This document discusses network topology design principles, specifically hierarchical network design. It describes a typical three-layer hierarchical model with core, distribution, and access layers. Each layer has specific functions, with the core optimized for performance and availability, distribution implementing policy, and access connecting users. Hierarchical design is recommended over flat or mesh designs for scalability, modularity, and ease of management. Guidelines are provided for designing each layer and ensuring redundancy.
IPv4 (Internet Protocol Version 4). This silde will give u all information about IPv4.
Hope so you like it Freinds.
and
Sorry if i can fulfill ur wish in the given IPv4 Presentation.
IPv4 (Internet Protocol Version 4). This silde will give u all information about IPv4.
Hope so you like it Freinds.
and
Sorry if i can fulfill ur wish in the given IPv4 Presentation.
Emergent Carbon Issues Technologies and Future.pptxRevolverRaja2
Emergent Carbon Issues Technologies and Future: It mainly focus on the issues that will emerge by adopting green computing for reducing carbon footprint in business model.
These slides cover a topic on ISDN (Integrated Services Digital Network) in Data Communication. All the slides are explained in a very simple manner. It is useful for engineering students & also for the candidates who want to master data communication & computer networking.
Wireless phone standards have a life of their own. You can tell, because they are spoken of reverently in terms of generations. There's Great-Granddad, whose pioneering story pre-dates cellular; Grandma and Grandpa 1G, or analog cellular, Mom and Dad 2G, or digital cellular; 3G wireless, 4G, 5G and so on. This is a survey report PPT on these technology.
CR : smart radio that has the ability to sense the external environment, learn from the history and make intelligent decisions to adjust its transmission parameters according
to the current state of the environment.
Analyze the Customer Requirements
Characterize the Existing Network and Sites
Design the Network Topology and Solutions
Design a Network Topology
Design a Model for Network Layer Addressing and Naming
Select the Switching and Routing Protocols
Network Security Design
Network Management Design
Optimize the Network Design
Select Technologies and Devices
Test the Network Design
Document the Network Design
Emergent Carbon Issues Technologies and Future.pptxRevolverRaja2
Emergent Carbon Issues Technologies and Future: It mainly focus on the issues that will emerge by adopting green computing for reducing carbon footprint in business model.
These slides cover a topic on ISDN (Integrated Services Digital Network) in Data Communication. All the slides are explained in a very simple manner. It is useful for engineering students & also for the candidates who want to master data communication & computer networking.
Wireless phone standards have a life of their own. You can tell, because they are spoken of reverently in terms of generations. There's Great-Granddad, whose pioneering story pre-dates cellular; Grandma and Grandpa 1G, or analog cellular, Mom and Dad 2G, or digital cellular; 3G wireless, 4G, 5G and so on. This is a survey report PPT on these technology.
CR : smart radio that has the ability to sense the external environment, learn from the history and make intelligent decisions to adjust its transmission parameters according
to the current state of the environment.
Analyze the Customer Requirements
Characterize the Existing Network and Sites
Design the Network Topology and Solutions
Design a Network Topology
Design a Model for Network Layer Addressing and Naming
Select the Switching and Routing Protocols
Network Security Design
Network Management Design
Optimize the Network Design
Select Technologies and Devices
Test the Network Design
Document the Network Design
Design Considerations For Enterprise Social Networks: Identity, Graphs, Strea...Mike Gotta
Organizations can improve how employees connect to co-workers by understanding the influence design has on participation within social platforms. This session examines key social networking building blocks and how design practices should accommodate multiple networking strategies as employees seek to mobilize their connections to satisfy different work and professional needs.Attendees will gain a better understanding of social networking technology found within social platforms; insight to the cultural aspects of social networks, and how social networking strategies help people cultivate relationships and build social capital they can later leverage to achieve work and professional goals.
Presented at E2.0 Boston June 2012. This version of the deck puts builds on separate slides to display properly on Slideshare.
Different types of projects require different approaches. The Agile Framework is different from typical waterfall methodology in that the Agile focuses on flexibility, speed, adaptability, simplicity, teamwork, etc.
