Enterprise WAN Architecture Cisco CCIE Training Institute in Delhi Gurgaon

Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192

When selecting an enterprise WAN architecture, you should identify and understand the connectivity and business requirements. It is important to review sample network designs that could meet the identified requirements. Here are some common factors that influence decisions for WAN architecture selection:

• High availability— Most businesses need a high level of availability, especially for their critical applications. The goal of high availability is to remove the single points of failure in the design, either by software, hardware, or power. Redundancy is critical in providing high levels of availability. Some technologies have built-in techniques that enable them to be highly available. For technologies that do not, other techniques can be employed, such as using additional WAN circuits and/or backup power supplies.
• Support for growth— Often enterprises want to provide for growth in their WAN architectures, considering the amount of effort and time required to connect additional sites. High-growth WAN technologies can reduce the amount of effort and cost involved in network expansions. WAN technologies that do not provide growth require significantly more effort, time, and cost to add new branches or remote offices.
• Ongoing expenses— Private line and traditional ATM/Frame Relay tend to have higher recurring expenses than Internet-based IP VPNs. Public networks such as the Internet can be used for WAN services to reduce cost, but there are some trade-offs with reliability and security compared to private or ATM/Frame Relay-type transports. Moreover, public networks make it more difficult to provide advanced technologies such as real-time voice and video.
• Ease of management— The expertise of the technical staff who are required to maintain and support MAN and WAN technologies varies. Most enterprises have the internal IT knowledge to handle most traditional MAN and WAN upgrades without the need for much training. However, some of the advanced technologies usually reserved for service providers may require additional training for the IT staff if the support is brought in-house. Depending on the technology and the design, you have opportunities to reduce the complexity through network management.
• Cost to implement— In most cases, the implementation cost is a major concern. During the design process it is important to evaluate the initial and recurring costs along with the design's benefits. Sometimes an organization can migrate from legacy connectivity to new technology with minimal investment in terms of equipment, time, and resources. In other cases, a network migration can require a low initial cost in terms of equipment and resources but can provide recurring operational savings and greater flexibility over the long term.
• Network segmentation support— Segmentation provides for Layer 2/3 logical separation between networks instead of physically separate networks. Advantages include reduced costs associated with equipment, maintenance, and carrier charges. In addition, separate security polices can be implemented per department or by functional area of the network to restrict access as needed.
• Support for Voice and Video— There is an increased demand for the support of voice over MAN and WAN technologies. Some WAN providers offer Cisco QoS-Certified IP VPNs, which can provide the appropriate levels of QoS needed for voice and video deployments. In cases where Internet or public network connections are used, QoS cannot always be assured. When voice and video are required for small offices, teleworkers, or remote agents, 768 kbps upstream bandwidth or greater is recommended.

Cisco Enterprise MAN/WAN

The Cisco Enterprise MAN/WAN architecture uses several technologies that work together in a cohesive relationship.

Here is the list of Cisco Enterprise MAN/WAN architectures:

• Private WAN (optional encryption)
• Private WAN with self-deployed MPLS
• ISP service (Internet with site-to-site and remote-access VPN)
• Service provider-managed IP/MPLS VPN

These architectures provide integrated QoS, security, reliability, and ease of management that is required to support enterprise business applications and services. As you can see, alternative technologies to the traditional private WAN can allow for network growth and reduced monthly carrier charges.

Enterprise WAN/MAN Architecture Comparison

Enterprise WAN/MAN architectures have common characteristics that allow the network designer to compare the advantages and disadvantages of each approach. Table 6-2 compares the characteristics of Private WAN, ISP Service, SP MPLS/IP VPN, and Private MPLS architectures.

Table 6-2. WAN/MAN Architecture Comparison

Characteristic	Private WAN	ISP Service	SP MPLS/IP VPN	Private MPLS
High availability	Excellent	Good	Excellent	Excellent
Growth support	Moderate	Good	Excellent	Excellent
Security	IPsec (optional)	IPsec (mandatory)	IPsec (optional)	IPsec (optional)
Ongoing expenses	High	Low	Moderate to high	Moderate to high
Ease of management	High	Medium	Medium	High
Voice/video support	Excellent	Moderate	Excellent	Excellent
Effort to migrate from private WAN	Low	Moderate	Moderate	High

The Cisco Enterprise MAN/WAN architecture includes Private WAN, ISP Service, SP MPLS/IP VPN, and Private MPLS:

• Private WAN generally consists of Frame Relay, ATM, private lines, and other traditional WAN connections. If security is needed, private WAN connections can be used in conjunction with encryption protocols such as Digital Encryption Standard (DES), Triple DES (3DES), and Advanced Encryption Standard (AES). This technology is best suited for an enterprise with moderate growth outlook where some remote or branch offices will need to be connected in the future. Businesses that require secure and reliable connectivity to comply with IT privacy standards can benefit from IPsec encrypted connectivity over the private WAN. Disadvantages of private WANs are that they have high recurring costs from the carriers and they are not the preferred technology for teleworkers and remote call center agents. Some enterprises may use encryption on the network, connecting larger sites and omitting encryption on the smaller remote offices with IP VPNs.
• ISP Service (Internet with site-to-site and remote-access VPN) uses strong encryption standards such as DES, 3DES, and AES, which make this WAN option more secure than the private WAN. ISP service also provides compliance with many new information security regulations imposed on some industries, such as healthcare and finance. This technology is best suited for basic connectivity over the Internet. However, if you need to support voice and video, consider IPsec VPN solutions that have the desired QoS support needed to meet your network requirements. The cost of this technology is relatively low. It is useful for connecting large numbers of teleworkers, remote contact agents, and remote offices.
• SP MPLS/IP VPN is similar to private WAN technology, but with added scalability and flexibility. MPLS-enabled IP VPNs enable mesh-like behavior or any-to-any branch-type connectivity. SP MPLS networks can support enterprise QoS requirements for voice and video, especially those with high growth potential. SP MPLS features secure and reliable technology with generally lower carrier fees. This makes it a good option for connecting branch offices, teleworkers, and remote call center agents.
• Private WAN with self-deployed MPLS usually is reserved for very large enterprises that are willing to make substantial investments in equipment and training to build out the MPLS network. The IT staff needs to be well trained and comfortable with supporting complex networks.

Figure 6-4 illustrates SP MPLS, Private WAN with encryption, and IPsec VPNs WAN architectures.

Figure 6-4. WAN Architectures

[View full size image]