Cisco Enterprise Network Architecture
In this article we will discuss the overview of enterprise campus design and also learn Cisco enterprise composite network model. In campus design we may have the multiple building and we have to deal with layer-3 and layer-2 switching in access and distribution to build a switching topology. Cisco enterprise composite network model divide our network into following layer that are:
- Enterprise Campus
- Enterprise Edge
- Service Provider Edge
In Enterprise campus we design the building and campus network, here we need to define all the device and media that we would like to use. At enterprise campus network we have access network contain the end devices like PCs and laptop. You should need to build your access network in such a way that it can be expandable and scalable enough for fulfilling your future needs.
Enterprise Campus Modules
The enterprise campus consists of the following sub-modules:
- Campus core
- Building access
- Building distribution
- Server farm/data center
The campus core provides a high-speed switched backbone between buildings, to the server farm and towards the enterprise edge. This segment consists of redundant and fast-convergence connectivity.
At Building access you can create and use the shared network with layer-2 switching according to your requirement. STP and VLAN management is very important in Cisco layer-2 networking. So the network engineer that is designing the network must have the deep understanding of STP and VLAN, Cisco recommend to have a CCNP for this task. Access network is connected to distribution layer.
The building distribution layer aggregates all the closet access switches and performs access control, QoS, route redundancy, and load balancing. Building distribution has running layer-3 and layer-2 switching and at the campus core it is better to have layer-3 switching for fast distribution of data. Physical media that we can use here is UTP/STP and fiber optical cable this is already cover in previous post you can visit: Switch network design.
The server farm or data center provides different services, high-speed access and high availability (redundancy) to the servers and clients. File and print servers, application servers, exchange server, DHCP, and DNS servers are placed in the server farm.
At enterprise edge we can placed our servers which can provide different service to enterprise campus for example e-commerce, web server and server with unified communication. Also we have different routers and switches like ATM, MPLS, DSL and internet routers which provide an interface to our campus network for communication with ISP network. Enterprise edge is important layer for a network, for better performance and management you need to implement proper security and traffic engineering and other load balancing techniques. At Enterprise layer you need a proper plan and to have a design which has high availability. The enterprise edge consists of the following sub-modules:
- E-commerce networks and servers
- Internet connectivity and demilitarized zone (DMZ)
- VPN and remote access
- Enterprise WAN
E-Commerce Module: includes the components like Web and application servers, database servers, firewall, IPS and Multilayer switch with IPS modules.
Internet connectivity and demilitarized zone (DMZ) provide the access to public or internet resources and includes the devices like DNS servers, Internet edge routers, FTP and HTTP servers.
VPN/Remote Access: The VPN/remote access module of the enterprise edge provides remote-access to remote sites, including authentication for remote users and sites. VPN access includes the Components like firewalls, ASA and IPS.
Enterprise WAN: The enterprise edge of the enterprise WAN includes access to WANs. WAN technologies include the following:
- Leased lines
- SONET and SDH
- Frame Relay
- Multiprotocol Label Switching (MPLS)
- Metro Ethernet
- Digital subscriber line (DSL)
Service Provider Edge:
Enterprise Edge is providing the services to enterprise campus which includes access and distribution network from service provider Edge. Service provides Edge is basically from the access to WAN and provide you the access to internet services through ISPs. Enterprises use ISPs to acquire network services. ISPs offer enterprises access to the Internet. ISPs can route the enterprise’s networks to their network and to upstream and peer Internet providers. Some ISPs can provide Internet services with DSL access.
Service provider Edge has the following components
- Internet services
- PSTN services
- WAN services
For voice services, PSTN providers offer access to the global public voice network. For the enterprise network, the PSTN lets dialup users access the enterprise via analog or cellular wireless technologies. It is also used for WAN backup using ISDN services.