This slide introduces the key elements of Agile approaches. For additional information, please contact Mr. Hamza Qazi at pmp@uloomtraining.com
The effectiveness of your marketing efforts are dependent on your ability to engage and empower a network of people connected by a shared interest. It's time to start designing experience for networks instead of just groups of individuals.
problem definition in research has the basic role in research, hence, this presentation pertaining to identification of problem by the use of different method
Chapter 11 Selecting Technologies and Devices for Enterprise Netwo.docxbartholomeocoombs
Chapter 11 Selecting Technologies and Devices for Enterprise Networks This chapter presents technologies for the remote-access and wide-area network (WAN) components of an enterprise network design. The chapter discusses physical and data link layer protocols and enterprise network devices, such as remote-access servers, routers, firewalls, and virtual private network (VPN) concentrators. The chapter begins with a discussion of the following remote-access technologies: Point-to-Point Protocol (PPP) Cable modems Digital subscriber line (DSL) After discussing remote-access technologies, the chapter presents options for selecting WAN and remote-access capacities with the North American Digital Hierarchy, the European E system, or the Synchronous Digital Hierarchy (SDH). The chapter continues with a discussion of the following WAN technologies: Leased lines Synchronous Optical Network (SONET) Frame Relay Asynchronous Transfer Mode (ATM) Metro Ethernet The chapter then covers two topics that will help you complete your WAN design: Selecting routers for an enterprise WAN design Selecting a WAN service provider The chapter concludes with an example of a WAN network design that was developed for a medium-sized company, Klamath Paper Products, Inc. The example indicates what technologies and devices were chosen for this customer based on the customer’s goals. The technologies and devices you select for your particular network design customer will depend on bandwidth and quality of service (QoS) requirements, the network topology, business requirements and constraints, and technical goals (such as scalability, affordability, performance, and availability). An analysis of traffic flow and load, as discussed in Chapter 4, “Characterizing Network Traffic,” can help you accurately select capacities and devices. For some organizations, scalability is a key design goal. The selected WAN solution must have enough headroom for growth. As discussed in this chapter, some WAN technologies are more scalable than others. Another key design goal for many organizations is to minimize the cost of WAN and remote-access circuits. Optimization techniques that reduce costs play an important role in most WAN and remote-access designs. Methods for merging separate voice, video, and data networks into a combined, cost-effective WAN also play an important role. These methods must handle the diverse QoS requirements of different applications. Remote-Access Technologies As organizations have become more mobile and geographically dispersed, remote-access technologies have become an important ingredient of many enterprise network designs. Enterprises use remote-access technologies to provide network access to telecommuters, employees in remote offices, and mobile workers who travel. An analysis of the location of user communities and their applications should form the basis of your remote-access design. It is important to recognize the location and number of full- and part-time t.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Network Analysis & Designing
1. N D
A
IS
LYS
A
AN
RK
Y
LOG
O TO
PO
W N WORK
ET IG A NET
N ES ING
D ESIGN
D
2. TOPOLOGY
a map of an internetwork that indicates segments, interconnection
points and user communities
First step in logical design
Hierarchical network design
Scalable campus and enterprise networks
Layered, modular model
3. HIERARCHICAL NETWORK DESIGN
Develop in discrete layers
Each has a specific functions
Typical hierarchical topology is:
core layer of high-end routers and switches that are
optimized for availability and performance
Distribution layer of routers and switches that
implement policy
Access layer that connects users via hubs, switches,
and other devices
4. WHY USE A HIERARCHICAL NETWORK DESIGN
CPU adjacencies and increased workload with broadcast
packets
Modular topology that limits the number of communicating
routers
Minimize costs by buying appropriate internetworking
devices for each layer
Keep design element simple and easy to understand
Facilitates design changes
Enables creating design elements that can be replicated
Today’s routing protocols were designed for hierarchical
topologies
5. FLAT VERSUS HIERARCHICAL TOPOLOGIES
Flat is adequate for very small networks
Flat is easy to design and implement and maintain
6. FLAT WAN TOPOLOGIES
A WAN for a small company can consist
of a few sites connected in a loop.
