Chapter 5

transcript

Creating the Network Design

Designing and Supporting Computer Networks – Chapter 5

Objectives Analyze business goals and application requirements

to determine what factors affect the network design

Utilize the hierarchical design model to develop a cost-effective network design that matches the organization’s requirements

Select the appropriate WAN connectivity option to meet the organization’s requirements

Incorporate wireless connectivity into the LAN design, based on the results of the wireless survey

Incorporate security into the LAN/WAN design, including placement of firewalls, IDS, and ACLs

Analyze Business Goals and Application Requirements

List business goals that must be met by the new design

Decide which design elements must be present in the final design

Explore alternatives to constraints

Make trade-offs

Strategies for scalability:

Access Layer modules

Expandable, modular equipment

Broadcast limitation

Multiple links

Localized VLANs

Availability requirements:

Affordable implementation, maximum protection from failure

Availability for e-commerce

Security monitoring system

IP telephone system

Performance requirements:

Transaction-processing

Video distribution and monitoring

IP telephone voice quality

Security requirements:

Use of firewalls

Intrusion prevention systems

Endpoint security

Design trade-offs:

Accommodate business goals

Eliminate or complicate other improvements

Utilize the Hierarchical Design Model to Develop a Cost-Effective Network Design

Access Layer requirements:

Connectivity for existing devices and new devices

VLANs to separate voice, security, wireless, and normal data services

Redundancy

Capabilities of existing technology

Limitations of existing equipment

Power requirements

Distribution layer requirements:

Redundant components and links

High-density routing

Traffic filtering

QoS implementation

High-bandwidth connectivity

Fast convergence

Route summarization

Core Layer requirements:

High-speed connectivity

Routed interconnections

High-speed redundant links

Create the logical LAN diagram, including the locations of servers and services

Select the Appropriate WAN Connectivity Option

Determine WAN services needed for remote sites

Select the appropriate WAN connectivity method and identify the equipment required to support it

Backing up the Frame Relay link

Supporting remote workers

Evaluate IP addressing and routing methodologies for WAN traffic based on company requirements

Incorporate Wireless Connectivity into the LAN Design

Identify the appropriate wireless equipment and capabilities to meet specific design requirements

Integrating wired and wireless solutions:

Lightweight Access Points (LAPs)

Wireless LAN controllers

Factors influencing availability in a wireless network:

Location of the AP

Signal strength of the AP

Number of users

Dynamic reconfiguration

Centralization

Create an IP address scheme for a wireless LAN:

Layer 3 roaming

Incorporate Security into the LAN/WAN Design

Determine the source and nature of potential threats

Draw a diagram of the placement of security functions and filters

Primary categories of security services:

Infrastructure protection

Secure connectivity

Threat detection, defense, and mitigation

Design and implement the appropriate access filters to meet a specific network security requirement:

Firewall rule sets

Access control lists

Include access control lists and firewall rules in the design documentation:

Provide evidence that the security policy is implemented

Ensure that when changes are made, existing rules are known

Assist in troubleshooting

Summary For each business goal, the designer determines what

network changes are necessary.

Converged networks carry a combination of data, voice, and video traffic.

Designing WAN connectivity requires evaluation of the telecommunications services available in the customer’s area.

Unified wireless network solutions offer advanced features.

The network designer must identify which data is at risk and what the potential sources of attacks are.

Chapter 5

Education