Computer Network Security within Organisations

Computer Network Security within Organisations Networking and Management Introduction A computer network is a connection of two or more computers in order to share resources and data. These shared resources can include devices like printers and other resources like electronic mail, internet access, and file sharing. A computer network can also be seen as a collection of Personal computers and other related devices which are connected together, either with cables or wirelessly, so that they can share information and communicate with one another. Computer networks vary in size. Some networks are needed for areas within a single office, while others are vast or even span the globe. Network management has grown as a career that requires specialized training, and comes with management of important responsibilities, thus creating future opportunities for employment. The resulting expected increase in opportunities should be a determining and persuasive factor for graduates to consider going into network management. Computer networking is a discipline of engineering that involves communication between various computer devices and systems. In computer networking, protocols, routers, routing, and networking across the public internet have specifications that are defined in RFC documents. Computer networking can be seen as a sub-category of computer science, telecommunications, IT and/or computer engineering. Computer networks also depend largely upon the practical and theoretical applications of these engineering and scientific disciplines. In the vastly technological environment of today, most organisations have some kind of network that is used every day. It is essential that the day-to-day operations in such a company or organisation are carried out on a network that runs smoothly. Most companies employ a network administrator or manager to oversee this very important aspect of the company’s business. This is a significant position, as it comes with great responsibilities because an organisation will experience significant operational losses if problems arise within its network. Computer networking also involves the setting up of any set of computers or computer devices and enabling them to exchange information and data. Some examples of computer networks include: Local area networks (LANs) that are made up of small networks which are constrained to a relatively small geographic area. Wide area networks (WANs) which are usually bigger than local area networks, and cover a large geographic area. Wireless LANs and WANs (WLAN WWAN). These represent the wireless equivalent of the Local Area Network and Wide Area Networks Networks involve interconnection to allow communication with a variety of different kinds of media, including twisted-pair copper wire cable, coaxial cable, optical fiber, and various wireless technologies. The devices can be separated by a few meters (e.g. via Bluetooth) or nearly unlimited distances (e.g. via the interconnections of the Internet. (http://en.wikipedia.org/wiki/Computer_networking) TASK 1 TCP connection congestion control Every application, whether it is a small or large application, should perform adaptive congestion control because applications that perform congestion control use a network more efficiently and are generally of better performance. Congestion control algorithms prevent the network from entering Congestive Collapse. Congestive Collapse is a situation where, although the network links are being heavily utilized, very little useful work is being done. The network will soon begin to require applications to perform congestion control, and those applications which do not perform congestion control will be harshly penalized by the network, probably in the form of preferentially dropping their packets during times of congestion (http://www.psc.edu/networking/projects/tcpfriendly/) Principles of Congestion Control Informally, congestion entails that too many sources are sending too much data, and sending them too fast for the network to handle. TCP Congestion Control is not the same as flow control, as there are several differences between TCP Congestion Control and flow control. Other principles of congestion control include Global versus point-2-point, and orthogonal issues. Congestion manifests itself by causing loss of packets (buffer overflow at routers), and long delays (queuing in router buffers). Also, during congestion, there is no explicit feedback from network routers, and there is congestion inferred from end-system observed loss. In network-assisted congestion control, routers provide feedback to end systems, and the explicit rate sender sends at –Choke Packet. Below are some other characteristics and principles of congestion control: When CongWin is below Threshold, sender in slow-start phase, window grows exponentially. When CongWin is above Threshold, sender is in congestion-avoidance phase, window grows linearly. When a triple duplicate ACK occurs, Threshold set to CongWin/2 and CongWin set to Threshold. When timeout occurs, Threshold set to CongWin/2 and CongWin is set to 1 MSS. Avoidance of Congestion It is necessary for the TCP sender to use congestion avoidance and slow start algorithms in controlling the amount of outstanding data that is injected into a network. In order to implement these algorithms, two variables are added to the TCP per-connection state. The congestion window (cwnd) is a sender-side limit on the amount of data the sender can transmit into the network before receiving an acknowledgment (ACK), while the receivers advertised window (rwnd) is a receiver-side limit on the amount of outstanding data. The minimum of cwnd and rwnd governs data transmission. (Stevens, W. and Allman, M. 1998) TCP Flow Control In TCP flow control, the receiving side of the TCP connection possesses a receive buffer, and a speed-matching service which matches the send rate to the receiving application’s drain rate. During flow control, Rcvr advertises any spare room by including value of RcvWindow in segments, and the sender limits unACKed data to RcvWindow. TCP flow control also ensures that there is no overflow of the receive buffer. Round-trip Time Estimation and Timeout TCP Round Trip Time and Timeout are usually longer than RTT, but RTT varies, and has a slow reaction to segment loss. SampleRTT is measured time from segment transmission until ACK receipt, ignore retransmissions, and will vary, want estimated RTT â€Å"smoother† Round-trip time samples arrive with new ACKs. The RTT sample is computed as the difference between the current time and a time echo field in the ACK packet. When the first sample is taken, its value is used as the initial value for srtt. Half the first sample is used as the initial value for rttvar. (Round-Trip Time Estimation and RTO Timeout Selection) There are often problems due to timeouts, including the restriction of the sender that is compelled to wait until a timeout, and is able to do nothing during this period. Also, the first segment in the sliding window is often not acked, and retransmission becomes necessary, waiting again one RTT before the segment flow continues. It should be noted that on receiving the later segments, the receiver sends back ACKs. Estimated RTT EstimatedRTT = 0.875 * EstimatedRTT + 0.125 * SampleRTT DevRTT DevRTT = (1 0.25) * DevRTT + | SampleRTT – EstimatedRTT Timeout interval TimeoutInterval = EstimatedRTT + 4 * DevRTT The integrated services (IntServ) and DiffServ (Differentiated Services) architecture are two architectures that have been proposed for the provision of and guaranteeing of quality of service (QoS) over the internet. Whereas the Intserv framework is developed within the IETF to provide individualized QoS guarantees to individual application sessions, Diffserv is geared towards enabling the handling of different classes of traffic in various ways on the internet. These two architectures represent the IETF’s current standards for provision of QoS guarantees, although neither Intserv nor Diffserv have taken off or found widespread acceptance on the web. (a) Integrated Service Architecture In computer networking, the integrated services (IntServ) architecture is an architecture that specifies the elements for the guaranteeing of quality of service (QoS) on the network. For instance, IntServ can be used to allow sound and video to be sent over a network to the receiver without getting interrupted. IntServ specifies a fine-grained Quality of service system, in contrast to DiffServs coarse-grained system of control. In the IntServ architecture, the idea is that each router inside a system implements IntServ, and applications which require various types of guarantees have to make individual reservations. Flow Specs are used to describe the purpose of the reservation, and the underlying mechanism that signals it across the network is called RSVP. TSPECs include token bucket algorithm parameters. The idea is that there is a token bucket which slowly fills up with tokens, arriving at a constant rate. Every packet which is sent requires a token, and if there are no tokens, then it cannot be sent. Thus, the rate at which tokens arrive dictates the average rate of traffic flow, while the depth of the bucket dictates how large the traffic is allowed to be. TSPECs typically just specify the token rate and the bucket depth. For example, a video with a refresh rate of 75 frames per second, with each frame taking 10 packets, might specify a token rate of 750Hz, and a bucket depth of only 10. The bucket depth would be sufficient to accommodate the burst associated with sending an entire frame all at once. On the other hand, a conversation would need a lower token rate, but a much higher bucket depth. This is because there are often pauses in conversations, so they can make do with fewer tokens by not sending the gaps between words and sentences. However, this means the bucket depth needs to be increased to compensate for the traffic being larger. (http://en.wikipedia.org/wiki/Integrated_services) (b) Differentiated Service Architecture The RFC 2475 (An Architecture for Differentiated Services) was published In 1998, by the IETF. Presently, DiffServ has widely replaced other Layer 3 Quality of Service mechanisms (such as IntServ), as the basic protocol that routers use to provide different service levels. DiffServ (Differentiated Services) architecture is a computer networking architecture which specifies a scalable, less complex, coarse-grained mechanism for the classification, management of network traffic and for provision of QoS (Quality of Service) guarantees on modern IP networks. For instance, DiffServ can be used for providing low-latency, guaranteed service (GS) to video, voice or other critical network traffic, while ensuring simple best-effort traffic guarantees to non-critical network services like file transfers and web traffic. Most of the proposed Quality of Service mechanisms which allowed these services to co-exist were complicated and did not adequately meet the demands Internet users because modern data networks carry various kinds of services like streaming music, video, voice, email and also web pages. It would probably be difficult to implement Intserv in the core of the internet because most of the communication between computers connected to the Internet is based on a client/server structural design. This Client/server describes a structure involving the connection of one computer to another for the purpose of giving work instructions or asking it questions. In an arrangement like this, the particular computer that questions and gives out instructions is the client, while the computer that provides answers to the asked questions and responds to the work instructions is the server. The same terms are used to describe the software programs that facilitate the asking and answering. A client application, for instance, presents an on-screen interface for the user to work with at the client computer; the server application welcomes the client and knows how to respond correctly to the clients commands. Any file server or PC can be adapted for use as an Internet server, however a dedicated computer should be chosen. Anyone with a computer and modem can join this network by using a standard phone. Dedicating the server that is, using a computer as a server only helps avoid some security and basic problems that result from sharing the functions of the server. To gain access to the Internet you will require an engineer to install the broadband modem. Then you will be able to use the server to network the Internet on all machines on a network. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) TASK 5 Network security These days, computers are used for everything from shopping and communication to banking and investment. Intruders into a network system (or hackers) do not care about the privacy or identity of network users. Their aim is to gain control of computers on the network so that they can use these systems to launch attacks on other computer systems. Therefore people who use the network for these purposes must be protected from unknown strangers who try to read their sensitive documents, or use their computer to attack other systems, and send forged email, or access their personal information (such as their bank or other financial statements) Security Clauses The International Organisation for Standardizations (ISOs) 17799: 2005 Standard is a code of practice for information security management which provides a broad, non-technical framework for establishing efficient IT controls. The ISO 17799 Standard consists of 11 clauses that are divided into one or more security categories for a total of 39 security categories The security clauses of the ISO standard 17799:2005- code of practice for Information Security Management include: The security Policy clause Organizing Information Security Asset Management. Human Resources Security. Physical and Environmental Security. Communications and Operations. Access Control. Information Systems Acquisition, Development, and Maintenance. Information Security Incident Management. Business Continuity Management. Compliance. (http://www.theiia.org/ITAuditArchive/index.cfm?act=ITAudit.printiiid=467aid=2209) Here is a brief description of the more recent version of these security clauses: Security Policy: Security policies are the foundation of the security framework and provide direction and information on the companys security posture. This clause states that support for information security should be done in accordance with the companys security policy. Organizing Information Security: This clause addresses the establishment and organizational structure of the security program, including the appropriate management framework for security policy, how information assets should be secured from third parties, and how information security is maintained when processing is outsourced. Asset Management: This clause describes best practices for classifying and protecting assets, including data, software, hardware, and utilities. The clause also provides information on how to classify data, how data should be handled, and how to protect data assets adequately. Human Resources Security: This clause describes best practices for personnel management, including hiring practices, termination procedures, employee training on security controls, dissemination of security policies, and use of incident response procedures. Physical and Environmental Security: As the name implies, this clause addresses the different physical and environmental aspects of security, including best practices organizations can use to mitigate service interruptions, prevent unauthorized physical access, or minimize theft of corporate resources. Communications and Operations: This clause discusses the requirements pertaining to the management and operation of systems and electronic information. Examples of controls to audit in this area include system planning, network management, and e-mail and e-commerce security. Access Control: This security clause describes how access to corporate assets should be managed, including access to digital and nondigital information, as well as network resources. Information Systems Acquisitions, Development, and Maintenance: This section discusses the development of IT systems, including applications created by third-parties, and how security should be incorporated during the development phase. Information Security Incident Management: This clause identifies best practices for communicating information security issues and weaknesses, such as reporting and escalation procedures. Once established, auditors can review existing controls to determine if the company has adequate procedures in place to handle security incidents. Business Continuity Management: The 10th security clause provides information on disaster recovery and business continuity planning. Actions auditors should review include how plans are developed, maintained, tested, and validated, and whether or not the plans address critical business operation components. Compliance: The final clause provides valuable information auditors can use when identifying the compliance level of systems and controls with internal security policies, industry-specific regulations, and government legislation. (Edmead, M. T. 2006 retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) The standard, which was updated in June 2005 to reflect changes in the field of information security, provides a high-level view of information security from different angles and a comprehensive set of information security best practices. More specifically, ISO 17799 is designed for companies that wish to develop effective information security management practices and enhance their IT security efforts. Control Objectives The ISO 17799 Standard contains 11 clauses which are split into security categories, with each category having a clear control objective. There are a total of 39 security categories in the standard. The control objectives in the clauses are designed to meet the risk assessment requirements and they can serve as a practical guideline or common basis for development of effective security management practices and organisational security standards. Therefore, if a company is compliant with the ISO/IEC 17799 Standard, it will most likely meet IT management requirements found in other laws and regulations. However, because different standards strive for different overall objectives, auditors should point out that compliance with 17799 alone will not meet all of the requirements needed for compliance with other laws and regulations. Establishing an ISO/IEC 17799 compliance program could enhance a companys information security controls and IT environment greatly. Conducting an audit evaluation of the standard provides organizations with a quick snapshot of the security infrastructure. Based on this snapshot, senior managers can obtain a high-level view of how well information security is being implemented across the IT environment. In fact, the evaluation can highlight gaps present in security controls and identify areas for improvement. In addition, organizations looking to enhance their IT and security controls could keep in mind other ISO standards, especially current and future standards from the 27000 series, which the ISO has set aside for guidance on security best practices. (Edmead, M. T. 2006 retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) Tree Topology Tree topologies bind multiple star topologies together onto a bus. In its most simple form, only hub devices are directly connected to the tree bus and the hubs function as the root of the device tree. This bus/star hybrid approach supports future expandability of the network much better than a bus (limited in the number of devices due to the broadcast traffic it generates) or a star (limited by the number of hub ports) alone. Topologies remain an important part of network design theory. It is very simple to build a home or small business network without understanding the difference between a bus design and a star design, but understanding the concepts behind these gives you a deeper understanding of important elements like hubs, broadcasts, ports, and routes. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Use of the ring topology should be considered for use in medium sized companies, and the ring topology would also be the best topology for small companies because it is ensures ease of data transfer. Ring Topology In a ring network, there are two neighbors for each device, so as to enable communication. Messages are passed in the same direction, through a ring which is effectively either counterclockwise or clockwise. If any cable or device fails, this will break the loop and could disable the entire network. Bus Topology Bus networks utilize a common backbone to connect various devices. This backbone, which is a single cable, functions as a shared medium of communication which the devices tap into or attach to, with an interface connector. A device wanting to communicate with another device on the network sends a broadcast message onto the wire that all other devices see, but only the intended recipient actually accepts and processes the message. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Star Topology The star topology is used in a lot of home networks. A star network consists of a central connection point or hub that can be in the form of an actual hub, or a switch. Usually, devices will connect to the switch or hub by an Unshielded Twisted Pair (UTP) Ethernet. Compared to the bus topology, a star network generally requires more cable, but a failure in any star network cable will only take down one computers network access and not the entire LAN. If the hub fails, however, the entire network also fails. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Relating the security clauses and control objectives to an organisation In an organisation like the Nurht’s Institute of Information Technology (NIIT), the above mentioned security clauses and control objectives provide a high-level view of information security from different angles and a comprehensive set of information best security practices. Also, the ISO 17799 is designed for companies like NIIT, which aim to enhance their IT security, and to develop effective information security management practices. At NIIT, the local network relies to a considerable degree, on the correct implementation of these security practices and other algorithms so as to avoid congestion collapse, and preserve network stability. An attacker or hacker on the network can cause TCP endpoints to react in a more aggressive way in the face of congestion, by the forging of excessive data acknowledgments, or excess duplicate acknowledgments. Such an attack could possibly cause a portion of the network to go into congestion collapse. The Security Policy clause states that â€Å"support for information security should be done in accordance with the companys security policy.† (Edmead, M. T. 2006). This provides a foundation of the security framework at NIIT, and also provides information and direction on the organisation’s security posture. For instance, this clause helps the company auditors to determine whether the security policy of the company is properly maintained, and also if indeed it is to be disseminated to every employee. The Organizing Information Security clause stipulates that there should be appropriate management framework for the organisation’s security policy. This takes care of the organizational structure of NIIT’s security program, including the right security policy management framework, the securing of information assets from third parties, and the maintenance of information security during outsourced processing. At NIIT, the Security clauses and control objectives define the company’s stand on security and also help to identify the vital areas considered when implementing IT controls. The ISO/IEC 17799s 11 security clauses enable NIIT to accomplish its security objectives by providing a comprehensive set of information security best practices for the company to utilize for enhancement of its IT infrastructure. Conclusion Different businesses require different computer networks, because the type of network utilized in an organisation must be suitable for the organisation. It is advisable for smaller businesses to use the LAN type of network because it is more reliable. The WAN and MAN would be ideal for larger companies, but if an organisation decides to expand, they can then change the type of network they have in use. If an organisation decides to go international, then a Wireless Area Network can be very useful Also, small companies should endeavor to set up their network by using a client/server approach. This would help the company to be more secure and enable them to keep in touch with the activities of others are doing. The client/server would be much better than a peer-to-peer network, it would be more cost-effective. On the average, most organisations have to spend a good amount of money and resources to procure and maintain a reliable and successful network that will be and easy to maintain in the long run. For TCP Congestion Control, when CongWin is below Threshold, sender in slow-start phase, window grows exponentially. If CongWin is above Threshold, sender is in congestion-avoidance phase, window grows linearly. When a triple duplicate ACK occurs, Threshold set to CongWin/2 and CongWin set to Threshold, and threshold set to CongWin/2 and CongWin is set to 1 MSS when a timeout occurs. For a Small Office/Home Office (SOHO), networks such as wireless networks are very suitable. In such a network, there won’t be any need to run wires through walls and under carpets for connectivity. The SOHO user need not worry about plugging their laptop into docking stations every time they come into the office or fumble for clumsy and unattractive network cabling. Wireless networking provides connectivity without the hassle and cost of wiring and expensive docking stations. Also, as the business or home office grows or shrinks, the need for wiring new computers to the network is nonexistent. If the business moves, the network is ready for use as soon as the computers are moved. For the wired impossible networks such as those that might be found in warehouses, wireless will always be the only attractive alternative. As wireless speeds increase, these users have only brighter days in their future. (http://www.nextstep.ir/network.shtml) It is essential to note that the computer network installed in an organisation represents more than just a simple change in the method by which employees communicate. The impact of a particular computer network may dramatically affect the way employees in an organisation work and also affect the way they think. Bibliography Business Editors High-Tech Writers. (2003, July 22). International VoIP Council Launches Fax-Over-IP Working Group. Business Wire. Retrieved July 28, 2003 from ProQuest database. Career Directions (2001 October). Tech Directions, 61(3), 28 Retrieved July 21, 2003 from EBSCOhost database Edmead, M. T. (2006) Are You Familiar with the Most Recent ISO/IEC 17799 Changes? (Retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) FitzGerald, J. (1999), Business Data Communications And Networking Pub: John Wiley Sons Forouzan, B. (1998), Introduction To Data Communications And Networking Pub: Mc- Graw Hill http://www.theiia.org/itaudit http://www.theiia.org/ITAuditArchive/index.cfm?act=ITAudit.printiiid=467aid=2209 http://www.psc.edu/networking/projects/tcpfriendly/ ISO/IEC 17799:2000 – Code of practice for information security management Published by ISO and the British Standards Institute [http://www.iso.org/] ISO/IEC 17799:2005, Information technology – Security techniques – Code of practice for information security management. Published by ISO [http://www.iso.org/iso/en/prods-services/popstds/informationsecurity.html] Kurose, J. F. Ross, K. W. 2002. Computer Networking A Top-Down Approach Featuring the Internet, 2nd Edition, ISBN: 0-321-17644-8 (the international edition), ISBN: 0-201-97699-4, published by Addison-Wesley, 2002 www.awl.com/cs Ming, D. R. Sudama (1992) NETWORK MONITORING EXPLAINED: DESIGN AND APPLICATION Pub: Ellis Horwood Rigney, S. (1995) NETWORK PLANNING AND MANAGMENT YOUR PERSONAL CONSALTANT Round-Trip Time Estimation and RTO Timeout Selection (retrieved from http://netlab.cse.yzu.edu.tw/ns2/html/doc/node368.html) Shafer, M. (2001, June 11). Careers not so secure? Network Computing, 12(12), 130- Retrieved July 22, 2003 from EBSCOhost database Stevens, W. and Allman, M. (1998) TCP Implementation Working Group (retrieved from http://www.ietf.org/proceedings/98aug/I-D/draft-ietf-tcpimpl-cong-control-00.txt) Watson, S (2002). The Network Troubleshooters. Computerworld 36(38), 54. (Retrieved July 21, 2003 from EBSCOhost database) Wesley, A. (2000), Internet Users Guide to Network Resource Tools 1st Ed, Pub: Netskils www.microsoft.co.uk www.apple.com www.apple.co.uk www.bized.com http://www.nextstep.ir/network.shtml www.novell.com www.apple.com/business www.microsoft.com/networking/e-mails www.engin.umich.edu www.microsoft.com Computer Network Security within Organisations Computer Network Security within Organisations Networking and Management Introduction A computer network is a connection of two or more computers in order to share resources and data. These shared resources can include devices like printers and other resources like electronic mail, internet access, and file sharing. A computer network can also be seen as a collection of Personal computers and other related devices which are connected together, either with cables or wirelessly, so that they can share information and communicate with one another. Computer networks vary in size. Some networks are needed for areas within a single office, while others are vast or even span the globe. Network management has grown as a career that requires specialized training, and comes with management of important responsibilities, thus creating future opportunities for employment. The resulting expected increase in opportunities should be a determining and persuasive factor for graduates to consider going into network management. Computer networking is a discipline of engineering that involves communication between various computer devices and systems. In computer networking, protocols, routers, routing, and networking across the public internet have specifications that are defined in RFC documents. Computer networking can be seen as a sub-category of computer science, telecommunications, IT and/or computer engineering. Computer networks also depend largely upon the practical and theoretical applications of these engineering and scientific disciplines. In the vastly technological environment of today, most organisations have some kind of network that is used every day. It is essential that the day-to-day operations in such a company or organisation are carried out on a network that runs smoothly. Most companies employ a network administrator or manager to oversee this very important aspect of the company’s business. This is a significant position, as it comes with great responsibilities because an organisation will experience significant operational losses if problems arise within its network. Computer networking also involves the setting up of any set of computers or computer devices and enabling them to exchange information and data. Some examples of computer networks include: Local area networks (LANs) that are made up of small networks which are constrained to a relatively small geographic area. Wide area networks (WANs) which are usually bigger than local area networks, and cover a large geographic area. Wireless LANs and WANs (WLAN WWAN). These represent the wireless equivalent of the Local Area Network and Wide Area Networks Networks involve interconnection to allow communication with a variety of different kinds of media, including twisted-pair copper wire cable, coaxial cable, optical fiber, and various wireless technologies. The devices can be separated by a few meters (e.g. via Bluetooth) or nearly unlimited distances (e.g. via the interconnections of the Internet. (http://en.wikipedia.org/wiki/Computer_networking) TASK 1 TCP connection congestion control Every application, whether it is a small or large application, should perform adaptive congestion control because applications that perform congestion control use a network more efficiently and are generally of better performance. Congestion control algorithms prevent the network from entering Congestive Collapse. Congestive Collapse is a situation where, although the network links are being heavily utilized, very little useful work is being done. The network will soon begin to require applications to perform congestion control, and those applications which do not perform congestion control will be harshly penalized by the network, probably in the form of preferentially dropping their packets during times of congestion (http://www.psc.edu/networking/projects/tcpfriendly/) Principles of Congestion Control Informally, congestion entails that too many sources are sending too much data, and sending them too fast for the network to handle. TCP Congestion Control is not the same as flow control, as there are several differences between TCP Congestion Control and flow control. Other principles of congestion control include Global versus point-2-point, and orthogonal issues. Congestion manifests itself by causing loss of packets (buffer overflow at routers), and long delays (queuing in router buffers). Also, during congestion, there is no explicit feedback from network routers, and there is congestion inferred from end-system observed loss. In network-assisted congestion control, routers provide feedback to end systems, and the explicit rate sender sends at –Choke Packet. Below are some other characteristics and principles of congestion control: When CongWin is below Threshold, sender in slow-start phase, window grows exponentially. When CongWin is above Threshold, sender is in congestion-avoidance phase, window grows linearly. When a triple duplicate ACK occurs, Threshold set to CongWin/2 and CongWin set to Threshold. When timeout occurs, Threshold set to CongWin/2 and CongWin is set to 1 MSS. Avoidance of Congestion It is necessary for the TCP sender to use congestion avoidance and slow start algorithms in controlling the amount of outstanding data that is injected into a network. In order to implement these algorithms, two variables are added to the TCP per-connection state. The congestion window (cwnd) is a sender-side limit on the amount of data the sender can transmit into the network before receiving an acknowledgment (ACK), while the receivers advertised window (rwnd) is a receiver-side limit on the amount of outstanding data. The minimum of cwnd and rwnd governs data transmission. (Stevens, W. and Allman, M. 1998) TCP Flow Control In TCP flow control, the receiving side of the TCP connection possesses a receive buffer, and a speed-matching service which matches the send rate to the receiving application’s drain rate. During flow control, Rcvr advertises any spare room by including value of RcvWindow in segments, and the sender limits unACKed data to RcvWindow. TCP flow control also ensures that there is no overflow of the receive buffer. Round-trip Time Estimation and Timeout TCP Round Trip Time and Timeout are usually longer than RTT, but RTT varies, and has a slow reaction to segment loss. SampleRTT is measured time from segment transmission until ACK receipt, ignore retransmissions, and will vary, want estimated RTT â€Å"smoother† Round-trip time samples arrive with new ACKs. The RTT sample is computed as the difference between the current time and a time echo field in the ACK packet. When the first sample is taken, its value is used as the initial value for srtt. Half the first sample is used as the initial value for rttvar. (Round-Trip Time Estimation and RTO Timeout Selection) There are often problems due to timeouts, including the restriction of the sender that is compelled to wait until a timeout, and is able to do nothing during this period. Also, the first segment in the sliding window is often not acked, and retransmission becomes necessary, waiting again one RTT before the segment flow continues. It should be noted that on receiving the later segments, the receiver sends back ACKs. Estimated RTT EstimatedRTT = 0.875 * EstimatedRTT + 0.125 * SampleRTT DevRTT DevRTT = (1 0.25) * DevRTT + | SampleRTT – EstimatedRTT Timeout interval TimeoutInterval = EstimatedRTT + 4 * DevRTT The integrated services (IntServ) and DiffServ (Differentiated Services) architecture are two architectures that have been proposed for the provision of and guaranteeing of quality of service (QoS) over the internet. Whereas the Intserv framework is developed within the IETF to provide individualized QoS guarantees to individual application sessions, Diffserv is geared towards enabling the handling of different classes of traffic in various ways on the internet. These two architectures represent the IETF’s current standards for provision of QoS guarantees, although neither Intserv nor Diffserv have taken off or found widespread acceptance on the web. (a) Integrated Service Architecture In computer networking, the integrated services (IntServ) architecture is an architecture that specifies the elements for the guaranteeing of quality of service (QoS) on the network. For instance, IntServ can be used to allow sound and video to be sent over a network to the receiver without getting interrupted. IntServ specifies a fine-grained Quality of service system, in contrast to DiffServs coarse-grained system of control. In the IntServ architecture, the idea is that each router inside a system implements IntServ, and applications which require various types of guarantees have to make individual reservations. Flow Specs are used to describe the purpose of the reservation, and the underlying mechanism that signals it across the network is called RSVP. TSPECs include token bucket algorithm parameters. The idea is that there is a token bucket which slowly fills up with tokens, arriving at a constant rate. Every packet which is sent requires a token, and if there are no tokens, then it cannot be sent. Thus, the rate at which tokens arrive dictates the average rate of traffic flow, while the depth of the bucket dictates how large the traffic is allowed to be. TSPECs typically just specify the token rate and the bucket depth. For example, a video with a refresh rate of 75 frames per second, with each frame taking 10 packets, might specify a token rate of 750Hz, and a bucket depth of only 10. The bucket depth would be sufficient to accommodate the burst associated with sending an entire frame all at once. On the other hand, a conversation would need a lower token rate, but a much higher bucket depth. This is because there are often pauses in conversations, so they can make do with fewer tokens by not sending the gaps between words and sentences. However, this means the bucket depth needs to be increased to compensate for the traffic being larger. (http://en.wikipedia.org/wiki/Integrated_services) (b) Differentiated Service Architecture The RFC 2475 (An Architecture for Differentiated Services) was published In 1998, by the IETF. Presently, DiffServ has widely replaced other Layer 3 Quality of Service mechanisms (such as IntServ), as the basic protocol that routers use to provide different service levels. DiffServ (Differentiated Services) architecture is a computer networking architecture which specifies a scalable, less complex, coarse-grained mechanism for the classification, management of network traffic and for provision of QoS (Quality of Service) guarantees on modern IP networks. For instance, DiffServ can be used for providing low-latency, guaranteed service (GS) to video, voice or other critical network traffic, while ensuring simple best-effort traffic guarantees to non-critical network services like file transfers and web traffic. Most of the proposed Quality of Service mechanisms which allowed these services to co-exist were complicated and did not adequately meet the demands Internet users because modern data networks carry various kinds of services like streaming music, video, voice, email and also web pages. It would probably be difficult to implement Intserv in the core of the internet because most of the communication between computers connected to the Internet is based on a client/server structural design. This Client/server describes a structure involving the connection of one computer to another for the purpose of giving work instructions or asking it questions. In an arrangement like this, the particular computer that questions and gives out instructions is the client, while the computer that provides answers to the asked questions and responds to the work instructions is the server. The same terms are used to describe the software programs that facilitate the asking and answering. A client application, for instance, presents an on-screen interface for the user to work with at the client computer; the server application welcomes the client and knows how to respond correctly to the clients commands. Any file server or PC can be adapted for use as an Internet server, however a dedicated computer should be chosen. Anyone with a computer and modem can join this network by using a standard phone. Dedicating the server that is, using a computer as a server only helps avoid some security and basic problems that result from sharing the functions of the server. To gain access to the Internet you will require an engineer to install the broadband modem. Then you will be able to use the server to network the Internet on all machines on a network. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) TASK 5 Network security These days, computers are used for everything from shopping and communication to banking and investment. Intruders into a network system (or hackers) do not care about the privacy or identity of network users. Their aim is to gain control of computers on the network so that they can use these systems to launch attacks on other computer systems. Therefore people who use the network for these purposes must be protected from unknown strangers who try to read their sensitive documents, or use their computer to attack other systems, and send forged email, or access their personal information (such as their bank or other financial statements) Security Clauses The International Organisation for Standardizations (ISOs) 17799: 2005 Standard is a code of practice for information security management which provides a broad, non-technical framework for establishing efficient IT controls. The ISO 17799 Standard consists of 11 clauses that are divided into one or more security categories for a total of 39 security categories The security clauses of the ISO standard 17799:2005- code of practice for Information Security Management include: The security Policy clause Organizing Information Security Asset Management. Human Resources Security. Physical and Environmental Security. Communications and Operations. Access Control. Information Systems Acquisition, Development, and Maintenance. Information Security Incident Management. Business Continuity Management. Compliance. (http://www.theiia.org/ITAuditArchive/index.cfm?act=ITAudit.printiiid=467aid=2209) Here is a brief description of the more recent version of these security clauses: Security Policy: Security policies are the foundation of the security framework and provide direction and information on the companys security posture. This clause states that support for information security should be done in accordance with the companys security policy. Organizing Information Security: This clause addresses the establishment and organizational structure of the security program, including the appropriate management framework for security policy, how information assets should be secured from third parties, and how information security is maintained when processing is outsourced. Asset Management: This clause describes best practices for classifying and protecting assets, including data, software, hardware, and utilities. The clause also provides information on how to classify data, how data should be handled, and how to protect data assets adequately. Human Resources Security: This clause describes best practices for personnel management, including hiring practices, termination procedures, employee training on security controls, dissemination of security policies, and use of incident response procedures. Physical and Environmental Security: As the name implies, this clause addresses the different physical and environmental aspects of security, including best practices organizations can use to mitigate service interruptions, prevent unauthorized physical access, or minimize theft of corporate resources. Communications and Operations: This clause discusses the requirements pertaining to the management and operation of systems and electronic information. Examples of controls to audit in this area include system planning, network management, and e-mail and e-commerce security. Access Control: This security clause describes how access to corporate assets should be managed, including access to digital and nondigital information, as well as network resources. Information Systems Acquisitions, Development, and Maintenance: This section discusses the development of IT systems, including applications created by third-parties, and how security should be incorporated during the development phase. Information Security Incident Management: This clause identifies best practices for communicating information security issues and weaknesses, such as reporting and escalation procedures. Once established, auditors can review existing controls to determine if the company has adequate procedures in place to handle security incidents. Business Continuity Management: The 10th security clause provides information on disaster recovery and business continuity planning. Actions auditors should review include how plans are developed, maintained, tested, and validated, and whether or not the plans address critical business operation components. Compliance: The final clause provides valuable information auditors can use when identifying the compliance level of systems and controls with internal security policies, industry-specific regulations, and government legislation. (Edmead, M. T. 2006 retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) The standard, which was updated in June 2005 to reflect changes in the field of information security, provides a high-level view of information security from different angles and a comprehensive set of information security best practices. More specifically, ISO 17799 is designed for companies that wish to develop effective information security management practices and enhance their IT security efforts. Control Objectives The ISO 17799 Standard contains 11 clauses which are split into security categories, with each category having a clear control objective. There are a total of 39 security categories in the standard. The control objectives in the clauses are designed to meet the risk assessment requirements and they can serve as a practical guideline or common basis for development of effective security management practices and organisational security standards. Therefore, if a company is compliant with the ISO/IEC 17799 Standard, it will most likely meet IT management requirements found in other laws and regulations. However, because different standards strive for different overall objectives, auditors should point out that compliance with 17799 alone will not meet all of the requirements needed for compliance with other laws and regulations. Establishing an ISO/IEC 17799 compliance program could enhance a companys information security controls and IT environment greatly. Conducting an audit evaluation of the standard provides organizations with a quick snapshot of the security infrastructure. Based on this snapshot, senior managers can obtain a high-level view of how well information security is being implemented across the IT environment. In fact, the evaluation can highlight gaps present in security controls and identify areas for improvement. In addition, organizations looking to enhance their IT and security controls could keep in mind other ISO standards, especially current and future standards from the 27000 series, which the ISO has set aside for guidance on security best practices. (Edmead, M. T. 2006 retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) Tree Topology Tree topologies bind multiple star topologies together onto a bus. In its most simple form, only hub devices are directly connected to the tree bus and the hubs function as the root of the device tree. This bus/star hybrid approach supports future expandability of the network much better than a bus (limited in the number of devices due to the broadcast traffic it generates) or a star (limited by the number of hub ports) alone. Topologies remain an important part of network design theory. It is very simple to build a home or small business network without understanding the difference between a bus design and a star design, but understanding the concepts behind these gives you a deeper understanding of important elements like hubs, broadcasts, ports, and routes. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Use of the ring topology should be considered for use in medium sized companies, and the ring topology would also be the best topology for small companies because it is ensures ease of data transfer. Ring Topology In a ring network, there are two neighbors for each device, so as to enable communication. Messages are passed in the same direction, through a ring which is effectively either counterclockwise or clockwise. If any cable or device fails, this will break the loop and could disable the entire network. Bus Topology Bus networks utilize a common backbone to connect various devices. This backbone, which is a single cable, functions as a shared medium of communication which the devices tap into or attach to, with an interface connector. A device wanting to communicate with another device on the network sends a broadcast message onto the wire that all other devices see, but only the intended recipient actually accepts and processes the message. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Star Topology The star topology is used in a lot of home networks. A star network consists of a central connection point or hub that can be in the form of an actual hub, or a switch. Usually, devices will connect to the switch or hub by an Unshielded Twisted Pair (UTP) Ethernet. Compared to the bus topology, a star network generally requires more cable, but a failure in any star network cable will only take down one computers network access and not the entire LAN. If the hub fails, however, the entire network also fails. (www.redbooks.ibm.com/redbooks/pdfs/sg246380.pdf) Relating the security clauses and control objectives to an organisation In an organisation like the Nurht’s Institute of Information Technology (NIIT), the above mentioned security clauses and control objectives provide a high-level view of information security from different angles and a comprehensive set of information best security practices. Also, the ISO 17799 is designed for companies like NIIT, which aim to enhance their IT security, and to develop effective information security management practices. At NIIT, the local network relies to a considerable degree, on the correct implementation of these security practices and other algorithms so as to avoid congestion collapse, and preserve network stability. An attacker or hacker on the network can cause TCP endpoints to react in a more aggressive way in the face of congestion, by the forging of excessive data acknowledgments, or excess duplicate acknowledgments. Such an attack could possibly cause a portion of the network to go into congestion collapse. The Security Policy clause states that â€Å"support for information security should be done in accordance with the companys security policy.