Table Of ContentDesigningtheTotalAreaNetwork:Intranets,VPNsandEnterpriseNetworks
Explained.MarkNorrisandStevePretty
Copyright©2000JohnWiley&SonsLtd
PrintISBN0-471-85195-7OnlineISBN0-470-84149-4
DESIGNING THE TOTAL
AREA NETWORK
DesigningtheTotalAreaNetwork:Intranets,VPNsandEnterpriseNetworks
Explained.MarkNorrisandStevePretty
Copyright©2000JohnWiley&SonsLtd
PrintISBN0-471-85195-7OnlineISBN0-470-84149-4
About the Wiley — BT Series
ThetitlesintheWiley-BTSeriesaredesignedtoprovideclear,
practicalanalysisofvoice,imageanddatatransmissiontechnologies
andsystems,fortelecommunicationsengineersworkinginthe
industry.NewandforthcomingworksintheseriesalsocovertheInternet
softwaresystems,solutions,engineeringanddesign.
OthertitlesintheWiley-BTSeries:
SoftwareEngineeringExplained
MarkNorris,PeterRigbyandMalcolmPayne,1992,220pp,ISBN0-471-92950-6
TeleworkingExplained
MikeGray,NoelHodsonandGilGordon,1993,310pp,ISBN0-471-93975-7
TheHealthySoftwareProject
MarkNorris,PeterRigbyandMalcolmPayne,1993,198pp,0-471-94042-9
HighCapacityOpticalTransmissionExplained
DaveSpiritandMikeO’Mahony,1995,268pp,0-471-95117-X
ExploitingtheInternet
AndyFrostandMarkNorris,1997,262pp,0-471-97113-8
MediaEngineering
SteveWestandMarkNorris,1997,250pp,0-471-97287-8
ISDNExplained,ThirdEdition
JohnGriffiths,1992,306pp,0-471-93480-1
TotalAreaNetworking,SecondEdition
JohnAtkinsandMarkNorris,1999,326pp,ISBN0-471-98464-7
DesigningtheTotalAreaNetwork
MarkNorrisandStevePretty,2000,352pp,ISBN0-471-85195-7
DesigningtheTotalAreaNetwork:Intranets,VPNsandEnterpriseNetworks
Explained.MarkNorrisandStevePretty
Copyright©2000JohnWiley&SonsLtd
PrintISBN0-471-85195-7OnlineISBN0-470-84149-4
DESIGNING THE
TOTAL AREA
NETWORK
INTRANETS, VPN’S AND ENTERPRISE
NETWORKS EXPLAINED
MarkNorris
NorwestCommunications,UK
StevePretty
BT,UK
JOHNWILEY&SONS,LTD
Chichester•NewYork•Weinheim•Brisbane•Singapore•Toronto
DesigningtheTotalAreaNetwork:Intranets,VPNsandEnterpriseNetworks
Explained.MarkNorrisandStevePretty
Copyright©2000JohnWiley&SonsLtd
PrintISBN0-471-85195-7OnlineISBN0-470-84149-4
Copyright©2000byJohnWiley&SonsLtd,
BaffinsLane,Chichester,
WestSussexPO191UD,England
National0124377977
International(+44)1234779777
e-mail(forordersandcustomerserviceenquiries):[email protected]
VisitourHomePageonhttp://www.wiley.co.ukorhttp://www.wiley.com
AllRightsReserved.Nopartofthispublicationmaybereproduced,storedinaretrievalsystem,or
transmitted,inanyformorbyanymeans,electronic,mechanical,photocopying,recording,scanningor
otherwise,exceptunderthetermsoftheCopyrightDesignsandPatentsAct1988orunderthetermsofa
licenceissuedbytheCopyrightLicensingAgency,90TottenhamCourtRoad,London,UKW1P9HE,UK,
withoutthepermissioninwritingofthePublisher,withtheexceptionofanymaterialsuppliedspecifically
forthepurposeofbeingenteredandexecutedonacomputersystem,forexclusiveusebythepurchaserof
thepublication.
