Cloud Computing can help your business reduce costs as you don’t have to invest in hardware and other physical infrastructure, your data is stored on a secure location and you only pay for what you use – there are no licensing fees associated with cloud computing.

Legal Issues associated with Cloud Computing

That said, there are some important legal issues that must be taken care of before you sign-up with any of the cloud vendors for your business.
These issues, discussed below, are more relevant for business owners who are planning to shift to the cloud and may not really matter if you are a consumer who merely uses the cloud for storing emails or office documents.

1. The Physical Location of your Data

1a. Where is your data stored physically?

Your data could be stored in any country and you may not even know where the data centre is situated. The ‘physical location’ raises the question of legal governance over the data. The customer must be clear so as to the provisions of the prevailing law in that particular nation.

1b. If a dispute arises, what will be the place of jurisdiction?

In case a conflict arises between the cloud vendor and the customer (you), which country’s court system will settle the dispute?
Say you are a business owner in China and your cloud service provider is based in the US. The vendor will definitely prefer settling the case in in an American court but as a customer, do you have the financial means and resources to get the dispute settled in the jurisdiction of another nation?

2. Responsibility of your Data

2a. What if the data centre is hit by a disaster?

It might happen that the vendor’s premises is severely affected due to a disaster. Even the 10-Q filings of Google Inc. with the U.S Securities and Exchange Commission mentions such a risk:

Our systems are vulnerable to damage or interruption from earthquakes, terrorist attacks, floods, fires, power loss, telecommunications failures, computer viruses, computer denial of service attacks, or other attempts to harm our systems.

The question is whether you are indemnified by the insurance company for loss of your business or not?

2b. Is there any liability coverage for breach of privacy?

If a privacy breach occurs due to a fault of cloud vendor, is there any liability coverage policy taken up by the vendor? The scope of breach of privacy has widened considerably over the years in the field of cyber insurance. Some insurance carriers offer coverage even for breach of minor information and the customer is compensated on on behalf of the cloud vendor.

2c. What can be done if the data center gets hacked?

Though all cloud vendors try their best to fend off hackers, no security setting is assumed to be foolproof. If the data center gets hacked, can you move against the vendor for claiming lost profits?

3. Intellectual Property Rights

3a. Is your data protected under intellectual property rights?

If it happens that the data is your own creation (like photographs, literature, etc), then is it protected under the intellectual property rights of that country? What means do you have if they get infringed?

3b. How secure are trade secrets?

Your data stored in the ‘cloud’ may have trade secrets or privileged information which must be protected under attorney-client relationship. How secure will such information be in hands of the cloud vendor?
Or consider a reverse situation. If you leak out a trade secret of another business entity, how far will your cloud storage provider go to protect your data when they have been summoned to the court with all your stored data, access logs, etc.

3c. Third party access?

The vendor may grant some privileged third parties access to your stored data. The identity of such parties, if any, must be disclosed to the customer. Here, the third party could be a legal authority or even an internal employee. The customer should always be informed before the vendor allows third parties to access the stored data.
To protect the interest of your business, it may therefore be extremely essential that your read the terms and conditions meticulously before signing up for a cloud based services.
If the vendor provides a standard form of contract (which is a general practice), then you must be must be fully aware of all the terms and conditions. It will save you from nasty surprises and you will be financially, mentally and legally prepared to save your business from unfavorable consequences of cloud computing.

NetBIOS (Network Basic Input/Output System) was originally developed by IBM and Sytek as an Application Programming Interface (API) for client software to access LAN resources. Since its creation, NetBIOS has become the basis for many other networking applications. In its strictest sense, NetBIOS is an interface specification for acessing networking services.

NetBIOS, a layer of software developed to link a network operating system with specific hardware, was originally designed as THE network controller for IBM's Network LAN.

NetBIOS has now been extended to allow programs written using the NetBIOS interface to operate on the IBM token ring architecture. NetBIOS has since been adopted as an industry standard and now, it is common to refer to NetBIOS-compatible LANs.

It offers network applications a set of "hooks" to carry out inter-application communication and data transfer. In a basic sense, NetBIOS allows applications to talk to the network. Its intention is to isolate application programs from any type of hardware dependancies. It also spares software developers the task of developing network error recovery and low level message addressing or routing. The use of the NetBIOS interface does alot of this work for them.

NetBIOS standardizes the interface between applications and a LANs operating capabilities. With this, it can be specified to which levels of the OSI model the application can write to, making the application transportable to other networks. In a NetBIOS LAN enviroment, computers are known on the system by a name. Each computer on the network has a permanent name that is programmed in various different ways.