Each site has a WAN router that
connects to two other adjacent sites
via point-to-point links
Not recommended for networks with
many sites.
Loop topology can mean many hops between routers
If routers on opposite sides of a loop exchange a lot of
traffic use a hierarchical topology
Redundant routers or switches required for high
availability
7. MESH VERSUS HIERARCHICAL-MESH
TOPOLOGIES
Mesh topology helps meet availability
requirements
Full-mesh topology every router or switch is
connected to every other router or switch.
Provides complete redundancy and offers good performance
because there is just a single-link delay between any two
sites
Partial-mesh network has fewer
connections. Reach another router or
switch might require traversing
intermediate links
8. MESH TOPOLOGY (CONT’D)
Disadvantages:
Expensive to deploy and maintain
Hard to optimize, troubleshoot, and upgrade
Lack of modularity
Difficult to upgrade just one part of the network
Scalability limits for groups of routers that broadcast
routing updates or service advertisements
Limit adjacent routers that exchange routing tables and
service advertisements
For small and medium-sized companies
the hierarchical model is often
implemented as a hub-and-spoke
topology with little or no meshing
9. THE CLASSIC THREE-LAYER HIERARCHICAL
MODEL
Permits traffic aggregation and filtering at
three successive routing or switching
levels
Scalable to large international
internetworks
Each layer has a specific role
Core layer provides optimal transport
between sites
Distribution layer connects network services
to the access layer and implements
policies regarding security, traffic loading
and routing
Access layer consists of routers at the edge
10. THE CORE LAYER
High-speed backbone of the internetwork
Should design with redundant components
because it is critical for interconnectivity
Highly reliable and adaptable to changes
Use routing features that optimize packet
throughput
Have a limited and consistent diameter to
provide predictable performance and ease of
troubleshooting
For connection to other enterprises via an
extranet/internet should include one or more
links to external networks.
11. THE DISTRIBUTION LAYER
The demarcation point between the access and core layers of
the network
Roles include controlling access to resources for security
reasons and controlling network traffic that traverses the core
for performance reasons
Often the layer that delineates broadcast domains
Allow core layer to connect diverse sites while maintaining high
performance
Can redistribute between bandwidth-intensive access-layer
routing protocols and optimized core routing protocols.
Can summarize routes from the access layer
Can provide address translation.
12. THE ACCESS LAYER
Provides users on local segments access to
the internetwork
Can include routers, switches, bridges and
shared-media hubs
Switches are used to divide up bandwidth
domains to meet the demands of
applications that require a lot of
bandwidth.
For small networks can provide access into
the corporate internetwork using wide-
area technologies such as ISDN, Frame
relay, leased digital lines and analog
model lines.
13. GUIDELINES FOR HIERARCHICAL NETWORK
DESIGN
Control diameter of hierarchical enterprise network topology
Most cases the three major layers are sufficient
Provides low and predictable latency
Should make troubleshooting and network documentation easier
Strict control at the access layer should be maintained
14. GUIDELINES FOR HIERARCHICAL NETWORK
DESIGN (CONT’D)
Avoid the design mistake of adding a chain
(don’t add networks inappropriately)
Avail backdoors – a connection between
devices in the same layer. It can be an
extra router, bridge, or switch added to
connect two networks
Design access layer first, then the distribution
layer and finally the core layer.
More accurately plan capacity requirements for the distribution
and core layers
Also recognize optimization techniques needed
15. GUIDELINES FOR HIERARCHICAL NETWORK
DESIGN (CONT’D)
Design using modular and hierarchical techniques and then plan the
interconnection between layers based on analysis of traffic load,
flow, and behavior
16. REDUNDANT NETWORK DESIGN TOPOLOGIES
Lets you meet network availability by
duplicating network links and
interconnectivity devices.
