Cisco Enterprise MAN and WAN Architecture Technologies

The Cisco Enterprise MAN and WAN architecture employs a number of MAN and WAN technologies engineered and optimized to interoperate as a contiguous system, providing the integrated QoS, network security, reliability, and manageability required to support a variety of advanced business applications and services. These technologies include a number of secure alternatives to traditional private WAN connectivity and help increase network scalability and reduce monthly carrier fees. The Cisco Enterprise MAN and WAN architecture includes the following technologies, as summarized in Table 5-4:

■ Private WAN: Private connectivity takes advantage of existing Frame Relay, ATM, or other connections. To provide an additional level of security when connecting sites, strong encryption (using Digital Encryption Standard [DES], Triple DES [3DES], and Advanced Encryption Standard [AES]) can be added. A private WAN is ideally suited for an enterprise with moderate growth expectations, where relatively few new branches or remote offices will be deployed over the coming years. Businesses that require secure, dedicated, and reliable connectivity for compliance with information privacy standards, and that also require support for advanced applications such as voice and video, benefit from encrypted private connectivity. However, this technology can result in relatively high recurring monthly carrier fees and is not the preferred technology for extending connectivity to teleworkers and remote call agents. An enterprise might choose encrypted private connectivity to network its larger branch offices, but opt for other technologies, such as a VPN, to connect remote users and smaller sites.

■ ISP service (site-to-site and remote-access IPsec VPN): These technologies take advantage of the ubiquity of public and private IP networks. The use of strong encryption standards (DES, 3DES, and AES) makes this WAN option more secure than traditional private connectivity and makes it compliant with the many new information security regulations imposed on government and industry groups (such as healthcare and finance). When implemented over the public Internet, IPsec VPNs are best suited for businesses that require basic data connectivity. However, if support for delay-sensitive, advanced applications such as voice and video is required, an IPsec VPN should be implemented over an SP's private network where an adequate level of QoS is assured to support voice and video traffic. Relatively low monthly carrier fees make this technology appropriate for businesses seeking to connect a high number of teleworkers, remote contact center agents, or small remote offices over a geographically dispersed area.

■ SP MPLS and IP VPN: A network-based IP VPN is similar in many ways to private connectivity, but with added flexibility, scalability, and reach. The any-to-any nature of an MPLS-enabled IP VPN (any branch can be networked to any branch), combined with its comprehensive QoS for voice and video traffic, suits the needs of many enterprises, especially those with high growth expectations, where many new branches and remote offices will be added over the next few years. The secure, reliable connectivity and relatively lower carrier fees that are inherent in this technology make a network-based IP VPN a good choice for businesses looking to use a managed service solution to connect branches, remote offices, teleworkers, and remote call agents.

■ Self-deployed MPLS: Self-deployed MPLS is a network segmentation technique that allows enterprises to logically segment the network. Self-deployed MPLS is typically reserved for very large enterprises or an SP willing to make a significant investment in network equipment and training, and for those that have an IT staff that is comfortable with a high degree of technical complexity.

Table 5-4 Cisco Enterprise WAN and MAN Architecture Comparison

Private WAN

ISP Service (Site-to-Site and Remote-Access IPsec VPN)

SP MPLS and IP VPN

Self-Deployed MPLS

Secure transport

IPsec (optional)

(mandatory)

High availability

Excellent

Good

Excellent

Excellent

Multicast

Good

Good

Good

Excellent

Voice and video support

Excellent

Low

Excellent

Excellent

Scalable network growth

Moderate

Good

Excellent

Excellent

Easily shared WAN links

Moderate

Moderate

Moderate

Excellent

Table 5-4 Cisco Enterprise WAN and MAN Architecture Comparison (Continued)

Private WAN

ISP Service (Site-to-Site and Remote-Access IPsec VPN)

SP MPLS and IP VPN

Self-Deployed MPLS

Operational costs

High

Low

Moderate; depends on transport

Moderate to high

Network control

High

Moderate

Moderate

High

Effort to migrate from private WAN

Low

Moderate

Moderate

High

Enterprises can use a combination of these technologies to support their remote connectivity requirements. Figure 5-20 shows a sample implementation of a combination of three technologies in a healthcare environment.

Figure 5-20 Sample Cisco WAN Architectures in a Healthcare Environment

Figure 5-20 Sample Cisco WAN Architectures in a Healthcare Environment

Hospital

Remote Clinic

Remote Users

Hospital

□ □□□

□ □□□

□ □□□

uu

uu

□ □□□

uu

uu

uu

Remote Clinic

Remote Users

Encrypted Private Connectivity

IPsec VPN Connections

Service Provider-Managed MPLS Connections

Encrypted Private Connectivity

IPsec VPN Connections

Service Provider-Managed MPLS Connections

Was this article helpful?

0 0
Project Management Made Easy

Project Management Made Easy

What you need to know about… Project Management Made Easy! Project management consists of more than just a large building project and can encompass small projects as well. No matter what the size of your project, you need to have some sort of project management. How you manage your project has everything to do with its outcome.

Get My Free Ebook


Post a comment