Functional Areas of the Cisco Enterprise Architecture

At the first layer of modularity in the Cisco Enterprise Architecture, the entire network is divided into functional components—functional areas that contain network modules—while still maintaining the hierarchical concept of the core-distribution-access layers within the network modules as needed.

NOTE The access, distribution, and core layers can appear in any functional area or module of the Cisco Enterprise Architecture.

The Cisco Enterprise Architecture comprises the following six major functional areas (also called modules):

■ Enterprise Campus

■ Enterprise Edge

■ Service Provider

■ Enterprise Branch

■ Enterprise Data Center

■ Enterprise Teleworker

KEY POINT

An enterprise does not implement the modules in the Service Provider functional area; they are necessary for enabling communication with other networks.

NOTE The Cisco SONA Enterprise Edge and the WAN and metropolitan-area network (MAN) modules are represented as one functional area in the Cisco Enterprise Architecture, the Enterprise Edge.

Figure 3-9 illustrates the modules within the Cisco Enterprise Architecture.

Figure 3-9 Cisco Enterprise Architecture

Enterprise Campus

Building

B a

Building Distributio

&3

n

Ï

Campus Core

1

X

Server Farm and Data Center

Network Management

Enterprise Edge

Enterprise Edge

Service Provider

E-Commerce . -1

ISPA

/

Internet Connectivity

ISP B

rj

Remote Access and VPN

PSTN

1 HI

WAN and MAN Site-to-Site VPN

r-'í

Frame Relay/ATM

NOTE Figure 3-9 is reproduced on the inside back cover of this book for your reference.

The Cisco Enterprise Campus Architecture combines a core infrastructure of intelligent switching and routing with tightly integrated productivity-enhancing technologies, including Cisco Unified Communications, mobility, and advanced security. The architecture provides the enterprise with high availability through a resilient multilayer design, redundant hardware and software features, and automatic procedures for reconfiguring network paths when failures occur. IP multicast capabilities provide optimized bandwidth consumption, and QoS features ensure that real-time traffic (such as voice, video, or critical data) is not dropped or delayed. Integrated security protects against and mitigates the impact of worms, viruses, and other attacks on the network, including at the switch port level. For example, the Cisco enterprise-wide architecture extends support for security standards, such as the IEEE 802.1X port-based network access control standard and the Extensible Authentication Protocol. It also provides the flexibility to add Internet Protocol Security (IPsec) and MPLS virtual private networks (VPN), identity and access management, and

VLANs to compartmentalize access. These features help improve performance and security while decreasing costs.

The Cisco Enterprise Edge Architecture offers connectivity to voice, video, and data services outside the enterprise. This module enables the enterprise to use Internet and partner resources, and provide resources for its customers. QoS, service levels, and security are the main issues in the Enterprise Edge.

The Cisco Enterprise WAN and MAN and Site-to-Site VPN module is part of the Enterprise Edge. It offers the convergence of voice, video, and data services over a single Cisco Unified Communications network, which enables the enterprise to span large geographic areas in a cost-effective manner. QoS, granular service levels, and comprehensive encryption options help ensure the secure delivery of high-quality corporate voice, video, and data resources to all corporate sites, enabling staff to work productively and efficiently wherever they are located. Security is provided with multiservice VPNs (both IPsec and MPLS) over Layer 2 or Layer 3 WANs, hub-and-spoke, or full-mesh topologies.

The Cisco Enterprise Data Center Architecture is a cohesive, adaptive network architecture that supports requirements for consolidation, business continuance, and security while enabling emerging service-oriented architectures, virtualization, and on-demand computing. Staff, suppliers, and customers can be provided with secure access to applications and resources, simplifying and streamlining management and significantly reducing overhead. Redundant data centers provide backup using synchronous and asynchronous data and application replication. The network and devices offer server and application load balancing to maximize performance. This architecture allows the enterprise to scale without major changes to the infrastructure. This module can be located either at the campus as a server farm or at a remote facility.

The Cisco Enterprise Branch Architecture allows enterprises to extend head-office applications and services (such as security, Cisco Unified Communications, and advanced application performance) to thousands of remote locations and users or to a small group of branches. Cisco integrates security, switching, network analysis, caching, and converged voice and video services into a series of integrated services routers (ISR) in the branch so that the enterprises can deploy new services without buying new routers. This architecture provides secure access to voice, mission-critical data, and video applications—anywhere, anytime. Advanced routing, VPNs, redundant WAN links, application content caching, and local IP telephony call processing features are available with high levels of resilience for all the branch offices. An optimized network leverages the WAN and LAN to reduce traffic and save bandwidth and operational expenses. The enterprise can easily support branch offices with the capability to centrally configure, monitor, and manage devices located at remote sites, including tools, such as Cisco AutoQoS and the Cisco Router and Security Device Manager graphical user interface QoS wizard, which proactively resolve congestion and bandwidth issues before they affect network performance.

The Cisco Enterprise Teleworker Architecture allows enterprises to securely deliver voice and data services to remote small or home offices (known as small office, home office [SOHO]) over a standard broadband access service, providing a business-resiliency solution for the enterprise and a flexible work environment for employees. Centralized management minimizes the IT support costs, and robust integrated security mitigates the unique security challenges of this environment. Integrated security and identity-based networking services enable the enterprise to extend campus security policies to the teleworker. Staff can securely log in to the network over an always-on VPN and gain access to authorized applications and services from a single cost-effective platform. Productivity can be further enhanced by adding an IP phone, thereby providing cost-effective access to a centralized IP communications system with voice and unified messaging services.

NOTE Each of these modules has specific requirements and performs specific roles in the network; note that their sizes in Figure 3-9 are not meant to reflect their scale in a real network.

This architecture allows network designers to focus on only a selected module and its functions. Designers can describe each network application and service on a per-module basis and validate each as part of the complete enterprise network design. Modules can be added to achieve scalability if necessary; for example, an organization can add more Enterprise Campus modules if it has more than one campus.

Was this article helpful?

0 0

Responses

  • liviano
    What are the six major functional areas in the cisco enterprise architecture?
    11 months ago
  • AMARANTH
    What are the major functional areas in the Cisco Network Architectures for Enterprise?
    11 months ago
  • aaron
    What are the six major functional areas in the cisco enterprise architecture quizlet?
    11 months ago

Post a comment