Evaluation of Needs and Expectations

Now that you have established just where the customer is with their current network, you need to establish where the customer wants to go. There are several items that you need to establish with your customer, including

• Business constraints

• Security requirements

• Manageability requirements

• Application requirements

• Performance requirements

This section will discuss each of these in a bit more detail. Once this data is gathered, you will most likely want to record it in a document that specifies exactly what the customer’s requirements are.

Business Constraints

Are you getting the idea that business constraints are a big part of the network design? Business constraints include items such as timelines, staffing, training, budgets, and project approval. For example, it is important to establish what, if any, down time on the existing network is permissible when new equipment is installed and configured. In many environments, you may have to leave existing services installed and running while the new networking equipment goes in. It is important to establish these expectations up front, because they will significantly affect design. For example, if down time is not tolerable, you may have to order a router with additional interfaces that will only be used a short time to interconnect the old and new networks. All of these types of items can affect the design, although they are not purely technical in nature. It is important to establish these constraints up front with the customer.

Security Requirements

Security is something that everyone wants. Internet connections are always a worry (Who doesn’t have a hacker story?), and internal threats are always present. Chapter 13, “Designing Networks for Integrated Security and Voice Transport,” discusses methods of designing secure topologies. However, it is important to establish customer expectations with respect to security before beginning the design process. Unfortunately, security is not free. It typically requires additional equipment purchases as well as upgrading some equipment to handle security roles. Almost every customer will want Fort Knox security—this is the time to establish what type of security they can realistically both pay for and live with.

As previously mentioned, security typically requires additional equipment purchases, including firewalls, authentication, intrusion detection, and public key infrastructure systems. However, before any actual network design work is started, security equipment and design must be considered.

Management must define the business security requirements and support the use of the aforementioned security equipment and design. All too often, management wants data, networks, and devices secured but at the same time, they do not want to be inconvenienced nor do they want users to be inconvenienced by a new design. Security equipment and design can only protect your networks if the policies and procedures of security are clearly defined and followed; management must be organized and decisive in the planning process. Security policies and procedures need to include a definition for router access lists, firewall rules, allowable authentication methods, intrusion detection, reaction, and data encryption. Without definitive policies and procedures in place and being followed, your networks could become the targets of both inside and outside security attacks.

When writing security policies and procedures, there are a few main areas that must addressed. These areas include

• Know your enemy

• Costs and risk factors

• Controlling your secrets

• Human factors

• Known weaknesses

• Business environment

• Physical security

• Trust

  Lateral thinking and a willingness to explore any and all changes made to your networks and their effects on security require that you take a proactive approach and that you practice security in everything you and your users execute on the network.

  Some suggested guidelines for writing your own security policies and procedures can be found in ISO 17799 and in Information Security Policies Roles and Responsibilities Made Easy, Version 1 by Charles Cresson Wood.

Manageability Requirements

Some customers will only require the ability to produce pretty graphics for PowerPoint slides of their network management systems. Others will want to capture and evaluate any byte crossing any segment and know every gatherable statistic on their network devices. As with security, increased functionality implies increased cost. Use the customer’s existing network management tools (which you categorized earlier) as a starting point for expectations and then discuss how the customer would like to increase the manageability of the network. Make sure to establish specific checkpoints, like “measure network utilization on all WAN links,” rather than nonspecific items, such as “manage network better.”

Application Requirements

Applications will have the greatest influence on data flow. Even though the CCDA exam does not focus on installing networked applications, you must understand which applications your customer will run across their network. After all, if there were no applications, the network traffic would consist of routing updates and little more. Understanding where key servers are to be placed, expected traffic levels, and protocol support is crucial to the design process. You would not want to get to the end of the design process and have your customer tell you, “By the way, we are placing our e-mail server with 10,000 accounts at site A,” which you have connected to the corporate network with a DDR BRI!

Performance Requirements

In the end, what do you need? Do you really need T3 performance on the WAN? Don’t neglect issues such as scalability here. The idea is not to decide an absolute minimum but to evaluate what acceptable levels of performance (measured in response time, bandwidth utilization, etc.) really are, and how to ensure that those levels can be preserved through both network growth (more nodes) and increased utilization (more packets).