Network Design Refresher

This very brief network design primer is primarily aimed at a security-savvy reader who hasn't had much exposure to network design. This section certainly does not replace the need to read a good book on network design, but it is necessary to define the terms used.

Core, Distribution, Access/Edge

Most of the network design seen today follows a model of core, distribution, and access. Figure 12-1 shows a basic model of this design when applied to a campus network. The access layer is where most end hosts connect to the network. Typically, it is the wiring closets in a building or on a floor. The access layer has historically been Layer 2 (L2), meaning no routing occurs on the first device to which a PC connects. Over time, more Layer 3 (L3) and higher decisions can be made at the access layer. For example, a VLAN access control list (VACL) can make decisions on frames at L3 even though no routing is configured on the device.

Figure 12-1. Core, Distribution, and Access Campus Design


When the term campus network or campus LAN is used in this book, it refers to the internal network for an organization contained within a single physical location. Although this certainly includes university networks, the term campus should not be interpreted to mean only networks at academic facilities.

If the network is fairly large, these access layer devices connect back to one or more distribution layers. These distribution layers are typically the first point of L3 access for user PCs. In modern network design, these devices are L3 switches; in the past, they were routers. A large network can have several sets of distribution layer switches. These devices might aggregate server farm traffic, user traffic, and edge traffic, such as WAN and Internet connections.

For these devices to communicate with one another, they transit the core layer, which consists of a very high speed L2 or, more commonly, L3 infrastructure.

Figure 12-1 simplifies a large enterprise campus design so you can see the representative elements. Notably absent is any form of high availability (HA). Typically, if you are deploying a network of this size, you want HA in key areas. Depending on what is deemed essential, this can include redundancy at any of the layers, though most common is distribution and core HA. Figure 12-2 shows a redundant design with just Site A's path to the core shown.

Figure 12-2. HA Campus Design (Site A Detail)

You can apply the ideas of core, distribution, and access to WANs or VPNs. Figure 12-3 shows a large-scale global WAN.

Figure 12-3. Global WAN

In this case, the core routers have some redundancy to each other and to their distribution layer peers. Redundancy could be added from the access layer devices to the distribution layer by adding more routers or even multiple access layer routers for device redundancy in each location.

From the WAN's perspective, each site is at the access layer. From each site's perspective, which might each have a design similar to Figure 12-1, the WAN is at the access layer.

Core, distribution, and access models really become beneficial when used in large networks. If you look at the previous few figures and think, "My network doesn't look anything like this," don't worry. Lots of networks collapse two or more layers because they have no need to keep them separate. What drives the core, distribution, and access model of network design is primarily scalability. This design scales up to the largest networks in the world. It also scales to the smallest by integrating the layers into a smaller number of devices. In addition, in some cases you can use the three-layer core, distribution, and access design for some parts of your network (for your users, for example), but components such as your server farms connect directly to the distribution layer as opposed to going through an access layer. In fact, this is the case in Figure 12-1. Because the number of server farms is small, there is no need to build a separate access layer.

In smaller networks, the most common integration point is the distribution and core layers. Figure 12-4 shows a midsize network design with a single L3 switch acting as the distribution and core layer for the campus design. These designs are called collapsed designs because you are collapsing the functionality of more than one layer.

Figure 12-4. Collapsed Campus Design

In Figure 12-4, you can see there is still a distinct access layer for user connections and edge connectivity, but in the case of the data center devices, the core switch is acting as an access layer for them as well. This design is very common in midsize networks.

In even smaller networks (Figure 12-5), all three layers can be collapsed into a single device (sometimes even an L2 switch rather than an L3). Here, only the edge connectivity is separated as an additional layer.

Figure 12-5. Small Campus Design



In any of these designs, determining where the management traffic will come from is a key aspect of the design. The decisions made around management impact how tight your hardening can be on each device. For example, if your management devices are placed haphazardly throughout the network, you must allow your entire IP range to manage a device because you won't be sure where the management devices will come from. If instead you are able to define a dedicated management subnet at the distribution layer, the production devices can be better hardened to allow only management traffic from that subnet. Figure 12-6 shows the basic elements of this design overlaid on the design from Figure 12-1. Chapter 16, "Secure Network Management and Network Security Management," goes into detail on management design and considerations.

Figure 12-6. Dedicated Management Subnet

Part I. Network Security Foundations

Network Security Axioms

Security Policy and Operations Life Cycle

Secure Networking Threats

Network Security Technologies

Part II. Designing Secure Networks

Device Hardening

General Design Considerations

Network Security Platform Options and Best Deployment Practices

Common Application Design Considerations

Identity Design Considerations

IPsec VPN Design Considerations

Supporting-Technology Design Considerations

Designing Your Security System

Part III. Secure Network Designs

Edge Security Design

Campus Security Design

Teleworker Security Design

Part IV. Network Management, Case Studies, and Conclusions

Secure Network Management and Network Security Management

Case Studies



Appendix A. Glossary of Terms

Appendix B. Answers to Applied Knowledge Questions

Appendix C. Sample Security Policies

INFOSEC Acceptable Use Policy

Password Policy

Guidelines on Antivirus Process


Network Security Architectures
Network Security Architectures
ISBN: 158705115X
EAN: 2147483647
Year: 2006
Pages: 249
Authors: Sean Convery © 2008-2020.
If you may any questions please contact us: