Different Types Of Network Devices

Different Types Of Network Devices Infrastructure security depends on the correct use of the network components. Network components are an essential aspect of the computing environment to improve the performance and security. The network components such as routers, switches and cables connect to the firewalls and gateways that manage communication from the network design to the protocols employed. If security fails then the availability of the system fails. Security failures can occur in two ways as follows: 1. Sometimes unauthorised users access the resources and data, which they are not authorised to use. 2. Security failure prevents the user from accessing the resources and data, the user is authorised to use. Both these security failures are serious. Hence, primary goal of network infrastructure security is to allow all authorised usage and deny all unauthorised usage of resources. 8.2 Devices Todays business environment consists of not only clients and servers but also network devices that are required to connect them. These network devices are called communication devices. These devices are hubs, switches, routers, LAN cards, gateway, modem, hardware firewall and so on. This also includes wireless access points, special-purpose devices such as Virtual Private Network (VPN) devices. Each of these devices has a specific network functions and plays an important role in maintaining network infrastructure security. 8.2.1 Workstations The workstations are client computers in the client-server architecture. This device is used to send and receive e-mail, to create spreadsheets, to write report in a word processing program and to play game. Many threats to information security can start at a workstation when it is connected to a network. Workstation security can be maintained by following basic steps as follows: Remove all share point that is not required. Rename the administrator account and secured it with a strong password. Remove unnecessary user accounts. Install an antivirus program and keep it updated. Disable USB ports in CMOS settings to restrict data transfer through USB devices. Install firewall between the machine and the Internet. Install latest patch for the operating system (OS) and keep the OS up to date. 8.2.2 Servers Servers are the computers in a network that host applications and data for users to share. Servers are available in many sizes, from small single CPU systems to multiple CPU systems such as mainframe computers. Servers use operating system such as Windows Server, Linux, UNIX and other mainframe operating systems. Server OS is more robust than the workstation OS and is designed to service multiple users over a network at the same time. Workstation security basic steps are applicable to server as well. 8.2.3 Network Interface Cards Network Interface Card (NIC) is a hardware device used to connect a server or workstation to a network. A NIC is used for particular type of network connection, either ethernet or token ring. In local area networks, ethernet protocol is the most common network type in use and RJ-45 is most common connector. A NIC is the physical connection between a computer and the network. NICs are available as single-port and multiport NIC. Workstation use single-port NIC, as only a single network connection is required. Whereas, server use multiport NIC to increase the number of network connections that increases the data throughput to and from the network. Every NIC has a 48-bit unique number, referred to as a Media Access Control (MAC) address which is stored in Read Only Memory (ROM). MAC address is used in the addressing and delivery of network packets to the correct system. 8.2.4 Hubs Hub is a central connecting device in a computer network. It connects multiple machines together in a star configuration with the hub as the centre. Hub broadcasts all data packets that are received, to all LAN cards in a network. The intended recipient picks the data and all other computers discard the data packets. Hub has five, eight, sixteen and more ports. One of the ports is called uplink port and this port is used to connect with the next hub. 8.2.5 Bridges Bridges operate at the data link layer of the OSI model. Bridges check the incoming traffic and decide whether to forward or discard it. 8.2.6 Switches Switches are a type of networking device similar to hubs, which connect network equipment together. In todays high-performance network environment switches have replaced both hubs and bridges. Switches operate at the data link layer of the OSI model. It uses MAC address of network cards to route packets to the correct port. Switches are intelligent network devices and are therefore can get hijacked by hackers. Switches are administered using the Simple Network Management Protocol (SNMP) and telnet protocol. Both the protocols have a serious weakness. These two protocols send passwords across the networks in clear text. In such instances hacker can capture the administrative password. The major problem with the switch is that it ship with default passwords. If user does not change this password during setup, hacker can easily access it. Caution: To secure a switch, disable all access protocols other than a secure protocol such as Secure Shell (SSH). Use only secure methods to access switch will limit the exposure to hackers and malicious users. 8.2.7 Routers Router connects two or more computer networks and then exchanges packets of data between them. Each data packet contains address information that a router can use to determine if the source and destination are on the same network, or if the data packet must be transferred from one network to another. Routers operate at the network layer of the OSI model. It has two or more network interfaces through which network traffic is forwarded or blocked. They are used to segment networks into smaller subnets or to link multiple networks together. The router decides how and when to forward packets between the networks based on an internal routing table. Routing table tells the router which packets to forward. Routers allow technicians to explicitly deny some packets the ability to be forwarded between segments. For example, internal security features of some routers can prevent users on the internal network from using telnet to access external system. Telnet is always a security risk as the passwords and all communications are transmitted in clear text. Hence, do not create telnet sessions between the internal network and an external network. Router has the ability to block spoofed packets. Spoofed packets are packets that contain an IP address in the header which is not the actual IP address of the source computer. Hackers used this technique to fool the systems showing that the packet came from an authorised system whereas, it actually came from the hackers system. Router has the ability to drop such packets. Routers are available in various sizes, small and big and from different vendors. Small router is used with cable modem and DSL service. (Figure). Larger routers handle traffic of up to tens of gigabytes per second per channel, using fibre optic cables and moving tens of thousands of concurrent Internet connections across the network. 8.2.8 Firewalls A firewall is hardware or a software program that is used to protect an internal network from outside intruders. It is much like a wall with a window. The wall keeps things out, except those permitted through the window. (Figure.). Network security policies act like a glass in the window. Security policies define what traffic is permissible and what traffic is to be blocked or denied. For example, Web server connected to the Internet may be configured to allow traffic only on port 80 for HTTP and have all other ports blocked. Firewall allows only the necessary access for a function, and block or denies all unnecessary functions. 8.2.9 Wireless In wireless device, radio waves or infrared carry data, that allows anyone within range access to the data. Placing a wireless device behind the firewall does not serve, as firewall stops only physically connected traffic from reaching the device. The devices associated with wireless networking are wireless access points. The wireless network cards are used to communicate with the access points. (Figure). Wireless access points have a limited range within which they can communicate with the client systems. When planning a wireless implementation within a new construction, make sure that the external walls contain metal studs that are grounded. Create wireless shield by using thin layers of aluminium under the drywall. This will block radio transmission into and out of the building. This will also interfere with pager and cellular phone usage. Note: Applying secure transmission protocols and configuring the wireless access point to only accept authorised connections will help in securing a network. 8.2.10 Modems Modulator and Demodulator (Modem) converts analogue signals to digital and vice versa. Modems are slow method of remote connection that is used to connect client computers to remote services over standard telephone lines. Modems are becoming less necessary, but many corporate systems still have modems installed for remote access. In corporate network, modems are located in Remote Access Service (RAS) servers and fax servers. Corporate users remotely access their system configuring modem in their PC. This is done when no other remote access solution is available or the existing remote access solution is inconvenient. These types of situations can provide an intruder the entry point to a network. The best solution to avoid this is to implement a security policy to control the installation of modems on corporate systems. Also verify that systems which need modems are properly secure. 8.2.11 Telecom/PBX In the IT security field Telecommunication (Telecom) is often overlooked. Most small companies use a small number of dedicated telephone lines for both incoming and outgoing calls. However, in larger companies having dedicated lines for thousands of employees is both inefficient and expensive. Hence, to overcome these problems install a Private Branch eXchange (PBX). A PBX is a device that handles routing of internal and external telephone lines. This allows a company to have limited number of external lines and an unlimited number of internal lines. PBX systems are cost beneficial to large companies but they also have their own vulnerabilities. PBX s is designed to be maintained by an offsite vendor and therefore have remote access available. The remote access can be through a modem or through a LAN. Hence, disable these remote access methods to limit the susceptibility to direct remote access attacks until the vendor is notified that they need to perform maintenance or prepare an update. 8.2.12 RAS Remote Access Service (RAS) connects the client and server through a dial-up telephone connection. It is slower than cable and Digital subscriber line (DSL) connection. When a user dials into the computer system, authentication and authorisation are performed through a remote access protocols. RAS servers offer security feature such as mandatory callback. This allows server to call back to the client at a set of telephone number for the data exchange. For more information on remote access protocols refer chapter 9, Authentication and Remote Access 8.2.13 VPN VPN allows users to create a secure tunnel through an unsecured network to connect to their corporate network. In large environments, VPNs are less expensive to implement and maintain than RAS servers, because there is no incoming telephone line or modem. In addition, a higher level of security can be implemented as communications are encrypted to create a secure tunnel. 8.2.14 Intrusion Detection Systems Intrusion Detection Systems (IDS) is a device designed to monitor network or system activities for malicious activities or policy violations. They are an essential part of network security. There are two main types of IDS that are used: network-based IDS and host-based IDS. For more information on intrusion detection systems refer chapter 11, Intrusion Detection Systems 8.2.15 Network Access Control Network Access Control is a method of network security that restricts the availability of network resources to endpoint devices as defined in the security policy. There are two main competing methodologies exist: Network Access Protection (NAP) and Network Admission Control (NAC). NAP is a Microsoft technology that controls network access of a computer host whereas, NAC is Ciscos technology that controls network admission. 8.2.16 Network Monitoring or Diagnostic The computer network needs continuous monitoring or diagnostic routine to keep administrators aware of the status of the network and allow them to take corrective actions to potential problems. This can be done through monitoring software or dedicated devices located on the network. Network monitoring or diagnostic equipment that is remotely accessible uses strong password and encrypted sessions to handle security vulnerabilities. 8.2.17 Mobile Devices Mobile phones and Personal Digital Assistants (PDAs) are the latest devices used to send and receive e-mail, connect to remote network applications, browsing the Web and so on. Many of the devices have word processor and spreadsheet applications and the ability to store limited amounts of data. Since these devices can be connected to the Internet, they are remotely accessible to potential attackers. Hence, use data encryption which is available in newer mobile devices built into their OS or use third-party software. 8.3 Media Media is used for transmitting data to and from network devices. The media can be either in the form of wire, fibre or radio frequency waves. There are four common methods used to connect devices at the physical layer as follows: Coaxial Cable Twisted-pair Cable Fibre Optics Wireless Coaxial Cable Coaxial cables are used for cabling televisions, radio sets and computer networks. The cable is referred to as coaxial because both the centre wire and the braided metal shield share a common axis. It is less susceptible to interference. Today, coaxial cable is replaced by faster and cheaper twisted-pair cable. UTP/STP Twisted pair cables replaced coaxial cables in ethernet networks. Single pairs of twisted cables reduce electrical crosstalk and electromagnetic interference. Multiple groups of twisted pairs are then bundled together and easily wired between devices. Twisted pairs are of two types: Unshielded Twisted Pair (UTP) and Shielded Twisted Pair (STP). STP has a foil shield around the pairs to provide extra shielding from electromagnetic interference. Whereas, in UTP twist itself eliminates interference. Depending upon the data transmission, twisted pair cables are classified into three different categories as follows: Category 3 (Cat 3) It is used for data and voice transmission and for 10Mbps Ethernet. Category 5 (Cat 5/ Cat 5e) It is used for 100 Mbps fast ethernet. Cat 5e is an enhanced version of the Cat 5 specification to address far end crosstalk. Category 6 (Cat 6) It is used for gigabit ethernet. Fibre Fibre is a very thin piece of glass or plastic that has been stretched out and enclosed in a sheath. Fibre optic cable uses beams of laser light to connect devices. It transfers data over long distances and at higher speeds. Since it does not contain any metal part to conduct current, it is not vulnerable to electromagnetic interference. This also protects it from lightening strikes. Two major drawbacks using these cables are their high cost. Other drawback is the connection has to be optically perfect or performance will be downgraded or the cable may not work. Figure: Unguided Media Unguided media does not use any physical connector between the two devices for communication. The data transmission and reception is through the air or antenna and is referred to as wireless. The three types of wireless media are as follows: Radio waves Microwaves Infrared waves 8.4 Transmission Media Security 8.5 Removable Media Removable media is a type of storage device that can be removed from a computer while the system is running. These media introduces virus when they are attached back to the network. Theft or loss of organisation secret information stored on a media can be severe financial problem or it will effect on organisations reputation. These issues can be rectified by using security policies and software. The removable media are of three types: magnetic, optical and flash memory. Magnetic Media Magnetic media devices are hard drives, floppy disks, zip disks and magnetic tape. Each device is sensitive to external magnetic field. These devices are also affected by the high temperatures and by exposure to water. For the security concern about the critical and important organisational data, do not allow users to bring floppy disk inside the organisation, as they could contain viruses or other malicious programs. Another security policy can be applied by removing floppy disk drive from users computers. Encrypting the contents of a hard drive and tape ensures the security of data. Optical Media Optical media such as CD, DVD, blu-ray and optical jukebox hold the data in digital form. The data on the physical media is read and write by laser. Optical disks are not vulnerable to magnets hence, they are more reliable and durable than the magnetic tape. CDs are very vulnerable to being scratched. If the plastic disk from the media is scratched too much, the laser will be unable to reflect through the plastic and the data will not be readable. For security of data, do not allow personal CDs inside office premises. Only authorised users should have the access to these devices and for other users these devices should be disabled or physically removed from the computers. Electronic Media The electronic media uses integrated circuit technology to store the data hence they are more stable. Since these devices are small and portable, they can be used to store limited amounts of data when portability or reliability are key necessities. Smart cards, flash cards, memory sticks and CompactFlash devices are examples of electronic media. These devices are commonly used in digital cameras, mobile phones, MP3 player, video game consoles and so on. These devices are also used to transfer data between computers. Hence, they can easily carry the virus and worms with data. For security purpose run the antivirus software before transferring any data. 8.6 Security Topologies Multiple hardware devices are connected within a network and a key characteristics of a network is its layout or topology. Security topology is implemented in such a way that it provides the internal security and public access. For example, to place an online order the organisation will require Web servers which can be accessed by the users. Then the Web servers will require access to internal database servers and internal users will require access to different servers and Internet. 8.6.1 Security Zones Modern secure network have different layers of protection with outermost layer provides basic protection and the innermost layer provides the highest level of protection. Trade-offs between access and security are handled through zones with successive zones guarded by firewalls. The outmost zone is the Internet is guarded by the firewall. The internal secure corporate network and the Internet is an area where computers are considered at risk. This zone is called as Demilitarised Zone (DMZ). DMZ DMZ acts as a buffer zone between the Internet and organisations internal secure network. To differentiate the zones, a firewall is placed at both sides of the DMZ. The firewalls are placed in such a way that the Internet users cannot directly access the organisations secure data (Refer to Figure ). Web servers, remote access server and external e-mail servers are fall in DMZ area. Domain name servers and database servers which has organisation important data should not be accessible to the Internet users. As well as application servers, file servers and print servers of trusted network zone should be placed behind both the firewalls. The main idea behind using the DMZ topology is to force an outside user to get across DMZ before user can access information inside the trusted network zone. Internet The Internet is a worldwide connection of networks. It is used to transfer e-mail, Web pages, files, financial records between networks. It is an untrusted network as it is not possible to apply security policies. Hence a firewall should be present between organisations trusted network and the Internet. Intranet Intranet resides inside the trusted area of a network and network administrators can manage its security. Intranet Web servers contents are not available to the Internet users. The organisation data can be published to outside users with two methods as follows: 1. Information can be duplicated onto computers in the DMZ so that