Category: 6 - Networks Subcategory: 1 - Enterprise Networks
Old Category: Enterprise Network – Physical Network – Switches and Routers
|Industry Usage||SC Usage|
Bandwidth; redundancy; reliability.
Usage and Dependencies
Industry Position: Industry leader Cisco finally launched a virtual private network (VPN) product based on its 10-month-old acquisition of Compatible Systems. The VPN 5000 family is aimed at carriers that want to offer managed Internet VPN services, which explains several of the 5000 family's features that are not normally found in enterprise-oriented VPN platforms. For starters, the 5000 family offers very high performance: the top end of the line supports 40,000 tunnels, throughput of 760 Mbps with triple-DES encryption and interface speeds up to OC-12. The platforms are designed to directly connect to a frame relay switch, 10/100 Ethernet equipped IP router or packet-over-SONET add/drop multiplexer.
Cisco has also added support for Interior Gateway Protocol (IGP) routing and so-called "Customer Virtual Contexts." These let a provider maintain logically separate sets of private IP addresses, RADIUS authentication and accounting services and access control filters for up to 256 different customers. Thus, for example, multiple customers could use a provider's managed Internet VPN services and still preserve their own private IP addressing schemes, even though some of their private IP addresses might overlap.
The 5000 family's "tunnel mapping" feature provides a gateway function between different virtualization schemes at both Layer 3 and Layer 2: IPsec, L2TP, GRE, PPP and frame relay PVCs. Among other benefits, this enables service interworking of frame relay wide area networks (WANs) and Internet VPNs. For example, providers can offer interesting combinations of services, such as Internet access, VPN connectivity to a hosted application and frame-relay based private network connectivity over a single physical connection, to each customer location. -- Cisco Debuts New 'Carrier-Class' VPN Products, Jim Slaby, Giga, Nov. 7, 2000.
SC Usage: SC uses the following products in its network infrastructure (1997 data):
There are three Virtual Local Area Networks (VLANs) in SC, one for Production, one for AIM, and one for SE. The DEV domain resides on the Production domain, but no NT trust relationship exists between the domains. It has been suggested that the DEV domain be placed on a VLAN as well, and this probably should be accomplished. Some NAT (Network Address Translation) configurations have been accomplished to access HTTP (port 80) from the AIM VLAN to the Production VLAN for the purpose of previewing updates and for training prior to rollout of IMSC applications.
SC is connected to the Internet through the Energy Sciences Network (ESnet). This is a nationwide computer data communications network that supports DOE scientific research. The National Energy Research Supercomputer Center at Lawrence Livermore maintains and operates the ESnet. Its backbone consists of leased T1 and T3 lines connecting approximately 30 major sites. Forrestal and Germantown personnel connect to the ESnet through the DOE network backbone.
SC Application Impacts: Indirect. SE has proposed a new network architecture to support NAS (Network Addressed Storage) which is needed to handle the increased quantity of data. Details are included in the Network Upgrade project plan.
|Last Update:||Valid Until:|
The published SC baseline can be found at P:\CONTDATA\BASELINE\basedata\baseline.pdf
List all Categories
Administer the Database