You are previewing CCDP Self-Study: Designing Cisco Network Architectures (ARCH).
O'Reilly logo
CCDP Self-Study: Designing Cisco Network Architectures (ARCH)

Book Description

A new edition of this title is available, ISBN-10: 1587055740 ISBN-13: 9781587055744

Cisco authorized self-study book for CCDP® 642-871 architectures foundation learning

Prepare for the CCDP ARCH exam 642-871 with the Cisco authorized self-study guide. This book teaches you how to:

  • Understand the composition and deployment of the Cisco AVVID framework in network design

  • Understand the composition and role of the Enterprise Composite Network Model in enterprise network design

  • Design enterprise campus networks and their edge network connectivity to the Internet

  • Understand and implement network management solutions in the network

  • Integrate new technologies designed to enhance network performance and availability in the enterprise, such as high availability, QoS, multicasting, and storage and content networking

  • Design and implement appropriate security solutions for enterprise networks

  • Deploy wireless technologies within the enterprise

  • Implement and design IP telephony solutions for the enterprise network

  • CCDP Self-Study: Designing Cisco Network Architectures (ARCH) is a Cisco® authorized self-paced learning tool. By presenting a structured format for the conceptual and intermediate design of AVVID network infrastructures, this book teaches you how to design solutions that scale from small to large enterprise networks and take advantage of the latest technologies. Whether you are preparing for the CCDP® certification or simply want to gain a better understanding of how to architect network solutions over intelligent network services to achieve effective performance, scalability, and availability, you will benefit from the foundation information presented in this book.

    This comprehensive book provides detailed information and easy-to-grasp tutorials on a broad range of topics related to architecture and design, including security, fine-tuning routing protocols, switching structures, and IP multicasting. To keep pace with the Cisco technological developments and new product offerings, this study guide includes coverage of wireless networking, the SAFE Blueprint, content networking, storage networking, quality of service (QoS), IP telephony, network management, and high availability networks. Design examples and sample verification output demonstrate implementation techniques. Configuration exercises, which appear in every chapter, provide a practical review of key concepts to discuss critical issues surrounding network operation. Chapter-ending review questions illustrate and help solidify the concepts presented in this book.

    CCDP Self-Study: Designing Cisco Network Architectures (ARCH) is part of a recommended learning path from Cisco Systems® that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining.

    This volume is in the Certification Self-Study Series offered by Cisco Press®. Books in this series provide officially developed training solutions to help networking professionals understand technology implementations and prepare for the Cisco Career Certifications examinations.

