Once you determine that you need a WAN, you need to choose the technologies you will implement. The bulk of your design decisions rest on several key factors. Cisco specifically uses seven different key factors: availability, bandwidth, cost, ease of management, application traffic, quality of service (QoS) and reliability, and access control. It is up to you to decide what weight you assign to each factor.
Key Decision FactorsThe seven different factors you consider fall into two major areas. Availability, bandwidth, and cost typically have physical components associated with them and are less subject to your direct control. Ease of management, application traffic, QOS/reliability, and access control are more logical in nature and more subject to your control. AvailabilityAvailability is probably one of the biggest considerations you need to make. Not all physical WAN implementations are available everywhere.
BandwidthBandwidth, in conjunction with cost, is the next most important consideration. Usually bandwidth and cost are directly proportionate: the higher the bandwidth, the more it is going to cost. Different technologies for faster speeds, such as ATM, have different hardware requirements as well. CostIn the end, it always comes down to cost, doesn't it? You want the biggest bang for the buck. Typically, it comes as a tried and true technology, such as Frame Relay, but as newer, faster WAN types emerge, the prices on all of them typically decrease. As important as price is, however, don't let it be the overriding factor. Cutting too many corners to lower the cost can have a far-reaching negative impact on the overall performance of the network and its capabilities. Ease of ManagementAs part of your "total cost of ownership," you need to consider how easy this WAN environment will be to manage. Will you or someone on your team need additional training? Will you have to deploy new hardware or software, and how expensive will it be to bring in a consultant if necessary? Application TrafficYour WAN connection requirement is also based, at least partially, on what you are going to use it for. Voice traffic, for example, requires a large amount of bandwidth that needs to be readily available at all times. Web browsing, on the other hand, requires less bandwidth and can usually be accommodated by a connection that isn't as reliable. QoS/ReliabilityThe type of traffic you are expecting also has an impact on the QoS and reliability of a connection. Again, voice traffic needs a very reliable connection with a high QoS, such as Frame Relay or ATM. You can support Web browsing with something less reliable, such as cable or DSL, with less guaranteed bandwidth allocated to a specific type of traffic. Access ControlThe last consideration, but certainly not the least, is access control. Restricting access to parts of the network or specific Web sites is the least of these controls. You also need to consider restricting types of traffic and the directions you allow traffic to flow. Examples include restricting Telnet but allowing Secure Shell (SSH).
Site RequirementsThe sites in your WAN and the connection requirements of each site will dictate the connection types you choose. Each site falls into one of three categories: central site, remote office/branch office (ROBO), or SOHO. Higher bandwidth requirements and different types of application traffic require a more robust, faster, and more reliable connection. Infrequent, less critical traffic can be accommodated by slower, less reliable connections.
Central SiteThe central site is, well, central to your network. You typically have the greatest need for bandwidth, reliability, and flexibility at this location. The central site needs to accept connections from asynchronous users, slow-speed packet-switched networks, and virtual private network (VPN) connections. Additionally, the central site needs to be able to service several connections at once. The central site should allow for the most concurrent connections possible while keeping cost to a minimum. Another requirement at the central site is controlling access to secure information. You can implement access control both to protect information and to guarantee the best QoS for the applications that need access to the connection.
Central site routers are typically one or more of the following:
These routers provide flexibility in design by allowing you to customize the interfaces available on the router. They also have the processing power to deal with multiple simultaneous connections and the expandability necessary for most planned growth. Branch OfficeThe branch office has far fewer considerations when it comes to deciding what hardware and connection types to use. Typically, a branch office needs a fast, reliable connection to the central site but isn't supporting incoming connections. The branch office supports fewer users as well. The branch office will usually take advantage of a leased line, ISDN, Frame Relay, or broadband service as its primary connection to the central site. The branch office should also have a backup connection that is less expensive but still fairly reliable. Don't spend too much time on the backup connection, however; a lot of money spent on a connection that doesn't get used often is a waste of money. It's not a good idea, unless absolutely necessary, to back up a 512Kbps Frame Relay connection with another 512Kbps Frame Relay connection. The money spent on the backup in this case would be overkill. Branch-office hardware doesn't need to be as fast or as robust as that for its central-site cousin. Typically, branch-office equipment is one of the following:
The routers at the branch office are usually modular, but several fixed-configuration 2500 series routers can do a fine job at the branch office. SOHOThe site with the lightest hardware and connection requirements is the SOHO. The SOHO is characterized by a small staff with very light data-transfer requirements. By supporting fewer people and leveraging local resources, the SOHO can get by with the lower-end equipment on the Cisco scale and use a less expensive WAN connection. It is not uncommon to see ISDN or DSL as the main connection with an asynchronous modem backup connection into the central site. Hardware at the SOHO is usually one of the following:
|