† (Edmead, M. T. 2006). This provides a foundation of the security framework at NIIT, and also provides information and direction on the organisation’s security posture. For instance, this clause helps the company auditors to determine whether the security policy of the company is properly maintained, and also if indeed it is to be disseminated to every employee. The Organizing Information Security clause stipulates that there should be appropriate management framework for the organisation’s security policy. This takes care of the organizational structure of NIIT’s security program, including the right security policy management framework, the securing of information assets from third parties, and the maintenance of information security during outsourced processing. At NIIT, the Security clauses and control objectives define the company’s stand on security and also help to identify the vital areas considered when implementing IT controls. The ISO/IEC 17799s 11 security clauses enable NIIT to accomplish its security objectives by providing a comprehensive set of information security best practices for the company to utilize for enhancement of its IT infrastructure. Conclusion Different businesses require different computer networks, because the type of network utilized in an organisation must be suitable for the organisation. It is advisable for smaller businesses to use the LAN type of network because it is more reliable. The WAN and MAN would be ideal for larger companies, but if an organisation decides to expand, they can then change the type of network they have in use. If an organisation decides to go international, then a Wireless Area Network can be very useful Also, small companies should endeavor to set up their network by using a client/server approach. This would help the company to be more secure and enable them to keep in touch with the activities of others are doing. The client/server would be much better than a peer-to-peer network, it would be more cost-effective. On the average, most organisations have to spend a good amount of money and resources to procure and maintain a reliable and successful network that will be and easy to maintain in the long run. For TCP Congestion Control, when CongWin is below Threshold, sender in slow-start phase, window grows exponentially. If CongWin is above Threshold, sender is in congestion-avoidance phase, window grows linearly. When a triple duplicate ACK occurs, Threshold set to CongWin/2 and CongWin set to Threshold, and threshold set to CongWin/2 and CongWin is set to 1 MSS when a timeout occurs. For a Small Office/Home Office (SOHO), networks such as wireless networks are very suitable. In such a network, there won’t be any need to run wires through walls and under carpets for connectivity. The SOHO user need not worry about plugging their laptop into docking stations every time they come into the office or fumble for clumsy and unattractive network cabling. Wireless networking provides connectivity without the hassle and cost of wiring and expensive docking stations. Also, as the business or home office grows or shrinks, the need for wiring new computers to the network is nonexistent. If the business moves, the network is ready for use as soon as the computers are moved. For the wired impossible networks such as those that might be found in warehouses, wireless will always be the only attractive alternative. As wireless speeds increase, these users have only brighter days in their future. (http://www.nextstep.ir/network.shtml) It is essential to note that the computer network installed in an organisation represents more than just a simple change in the method by which employees communicate. The impact of a particular computer network may dramatically affect the way employees in an organisation work and also affect the way they think. Bibliography Business Editors High-Tech Writers. (2003, July 22). International VoIP Council Launches Fax-Over-IP Working Group. Business Wire. Retrieved July 28, 2003 from ProQuest database. Career Directions (2001 October). Tech Directions, 61(3), 28 Retrieved July 21, 2003 from EBSCOhost database Edmead, M. T. (2006) Are You Familiar with the Most Recent ISO/IEC 17799 Changes? (Retrieved from http://www.theiia.org/ITAuditArchive/?aid=2209iid=467) FitzGerald, J. (1999), Business Data Communications And Networking Pub: John Wiley Sons Forouzan, B. (1998), Introduction To Data Communications And Networking Pub: Mc- Graw Hill http://www.theiia.org/itaudit http://www.theiia.org/ITAuditArchive/index.cfm?act=ITAudit.printiiid=467aid=2209 http://www.psc.edu/networking/projects/tcpfriendly/ ISO/IEC 17799:2000 – Code of practice for information security management Published by ISO and the British Standards Institute [http://www.iso.org/] ISO/IEC 17799:2005, Information technology – Security techniques – Code of practice for information security management. Published by ISO [http://www.iso.org/iso/en/prods-services/popstds/informationsecurity.html] Kurose, J. F. Ross, K. W. 2002. Computer Networking A Top-Down Approach Featuring the Internet, 2nd Edition, ISBN: 0-321-17644-8 (the international edition), ISBN: 0-201-97699-4, published by Addison-Wesley, 2002 www.awl.com/cs Ming, D. R. Sudama (1992) NETWORK MONITORING EXPLAINED: DESIGN AND APPLICATION Pub: Ellis Horwood Rigney, S. (1995) NETWORK PLANNING AND MANAGMENT YOUR PERSONAL CONSALTANT Round-Trip Time Estimation and RTO Timeout Selection (retrieved from http://netlab.cse.yzu.edu.tw/ns2/html/doc/node368.html) Shafer, M. (2001, June 11). Careers not so secure? Network Computing, 12(12), 130- Retrieved July 22, 2003 from EBSCOhost database Stevens, W. and Allman, M. (1998) TCP Implementation Working Group (retrieved from http://www.ietf.org/proceedings/98aug/I-D/draft-ietf-tcpimpl-cong-control-00.txt) Watson, S (2002). The Network Troubleshooters. Computerworld 36(38), 54. (Retrieved July 21, 2003 from EBSCOhost database) Wesley, A. (2000), Internet Users Guide to Network Resource Tools 1st Ed, Pub: Netskils www.microsoft.co.uk www.apple.com www.apple.co.uk www.bized.com http://www.nextstep.ir/network.shtml www.novell.com www.apple.com/business www.microsoft.com/networking/e-mails www.engin.umich.edu www.microsoft.com

Red Bull Case Study

Q1. The pure and strong cola drink comes with all power packs. By looking at Red bull cola drink and its profile, I would prefer to target two market segments specifically; behavourial and psychographic. I will pre-dominantly be focusing at behavourial segmentation. As it going to speak much about product’s quality. BEHAVOURIAL SEGMENTATION: Behavourial segmentation is the major segmentation which I would like to focus in order to be succeeded in capturing market. The very vital point through I feel that market of Red Bull cola can flourish is the quality and awareness to people of its product. QUALITY: Red bull cola that holds natural and pure ingredients plus there are no sweeteners, preservatives and artificial colour in the drink. Just a simple dedicated pure drink which enhance the quality of brand. Product quality must be differentiation point from competitors. ?AWARENESS: This is perhaps the best option where Red Bull cola can flourish their self. One way or another; th is is the most important part of segmentation. This is where they have to get their strategy right, Red bull cola making awareness to particularly people of UK, who are very conscious about their health and diet. The message which can be send by Red Bull cola about their drink is that; it is fully designed to people’s preference diet. As it is the only drink which contains the original kola nut and coca leaf with more caffeine that helps people to stay active in their day to day life. There is no artificial colour, preservatives and sweeterners. Therefore, it is build to serve your health most than other cola drinks. It’s ‘100% natural and strong’. PSYCHOGRAPHIC: Marketers are increasingly segmenting their market on consumer’s lifestyle. Red Bull cola must also target psychographic segments as it appeals to be iconic brand. They have more focus on life style and social class of people. They are trying to be trendy. ?SOCIAL CLASS: I would further like to divide social class into disco club, gig, sporting venues and musical concerts. Red bull segmenting social class may also prove to be a fruitful venture. This segment target those people who loves to go gigs, concert, sporting venues and disco clubs. Red bull cola will be main organizers of above areas and that create an icon in consumers mind about Red Bull cola essentials. ?LIFE STYLE: The reason I have chosen lifestyle segmentation is because the people of UK more renown as the nation who loves to be healthy and fit. Perhaps we can say them mainstreams, these people need security. They will buy well known, safe brands and avoid risk. Therefore Red Bull cola is just tailor made for those who loves to go secure. Red Bull cola is 100% pure and strong and dismiss the philosophy of artificial flavour. You can take it with you on exercise, you can use it as appealing product. Red Bull brand name says it all. Q2. Red bull cola wants to sparkle in a way with their product ingredients information. Therefore, their message is clear; they want to captualize the market on basis of pureness and naturalism of their product. As they have used slogan â€Å"strong and natural† prominently. According to them â€Å"we use high quality, authentic ingredients that create a greater tasting out of other cola†. However, Red bull campaign for their energy drink went successful when represent their brand by cartonize advertisement and appealing slogan â€Å"Red bull gives you wings†. Red Bull Cola marketing campaign much focusing strategically on psychographic segmentation particularly than any other segment. 