PC's on a NetBIOS LAN communicate either by establishing a session or by using NetBIOS datagram or broadcast methods. Sessions allow for a larger message to be sent and handle error detection and correction. The communication is on a one-to-one basis.

Datagram and broadcast methods allow one computer to communicate with several other computers at the same time, but are limited in message size. There is no error detection or correction using these datagram or broadcast methods. However, datagram communication allows for communication without having to establish a session.

All communication in these enviroments are presented to NetBIOS in a format called Network Control Blocks (NCB). The allocation of these blocks in memory is dependant on the user program. These NCB's are divided into fields, these are reserved for input and output respectively.




NetBIOS is a very common protocol used in todays enviroments. NetBIOS is supported on Ethernet, TokenRing, and IBM PC Networks. In its original induction, it was defined as only an interface between the application and the network adapter. Since then, transport like functions have been added to NetBIOS, making it more functional over time.

In NetBIOS, connection (TCP) oriented and connectionless (UDP) communication are both supported. It supports both broadcasts and multicasting and supports three distinct services: Naming, Session, and Datagram.

The Virtual Private Network - VPN - has attracted the attention of many organizations looking to both expand their networking capabilities and reduce their costs.
The VPN can be found in workplaces and homes, where they allow employees to safely log into company networks. Telecommuters and those who travel often find a VPN a more convenient way to stay connected to the corporate intranet. No matter your current involvement with VPNs, this is a good technology to know something about. This VPN tutorial involves many interesting aspects of network protocol design, Internet security, network service outsourcing, and technology standards.

What Exactly Is A VPN?

A VPN supplies network connectivity over a possibly long physical distance. In this respect, a VPN is a form of Wide Area Network (WAN). The key feature of a VPN, however, is its ability to use public networks like the Internet rather than rely on private leased lines. VPN technologies implement restricted-access networks that utilize the same cabling and routers as a public network, and they do so without sacrificing features or basic security.
A VPN supports at least three different modes of use:

• Remote access client connections
• LAN-to-LAN internetworking
• Controlled access within an intranet

VPN Pros and Cons

Like many commercialized network technologies, a significant amount of sales and marketing hype surrounds VPN. In reality, VPNs provide just a few specific potential advantages over more traditional forms of wide-area networking. These advantages can be significant, but they do not come for free.

The potential problems with the VPN outnumber the advantages and are generally more difficult to understand. The disadvantages do not necessarily outweigh the advantages, however. From security and performance concerns, to coping with a wide range of sometimes incompatible vendor products, the decision of whether or not to use a VPN cannot be made without significant planning and preparation.

Technology Behind VPNs

Several network protocols have become popular as a result of VPN developments:

• PPTP
• L2TP
• IPsec
• SOCKS

These protocols emphasize authentication and encryption in VPNs. Authentication allows VPN clients and servers to correctly establish the identity of people on the network. Encryption allows potentially sensitive data to be hidden from the general public. Many vendors have developed VPN hardware and/or software products. Unfortunately, immature VPN standards mean that some of these products remain incompatible with each other.
 

A VPN supplies network connectivity over a possibly long physical distance. In this respect, a VPN is a form of Wide Area Network (WAN). VPNs enable file sharing, video conferencing and similar network services. Virtual private networks generally don't provide any new functionality that isn't already offered through alternative mechanisms, but a VPN implements those services more efficiently / cheaply in most cases.

A key feature of a VPN is its ability to work over both private networks as well as public networks like the Internet. Using a method called tunneling, a VPN use the same hardware infrastructure as existing Internet or intranet links. VPN technologies includes various security mechanisms to protect the virtual, private connections.

Specifically, a VPN supports at least three different modes of use:

• Internet remote access client connections
• LAN-to-LAN internetworking
• Controlled access within an intranet

Internet VPNs for Remote Access

In recent years, many organizations have increased the mobility of their workers by allowing more employees to telecommute. Employees also continue to travel and face a growing need to stay connected to their company networks. A VPN can be set up to support remote, protected access to the corporate home offices over the Internet. An Internet VPN solution uses a client/server design works as follows:

1. A remote host (client) wanting to log into the company network first connects to any public Internet Service Provider (ISP).

2. Next, the host initiates a VPN connection to the company VPN server. This connection is made via a VPN client installed on the remote host.

3. Once the connection has been established, the remote client can communicate with the internal company systems over the Internet just as if it were a local host.

Before VPNs, remote workers accessed company networks over private leased lines or through dialup remote access servers. While VPN clients and servers careful require installation of hardware and software, an Internet VPN is a superior solution in many situations.

VPNs for Internetworking

Besides using virtual private networks for remote access, a VPN can also bridge two networks together. In this mode of operation, an entire remote network (rather than just a single remote client) can join to a different company network to form an extended intranet. This solution uses a VPN server to VPN server connection.

Intranet / Local Network VPNs

Internal networks may also utilize VPN technology to implement controlled access to individual subnets within a private network. In this mode of operation, VPN clients connect to a VPN server that acts as the network gateway. This type of VPN use does not involve an Internet Service Provider (ISP) or public network cabling. However, it allows the security benefits of VPN to be deployed inside an organization. This approach has become especially popular as a way for businesses to protect their WiFi local networks.

VPN Network Scalability

The cost to an organization of building a dedicated private network may be reasonable at first but increases exponentially as the organization grows. A company with two branch offices, for example, can deploy just one dedicated line to connect the two locations, but 4 branch offices require 6 lines to directly connect them to each other, 6 branch offices need 15 lines, and so on. Internet based VPNs avoid this scalability problem by simply tapping into the the public lines and network capability readily available. Particularly for remote and international locations, an Internet VPN offers superior reach and quality of service.

Using a VPN

To use a VPN, each client must possess the appropriate networking software or hardware support on their local network and computers. When set up properly, VPN solutions are easy to use and sometimes can be made to work automatically as part of network sign on. VPN technology also works well with WiFi local area networking. Some organizations use VPNs to secure wireless connections to their local access points when working inside the office. These solutions provide strong protection without affecting performance excessively.

Limitations of a VPN

Despite their popularity, VPNs are not perfect and limitations exist as is true for any technology. Organizations should consider issues like the below when deploying and using virtual private networks in their operations:

1. VPNs require detailed understanding of network security issues and careful installation / configuration to ensure sufficient protection on a public network like the Internet. 

2. The reliability and performance of an Internet-based VPN is not under an organization's direct control. Instead, the solution relies on an ISP and their quality of service.

3. Historically, VPN products and solutions from different vendors have not always been compatible due to issues with VPN technology standards. Attempting to mix and match equipment may cause technical problems, and using equipment from one provider may not give as great a cost savings.

Virtual private network technology is based on the idea of tunneling. VPN tunneling involves establishing and maintaining a logical network connection (that may contain intermediate hops). On this connection, packets constructed in a specific VPN protocol format are encapsulated within some other base or carrier protocol, then transmitted between VPN client and server, and finally de-encapsulated on the receiving side.

For Internet-based VPNs, packets in one of several VPN protocols are encapsulated within Internet Protocol (IP) packets. VPN protocols also support authentication and encryption to keep the tunnels secure.

Types of VPN Tunneling

VPN supports two types of tunneling - voluntary and compulsory. Both types of tunneling are commonly used.
In voluntary tunneling, the VPN client manages connection setup. The client first makes a connection to the carrier network provider (an ISP in the case of Internet VPNs). Then, the VPN client application creates the tunnel to a VPN server over this live connection.

In compulsory tunneling, the carrier network provider manages VPN connection setup. When the client first makes an ordinary connection to the carrier, the carrier in turn immediately brokers a VPN connection between that client and a VPN server. From the client point of view, VPN connections are set up in just one step compared to the two-step procedure required for voluntary tunnels.

Compulsory VPN tunneling authenticates clients and associates them with specific VPN servers using logic built into the broker device. This network device is sometimes called the VPN Front End Processor (FEP), Network Access Server (NAS) or Point of Presence Server (POS). Compulsory tunneling hides the details of VPN server connectivity from the VPN clients and effectively transfers management control over the tunnels from clients to the ISP. In return, service providers must take on the additional burden of installing and maintaining FEP devices.

VPN Tunneling Protocols

Several computer network protocols have been implemented specifically for use with VPN tunnels. The three most popular VPN tunneling protocols listed below continue to compete with each other for acceptance in the industry. These protocols are generally incompatible with each other.
Point-to-Point Tunneling Protocol (PPTP)
Several corporations worked together to create the PPTP specification. People generally associate PPTP with Microsoft because nearly all flavors of Windows include built-in client support for this protocol. The initial releases of PPTP for Windows by Microsoft contained security features that some experts claimed were too weak for serious use. Microsoft continues to improve its PPTP support, though.
 Layer Two Tunneling Protocol (L2TP)
The original competitor to PPTP for VPN tunneling was L2F, a protocol implemented primarily in Cisco products. In an attempt to improve on L2F, the best features of it and PPTP were combined to create a new standard called L2TP. Like PPTP, L2TP exists at the data link layer (Layer Two) in the OSI model -- thus the origin of its name.

Internet Protocol Security (IPsec)
IPsec is actually a collection of multiple related protocols. It can be used as a complete VPN protocol solution or simply as the encryption scheme within L2TP or PPTP. IPsec exists at the network layer (Layer Three) of the OSI model.

PPTP - Point-to-Point Tunneling Protocol - extends the Point to Point Protocol (PPP) standard for traditional dial-up networking. PPTP is best suited for the remote access applications of VPNs, but it also supports LAN internetworking. PPTP operates at Layer 2 of the OSI model.

1. The PPTP client connects to their ISP using PPP dial-up networking (traditional modem or ISDN).

2. Via the broker device (described earlier), PPTP creates a TCP control connection between the VPN client and VPN server to establish a tunnel. PPTP uses TCP port 1723 for these connections.

PPTP also supports VPN connectivity via a LAN. ISP connections are not required in this case, so tunnels can be created directly as in Step 2 above.

• control messages for managing and eventually tearing down the VPN connection. Control messages pass directly between VPN client and server.
• data packets that pass through the tunnel, to or from the VPN client  

 

PPTP Security

PPTP supports authentication, encryption, and packet filtering. PPTP authentication uses PPP-based protocols like EAP, CHAP, and PAP. PPTP supports packet filtering on VPN servers. Intermediate routers and other firewalls can also be configured to selectively filter PPTP traffic. 

PPTP and PPP

• authenticating users and maintaining the remote dial-up connection
• encapsulating and encrypting IP, IPX, or NetBEUI packets

PPTP Pros and Cons

Source:compnetworking.about.com

Proxy Servers and Microsoft Internet Explorer

To take advantage of a proxy server's capabilities, Web browsers like Internet Explorer (IE) must be configured to explicitly use it. In many proxied environments, the client computers do not have direct Internet access, and browsers generally are not configured to use proxies "out of the box." Clients will be unable to access public Web sites in this scenario until proxy settings have been correctly made. 




Figure 2: IE5 Tools menu  
For example, to configure IE5 to use a proxy server, first click on Tools to access the drop-down menu. Click on the Internet Options... menu item to raise the Internet Options dialog. This dialog is a property sheet featuring multiple tabs. 

Clicking on the Connections tab makes available a dialog that includes a button in the bottom-right corner named LAN Settings... . Finally, click this button to raise the Local Area Network (LAN) Settings dialog; here is where proxy information must be entered. 





Figure 3: IE5 Internet Options, Connections tab  
IE5 supports both manual and automatic configuration options. As shown the Figure, the "Use a proxy server" check box must be checked to enable the manual entering of a proxy. 

Either the network host name or the IP address of the proxy server must be typed in the "Address" field. In addition, any internal domains (such as intranet sites) that do not need to go through a proxy can be entered here in order to bypass the server. 




Figure 4: IE5 Internet Options, Connections tab  
Microsoft provides Knowledge Base article Q135982 to assist in manually configuring proxy servers using other versions of Internet Explorer. Using the Automatically detect settings check box invokes the WPAD mechanism (discussed earlier) to auto-discover the proxy configuration. Finally, using the Use automatic configuration script check box allows clients to specify the URL that points to the JavaScript configuration file.

Proxy Servers and Netscape Navigator

Netscape Navigator (NN) may also be configured manually or automatically to work with a proxy server.



Figure: NN4 Edit menu  
For example, to manually configure NN4, first click on Edit to access the drop-down menu. Click on the Preferences... menu item to raise the Netscape Preferences dialog. 

This dialog is a property sheet featuring a hierarchical arrangement of buttons in the left channel (as compared to the tabs in IE). Double-clicking on the Advanced item (or single-clicking on the small arrow graphic to the left of this text) displays the Proxies sub-item. Finally, clicking on Proxies displays the proxy server configuration dialog within the window. 




Figure 6: NN4 Preferences, Proxies dialog  
Within this dialog, use the Direct connection to the Internet option to bypass proxy servers, and use the Automatic proxy configuration option to work with the automation script mechanism discussed earlier. (Navigator does not support WPAD.) 

To manually configure the proxy configuration, choose the middle option and click View to raise another dialog where the proxy server's host name or IP address can be entered. 

Free Web-Based Anonymous Proxy Servers

4. The Cloak

The Cloak is an HTTP/HTTPS free anonymous proxy. A pay service is also available that avoids the bandwidth throttling used in the free version.

Free Proxy Lists (Anonymous and Elite)

Internet proxy servers allow you to (mostly) hide your home IP address and navigate anonymously. However, these free public servers often are taken offline without warning, and some may offer a less reputable service than others. If you are interested in using anonymous proxies, you should maintain a free proxy server list on your home network to ensure at least one is accessible at all times.
Follow these links to obtain free proxy list downloads.