    Table of Contents

    1. Copyright
      1. Dedications
    2. About the Authors
      1. About the Technical Reviewers
    3. Acknowledgments
    4. Icons Used in This Book
    5. Command Syntax Conventions
    6. Foreword
    7. Introduction
      1. Goals of This Book
      2. Who Should Read This Book
      3. How This Book Is Organized
    8. 1. Introducing Cisco Network Service Architectures
      1. Primary Concerns of Network Deployment
        1. Performance
        2. Scalability
        3. Availability
      2. Cisco AVVID Framework
        1. Cisco AVVID Common Network Infrastructure
        2. Cisco AVVID Intelligent Network Services
        3. Cisco AVVID Network Solutions
      3. Enterprise Composite Network Model
        1. Enterprise Campus Functional Area
          1. Campus Infrastructure Module
          2. Network Management Module
          3. Server Farm Module
          4. Edge Distribution Module
          5. Effects of the Enterprise Campus Functional Area on the Enterprise Network
        2. Enterprise Edge Functional Area
          1. E-Commerce Module
          2. Internet Connectivity Module
          3. Remote Access and VPN Module
          4. WAN Module
          5. Effects of the Enterprise Edge Functional Area on the Enterprise Network
        3. Service Provider Edge Functional Area
      4. Summary
      5. References
      6. Product Summary
      7. Review Questions
    9. 2. Designing Enterprise Campus Networks
      1. Enterprise Network Design Methodology
        1. Campus Design Within the Enterprise Composite Network Model
        2. Typical Requirements for an Enterprise Campus Network
        3. Enterprise Campus Design Methodology
        4. Analyzing Network Traffic Patterns
      2. Designing the Campus Infrastructure
        1. Designing the Logical Campus Network
          1. One VLAN Per Switch
          2. Unique VLANs Per Switch
          3. VLANs Spanning Multiple Access Switches
        2. Designing the Physical Campus Network
          1. Selecting Transmission Media and Data-Link Protocols
          2. Selecting a Physical Network Segmentation Strategy
          3. Selecting and Implementing Spanning Tree Protocol
        3. Selecting Data Link or Multilayer Switching Solutions
          1. Small Campus Network
          2. Medium Campus Network
          3. Multilayer Switched Campus Backbone
        4. Selecting Cisco Hardware and Software
        5. Identifying an IP Addressing Strategy
        6. Selecting Routing Protocols
          1. Static Versus Dynamic Routing
          2. RIP and RIPv2
          3. IGRP
          4. EIGRP
          5. OSPF
          6. IS-IS
        7. Selecting Areas for Networks
        8. Enterprise Campus Design Examples
          1. Small Enterprise Design Example
          2. Medium Enterprise Design Example
          3. Large Enterprise Design Example
      3. Designing the Server Farm
        1. Design Objectives for the Server Farm
        2. Server Farm Infrastructure Architecture
        3. Designing the Server Farm for Scalability
        4. Considerations for Server Farm Security and Manageability
      4. Summary
      5. References
      6. Product Summary
      7. Standards and Specifications Summary
      8. Review Questions
      9. Case Study: OCSIC Bottling Company
        1. Background
        2. Business Goals of OCSIC
        3. Headquarters Location, Network, and Applications
        4. North American Plants and Their Applications
        5. Networking Strategies and Goals
        6. Proposed Headquarters Campus Network Solution
        7. Proposed Headquarters Server Farm Solution
        8. Proposed North American Plan Model
    10. 3. Designing Enterprise Edge Connectivity
      1. Reviewing the Enterprise Edge Network Design Methodology
        1. Enterprise Edge Design
        2. Typical Requirements for the Enterprise Edge
        3. Enterprise Edge Design Methodology
        4. Analyzing Network Traffic Patterns
      2. Designing the Classic WAN Module
        1. Enterprise Needs for the WAN
        2. Selecting the WAN Topology
          1. Branch Office WAN
          2. Regional Office WAN
          3. Enterprise WAN Backbone
        3. Selecting a Service Provider
        4. Selecting the Data-Link Layer
        5. Selecting the Physical Layer
        6. Selecting WAN Features
        7. Selecting Cisco Edge Routing Solutions
        8. Routing Protocol and IP Addressing Considerations
        9. An Enterprise WAN Design Example
      3. Designing the Remote Access Module
        1. Enterprise Needs for Remote Access
        2. Selecting the Remote Access Type and Termination
        3. Selecting the Remote Access Physical Connectivity
        4. Selecting the Remote Access Protocol
