Modular Approach | CCSP CSI Exam Cram 2 (Exam Cram 642-541)

The OSI model takes a modular approach to data communications for two reasons: to keep the problem manageable by breaking it into smaller pieces, and to internally optimize each module (layer) on a schedule that is independent of that of other layers, as long as it meets interface standards with its adjacent layers . For similar reasons, the SAFE Blueprint organizes the enterprise into modules. Each module can be optimized independently of the optimization schedule of the others, and the architecture can focus on the security relationship between any pair of modules.

This modular approach is helpful in studying the SAFE Blueprint as well. We'll break down the problem into pieces and then tackle each piece in some depth. The basic SAFE Blueprint is intended to describe a design for a secure enterprise network, including e-commerce. As such, this is a design that is very busy and very detailed. It includes redundancy and high-availability (HA) features that can both be present in smaller networks. But because it is the biggest picture, it's worth examining first. To be sure that you're clear about which SAFE whitepaper we're discussing, we refer to this one as the Enterprise SAFE Blueprint.

The Enterprise SAFE Blueprint was the first document of the series of SAFE Blueprints. Thus, it is the template for those that followed. It is also the most complex because it provides what Cisco considers the best practices for the most complex network: a full-blown enterprise, including internally managed e-commerce. However, although the CSI exam is about SAFE in general, it focuses on the SMR SAFE Blueprintthe extension of the SAFE design principles to the small and midsize business and remote-access networks.

Therefore, we look over the Enterprise SAFE in this chapter, followed by the other SAFE models (including SMR SAFE) in Chapter 7, "The Extended SAFE Blueprints." After laying the foundations of SAFE in this chapter, you will be able to focus on how the SAFE Blueprint is applied to the SMR environment. Bear in mind as we do this that techniques are not specific to a particular SAFE model; private VLANs, for instance, work the same way and provide the same benefits, regardless of which SAFE model implements them.