Designing Cisco Network Service Architectures (ARCH), Second Edition, covers how to perform the conceptual, intermediate, and detailed design of a network infrastructure. This design supports network solutions over intelligent network services to achieve effective performance, scalability, and availability of the network. This book enables readers, applying solid Cisco network solution models and best design practices, to provide viable and stable enterprise internetworking solutions. In addition, the book has been written to help candidates prepare for the Designing Cisco Network Service Architectures Exam (642-873 ARCH). This exam is one of the requirements for the CCDP certification. This exam tests a candidate’s knowledge of the latest development in network design and technologies, including network infrastructure, intelligent network services, and converged network solutions.

Since the first edition was published in 2004, the ARCH course has changed to reflect the new exam requirements. This led to the immediate need for an update to this examination preparation text. Readers of the previous edition of Designing Cisco Network Architectures (ARCH) can use this text to update their knowledge and skill sets.

Goals of This Book

Upon completing this book, you will be able to meet these objectives:

  • Introduce the Cisco Service-Oriented Network Architecture (SONA) framework, and explain how it addresses enterprise network needs for performance, scalability, and availability

  • Describe how the Cisco Enterprise Architectures are used in the SONA framework for designing enterprise networks

  • Create intermediate and detailed enterprise campus network, enterprise edge, and remote infrastructure designs that offer effective functionality, performance, scalability, and availability

  • Create conceptual, intermediate, and detailed intelligent network service designs for network management, high availability, security, quality of service (QoS), and IP multicast

  • Create conceptual, intermediate, and detailed virtual private network (VPN) designs

  • Create conceptual, intermediate, and detailed voice over wireless network designs

How This Book Is Organized

Of course, you can read the chapters in this book sequentially, but the organization also allows you to focus your reading on specific topics of interest. For example, if you want to focus on advanced routing design, you can skim Chapters 1 and 2 (which cover SONA and the elements of the enterprise campus network design), and then focus on the advanced IP addressing and routing topics in Chapter 3. Each chapter examines topics around a specific set of design issues. Specifically, the chapters in this book cover the following topics:

  • Chapter 1, “Cisco SONA and the Cisco Enterprise Architecture,” introduces the hierarchical model. It reviews Cisco SONA framework. This chapter also introduces the Cisco Enterprise Campus Architecture and reviews the Cisco PPDIOO network lifecycle approach.

  • Chapter 2, “Enterprise Campus Network Design,” reviews high-availability designs and how to implement optimal redundancy. An in-depth look at recommended practices for Layer 2 and Layer 3 design elements follows. A discussion of the Layer 2 to Layer 3 boundary designs and issues concludes with a number of considerations for supporting infrastructure services.

  • Chapter 3, “Developing an Optimum Design for Layer 3,” begins by reviewing the importance of IP address planning, and then covers advanced routing elements. Discussions focus on scalable EIGRP, OSPF, and BGP designs.

  • Chapter 4, “Advanced WAN Services Design Considerations,” covers advanced WAN service layers. This overview goes into more detail about the common WAN optical technologies of SONET, SDH, DWDM, and Resilient Packet Ring. A discussion about Metro Ethernet, VPLS, and MPLS VPN technologies follows (and includes an examination of a number of design considerations). The discussion then turns to implementing advanced WAN services.

  • Chapter 5, “Enterprise Data Center Design,” focuses on the enterprise data center, and covers the data center architecture model and design consideration in the data center core, aggregation, and access layers. The discussion then turns to scaling, with a look at how to scale a three-layer data center architecture.

  • Chapter 6, “SAN Design Considerations,” covers storage-area networks, from components and topologies to SAN technologies. SAN design factors center on port density and topology, with some discussion about extending the SAN with various protocols.

  • Chapter 7, “E-Commerce Module Design,” begins with an e-commerce overview and a look at the components of high availability in this module. The chapter covers common e-commerce design components, designing an integrated e-commerce architecture, and how to fine-tune e-commerce designs.

  • Chapter 8, “Security Services Design,” delves into designing firewall services in various scenarios. The chapter also covers network admission control services, with a review of Cisco NAC appliance fundamentals and NAS deployment options and designs. The discussion then turns to intrusion detection and prevention design.

  • Chapter 9, “IPsec and SSL VPN Design,” examines remote-access VPN design. Site-to-site VPN designs are covered, too. This chapter also covers IPsec VPN technologies, including Cisco Easy VPN, GRE over IPsec, and DMVPN. Recommendations for managing VPNs and considerations for scaling VPNs conclude the chapter.

  • Chapter 10, “IP Multicast Design,” covers IP multicast and multicast routing. Topics covered in this chapter include Protocol Independent Multicast (PIM), rendezvous points, and securing IP multicast.

  • Chapter 11, “VoWLAN Design,” introduces the Cisco Unified Wireless Network and examines requirements for voice over WLAN in the enterprise network. This chapter also discusses VoWLAN coverage considerations and the site survey process.

  • Chapter 12, “Network Management Capabilities with Cisco IOS Software,” examines Cisco network management capabilities embedded in Cisco IOS Software. This chapter also covers the syslog process, NetFlow, and NBAR, with a focus on the Cisco technologies themselves and how they enable other discovery tools, including Cisco AutoQoS. The chapter concludes with an overview of IP SLAs measurements.

ARCH Exam Topics v2.1 (Blueprint)

Exam Description

The Designing Cisco Network Service Architectures (ARCH) exam is the exam associated with the CCDP certification. This exam tests a candidate's knowledge of the latest development in network design and technologies, including network infrastructure, intelligent network services and converged network solutions. Candidates can prepare for this exam by taking the ARCH Designing Cisco Network Service Architectures course.

Exam Topics

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Design advanced enterprise campus networks

  • Design for High Availability in enterprise networks

  • Design Layer 2 and Layer 3 campus Infrastructures using best practices

  • Describe enterprise network virtualization considerations

  • Design for infrastructure services including voice, video, and QoS

  • Identify Network Management Capabilities in Cisco IOS Software

Design advanced IP addressing and routing solutions for enterprise networks

  • Create summarizable and structured addressing designs

  • Describe IPv6 for campus design considerations

  • Create stable and scalable routing designs for EIGRP for IPv4

  • Describe IPv4 multicast routing
  • Create IPv4 multicast services and security designs
  • Create stable and scalable routing designs for OSPF for IPv4
  • Create stable and scalable routing designs for BGP for IPv4

Design WAN services for enterprise networks

  • Describe Layer 1 - 3 WAN connectivity options including optical networking, MetroEthernet, VPLS, and MPLS VPNs

  • Describe IPsec VPN technology options

  • Evaluate WAN service provider design considerations including features, SLAs, and WAN backup

  • Create site-to-site VPNs designs with appropriate technologies, scaling, and topologies

Design an enterprise data center

  • Describe data center network infrastructure best practices
  • Describe the components and technologies of a SAN network
  • Describe integrated fabric designs using Nexus technology
  • Describe network and server virtualization technologies for the data center
  • Create an effective E-Commerce design
  • Design a high availability data center network that is modular and flexible

Design security services

  • Create firewall designs
  • Create NAC appliance designs
  • Create IPS/IDS designs
  • Create remote access VPN designs for the teleworker