NeithertheauthorsnorJohnWiley&SonsLtdacceptanyresponsibilityorliabilityforlossordamage
occasionedtoanypersonorpropertythroughusingthematerial,instructions,methodsorideascontained
herein,oractingorrefrainingfromactingasaresultofsuchuse.TheauthorsandPublisherexpresslydisclaim
allimpliedwarranties,includingmerchantabilityoffitnessforanyparticularpurpose.
Designationsusedbycompaniestodistinguishtheirproductsareoftenclaimedastrademarks.Readers,
however,shouldcontacttheappropriatecompaniesformorecompleteinformationregardingtrademarks
andregistration.
OtherWileyEditorialOffices
JohnWiley&Sons,Inc.,605ThirdAvenue,
NewYork,NY10158-0012,USA
WILEY-VCHVerlagGmbH
Pappelallee3,D-69469Weinheim,Germany
JacarandaWileyLtd,33ParkRoad,Milton,
Queensland4064,Australia
JohnWiley&Sons(Asia)PteLtd,2ClementiLoop(cid:1)02-01,
JinXingDistripark,Singapore129809
JohnWiley&Sons(Canada)Ltd,22WorcesterRoad
Rexdale,Ontario,M9W1L1,Canada
LibraryofCongressCataloging-in-PublicationData
Norris,Mark.
Designingthetotalareanetwork:intranets,VPN’s,and
enterprisenetworksexplained/MarkNorris,StevePretty.
p. cm. —(Wiley-BTseries)
Includesbibliographicalreferencesandindex.
ISBN0-471-85195-7(alk.paper)
1.Wideareanetworks(Computernetworks 2.Extranets(Computer
networks) 3.Businessenterprises—Computernetworks. I.Pretty,
Steve. II.Title. III.Series.
TK5105.87.N671999
004.67—dc21 99-37649
CIP
BritishLibraryCataloguinginPublicationData
AcataloguerecordforthisbookisavailablefromtheBritishLibrary
ISBN0-471-85195-7
Typesetin10/12ptPalatinobyVisionTypesetting,Manchester
PrintedandboundinGreatBritainbyAntonyRoweLtd,Chippenham,Wiltshire
Thisbookisprintedonacid-freepaperresponsiblymanufacturedfromsustainableforestry,inwhichatleast
twotreesareplantedforeachoneusedforpaperproduction.
DesigningtheTotalAreaNetwork:Intranets,VPNsandEnterpriseNetworks
Explained.MarkNorrisandStevePretty
Copyright©2000JohnWiley&SonsLtd
PrintISBN0-471-85195-7OnlineISBN0-470-84149-4
Contents
Preface ix
AbouttheAuthors xi
Acknowledgements xii
AUser’sGuidetothisBook xiii
1 TheEnterprise 1
1.1 TheCrew 3
1.2 TheMission 5
1.3 WhatisaNetwork? 9
1.4 TheDesigner’sJob 20
1.5 AboutthisBook 21
1.6 Summary 23
References 24
2 TheBasicsofNetworkDesign 25
2.1 ASystematicApproach 26
2.2 FiveStageNetworkDesign 27
2.3 ProofofthePudding 43
2.4 TheDirtyDozen 44
2.5 Summary 49
References 50
Bibliography 50
3 IntroducingtheEnterpriseNetworkLifecycleand
DesignProcess 51
3.1 TheEnterpriseNetworkLifecycle 52
3.2 DesignMethodology—DivideandConquer 53
3.3 TheDesignerandtheEnterpriseNetworkProcurement
Process 58
3.4 Checklist:TheEnterpriseNetworkBusinessCase 66
3.5 SummaryandKeyIssues 68
References 69
4 RequirementsGatheringandAnalysis 71
4.1 StrategicRequirements 72
4.2 TacticalandFactualRequirements 77
vi CONTENTS
4.3 MethodsforRequirementsAnalysis 78
4.4 RequirementsAnalysis 80
4.5 Checklist:WhatGoesintheStatementofRequirements 85
4.6 Summary 89
References 89
5 Architecturaland PhysicalDesign 91
5.1 IntroductionAndOverviewOfEnterpriseNetwork
Architecture 92
5.2 LANDesignforSmallSites 95
5.3 Large-ScaleLANDesigns 106
5.4 WANArchitecturalDesign 110
5.5 WANPhysicalDesign 122
5.6 ResilientWANDesign 124
5.7 LegacySupport 127
5.8 GatewayDeviceSelectionandDesign 128
5.9 Inter-OrganisationCommunications 130
5.10 Checklist:An‘AtoZ’ofTop-LevelDesignAspects 135
5.11 SummaryandKeyIssues 137
Bibliography 139
6 LogicalDesign 141
6.1 NamingandAddressingSchemes 141
6.2 NetworkAddressTranslation 149
6.3 Naming 151
6.4 Routing 153
6.5 ProtocolSupport 161
6.6 NetworkSecurity 162
6.7 SomeNotesonLegacySupport 175
6.8 DesignDocumentationChecklist 179
6.9 SummaryandKeyIssues 181
References 183
Bibliography 183
7 OperatingtheNetwork—NetworkManagement
Design 185
7.1 WhatGoesWrong? 187
7.2 ABasicManagementPlatform 188
7.3 AMoreComplexManagementPlatform 191
7.4 DistributedManagement 193
7.5 IssuesinNetworkManagement 193
7.6 NetworkManagementSecurity 197
7.7 SummaryandKeyIssues 198
Bibliography 199
8 PlanningfortheFuture 201
8.1 ChangeManagement 201
8.2 DesignReviewandCapacityPlanning 203
8.3 Askingthe‘WhatIf?’Question 205
CONTENTS vii
8.4 FutureTechnicalStrategy 207
8.5 DesigningforMigration 208
8.6 MakingtheMostofWhatYouHave 211
8.7 Checklist:HandlingNetworkChangeRequests 212
8.8 SummaryandKeyIssues 212
Bibliography 213
9 Verification,Validation,TestingandOperation 215
9.1 Verification 216
9.2 Validation 227
9.3 TestingandDemonstrations 229
9.4 KeyIssuesinVV&T 230
9.5 ProblemResolution 232
9.6 Checklist:GatheringEvidence 238
9.7 SummaryandKeyIssues 239
Bibliography 240
10 ACaseStudy—DataBank 241
10.1 IntroducingDataBank 241
10.2 TheNetworkToday 242
10.3 TheDream 248
10.4 DataBank—TheProposedFutureNetwork 250
10.5 InternationalDealingNetwork 251
10.6 TheDataBankBranchNetwork 260
10.7 InternetBanking 277
10.8 VoiceoverIPTrial 279
10.9 SummaryandKeyIssues 282
11 ToBoldlyGo... 285
11.1 Superconnectivity 286
11.2 SafeBetsfortheFuture 289
11.3 AChangingWorld 292
11.4 SoWhat? 298
Bibliography 299
AppendixA QualityApproachtoNetworkDesign 301
A.1 CustomerRequirements 302
A.2 ContractReview 303
A.3 DesignInput 304
A.4 DesignProcess 304
A.5 DesignOutput 305
A.6 DesignReview 305
A.7 DesignVerification 306
A.8 DesignValidation 306
A.9 NonConformance 306
A.10 DesignChangeControl 307
A.11 ManagementResponsibilitiesTowardthe
DesignProcedure 307
viii CONTENTS
A.12 Checklist:ADesignPlan 308
A.13 Guidelines 308
A.14 SummaryandKeyIssues 310
Bibliography 311
Glossary 313
Index 333
DesigningtheTotalAreaNetwork:Intranets,VPNsandEnterpriseNetworks
Explained.MarkNorrisandStevePretty
Copyright©2000JohnWiley&SonsLtd
PrintISBN0-471-85195-7OnlineISBN0-470-84149-4
Preface
Theneedtocommunicatehasneverbeengreater.Manycompaniesnow
rely on their internal networks for the fast and effective communication
essentialtotheiroperation;andwithaneverwideningdistributionofboth
information and business interests, the demands on these enterprise
networks have risen. There is, for instance, an increasing demand to
connectinternalnetworkstothoseofexternalcustomersandsuppliers—so
called extranets or Community of Interest Networks (COINs). For these
reasons,itisnowwidelyacknowledgedthatthequalityofan enterprise
network—thecommunications infrastructure that supports an organisa-
tion—isakeycompetitivedifferentiator.Buthowdoyouensurethatyou
canbuy,buildorhaveaccesstotherightenterprisenetwork?
