduces WAN traffic by reducing the size of users' security tokens.

See Also domain local group , local group, universal group

group account

Another name for a group, a collection of user accounts.

See Also group

Group Policy

A feature of Microsoft Windows 2000, Windows XP, and Windows .NET Server that simplifies management of user and computer settings.

Overview

Group Policy enables administrators of Windows 2000 and Windows .NET Server networks to define policies that manage the environment of users and computers. A typical use for group policies is to enforce a written company policy across all users in a specific site or domain. Group policies can used to simultaneously configure the desktop working environments for different groups of users, but they have many other uses as well. For example, group policies can be used to do the following:

• Manage applications-for example, by configuring policies to allow users to install applications published in Active Directory directory service or to automatically install or upgrade applications on their machines

• Redirect folders from the Documents and Settings folder on a user's local machine to a share on the network

• Assign scripts for startup, shutdown, logon, and logoff events

• Manage security-for example, to control users' access to files and folders, control user logon rights, and configure account lockout restrictions

• Manage software-for example, to configure user profiles such as desktop settings, Start menu, and other common settings

Implementation

Group policies can be assigned to domains, sites, or organizational units (OUs) and apply to all Active Directory objects (users, computers, printers, and so on) within these containers. To assign a group policy, first use the Group Policy snap-in for the Microsoft Management Console (MMC) to create a Group Policy object (GPO) and configure its settings, and then assign the GPO to the appropriate container. An object may have several GPOs influencing it (for example, one GPO assigned to the OU containing the object and another to the domain containing the OU). If this is the case, a conflict may occur, and then the last setting applied wins. Group policies are applied to users when they log on and to computers when they boot up. Users are subject to both GPO settings that apply to them as users and to GPO settings that apply to the computer at which they are working.

Group Policy. Using the Group Policy console to configure a Group Policy Object (GPO).

GPOs are really abstractions whose contents are stored in two different locations:

• Group Policy Container (GPC): This is a container within the Active Directory database on domain controllers that contains information about the globally unique identifier (GUID), version number, permissions, and inheritance of the GPO.

• Group Policy Template (GPT): This is a folder within the SYSVOL volume on domain controllers. It contains the actual GPO settings themselves and is identified by the GUID of the GPO.

Every Windows 2000 or Windows .NET Server domain has a default GPO that applies to all users and computers in the domain. Computers that are moved to a different domain lose the GPO of their original domain and have the GPO of their new domain applied to them. The default GPO for a domain is the only GPO on which you can configure password restrictions, lockout restrictions, Kerberos, the Encrypting File System (EFS), and Internet Protocol (IP) security settings.

Notes

You cannot use Group Policy for Windows 2000 or Windows .NET Server to configure group policies for downlevel Windows NT, Windows 95, or Windows 98 clients. Instead, use System Policy Editor, a Windows NT tool that stores policy settings in a file called ntconfig.pol that modifies a portion of the Windows NT registry.

FullArmor offers a tool called FAZAM 2000 that simplifies the planning, deployment, and management of group policies. You can find more info at www.fullarmor.com.

See Also Active Directory ,domain controller

GSM

Stands for Global System for Mobile Communications, a second-generation (2G) digital cellular communications technology popular in Europe, Asia, and other parts of the world.

See Also Global System for Mobile Communications (GSM)

GSNW

Stands for Gateway Services for NetWare, a feature of Windows 2000 Server that allows Windows clients access to NetWare file, print, and directory services.

See Also Gateway Service for NetWare (GSNW)

Guest account

A built-in account in Microsoft Windows 2000, Windows XP, and Windows .NET Server used for guest access to network resources.

Overview

The Guest account is intended for occasional users who need temporary access to resources on the network. It is disabled by default and can be enabled using User Manager for Domains. The Guest user account is a member of the Domain Guests global group and is assigned a null password during installation.

The Guest account is a domain user account on a domain controller. On a member server or workstation, however, there's a separate Guest local user account.

You should not enable the Guest account unless you are sure you will need it. You should also make sure that all your shared resources have correct permissions assigned to them because enabling the Guest account otherwise could pose a security risk.

See Also Guests group

Guests group

A built-in group in the Microsoft Windows 2000, Windows XP, and Windows .NET Server operating systems whose members can be assigned guest access to network access.

Overview

The Guests group is a domain local group whose initial membership is the built-in Guest domain user account. If a member server or workstation joins a domain, the global group called Domain Guests is added to the local Guests group.

The Guests group has no preassigned rights or permissions. You can assign any network resource permissions to this group in order to grant temporary or guest users the access they require. Members of the Guests group do not have the right to make permanent changes to their desktop settings.

See Also built-in group ,

GUID

Stands for globally unique identifier; in Microsoft operating system platforms and programming, a 128-bit value based on time and space that can be used to uniquely identify a component.

See Also globally unique identifier (GUID)

Microsoft Encyclopedia of Networking

ISBN: 0735613788
EAN: 2147483647

Year: 2002
Pages: 36

Authors: Mitch Tulloch, Ingrid Tulloch

BUY ON AMAZON