However, over the years, enterprise networks have
become more critical to business operations and their
structures are more complex. The Cisco Enterprise Architecture,
shown in Figure , integrates the entire network—campus, data
center, branches, teleworkers, and WAN. This integration
provides secure access to all tools, processes, and services
across all sectors of the company. Cisco Enterprise
Architecture helps companies protect, optimize, and grow their
infrastructure to support business processes. From an
information technology (IT) staff point of view, the model
facilitates planning, designing, implementing, operating, and
troubleshooting (PDIOT) networks by focusing on network
elements and on relations between those elements. Cisco
Enterprise Architecture consists of five elements:
- Cisco Enterprise Campus Architecture: Cisco
Enterprise Campus Architecture combines a core
infrastructure of intelligent switching and routing with
tightly integrated productivity-enhancing technologies
including Cisco IP Communications, mobility, and advanced
security. The campus architecture provides many features:
- High availability with a resilient multilayer design and
redundant hardware and software features.
- Automatic
procedures for reconfiguring network paths when failures
occur.
- Multicast to provide optimized bandwidth
consumption.
- Quality of Service (QoS) to prevent
oversubscription and reduce the likelihood of dropping or
delaying real-time traffic, such as voice and video, or
critical data.
- Integrated security to protect against
and mitigate the impact of worms, viruses, and other attacks on
the network, even at the switch port level. Cisco
enterprise-wide architecture extends authentication support
using standards such as 802.1x and Extensible Authentication
Protocol (EAP).
- Cisco Enterprise Campus provides the
flexibility to add IP security (IPsec) and Multiprotocol Label
Switching virtual private networks (MPLS VPNs), identity and
access management, and VLANs to compartmentalize access. These
features help improve performance and security while also
decreasing costs.
- Cisco Enterprise
Data Center Architecture: Cisco Enterprise Data
Center Architecture is a cohesive, adaptive network
architecture that supports the requirements for consolidation,
business continuance, and security. At the same time, the Data
Center enables emerging service-oriented architectures,
virtualization, and on-demand computing. IT staff can easily
provide departmental staff, suppliers, or customers with secure
access to applications and resources. This capability
simplifies and streamlines management, which reduces overhead.
Redundant data centers provide backup services using
synchronous and asynchronous data and application replication.
The network and devices offer server and application load
balancing to maximize performance. This solution allows the
enterprise to scale without major changes to the
infrastructure.
- Cisco Enterprise Branch
Architecture: Cisco Enterprise Branch Architecture
allows enterprises to extend head-office applications and
services, such as security, Cisco IP Communications, and
advanced application performance, to thousands of remote
locations and users or to a small group of branches. Cisco
integrates security, switching, network analysis, caching, and
converged voice and video services into a series of integrated
services routers in the branch. With this integration,
enterprises can deploy new services when they are ready to do
so without having to purchase new equipment. This solution
provides secure access to voice, mission-critical data, and
video applications anywhere and anytime. Advanced network
routing, VPNs, redundant WAN links, application content
caching, and local IP telephony call processing provide a
robust architecture with high levels of resilience for all the
branch offices. An optimized network leverages the WAN and LAN
to reduce traffic and save bandwidth and operational expenses.
Enterprises can easily support branch offices with the ability
to centrally configure, monitor, and manage devices that are
located at remote sites, including tools, such as AutoQoS or
the Cisco Security Device Manager (SDM) QoS wizard, that
proactively resolve congestion and bandwidth issues before they
affect network performance.
- Cisco Enterprise
Teleworker Architecture: Also called the Enterprise
Branch-of-One, the Cisco Enterprise Teleworker
Architecture allows enterprises to deliver secure voice and
data services to remote small or home offices (small
office/home office [SOHO]) over a standard broadband access
service, providing a business resiliency solution for the
enterprise and a flexible work environment for employees.
Centralized management minimizes the IT support costs, and
robust integrated security mitigates the unique security
challenges of this environment. Integrated security and
identity-based networking services enable the enterprise to
help extend campus security policies to the teleworker. Staff
can securely log on to the network over an always-on VPN and
gain access to authorized applications and services from a
single cost-effective platform. Adding an IP phone to provide
cost-effective access to a centralized IP Communications system
with voice and unified messaging services enhances
productivity.
- Cisco Enterprise WAN
Architecture: Cisco Enterprise WAN Architecture
provides converged voice, video, and data services over a
single IP Communications network. This convergence enables the
enterprise to span large geographic areas cost effectively.
Granular service levels, QoS, and comprehensive encryption
options help ensure the secure delivery of high-quality
corporate voice, video, and data resources to all corporate
sites to enable people to work productively and efficiently
regardless of their location. Security is provided with
multiservice VPNs (IPsec and MPLS) over Layer 2 or Layer 3
WANs, hub-and-spoke, or full-mesh topologies.
Content 1.1 Enterprise Networking
1.1.3 Remote Connection Requirements in a Converged
Network A company with multiple sites that vary in size
needs a remote network to connect the various locations to each
other. In such a network, a large central site is often the
corporate headquarters or a major office. Regional offices,
small offices/home offices (SOHOs), and mobile workers may need
to connect to the central site for data and information.
Because users may access the central site via multiple WAN
technologies, it is important that the central site accommodate
many types of WAN connections from remote locations. The
central site is often referred to as headquarters, the
enterprise, or the corporate site. Figure describes
requirements that the central site must provide to support the
various sites in a remote network. Remote locations include
these sites: - Branch office: The branch office
generally accommodates employees who have a reason to be
located away from the central site. A regional sales office is
an example. Branch office users must be able to connect to the
central site to access company information. Remote site
and remote office are other names for a branch office.
Branch offices can benefit from high-speed Internet access,
virtual private network (VPN) connectivity to corporate
intranets, telecommuting capabilities for work-at-home
employees, video conferencing, and economical public switched
telephone network (PSTN)-quality voice and fax calls over the
managed IP networks.
- SOHO and teleworker
sites: The SOHO has a small office with one to several
employees or is the home office of a telecommuter.
Telecommuters may also be mobile users; that is, users who need
access while traveling or who do not work at a fixed company
site. Depending on the amount of use and the WAN services
available, telecommuters working from home tend to use a
dialup connection and broadband services.
- Mobile