        5. Selecting Cisco Access Routing Solutions
          1. Sizing the Central Site Remote Access Connection
        6. An Enterprise Remote Access Design Example
      4. Designing the Internet Connectivity Module
        1. Enterprise Requirements for the Internet
        2. Using NAT at the Enterprise Edge
        3. Designing ISP Connectivity Solutions
        4. Internet Connectivity Design Example
      5. Summary
      6. References
      7. Product Summary
      8. Standards and Specifications Summary
      9. Review Questions
      10. Case Study: OCSIC Bottling Company
        1. North American Plant Headquarters WAN
        2. Remote Access and Internet Connectivity Requirements
        3. International Manufacturing, Distribution, and Sales Plants
        4. International Plant Networks and Applications
        5. WAN Module Design
        6. Remote Access Design
        7. Internet Connectivity Module Design
    11. 4. Designing Network Management Services
      1. Developing an Enterprise Network Management Strategy
        1. Functional Areas of Network Management
          1. FCAPS
        2. Network Management Policies and Procedures
          1. Policies
          2. Procedures
        3. Network Management Methods
          1. Reactive—Event Driven
          2. Proactive—Polling and Event Driven
        4. Network Management Strategy Process
        5. Network Management Module Functions
        6. Cisco Network Management Strategy
      2. CiscoWorks
        1. CiscoWorks Common Management Foundation
        2. CiscoWorks LAN Management Solution
          1. Best Practices for Managing the LAN Using LMS
        3. CiscoWorks Routed WAN Management Solution
          1. Best Practices for Managing the WAN Using RWAN
      3. Designing the Network Management Architecture
        1. Network Management Design Considerations
          1. Network Management Infrastructure Considerations
          2. Network Management Data Collection and Management Considerations
          3. Network Management Station Sizing Considerations
          4. System Management Resource Considerations
        2. Network Management Deployment Recommendations
          1. Single Server Deployment
          2. Multiserver, Split Applications—Single Management Domain
          3. Multiple Management Domains
          4. Centralized WAN Management with LAN Management
          5. Key Questions to Consider
          6. Availability Manager Issues
      4. Network Management Design Scenarios
        1. Small Site Network Management Design Scenario
        2. Medium Site Network Management Design Scenario
        3. Large Site Network Management Design Scenario
      5. Summary
      6. References
      7. Product Summary
      8. Standards and Specification Summary
      9. Review Questions
      10. Case Study: OCSIC Bottling Company
    12. 5. Designing High-Availability Services
      1. High-Availability Features and Options
        1. Network Requirements for High Availability
        2. Cisco IOS High-Availability Architecture
        3. Fault Tolerance and Hardware Redundancy
          1. Using Fault-Tolerant Devices
          2. Providing Redundancy in the Network Topology
          3. Route Processor Redundancy
          4. Network Interface Card Redundancy
        4. Options for Layer 3 Redundancy
        5. Redundancy and Spanning Tree Protocol
          1. PortFast and UplinkFast
      2. Designing High-Availability Enterprise Networks
        1. Design Guidelines for High Availability
          1. Redundancy Options
          2. Software Features and Protocol Attributes
          3. Carrier and Circuit Types
          4. Power Availability
          5. High-Availability Design Goals and Conclusions
        2. Best Practices for High-Availability Network Design
        3. Enterprise Campus Design Guidelines for High Availability
        4. Enterprise Edge Design Guidelines for High Availability
        5. High-Availability Design Example
      3. Summary
      4. Reference
      5. Product Summary
      6. Standards and Specifications Summary
      7. Review Questions
      8. Case Study: OCSIC Bottling Company
        1. High-Availability Design for the Campus Infrastructure Module
        2. High-Availability Strategy for the Server Farm Module
        3. High-Availability Strategy for the WAN Module
        4. High-Availability Strategy for the Remote Access Module
        5. High-Availability Strategy for the Internet Connectivity Module
        6. Revised Network Diagrams
    13. 6. Designing Security Services
      1. Evaluating Network Security Policies
        1. Network Vulnerabilities
        2. Defining a Security Policy
        3. Network Security as a Process
          1. Securing the Network
          2. Monitoring Security
          3. Testing Security
          4. Improving Security
        4. Risk Assessment and Management
      2. Reviewing Cisco Security Solutions
        1. Key Elements of Network Security
        2. Network Security Attack Types and Their Solutions
          1. Packet Sniffers
          2. IP Spoofing
          3. DoS Attacks
          4. Password Attacks
          5. Man-in-the-Middle Attacks
          6. Application Layer Attacks
          7. Network Reconnaissance
          8. Trust Exploitation
          9. Port Redirection Attacks
          10. Unauthorized Access Attacks
          11. Viruses and Trojan Horses
        3. Firewall Design Options
          1. Implementing a Perimeter LAN
          2. Firewall Filtering Rules
          3. Perimeter Security: PIX Firewall
          4. Perimeter Security: IOS Firewall
        4. Intrusion Detection System Design Options
          1. IDS Operation
          2. IDS Deployment
        5. Authentication, Authorization, and Accounting
          1. RADIUS
          2. TACACS+
          3. Kerberos
          4. Public Key Infrastructure
        6. IP Security
          1. Internet Key Exchange
          2. Authentication Header
          3. Encapsulating Security Payload
        7. Device Security Options
          1. Routers
          2. Switches
          3. Hosts
          4. Network-Wide
          5. Applications
      3. Implementing Network Security Using the Cisco SAFE Security Blueprints
        1. Introduction to Cisco SAFE Architecture
        2. SAFE Security Strategies for Small Networks
          1. Small Network Internet Connectivity Module
          2. Small Network Campus Infrastructure Module
        3. SAFE Security Strategies for Medium Networks
          1. Medium Network Internet Connectivity
          2. Medium Network Campus Infrastructure Module
          3. Medium Network WAN Module
        4. SAFE Security Strategies for Large Networks
          1. Campus Infrastructure Module
          2. Secure Network Management Module
          3. Secure Server Farm Module
          4. Secure Edge Distribution Module
        5. SAFE Security Strategies for the Enterprise Edge
          1. E-commerce Module
          2. Internet Connectivity Module
          3. Remote Access and VPN Module
          4. WAN Module Features
      4. Summary
      5. References
      6. Product Summary
      7. Standards and Specification Summary
      8. Review Questions
      9. Case Study: OCSIC Bottling Company
    14. 7. Designing QoS
      1. Identifying QoS Mechanisms
        1. Enterprise Network Requirements for QoS
          1. Delay
          2. Delay Variation
          3. Packet Loss
          4. QoS-Enabled Network
        2. QoS Architectures
          1. IntServ
          2. DiffServ
        3. QoS Service Levels
        4. Classification and Marking
        5. Congestion Avoidance
        6. Congestion Management
        7. Traffic Conditioning
          1. CAR: Managing Access Bandwidth Policy and Performing Policing
          2. Traffic Shaping: Controlling Outbound Traffic Flow
        8. Signaling
        9. Link-Efficiency Mechanisms
          1. LFI
          2. cRTP and dcRTP
        10. Summary of Key Cisco IOS Software QoS Categories and Features
      2. Designing QoS for Enterprise Networks
        1. QoS Design Guidelines
          1. QoS Design Guidelines for Data
          2. QoS Design Guidelines for Voice
          3. QoS Design Guidelines for Video Conferencing
        2. Designing QoS for the Enterprise Network
        3. Example: QoS Solution
      3. Summary
      4. Reference
      5. Product Summary
      6. Standards and Specifications Summary
      7. Review Questions
      8. Case Study: OCSIC Bottling Company
        1. QoS Design for the Site-to-Site WAN
        2. QoS Design for the Campus Infrastructure Module
    15. 8. Designing IP Multicast Services
      1. Examining IP Multicast Services
        1. IP Multicast Basics
        2. IP Multicast Data-Delivery Principles
        3. Multicast Forwarding
        4. IP Multicast Group Membership and Distribution Trees
          1. Source Trees
          2. Shared Trees
          3. Comparison of Source Trees and Shared Trees
        5. Protocol Independent Multicast
          1. PIM Dense Mode
          2. PIM Sparse Mode
            1. PIM-SM Source Registration
            2. PIM-SM SPT Switchover
          3. Sparse Mode, Dense Mode, and Sparse-Dense Mode
        6. IP Multicast Control Mechanisms
          1. IGMP
          2. CGMP and IGMP Snooping
      2. Designing IP Multicast Solutions for Enterprise Networks
        1. IP Multicast Design Considerations for an Enterprise Campus
        2. Designing IP Multicast for a Small Campus
        3. Designing IP Multicast for a Large Enterprise Campus
        4. Designing IP Multicast Over a WAN
      3. Summary
      4. References
      5. Product Summary
      6. Standards and Specifications Summary
      7. Review Questions
      8. Case Study: OCSIC Bottling Company
        1. IP Multicast Design for OCSIC's New Application
    16. 9. Designing Virtual Private Networks
      1. VPN Technologies
        1. Enterprise VPN Requirements
        2. VPN Tunneling
        3. VPN Security
          1. IPSec
          2. User Authentication
          3. Encryption
        4. VPN Termination
          1. VPN Concentrators
          2. VPN Client Software
        5. VPN Management
          1. VPN Management Considerations
          2. CiscoWorks VPN/Security Management Solution
      2. Designing Site-to-Site VPNs
        1. Site-to-Site VPN Requirements
        2. Key Design Considerations for Site-to-Site VPNs
          1. Hub-and-Spoke VPN Topologies
          2. Simple Full-Mesh VPN Topology
          3. Hierarchical VPN Topology
        3. High-Availability and Resiliency Considerations
        4. Using a Routing Protocol Over the VPN
        5. Minimizing Packet Fragmentation
        6. Implementing IPSec
        7. Site-to-Site VPN Examples
          1. Example: Small Site-to-Site VPN
          2. Small Site-to-Site VPN Solution
          3. Example: Large Site-to-Site VPN
          4. Large Site-to-Site VPN Solution
      3. Designing Remote-Access VPNs
        1. Remote-Access VPN Requirements
        2. Remote-Access VPN Design Considerations
        3. Broadband Access Design Considerations
        4. Capacity Planning for Remote-Access VPNs
        5. NAT Issues
          1. One-to-One Translation
          2. Many-to-One Translation
          3. NAT Traversal
          4. VPN Split-Tunnel Communication
        6. Remote-Access VPN Examples
          1. Example: Small Remote-Access VPN
          2. Small Remote-Access VPN Solution
          3. Example: Large Remote-Access VPN
          4. Large Remote-Access VPN Solution
      4. Summary
      5. References
      6. Product Summary
      7. Standards and Specification Summary
      8. Review Questions
      9. Case Study: OCSIC Bottling Company
        1. Site-to-Site VPN Solution
        2. Remote-Access VPN Solution
        3. Revised Network Diagrams
    17. 10. Designing Enterprise Wireless Networks
      1. Reviewing the Wireless LAN Solution
        1. Emerging Wireless Enterprise Network Needs
        2. Wireless Communication Architecture
          1. Access Point Coverage
          2. Cell Distribution
        3. 802.11 Standards
        4. Cisco Wireless Solutions
          1. Access Points and Client Adapters
          2. Workgroup Bridges
          3. Wireless Bridges
          4. Antennas
      2. Designing WLANs for Enhanced Enterprise Communications
        1. Enterprise WLAN Design Considerations
          1. WLAN Data Rates
          2. Client Density and Throughput
          3. WLAN Coverage
          4. RF Environment
          5. Channel Selection
          6. Access-Point Placement and Number
          7. Inline Power
          8. VLANs
          9. IP Addressing
          10. Infrastructure Availability
          11. Back-End System Availability
          12. Access-Point Hot Standby Redundancy
          13. Roaming
          14. Multicast
          15. QoS
            1. Voice over IP
            2. Access-Point Filters
            3. Proprietary QoS for 802.11 Phones
        2. WLAN Security Design Considerations
          1. WLAN Security Extension—EAP
          2. WLAN LAN Extension—IPSec
          3. WLAN Static WEP
          4. Security Extension Comparison
        3. Cisco EAP
          1. Attack Mitigation Using EAP Authentication
          2. Attack Mitigation Using IPSec
        4. Small Office WLAN Design Model
        5. Enterprise WLAN Design Model
          1. Example: Enterprise WLAN Site Design
          2. Example: Enterprise WLAN Remote Office Design
        6. Remote-Access and Telecommuter WLAN Design Models
      3. Summary
      4. References
      5. Product Summary
      6. Standards and Specification Summary
      7. Review Questions
      8. Case Study: OCSIC Bottling Company
    18. 11. Designing IP Telephony Solutions
      1. Reviewing the Cisco IP Telephony Solution
        1. Introducing the Cisco IP Telephony Solution
        2. Cisco CallManager
        3. Gateways and Control Protocols
        4. Transcoders and Conferencing
          1. Hardware Support
          2. Unicast Conference Bridge
        5. Cisco IP Telephony Applications
      2. Designing a Network for Cisco IP Telephony
        1. Cisco CallManager Cluster Design Considerations