untrusted users can access it 2. Extranets can be used to publish data to trusted users. Extranet Extranet allows outside users such as companys partners, vendors, customers and resellers to share some of the business information with authentication and authorization. Extranet allows to access data available on the intranet mainly in the DMZ. To provide security and privacy of the information, extranet requires firewall server management or digital certificates or user authentication, encryption of messages. To protect it from unauthorised access use the VPN. VLAN Virtual LAN (VLAN) is network of computers and these computers are connected to the same broadcast domain, even though they are physically located on different location. VLAN s are configured through software hence they are more flexible. When system is physically moved to different location, without any hardware reconfiguration the system stay on the same VLAN. Increased network performance, easy manageability, less configurations and higher security is the advantages of VLAN.   Note: A broadcast domain is a network (or portion of a network) that will receive a broadcast packet from any node located within that network. NAT Network Address Translation (NAT) is developed by Cisco. It is commonly used in TCP/IP network. It works at OSI layer 3 which is network layer. It uses two sets of IP addresses, one set for internal use and other for external use.   NAT is a feature of firewalls, proxies and routing capable systems. It has ability to hide the IP address and the internal network from the Internet users. This feature of NAT reduces the risk of strangers to collect important information about the network such as structure of a network, the network layout, the names and IP address of systems, and so on. Hence, they cannot gain access of the network. NAT enables internal users within an organisation to use nonroutable IP addresses which means that these IP addresses will not be routed across the Internet. These IP address is called private IP address. The private address ranges are as follows: Class A 10.0.0.0 10.255.255.255 Class B 172.16.0.0-172.31.255.255 Class C 192.168.0.0- 192.168.255.255 After NAT configuration, external malicious users can access only the IP address of the NAT host that is directly connected to the Internet. The users are not able to access any of the internal systems that go through the NAT host to access the Internet. When NAT is used to hide internal IP addresses (Refer to Figure), it is called a NAT firewall. Internal users communicate with outside networks through the NAT device such as NAT router (Refer to Figure). This NAT router has a routing table. This table keeps track of all connection requests that have come from internal network. Each outgoing request proceeds through NAT and replaces the internal users IP address with its own IP address. This IP address then forwards to the final destination. Returned packets look up in the routing table and forward the information to the correct internal user.   8.7 Chapter Review Questions 1. Which layer of the OSI model switches operate? (A) Physical layer (C) Network layer (B) Data link layer (D) Transport layer Ans: B 2. Which layer of the OSI model router operates? (A) Physical layer (C) Network layer (B) Data link layer (D) Transport layer Ans: C 3. DSL stands for ________. (A) Domain Subscriber Line (C) Digital Specific Line (B) Domain Specific Line (D) Digital Subscriber Line Ans: D 4. What should you do to secure data on the hard drive if the drive is removed from the site? (A) Encrypt the data (C) Archive the data (B) Compress the data (D) Keep strong password to log into all computers at the site Ans: A 5. Which is the most secure cable for implementing a secure network infrastructure? (A) Coaxial cable (C) Fibre cable (B) Twisted-pair cable (D) None of these Ans: C 6. What network topology area will contain public Web servers? (A) VPN (C) Firewall (B) VLAN (D) DMZ Ans: D 7. What network topology area will contain critical servers such as private Web servers, domain controllers or SQL servers? (A) Intranet (C) Internet (B) Extranet (D) DMZ Ans: A 8. What network topology area will allow business partners, customers to access the owners intranet? (A) Intranet (C) Internet (B) Extranet (D) DMZ Ans: B 9. Network access control is associated with which of the following? (A) NAT (C) IPv6 (B) IPsec (D) NAP Ans: D 10. The purpose of twisting the cables in twisted-pair circuits is to _____. (A) reduce crosstalk (C) increase bandwidth (B) increase speed (D) None of these Ans: A 8.7.1 Answers 1. B 2. C 3. D 4. A 5. C 6. D 7. A 8. B 9. D 10. A Summary In the chapter, Infrastructure Security, you learnt about Different types network devices such as Workstations, Servers, NIC, Hubs, Bridges, Switches, Routers, Firewalls, Wireless, Modems, Telecom/PBX, RAS, VPN, IDS, Network Access Control, Network Monitoring and Diagnostic and Mobile Devices. Different types of communication media between the devices such as Coaxial Cable, UTP/STP Cable, Fibre Cable and Unguided Media. Different types of removable media such as Magnetic Media, Optical Media and Electronic Media. Different types of security topologies such as DMZ, Internet, Intranet, Extranet, VLAN and NAT.