00% natural ingredients may get customer toward them but high caffeine; once again prove to be a barrier in their targeting customer. Before I get to strategic segments let me post the article which Red Bull cola has disclosed. â€Å"LONDON: Red bull unveils ? 2 million campaigns for simply cola – Red Bull is rolling out a ? 2m marketing drive to support its e ntry into the ultra-competitive cola market, which will push the naturalness of the product† – DATED: June 08. STRATEGIC SEGMENTS: Market and service segments which require changes in marketing mix can be distinguished from strategic segments. Strategic segments are those segments which are aligned by company for long period of return. In other words they look out for longer vision of company which compromises strategic planning. They can by outlined by 4 P’s, let me explain the Red Bull Cola’s strategy on 4P’s which I believe they belong to. 4 P’s; product, price, promotion and place. ?PRODUCT: This is the very important point and red bull cola trying a lot to stick with it. Product’s information, as they defines it’s a 100% natural product, contains no artificial colour, sweeteners and preservatives. Truly a pure blend of 100% natural sources. Perhaps, they want to create product differentiation from competitors by adding natural ingredients, this is where they strengthening their product knowledge. This is where their main target is; to catch the market on the basis of product quality. Thus, for that they have to put the message right to the people. However, product is sold in 25cl and 35. 5cl cans, and it also comes in multipack of containing 4 bottles in it. ?PRICE: Price which are red bull cola charging is varying in different stores, Tesco selling it at ? 1. 0, Waitrose selling at ? 1. 20 and Budgens at ? 1. 09. By looking out the prices they are charging we can say that they are charging premium price for their product where as their giant competitors (PEPSI and COCA-COLA) sell their cola drink mostly on 60pence. Therefore, they are charging almost double of their competitors drink. The value added for their premium price is that red bull cola blended from 100% natural sour ces â€Å"Strong and Natural. † ?PROMOTION: Red bull cola, particularly promoting their drink by slogan â€Å"Natural drink†; through which customers normally are attracted. They have achieved a great amount of success by setting energy drink slogan â€Å"Red bull gives you wings†. However, as far as their promotion activities are concern, they are putting banners and advertisement in almost every store, and also offering free fridge to stores for placing their cola drink in unique and catchy way for customer. ?PLACE: The product is also in clubs, bars, restaurants and stores. Whereas Coca-Cola and Pepsi cola drink are normally not available in most of clubs and bars; where they have targeted places like clubs and bars. As per red bull cola’s initial strategy was capture the people who attends musical and sporting events, thus in cola drink they are also targeting the same genre. CONCLUDING 4P’s STRATEGY OF RED BULL COLA: The main thing which I have observed that Red Bull Cola targeting is specifically product and promotion. Even though they are not emphasizing enough on price and place. Product information which underlay product topic plays evenly crucial and important role to push Red Bull Cola one step ahead of competitors. However for that they have to get promotion strategy right. Q3. How is Red Bull differentiated from its competitors? Red Bull Cola is differentiates itself in four main ways from its competitors (Coca-Cola and Pepsi Cola). Those four ways are ingredients, taste, appearance and price. INGREDIENTS: The Red Bull Cola drink is only cola drink which contains original coca leaf and kola nut. Other ingredients which they have used are; †¢Galangal †¢Lemon/Lime †¢Vanilla †¢Cinnamon †¢Cardamom †¢Orange †¢Corn mint ea †¢Ginger †¢Mace †¢Coca †¢Mustard seeds. †¢Clove †¢Liquorice †¢Pine Whereas, Pepsi and Coca-Cola use ingredients like caffeine, caramel flavour, natural flavour, phosphoric acid, carbonated water and high fructose corn syrup (sugar). TASTE: Apparently the taste of Red Bull Cola is much different than the taste of its competitors, and that is quite understandable as well, as Red Bull Cola contains original sources of Cola drink; like original coca leaf and kola nut. In my survey; which is enclosed at the end of question 5, lot of people are quite surprised to taste original cola drink taste (Red Bull cola) as they were very much addicted of Coca-Cola and Pepsi Cola taste. APPEARENCE: The can of Red Bull cola is very much different than the can of Coca-Cola and Pepsi cola. Pepsi and Coca-Cola has almost same type of can. However, Red bull can is much taller and thinner in size as compared to Pepsi and Coca-Cola. PRICE: Price which is charged by Red Bull Cola drink is almost double of price which is charged by their competitors; however they are also giving value added as their drink is extracted from 100% natural sources. Q.. 4 Target market is basically a breaking of market in segments and then focusing on particular key segments. It helps business to be cost effective when 4Ps are applied within the selected or desired market segments. Red Bull Cola mainly targeting the psychographic segmentation, and at some extent Red Bull nergy drink is also targeting psychographic segmentation. Now let me explain some of the advertisement of Red Bull energy drink that has made on athletes. On their website I have seen video and testimonials of people which were something like this. A girl 24 year old doing climbing rock because she drinks red bull energy drink; she got the energy which she ever wanted. A 23 yea r old guy who's a motor cycle champion in 2008 uses same drink because he wants energy to perform exceptionally well, same with the person who is 34 year old and doing water sports. So the main theme is that if u wants to feel energy use red bull energy drinks. Whereas, Red Bull cola for those who wants to drink fresh and natural drink because Red Bull cola is made of natural ingredients, no sweeteners, no artificial flavour and no artificial colour – 100% natural. However, Red Bull GmbH targets the social and sporting events specifically to leave a note on people’s mind, for example that they proudly presents x games; in one way or another they are playing a mind game here, they are encoding a indirect message that passionate and extra ordinary athletes having a drink like Red Bull; so if you have similar passion or desire then you also try Red Bull. COMPARING TARGET MARKET: To some extent Red Bull cola and energy drink; both are falling into a same target market; as ?Both are being sold in same stores normally. ?They both are trying to capture market on basis of psychographic segmentation, as red bull cola is targeting health conscious people and red bull energy drink targeting lifestyle of people who wants to feel pure freedom, who wants to try something new, energetic and innovative generation. However both underlay in psychographic segmentation. Both drinks are meant to boost up energy level. One is â€Å"Strong and Natural† so other is mainly energy drink. ?Both products are proud organizers of musical, games and social events. POSITIONING: Positing is simply that how customer recall your product. By looking Red Bull Cola slogan â€Å"Natural and Strong† one can say; whenever customer think about original cola drink; first thing which they will get in their mind is Red Bull Cola drink as it is 100% natural. Whereas, Red Bull energy drink has now a firm grasp in world as one of leading energy drink, therefore whenever some one think about energy then he must think about Red Bull energy drink, further more their slogan says it all which is proving to be a very successful slogan for capturing market â€Å"Red Bull Gives You Wings. † Q5. Through my research and findings, I came to this point that red bull cola can not survive for long in market. There is not reason but reasons that can leave red bull’s step of introducing cola in vain. Many have come and many have failed in sector of cola. After my qualitative research I would like to mention the things which are potential threats to red bull cola’s fancy entry, competitors, alternatives of product, price, taste and expectations. First thing which is consistently giving red signal to red bull cola entry is their giant competitors; Coca Cola and Pepsi Cola. The reason I all them giant competitors is because they are the oldest companies in cola sector and has world wide distribution mechanism. Through their product life they have targeted the every market segmentation; plus they hold customer loyalty status that has positive response to their cola drinks. Second thing which is bothering to Red Bull Cola at the moment is alternatives to a product. Basically we can say it change of people preference culture. As per healthy requirement; people are now moving to a product which offers more nutrition and energy; just like natural fruit drink and energy drinks. Thus change in preference culture has not only affected the Red Bull cola but also to giant companies (Pepsi and Coca Cola); as their profits of last two year has slimed. But at this point, some may say this is the right time to capture market but I personally dismiss this idea. Thirdly, their pricing strategy didn’t work out properly. In other words, barrier from Red Bull cola to their customer is high ‘price’. Even if above two threats (competitors and alternatives to product) satisfy the product needs – still price problem will stand firm. Therefore, product’s price is not at good value. Fourth thing which I want to languish here is the taste of Red Bull Cola differs a lot from the taste of others cola drinks. People are so used to taste of Coca Cola and Pepsi Cola that even if they taste pure cola like Red Bull Cola they dismiss its taste preference. Now last and final threat through which I think they can’t be succeeded into the UK market is that they haven’t lived up to the people’s expectation. People were expecting something innovative and energetic from Red Bull Company, but unfortunately it hasn’t come out to be a product which people were expecting. However, bottom line is that Red Bull Cola has come up with flop strategy that seriously need to be reviewed because the threats that are standing as barrier for Red Bull Cola for flourishing in markets are very competitive and strong.

Hybrid vs Conventional Vehicles Essay

Today’s universe is a universe where everyone has to be someplace at a certain clip. This means you normally have to go to acquire at that place. What I normally do to acquire someplace is to acquire in my truck and thrust at that place myself in my conventional truck. There are many obstructions that I run into when I have to drive though. Gas. energy. and the air pollution my truck causes are merely some of the jobs with this. A intercrossed vehicle would assist me out with all of these jobs. I think that intercrossed vehicles are much more efficient and have manner more positives than a conventional auto. Whenever you think about driving. what is the 1 most of import thing that comes to mind? For me. I would hold to state that gasolene is the biggest factor on whether I am able thrust someplace or non. The job with gasolene these yearss are the high monetary values ( Anderson ) . If you had a loanblend. this would non be as large of a job with a conventional auto. A batch of my gas gets wasted from holding to halt and travel in traffic and pressing the gas to acquire my engine up to the flow of traffic or up to the velocity bound. In a intercrossed auto. the engine shuts off temporarily when you are stopped in traffic in order to salvage your gas and non do you blow as much ( Anderson ) . There is no manner that you could make this with a conventional auto. This is a large positive for intercrossed autos in my sentiment. The engine temporarily closing off besides helps to salvage on energy. which is my following chief point. Conventional autos and intercrossed autos are two different things when it comes to energy. Conventional autos work by utilizing an engine and gasolene to run the vehicle. Hybrid autos are much more efficient when energy comes into drama though. There are two types of intercrossed autos that work in different ways ( Powers ) . Parallel intercrossed autos are the first type. These types use both a fuel armored combat vehicle with gasolene and a set of batteries in which both the electric motor and the engine can turn the transmittal at the same clip ( Powers ) . Series intercrossed autos are the 2nd type. In this type. the gasolene engine turns a generator and the generator either charges the batteries or powers the electric motor that is used to turn the transmittal. The electric motor gets its power from the battery but it ne'er loses all of its energy ( Powers ) . You are likely inquiring how that is. This is a technique known as regenerative braking. Regenerative braking is the recapturing of energy ( Powers ) . These intercrossed autos besides have another manner of ne'er running out of energy. The battery can besides be recharged by power from the gas engine ( Powers ) . My last point that I wanted to convey up is the air pollution factor. Air pollution is a large job in the universe today ( Garcia ) . There are many pollutants that are emitted from motor vehicles such as C dioxide. N oxides. volatile organic compounds. C monoxide. hydrocarbons. and sulfur oxides ( Garcia ) . These pollutants could impact your visibleness and your wellness every bit good ( Garcia ) . This is a really good ground to do the passage from conventional vehicles to intercrossed vehicles entirely. Why would you utilize a conventional auto. which produces many types of pollutants. over a intercrossed auto which produces barely any pollutants at all ( Garcia ) ? We would assist the environment and assist many different people out with pollution if we all choose to do the passage from conventional to hybrid. So all in all. I think you could see why holding a intercrossed auto would be more utile than holding a conventional auto. Of class we have all gotten used to driving our ain conventional autos. and we have all gotten used to traveling about and acquiring gas and normally holding to pay excessively much for it. ground being to why we should all do the passage over to the intercrossed autos. They are more efficient. less money consuming in the long tally. aid cut down on the air pollution that conventional autos put out. and should get down acquiring cheaper one time more people start change overing over to the loanblend. I think that everyone can see with all of these solutions and all of these positives that the intercrossed autos are traveling to take over more Oklahomans than subsequently. Works Cited Nice. Karim. and Julia Layton. â€Å"How Hybrid Cars Work† 20 July 2000. n. d. 16 July 2012. Garcia. Jorge. â€Å"Air Quality: Vehicle Emissions and Air Quality. † 18 Oct. 2006. Idaho Department of Environmental Quality. hypertext transfer protocol: //www. deq. province. Idaho. us/air/prog_issues/pollutants/vehicles. cfm ( 18 Oct. 2006 )

The Pros And Cons Of Technology - 733 Words

Technology is a distraction â€Å"Among the worst offenders were students at Queen Mary University of London, where there were 54 instances of cheating – two-thirds of which involved technology. At the University of Surrey, 19 students were caught in 2016, 12 of them with devices. Newcastle University, one the bigger institutions to provide data, reported 91 cases of cheating – 43% of which involved technology.† According to www.guardian.com Technology gets in the way of learning. The issue is that students are cheating rather than putting what they actually know and that can make that students life way harder. Cause in the future you can’t cheat everything in life. Say your kid cheated on his homework, then it comes to a test, he most†¦show more content†¦online, making it that much more difficult for teachers to know if the work their students hand in is original† according to â€Å"The Pros and Cons of Technology† by Amanda Ronan. She works with Edudemic conn ecting technology. Edudemic was created in 2010 and has grown into one of the most popular destinations to cover teaching, learning, and how technology positively shapes our education. â€Å"When you look at a recent Pew survey, you find that 98 percent of the teenagers have mobile phones. That’s up from 33 percent just in 2011. So it’s available and easy to use. If I don’t get caught and everyone else is doing it, guess what? They do it as well.† Says by Nile Nickel a technology and social media expert. â€Å"Data obtained by the Guardian through freedom of information requests found a 42% rise in cheating cases involving technology over the last four years – from 148 in 2012 to 210 in 2016. Last year, a quarter of all students caught cheating used electronic devices.† According to â€Å"Guardian through freedom of information† Yes, technology can benefit students in some ways like for the students to get their homework done faster. But do those student’s learn from it cause all they did was look up the answer and then moved on to the next question. Also kid’s do cheat a lot on their test according to The Education Testing Service/ Ad Council Campaign to Discourage Academic Cheating they say, â€Å"73% of all testShow MoreRelatedPros And Cons Of Technology1137 Words   |  5 Pages Technology in the past three decades has developed at such an increasingly rapid rate that the last decade’s generation is defined as â€Å"being born in the technological age†. People born in the 1990s are considered the last kids to have known a life without smartphones and computer technology creeping into every aspect of their lives. There are pros and cons to technology, with most of the cons being discovered ever increasingly as people become more and more intertwined with their own personal d evicesRead MorePros And Cons Of Technology986 Words   |  4 PagesIs technology a curse or blessing? Technology has a dramatic effect on the way we gather and use information. It has impacted daily lives and changed the way people perceive and process information. Many articles have been written about the effects on humans of having so much information immediately available to them. Clive Thompson, a Canadian freelance a journalist and technology writer, discusses the pros and cons of technology use in his book â€Å"Smarter than you think: How Technology is ChangingRead MoreThe Pros And Cons Of Technology1591 Words   |  7 PagesYes: In the world we live in, technology is advancing everywhere from software to machines and even cooking utensils. Improvements to our lives, by technology, include electricity, medical technology, fast productions and, Access to information and education. Without technology the world would be different and it would leave us at a disadvantage. Imagine a world without internet where your teacher assigns you an essay to research nuclear fission. Without the internet, you would have to go toRead MoreThe Pros And Cons Of Technology1289 Words   |  6 PagesIs the technology in today’s world a positive advancement? Over the past few years technology has basically taken over our society. It isn’t just young people that use technology, it is all groups of people, that includes toddlers all the way up to elders. Technology is a major part of today’s society and makes many tasks a lot easier. One major issue with technology is that it’s abused and many people rely on it. Technology is â€Å"dumbing down† today’s society. Technology has not only been a benefitRead MorePros And Cons Of Technology874 Words   |  4 PagesModern humanity can hardly imagine life without technology. Technologies have become an integral part of people’s lives. Every day, people invent new devices or improve the existing ones. Humanity differs by their attitudes to new inventions. Some people believe that sophisticated gadgets are actually useful and necessary, while others concentrate on the negative impact on people and their lives. Similar technologies are specially created for performing the hardest and most monotonous work. EvenRead MorePros And Cons Of Technology1631 Words   |  7 Pagesof us wonder if technology is affecting society for the better, or for the worse. I believe there are major issues on the rise with today’s trending technologies. However, like most thing’s, there are both pro’s and con’s to the way technology affects our society. It has a way of giving us new exper iences, but in some situations technology can actually take away certain experiences. I’d like to explain my reasoning for those beliefs, and better explain that it’s not that technology is good or badRead MoreTechnology : The Pros And Cons Of Technology1668 Words   |  7 Pagespast 10 years technology has changed a drastic amount. Its now more common to have a smart phone then to have a flip phone. It’s also more common to text some rather then call them. Now there is a lot of benefits that can come from technology and I am a strong supported of using it, but its also important to use it the correct way. We all have to limit how much time we spend on technology and if you’re a parent its your reasonability to limit how much time your kids spend on technology. After spendingRead More The Pros and Cons of Technology Essay1525 Words   |  7 PagesThe Pros and Cons of Technology As far back as I can remember my family and I have taken advantage of technology. The types of technology have changed over the years, along with our usage and dependence on it. Technology is a fundamental part of our lifestyle, including both work and play. What is interesting is that we also have many friends who use very little technology in their day-to-day living. This drastic difference makes one wonder how necessary the technology really is, and whether orRead MoreThe Pros And Cons Of Technology Integration958 Words   |  4 PagesTechnology in K-12 Schools This article discusses the pros and cons of technology integration. There are many arguments and fair points on each end of the spectrum, but it all comes down to how we must progress with technology. Public schools in the United States have more than 5.8 million computers in the schools, and that equals to one computer per nine students, and while seems like a lot, it does not allow every student access, so teachers are less likely to use computers in their lessons (Wurster)Read MorePro And Cons Of Technology Essay1287 Words   |  6 PagesIntroduction For the 21-century learner, learning how to navigate technology is essential to success in life. In addition to reading, math, social studies, and science, technology is becoming an important part of curriculum. Integration of technology into already existing curriculum is necessary to maximum instructional time. In addition to preparing learners for technology use in future occupations, technology can enhance a student’s learning especially in reading. With the invention of many