Hal Hagood

communication. In order to implement this network a design of the physical topology and infrastructure will be presented. operations and management of an enterprise network. Each environment is a unique combination of equipment from different vendors. it's a perfect fit for today's complex networks. Frame Relay. it uses a packet-switching technology. A discussion of the Cisco Three-Layer Hierarchical Model and appropriate device and infrastructure configuration activities. a 2811 router. services and external networks and the Internet. and a wireless LAN controller. EverGreen has purchased Cisco devices such as Cisco 2960 switches. reducing your internetworking costs. Router frame transmission in today's LANs and computing equipment have the potential to run at much higher speeds and transfer very large quantities of data. “Because Frame Relay has a low overhead. Finally device configuration troubleshooting activities and the role that these activities played in developing a physical design are discussed. With the diversity and complexity of today's networks.25. The company’s internet connectivity has been lacking with email transaction delays and download problems with various media on the internet. Network infrastructure provides the communication path and services between users. which is a relatively new wide area networking method. is gaining popularity. Like X. Also discussed is router frame transmission and flow of an infrastructure along with an appropriate network segmentation and switching strategy to support a secure infrastructure. it can make your networking quicker. management can be a mammoth task if you don't have the proper tools. In this particular instance the design is for EverGreen Financial. As a result. you get improved . and less costly.25. These need to be set up. processes. You get several clear benefits: First. EverGreen is a smaller company with approximately 20-30 employees specializing in financial products and services and needs a basic Cisco network built for the local office. By reducing the amount of processing required.PHYSICAL DESIGN 2 Analyzing the network and LAN infrastructure is an essential part of designing the correct topology. but it's more efficient than X. multiple logical connections can be sent over a single physical connection. along with a TFTP server. Network infrastructure refers to the hardware and software resources of an entire network that enable network connectivity. simpler. applications.

high-volume. Network segmentation is a critical part of an effective security strategy to reduce the risks and impact of attacks within a network. and client-server applications. your equipment usually requires only software changes or simple hardware modifications. and SNA. traditional methods like virtual LANs (VLANs). leading organizations to rethink their security strategy. Layer 2. or Layer 3 to segment the network. IPX. it can process traffic from different networking protocols like IP. 2014). switch access control lists (ACLs) and port and protocolbased firewalls do not provide the application visibility and user access controls to effectively secure a network segment. Network segmentation in network security and performance and security must also be addressed. Frame Relay also offers advantages for interconnecting WANs. Single. reducing costs” (cprtech. Network segmentation is a critical part of an effective security strategy to reduce the risks and impact of attacks to the network. 2014). and reduce the risks and compromise from security breaches. Security policies will take advantage of tightly integrated technologies and user ID’s. user and content for every network segment” (paloaltonetworks.PHYSICAL DESIGN 3 performance and response time. along with flexible deployment modes at Layer 1. “Networks have become more vulnerable because of fundamental shifts in the complexity and proliferation of personal and business applications. However. Networked systems need to be protected from vulnerabilities and exploits. Organizations require a network security platform capable of creating relevant security policies by application. Typically. Frame Relay is an ideal choice for connecting Wide Area Networks (WANs) that have unpredictable. . and the new threat landscape. Network segmentation helps organizations reduce their scope for compliance and reduce exposure to attack. setting up WANs required the use of private lines or circuit switching over a leased line. CAD/CAM. and bursty traffic. Because Frame Relay uses a simple link layer protocol. dedicated lines are not needed to make each WAN-to-WAN connection with Frame Relay. user access and behavior. so you don't have to invest a lot of money to upgrade your system. The solution to this are firewalls for designated security zones. these applications include data transfer. and to reduce the scope of compliance. Frame Relay is protocol independent. In the past.

) This layer typically involves routers and includes all of the router functions. implements network policies. the Cisco Three-Layer Hierarchical model does not describe how communications take place. as networks became more complex and applications such as Voice-Over-IP. Rather. networks have been flat for the most part that is. To prevent slowing down the switching process. and VLANs. firewall protection. (IP addressing is the process of assigning unique IP addresses to devices on the network. including Internet access. The Distribution layer separates the Access layer from the Core layer. where they attach to the network. The Access layer is sometimes called the desktop layer because it deals with connecting workstations to the network. Distribution. especially a relatively large network or one that is expected to grow. broadcast and multicast domains. The process provided for no structure or compartmentalization of functions. The primary device at . In the past. as the network grew. and Core. The Core layer is at the top of the model and is responsible for switching large amounts of data quickly and efficiently. The Access layer device could be a router if the network is very small. administrators would simply add devices such as routers and switches in a lateral and ad hoc fashion. As a result. The three layers of the model from bottom up are Access. and web applications demanded more bandwidth. Frames are delivered to the users at this layer. Unlike the OSI model and the TCP/IP model. this layer should not be burdened with security or traffic control measures or any unnecessary additional equipment. but it is typically a hub or layer 2 switch. It provides almost all of the connectivity tasks required by the users. Video-Over-IP. “Cisco’s Three-Layer Hierarchical model was the response to this need for better functionality through design.PHYSICAL DESIGN 4 Analyzing the LAN infrastructure or in this case the Cisco Three-Layer Hierarchical model as used in this illustration is essential. Each layer of the model is involved in specific functions and is typically defined by a particular type of device. and quality of service (QoS). and provides many networking services such as Network Address Translation (NAT). the limitations of this flat design became more obvious. These layers are explained in the following sections and illustrated The Access layer is the layer closest to the users. IP addressing hierarchy is managed at this layer through routing policies. it focuses on how best to design a network.