• Free Proxy Lists, from Proxy-list.org
• Fresh HTTP Proxy Lists, from xroxy.com
• Free Anonymous Proxies, from atomintersoft.com

These free proxy lists are updated regularly.

Some home networks, corporate intranets, and Internet Service Providers (ISPs) use proxy servers (also known as proxies). Proxy servers act as a "middleman" or broker between the two ends of a client/server network connection. Proxy servers work with Web browsers and servers, or other applications, by supporting underlying network protocols like HTTP.

Key Features of Proxy Servers

Proxy servers provide three main functions:

1. firewalling and filtering
2. connection sharing
3. caching

The features of proxy servers are especially important on larger networks like corporate intranets and ISP networks. The more users on a LAN and the more critical the need for data privacy, the greater the need for proxy server functionality.

Proxy Servers, Firewalling and Filtering

Proxy servers work at the Application layer, layer 7 of the OSI model. They aren't as popular as ordinary firewalls that work at lower layers and support application-independent filtering.
Proxy servers are also more difficult to install and maintain than firewalls, as proxy functionality for each application protocol like HTTP, SMTP, or SOCKS must be configured individually.
However, a properly configured proxy server improves network security and performance. Proxies have capability that ordinary firewalls simply cannot provide.
Some network administrators deploy both firewalls and proxy servers to work in tandem. To do this, they install both firewall and proxy server software on a server gateway.

Because they function at the OSI Application layer, the filtering capability of proxy servers is relatively intelligent compared to that of ordinary routers. For example, proxy Web servers can check the URL of outgoing requests for Web pages by inspecting HTTP GET and POST messages.

Using this feature, network administrators can bar access to illegal domains but allow access to other sites. Ordinary firewalls, in contrast, cannot see Web domain names inside those messages. Likewise for incoming data traffic, ordinary routers can filter by port number or network address, but proxy servers can also filter based on application content inside the messages.

Connection Sharing with Proxy Servers

Various software products for connection sharing on small home networks have appeared in recent years. In medium- and large-sized networks, however, actual proxy servers offer a more scalable and cost-effective alternative for shared Internet access. Rather than give each client computer a direct Internet connection, all internal connections can be funneled through one or more proxies that in turn connect to the outside.

Proxy Servers and Caching

The caching of Web pages by proxy servers can improve a network's "quality of service" in three ways. First, caching may conserve bandwidth on the network, increasing scalability. Next, caching can improve response time experienced by clients. With an HTTP proxy cache, for example, Web pages can load more quickly into the browser. Finally, proxy server caches increase availability. Web pages or other files in the cache remain accessible even if the original source or an intermediate network link goes offline.



Figure 1: Web caching with a proxy server 

Peer to peer is an approach to computer networking where all computers share equivalent responsibility for processing data. Peer-to-peer networking (also known simply as peer networking) differs from client-server networking, where certain devices have responsibility for providing or "serving" data and other devices consume or otherwise act as "clients" of those servers.

Characteristics of a Peer Network

Peer to peer networking is common on small local area networks (LANs), particularly home networks. Both wired and wireless home networks can be configured as peer to peer environments.
Computers in a peer to peer network run the same networking protocols and software. Peer networks are also often situated physically near to each other, typically in homes, small businesses or schools. Some peer networks, however, utilize the Internet and are geographically dispersed worldwide.
Home networks that utilize broadband routers are hybrid peer to peer and client-server environments. The router provides centralized Internet connection sharing, but file, printer and other resource sharing is managed directly between the local computers involved.

Peer to Peer and P2P Networks

Internet-based peer to peer networks emerged in the 1990s due to the development of P2P file sharing networks like Napster. Technically, many P2P networks (including the original Napster) are not pure peer networks but rather hybrid designs as they utilize central servers for some functions such as search.

Peer to Peer and Ad Hoc Wi-Fi Networks

Wi-Fi wireless networks support so-called ad hoc connections between devices. Ad hoc Wi-Fi networks are pure peer to peer compared to those utilizing wireless routers as an intermediate device.

Benefits of a Peer to Peer Network

You can configure computers in peer to peer workgroups to allow sharing of files, printers and other resources across all of the devices. Peer networks allow data to be shared easily in both directions, whether for downloads to your computer or uploads from your computer. On the Internet, peer to peer networks handle a very high volume of file sharing traffic by distributing the load across many computers. Because they do not rely exclusively on central servers, P2P networks both scale better and are more resilient than client-server networks in case of failures or traffic bottlenecks.