This is the question answered in this book. Effective and practical
designtechniquesforenterprisenetworksareexplainedindetailandare
illustrated with real examples. In addition to detailing what should be
done,thetextalsocoverswhatshouldnotbedone.Theperilsandpitfalls
that pervade the high-tech, fast-moving world of communications are
highlighted. Using the accumulated experience of many people, many
projectsandmanynetworks,anextensivesetofchecks,balances,guidelines
andrecommendationsaregiven.Becausethebookisintendedforpeople
intheworkplacewhoneed help and adviceimplementingan enterprise
networkitisdeliberatelybiasedtothe(and,indeedneedstobe)pragmatic
andnottheacademic.Hence,itbuildsonabodyofestablishedknowledge
of network technology—in particular, Total Area Networking already
publishedintheWiley/BTseries.
Thisbookhastwouniquefeatures:
• Itdealswiththerealissuesanddelvesbeneaththeidealisedfacadeofa
complexsubject,intothe‘bloodandguts’issues;
• itfocusesontheactivityofdesign—theessentialskillofplanningand
assemblingnetworktechnologytoachievethedesiredresult.
Carehas beentakentoabstractfromeverydaytechnicalcomplexityand
makethekeydesignissuesclearandaccessible.Sothefocusisonpractical
applicationratherthananyparticulartechnologyindetail.Thatsaid,we
x PREFACE
havetakencaretoincludereal-worldcomponentsinthecasestudieswe
present.Thebookisintendedforawiderangeofreadersasinthefollowing:
• An essential reference for the designers of enterprise networks. They
willbenefitfromtheconcisepresentationofkeyissuesandthedistilled
wisdomcontainedinthechecklistsandguidelines.
• Recommendedreadingforthoseengagedinthepurchase,management,
planningandimplementationofenterprisenetworks.Thisbookprovides
thebroadtechnicalunderstandingrequiredto askthe rightquestions,
set viable plans and avoid expensive investment and deployment
mistakes.
• Avaluableprofessionalupdatingguideforthosewhoneedtoappreciate
thepracticalsubtletiesofacomplexsubject.
• Ausefultextforintroducingthepracticalapplicationofcoreknowledge
forfinalyearandpostgraduatestudentsincomputerscience,electrical
engineeringandtelecommunicationscourses.
The information age is no abstract concept—it is alive and evident in
muchofthelatestnetworktechnology.Thosewhohavetheknow-howto
harness this technologywill be able to workfaster andmore effectively.
Those whodo not adapt will cease to competesooner, rather thanlater.
Understanding the technologies central to the information age and how
youusethemtosupportyourneedsis,therefore,vital.Itisimportantnot
onlytoknowwhatispossible,butalsowhatisnot.Whatworksandwhat
does not. And, most important of all, how you maximise your own
chancesofsuccess.
MarkNorris
and
StevePretty
Description:Tackles the many issues surrounding one of the most important assets in any company: its network. Modern networks need to be fast and effective to meet the ever-increasing need to for more information and faster communication. This text offers a clear and concise presentation of the key issues for t