          1. Cluster Deployment Guidelines
          2. Cluster Design
        2. Designing Single-Site IP Telephony Solutions
          1. Example: Single-Site
          2. Single-Site Solution
            1. Cisco CallManager and Call Admission Control
            2. Voice Mail Integration
            3. Gateway Integration
        3. Designing Multisite with Centralized Call Processing IP Telephony Solutions
        4. Designing Multisite with Distributed Call Processing IP Telephony Solutions
          1. Example: Distributed Call Processing
          2. Distributed Call Processing Solution
            1. Gateways
            2. Cisco CallManager
            3. Voice Mail
            4. Media Resources
            5. Fax and Modem Support
        5. Clustering over the IP WAN
          1. Local Failover
            1. Cisco CallManager Provisioning
            2. Gateways
            3. Voice Mail
            4. Music on Hold
          2. Remote Failover
            1. Cisco CallManager Provisioning
            2. Gateways
            3. Voice Mail
            4. Music on Hold
        6. Network Infrastructure Design Considerations
          1. Layer 2 Voice Transport
          2. VoIP over Leased Lines
          3. Voice over Frame Relay
          4. Voice over ATM
          5. Network Bandwidth Provisioning
          6. Provisioning for Voice Bearer Traffic
          7. Provisioning for Call Control Traffic
          8. Traffic Engineering
          9. Dial Plan Design Considerations
        7. Intelligent Network Services for IP Telephony and Voice
          1. IP Telephony Network Management Tools
          2. High Availability
          3. Voice Security
          4. QoS Design Considerations
      3. Summary
      4. References
      5. Product Summary
      6. Standards and Specification Summary
      7. Review Questions
      8. Case Study: OCSIC Bottling Company
    19. 12. Designing Content Networking Solutions
      1. Reviewing the Content Networking Solution
        1. Enterprise Content Networking Requirements
        2. Content Networking Architecture
        3. Content Caching
          1. Transparent Caching Deployment
          2. Proxy Caching Deployment
          3. Reverse Proxy Caching Deployment
        4. Content Switching
        5. Content Routing
          1. Direct Mode Content Routing
          2. WCCP Mode Content Routing
        6. Content Distribution and Management
        7. Intelligent Network Services Integration
      2. Designing Content Networking Solutions
        1. Content Networking Design Considerations
        2. Content Networking Solutions for Web Content Delivery
          1. Example: Web Content Delivery
          2. Web Content Delivery Solution
        3. Content Networking Solutions for E-Commerce
          1. Example: E-Commerce
          2. E-Commerce Solution
        4. Content Networking Solutions for Streaming Media
          1. Example: Streaming Media
          2. Streaming Media Solution
      3. Summary
      4. References
      5. Product Summary
      6. Standards and Specification Summary
      7. Review Questions
      8. Case Study: OCSIC Bottling Company
    20. 13. Designing Storage Networking Solutions
      1. Reviewing the Cisco Storage Networking Solution
        1. Enterprise Needs for Storage Networking
          1. Storage Consolidation
          2. Business Continuance and Backup
        2. Cisco Storage Networking Architecture
        3. Network Storage Models
          1. SANs
          2. Network-Attached Storage
        4. Network Technology Enablers for Storage Networks
          1. iSCSI
          2. FCIP
        5. Intelligent Network Services for Storage Networking
      2. Designing a Storage Networking Architecture with IP Access
        1. Designing a Storage Networking Architecture
        2. IP Access to Storage
          1. Example: IP Access to Storage
          2. IP Access to Storage Solution
        3. Storage over WAN
          1. Example: Storage over WAN
          2. Storage over WAN Solution
          3. Example: Storage over Optical Metro
          4. Storage over Optical Metro Solution
        4. Network-Attached Storage Model
          1. Example: Network-Attached Storage
          2. Network-Attached Storage Solution
      3. Summary
      4. References
      5. Product Summary
      6. Standards and Specification Summary
      7. Review Questions
      8. Case Study: OCSIC Bottling Company
    21. A. Answers to Review Questions
      1. Chapter 1
      2. Chapter 2
      3. Chapter 3
      4. Chapter 4
      5. Chapter 5
      6. Chapter 6
      7. Chapter 7
      8. Chapter 8
      9. Chapter 9
      10. Chapter 10
      11. Chapter 11
      12. Chapter 12
      13. Chapter 13
    22. Glossary