Eliminates the possibility of having a
single point of failure
Cab be implemented in both campus and
enterprise
Campus goals for users accessing local services
Enterprise goals for overall availability and performance
Analyze business and technical goals of customer
17. BACKUP PATHS
Consists of routers and switches and
individual backup links between routers
and switches that duplicate devices and
links on the primary path
Consider 2 aspects of backup path
How much capacity does it support
How quickly will the network begin using it
Common to have less capacity than a
primary path
Different technologies
Expensive
18. BACKUP PATHS (CONT’D)
Manual versus automatic
Manual reconfigure users will notice disruption and for mission critical systems not
acceptable
Use redundant, partial-mesh network designs to speed automatic recovery time
They must be tested
Sometimes used for load balancing as well as backup
19. LOAD BALANCING
Primary goal of redundancy is to meet
availability
Secondary goal is to improve performance
by load balancing across parallel links
Must be planned and in some cases
configured
In ISDN environments can facilitate by
configuring channel aggregation
Channel aggregation means that a router can automatically
bring up multiple ISDN B channel as bandwidth
requirements increase
20. LOAD BALANCING (CONT’D)
Most vendor implementations of IP routing
protocols support load balancing across
parallel links that have equal cost
Some base cost on the number of hops to a
particular destination
Load balance over unequal bandwidth paths
Can be effected by advanced switching
(forwarding) mechanisms implemented in
routers
Often caches the path to remote destinations to allow faster
forwarding of packets
21. DESIGNING A CAMPUS NETWORK DESIGN
TOPOLOGY
Should meet a customer’s goals for
availability and performance by
featuring small broadcast domains,
redundant distribution-layer segments,
mirrored servers, and multiple ways for
a workstation to reach a router for off-
net communications
Designed using a hierarchical model for
good performance, maintainability and
scalability.
22. VIRTUAL LANS
Is an emulation of a standard LAN that allows data
transfer to take place without the traditional physical
restraints placed on a network.
Based on logical rather than physical connections and
are very flexible
Communicate as if they were on the same network
Allows a large flat network to be divided into subnets to
divide up broadcast domains
In the future fewer companies will implement large flat
LANs and the need for VLANs will be less
Hard to manage and optimize. When dispersed across
many physical networks traffic must flow to each of those
networks
23. REDUNDANT LAN SEGMENTS
In Campus LANs it is common to design
redundant links between LAN switches
The spanning-tree algorithm is used to
avoid packet loops.
Spanning-tree algorithm is good for loops
but not necessarily for load balancing
When multiple bridges or switches exist in
a spanning tree, one bridge becomes
the root bridge. Traffic always travels
toward the root bridge. Only one path to
the root bridge is active, other paths are
disabled.
24. SERVER REDUNDANCY
File, Web, Dynamic Host Configuration Protocol (DHCP),
name, database, configuration, and broadcast servers
are all candidates for redundancy in campus design
When a LAN is migrated to DHCP servers the DHCP
servers become critical. Use redundant DHCP servers.
DHCP servers can be at the access or distribution layer.
In small networks often in the distribution layer. In
larger in the access layer.
In large campus networks the DHCP server is often
placed on a different network segments than the end
systems that use it.
25. SERVER REDUNDANCY (CONT’D)
Name servers are less critical than DHCP
servers because users can reach services
by address instead of name if the name
server fails
If ATM is used it is a good idea to duplicate
the ATM services used by clients running
ATM LAN emulation (LANE) software
LAN Emulation Configuration Server (LECS)
LAN Emulation Server (LES)
Broadcast and Unknown Server (BUS)
26. SERVER REDUNDANCY (CONT’D)
Where cost of downtime for file servers is a major concern mirrored file
servers should be recommended
If complete redundancy is not feasible then duplexing of the file server
hard drives is a good ideas
mirrored file servers allow the sharing of workload between servers
30. IP WORKSTATION-TO-ROUTER COMMUNICATION
Implementations vary in how they
implement workstation-to-router
communication.