Richard Avedon: Changing the Future Through Art Essay -- essays resear

Bright lights, flashes going off, beautiful and famous people everywhere, creative set designs, and everyone working to make the photo shoot perfect. This was the life of famous Richard Avedon. Avedon is one of the most successful photographers of the 20th Century. He is known for his fashion, advertising, exhibitions and book photographs that he has done.   Ã‚  Ã‚  Ã‚  Ã‚  Richard Avedon was born in 1923, in New York City. Avedon attended DeWitt Clinton High School in the Bronx. He never completed his high school career, and in 1942 Avedon joined the U.S. Merchant Marine Photographic Department. When he returned he joined the Design Laboratory taught at The New School by famous art teacher Alexey Brodovitch. Through this class he started to become well known for his stylistically fashion work that often took place in exotic and vivid locations. Avedon was married in 1944 to Dorcas Nowell, a model known professionally as Doe Avedon. They divorced after five years. In 1951, he married Evelyn Franklin. The pair later separated. In 1945 his photography career began.   Ã‚  Ã‚  Ã‚  Ã‚  He began his career in fashion photography in 1945 with Harper's Bazaar, switching to Vogue magazine in 1966. A retrospective exhibition of his work was mounted in 1978 at New York City's Metropolitan Museum of Art. Richard Avedon was the first staff photographer in the history of The New Yorker in 1992. Avedon’s work was a very unique and new way of photography. He was wid...

Contingency Theory of Accommodation and Advocacy

â€Å"Contingency Theory of Accommodation and Advocacy† Contingency theory of accommodation/advocacy is a more realistic depiction of public relation strategies or models based on a continuum. The contingency theory represents the organizations possible stance on a wider range of publics than an individual one fostering rigid and exclusive categorization mostly found in a limited set communication models. Basically what the theory is getting at is opening the spectrum of the public to come to a more rounded synopsis of the issue or product. Amanda Cancel, Michael Mitrook, and Glen Cameron conceptualized the theory to offer a better understanding how the public relations field manages conflict and reaches out to the public in external communication. A study was done by 18 practitioners to see if the contingency theory made any sense to them. The theory itself offers 86 possible factors in the continuum at any given time to any given public. This allows the continuum offered to depict how an organizations stance toward one given public and not the outcome of the interaction with that public. The theory focuses then on what decisions led the organization to their stance in concern with greater or lesser accommodation to that public. One of the many factors suggests that more accommodation or more advocacy will be effective in gaining departmental and organizational objectives in the short and long term. The contingency theory further goes on to say that an accommodative stance, questionably a part of a two-way symmetrical communication may not be completely ethical, in fact it could be contrary and unethical to morally repugnant publics, for those who hold some positions to be morally absolute. A position of a moral magnitude holds more so than that of any belief in the dialogic process. This also bring into view ethical charges of paternalism and the convictions of an organization that advocacy is morally superior to two–way symmetrical communication. Communication processes such as dialogue, compromise, collaboration and cooperation denote agreement, but engaging in these degrees are not always on the highest moral position. In certain cases taking a moral stance means putting the ethical principle above two-way symmetrical communication. The contingency theory attempts to structure a better understanding to dynamics of accommodation and advocacy while institute the ethical aspects of accommodation to the efficacy in public relations. This is one sample method that was used in the study of contingency. The sample test consisted of eighteen different public relation managers, ranging from middle to upper class. There are varieties of large corporations and of the practitioners represents one from around the country. The practitioners selected all represent corporations that are equally or more exposed than other organizations to positive and negative contact with the general public. This is the first reason for their selection and the second reason is related to their overall knowledge of their corporation†s history and associated culture, in comparison to a part-time practitioner†s knowledge. The research was done in three logical divisions. The first section asked the interviewee about the valid continuum between advocacy and accommodation. The second section analytically covers possible variables that could affect the corporations† stances along the continuum and conveys associated models in conflict management. The third section summarizes the study into three groups: strongly supported variables, unsupported variables and new variables. Strengths for this study are insurmountable where in the entire variable range has such a broad spectrum that all aspects are covered. The variables of the business exposure and corporate culture are the two most allied aspects to the validity of the study itself. This offers the interviewer to collectively find out what is to be done and how it to be done in public relations to further a better advocacy of knowledge to public. The weaknesses that are also relative to the variables and the amount of time it takes to expend all the collected information of the interviewees. The study seems too extensive to possess any beneficial quality for the interviewer and interviewee and the information collected will not serve any purpose to the interviewee because they already are aware of what they know. An example of contingency of accommodation was where a Florida newspaper wanted to see how the public receiving their circulation felt towards it and what should be implemented in changing any problems the public saw as a hindrance. The contingency theory is, by any means, a good way of practicing public relations. One good test would be to see how accommodating one public stance and the corporation. For example, there is a property management company that owns a larger portion of the buildings in the city. A Planned Parenthood clinic wants to renew its lease but the company faces their other buildings being boycotted by anti-abortion groups. The property company hires you to try to advocate and accommodate the issues that are of major concern of this group. Is it possible to find a balance? What type of answers does the boycott want to here and what are possible changes for this altercation? The contingency theory possesses many positive attributes on focus toward accommodation of the publics† expressed feelings. The key asset of the construction is the emphasis of mutual communication and prescriptive input towards the public. In that, keeping a wide range of possibility and precedent for organization of apparent issues. The major weakness is extreme accommodation towards one public in turn causing total disregard of issues and disproportionate conflict to another. The motive is then fixed to two-way symmetrical communication and improved stance of the model.

What Creates the Tides and Determines Their Timing

The gravitational pull of the moon and the sun creates tides on the earth. While tides are most commonly associated with oceans and large bodies of water, gravity creates tides in the atmosphere and even the lithosphere (the surface of the earth). The atmospheric tidal bulge extends far into space but the tidal bulge of the lithosphere is limited to approximately 12 inches (30 cm) twice a day. The moon, which is approximately 240,000 miles (386,240 km) from the earth, exerts a greater influence on the tides than does the sun, which sits 93 million miles (150 million km) from the earth. The strength of the suns gravity is 179 times that of the moons but the moon is responsible for 56% of the earths tidal energy while the sun claims responsibility for a mere 44% (due to the moons proximity but the suns much larger size). Due to the cyclic rotation of the earth and moon, the tidal cycle is 24 hours and 52 minutes long. During this time, any point on the earths surface experiences two high tides and two low tides. The tidal bulge that occurs during high tide in the world ocean follows the revolution of the moon, and the earth rotates eastward through the bulge once every 24 hours and 50 minutes. The water of the entire world ocean is pulled by the moons gravity. On the opposite side of the earth simultaneously there is a high tide due to the inertia of the ocean water and because the earth is being pulled toward the moon by its gravitational field yet the ocean water remains left behind. This creates a high tide on the side of the earth opposite the high tide caused by the direct pull of the moon. Points on the sides of the earth between the two tidal bulges experience low tide. The tidal cycle can begin with high tide. For 6 hours and 13 minutes after high tide, the tide recedes in what is known as ebb tide. 6 hours and 13 minutes following high tide is low tide. After low tide, the flood tide begins as the tide rises for the next 6 hours and 13 minutes until high tide occurs and the cycle begins again. Tides are most pronounced along the coastline of the oceans and in bays where tidal range (the difference in height between low tide and high tide) is increased due to the topography and other factors. The Bay of Fundy between Nova Scotia and New Brunswick in Canada experiences the worlds greatest tidal range of 50 feet (15.25 meters). This incredible range occurs two times ever 24 hours 52 minutes so every 12 hours and 26 minutes theres a single high tide and a low tide. Northwestern Australia is also home to very high tidal ranges of 35 feet (10.7 meters). Typical coastal tide range is 5 to 10 feet (1.5 to 3 meters). Large lakes also experience tides but the tidal range is often less than 2 inches (5 cm)! The Bay of Fundy tides are one of 30 locations worldwide where the power of tides can be harnessed to turn turbines to produce electricity. This requires tides greater than 16 feet (5 meters). In areas of higher than usual tides a tidal bore can often can be found. A tidal bore is a wall or wave of water that moves upstream (especially in a river) at the onset of high tide. When the sun, moon, and the earth are lined up, the sun and moon are exerting their strongest force together and tidal ranges are at their maximum. This is known as spring tide (spring tides are not named from the season but from spring forward) This occurs twice each month when the moon is full and new. In the first quarter and third quarter moon, the sun and moon are at a 45Â ° angle to each other and their gravitational energy is diminished. The lower than the normal tidal range that takes place at these times are called neap tides. Additionally, when the sun and moon are at perigee and are as close to the earth as they get, they exert a greater gravitational influence and produce greater tidal ranges. Alternatively, when the sun and moon as far as they get from the earth, known as apogee, tidal ranges are smaller. The knowledge of the height of tides, both low and high, is vital for many functions, including navigation, fishing, and the construction of coastal facilities.