and the Internet” (CCNA. Prime Infrastructure also allows you to roll back to a previously saved configuration in the archive if a configuration deployment fails” (Cisco. (Cisco. 2014) . 2014).PHYSICAL DESIGN 5 this layer is a high-end layer 3 switch. 2014) Device configuration and the physical LAN infrastructure should also be addressed. This device is essentially the backbone of the network and typically connects the users to corporate resources. and allows you to compare current and previous configurations. gateways. “Cisco Prime Infrastructure archives device configurations and provides information such as the date of last configuration change. status of the configuration jobs. servers.

The following sections describe the basic use of these commands: •The show commands help monitor installation behavior and normal network behavior. You can use the show commands to perform a variety of functions: •Monitor router behavior during initial installation •Monitor normal network operation •Isolate problem interfaces. clients. nodes.PHYSICAL DESIGN 6 Finally device troubleshooting activities are addressed. media. as well as isolate problem areas. •The debug commands assist in the isolation of protocol and configuration problems. or applications •Determine when a network is congested •Determine the status of servers. and the boot images. the names and sources of configuration files. Using Router Diagnostic Commands Cisco routers provide numerous integrated commands to assist you in monitoring and troubleshooting your internetwork. Using show Commands The show commands are powerful monitoring and troubleshooting tools. the software version. •The trace commands provide a method of determining the route by which packets reach their destination from one device to another. there are a wide variety of tools available to assist you in troubleshooting your internetwork. or other neighbors The following are some of the most commonly used show commands: •show version—Displays the configuration of the system hardware. This includes information on using router diagnostic commands. . •The ping commands help determine connectivity between devices on your network.

This will be explained further in the "Using debug commands" section. depending on the network for which an interface has been configured. 2014) Like the debug commands. . •show stacks—Displays information about the stack utilization of processes and interrupt routines. •show memory summary—Displays memory pool statistics and summary information about the activities of the system memory allocator. •show flash—Displays the layout and contents of Flash memory. •show controllers—Displays statistics for interface card controllers. For details on using and interpreting the output of specific show commands. refer to the Cisco Internetwork Operating System (IOS) command references. •show interfaces—Displays statistics for all interfaces configured on the router or access server. You can always use the ? at command line for a list of subcommands. This is an extremely useful tool to determine the operational status of the physical and data link layer. •show process cpu—Displays information about the active processes on the router. as well as the reason for the last system reboot. •show debugging—Displays information about the type of debugging that is enabled for your router. some of the show commands listed previously are accessible only at the router's privileged exec mode (enable mode). Cisco Discovery Protocol (CDP) is a proprietary data link layer protocol. and gives a block-by-block listing of memory use. •show cdp neighbors—Provides a degree of reachability information of directly connected Cisco devices. •show startup-config—Displays the router configuration stored in nonvolatile RAM (NVRAM).PHYSICAL DESIGN 7 •show running-config—Displays the router configuration currently running. Hundreds of other show commands are available. •show buffers—Displays statistics for the buffer pools on the router. The resulting output varies. (Cisco.

PHYSICAL DESIGN Proposed Cisco Three-Layer Hierarchical Model for Evergreen Financial 8 .

net130. Retrieved April 16. 2014 from http://www. Retrieved April Retrieved April 16. 2014 from (201). 2014 from http://www.html Cisco.PHYSICAL DESIGN 9 References (2014) Retrieved April 16.html http://www. (2014).com/en/US/docs/internetworking/troubleshooting/guide/tr1902. (2014).0%20Study%20Guide.htm Paloalonetworks. 2014 from .com/c/en/us/td/docs/net_mgmt/prime/infrastructure/20/user/guide/prime_infra_ug/chgdevconfig.cpcstech.

com/content/dam/paloaltonetworks-com/en_US/assets/pdf/techbriefs/network-segmentation-solution-brief.PHYSICAL DESIGN https://www.pdf 10 .paloaltonetworks.