Some send an address resolution protocol
(ARP) to find remote station
A router running proxy ARP responds to the
ARP request with the router’s data-link-
layer address
Advantage of proxy ARP is that a
workstation does not have to be manually
configured with the address of a router
31. IP WORKSTATION-TO-ROUTER COMMUNICATION
(CONT’D)
Sometimes network administrators
manually configure an IP workstation with
a default router
A default router is the address of a router
on the local segment that a workstation
uses to reach remote services
A number of protocols are used to identify
routers such as
Router Discovery Protocol (RDP) which uses
Internet control Message Protocol (ICMP)
ICMP router advertisement packet
ICMP router solicitation packet
32. DESIGNING AN ENTERPRISE NETWORK DESIGN
TOPOLOGY
Should meet a customer’s goals for availability and performance by
featuring redundant LAN and WAN segments in the intranet, and
multiple paths to extranets and the Internet
Virtual Private Networking (VPN) can be used
33. REDUNDANT WAN SEGMENTS
Because Wan links can be critical redundant (backup) WAN links are
often included in the enterprise topology
Full-mesh topology provides complete redundancy
Full mesh is costly to implement, maintain, upgrade and troubleshoot
34. CIRCUIT DIVERSITY
Learn as much as possible about the actual
physical circuit routing
Some carriers use the same facilities which
means the backup path is susceptible to
the same failure as the primary path
Circuit diversity refers to the optimum
situation of circuits using different paths
It is becoming increasingly harder to
guarantee circuit diversity because of
mergers of carriers
Analyze your local cabling in addition to the
carrier’s services
35. MULTIHOMING THE INTERNET CONNECTION
Means to provide more than one connection
for a systems to access and offer network
services
Server is multihomed is it has more than
one network layer address
Increasing used to refer to the practice of
providing an enterprise network more
than one entry into the Internet
Has the potential to become a transit
network that provides interconnections
for other networks
Means routers on the Internet learn they can reach other
routers through the enterprise network
36. VIRTUAL PRIVATE NETWORKING
Enable a customer to use a public network to
provide a secure connection among sites on
the organization’s internetwork
Can also be used to connect an enterprise
intranet to an extranet to reach outside
parties
Gives the ability to connect geographically-
dispersed offices via a service provider vice a
private network
Company data can be encrypted for routing
Firewalls and TCP?/IP tunneling allow a
customer to use a public network as a
37. SECURE NETWORK DESIGN TOPOLOGIES
Planning for Physical Security
Meeting Security Goals with Firewall Topologies
38. PLANNING FOR PHYSICAL SECURITY
Install critical equipment in computer rooms that have protection
Logical design might have an impact on physical security
Planning should start to allow lead times to build or install security
mechanisms
39. MEETING SECURITY GOALS WITH FIREWALL
TOPOLOGIES
A firewall is a system or combination of
systems that enforces a boundary
between two or more networks
Can be a router with access control lists (ACL)
Dedicated hardware box
Software running on a PC or UNIX system
Should be placed in the network topology
so that all traffic from outside the
protected network must pass through the
firewall
Security policy specifies which traffic is
authorized to pass through the firewall
40. MEETING SECURITY GOALS WITH FIREWALL
TOPOLOGIES (CONT’D)
Especially important at the boundary
between the enterprise network and the
Internet
Customers with the need to publish public
data and protect private data the firewall
topology can include a public LAN that
hosts Web, FTP, DNS and SMTP servers
Larger customers should use a firewall in
addition to a router between the Internet
and the enterprise network
41. MEETING SECURITY GOALS WITH FIREWALL
TOPOLOGIES (CONT’D)
An alternative is to use two routers as the
firewall and place the free-trade zone
between them. This is the three-part
firewall topology
The configuration on the routers might be
complex, consisting of many access
control list to control traffic in and out of
the private network and the free trade
zone.
Dedicated firewalls usually have a GUI that
lets you specify a security policy an an
intuitive fashion
42. SUMMARY
Designing a network topology is the first
step in the logical design
Three models for network topologies:
hierarchical, redundant, and secure
Hierarchical lets you develop a network consisting of many
interrelated components in a layered, modular fashion
Redundant lets you meet requirements for network
availability by duplicating network components
Secure protects core routers, demarcation points, cabling,
modems and other equipment. Adding firewalls protects
against hackers.