© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter 5

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 2 Objectives  Analyze business goals and application requirements to determine what factors affect the network design  Utilize the hierarchical design model to develop a cost-effective network design that matches the organization’s requirements  Select the appropriate WAN connectivity option to meet the organization’s requirements  Incorporate wireless connectivity into the LAN design, based on the results of the wireless survey  Incorporate security into the LAN/WAN design, including placement of firewalls, IDS, and ACLs

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 3 Analyze Business Goals and Application Requirements  List business goals that must be met by the new design  Decide which design elements must be present in the final design  Explore alternatives to constraints  Make trade-offs

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 4 Analyze Business Goals and Application Requirements Strategies for scalability:  Access Layer modules  Expandable, modular equipment  Broadcast limitation  Multiple links  Localized VLANs

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 5 Analyze Business Goals and Application Requirements Availability requirements:  Affordable implementation, maximum protection from failure  Availability for e-commerce  Security monitoring system  IP telephone system

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 6 Analyze Business Goals and Application Requirements Performance requirements:  Transaction-processing  Video distribution and monitoring  IP telephone voice quality

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 7 Analyze Business Goals and Application Requirements Security requirements:  Use of firewalls  VPNs  Intrusion prevention systems  Endpoint security

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 8 Analyze Business Goals and Application Requirements Design trade-offs:  Accommodate business goals  Eliminate or complicate other improvements

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 9 Utilize the Hierarchical Design Model to Develop a Cost-Effective Network Design Access Layer requirements:  Connectivity for existing devices and new devices  VLANs to separate voice, security, wireless, and normal data services  Redundancy  QoS

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 10 Utilize the Hierarchical Design Model to Develop a Cost-Effective Network Design  Capabilities of existing technology  Limitations of existing equipment  Power requirements

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 11 Utilize the Hierarchical Design Model to Develop a Cost-Effective Network Design Distribution layer requirements:  Redundant components and links  High-density routing  Traffic filtering  QoS implementation  High-bandwidth connectivity  Fast convergence  Route summarization

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 12 Utilize the Hierarchical Design Model to Develop a Cost-Effective Network Design Core Layer requirements:  High-speed connectivity  Routed interconnections  High-speed redundant links

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 13 Utilize the Hierarchical Design Model to Develop a Cost-Effective Network Design  Create the logical LAN diagram, including the locations of servers and services

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 14 Select the Appropriate WAN Connectivity Option  Determine WAN services needed for remote sites

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 15 Select the Appropriate WAN Connectivity Option  Select the appropriate WAN connectivity method and identify the equipment required to support it

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 16 Select the Appropriate WAN Connectivity Option  Backing up the Frame Relay link  Supporting remote workers

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 17 Select the Appropriate WAN Connectivity Option  Evaluate IP addressing and routing methodologies for WAN traffic based on company requirements

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 18 Incorporate Wireless Connectivity into the LAN Design  Identify the appropriate wireless equipment and capabilities to meet specific design requirements

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 19 Incorporate Wireless Connectivity into the LAN Design Integrating wired and wireless solutions:  Lightweight Access Points (LAPs)  Wireless LAN controllers

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 20 Incorporate Wireless Connectivity into the LAN Design Factors influencing availability in a wireless network:  Location of the AP  Signal strength of the AP  Number of users  Dynamic reconfiguration  Centralization

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 21 Incorporate Wireless Connectivity into the LAN Design Create an IP address scheme for a wireless LAN:  Layer 3 roaming

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 22 Incorporate Security into the LAN/WAN Design  Determine the source and nature of potential threats  Draw a diagram of the placement of security functions and filters

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 23 Primary categories of security services:  Infrastructure protection  Secure connectivity  Threat detection, defense, and mitigation Incorporate Security into the LAN/WAN Design

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 24 Incorporate Security into the LAN/WAN Design Design and implement the appropriate access filters to meet a specific network security requirement:  Firewall rule sets  Access control lists

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 25 Incorporate Security into the LAN/WAN Design Include access control lists and firewall rules in the design documentation:  Provide evidence that the security policy is implemented  Ensure that when changes are made, existing rules are known  Assist in troubleshooting

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 26 Summary  For each business goal, the designer determines what network changes are necessary.  Converged networks carry a combination of data, voice, and video traffic.  Designing WAN connectivity requires evaluation of the telecommunications services available in the customer’s area.  Unified wireless network solutions offer advanced features.  The network designer must identify which data is at risk and what the potential sources of attacks are.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 27