background image
20
Chapter 2: Cisco Remote Connection Products
·
Access control requirements
--In implementations for Remote Access, security is a
major consideration. Because the users are not "local" to the location, it is imperative that
you consider access control. This can be as simple as a local username/password database
or as complex as using an AAA server in a firewall environment. The core issue is
knowing the volume of security needed and the sensitivity of the data. For example, Joe
and Bob's Tire Shop might require a simple password scheme for security, where
Einstein's Genetic Research Corporation would want an environment that provides more
control.
Cisco has categorized the locations in which a dial-up situation might be needed. These
locations, central, branch, and remote/home office, are detailed in the following list:
·
Central office
--A central site should provide room for growth so that remote or branch
sites can be added without a wholesale change at the aggregation site or central office.
Considerations for a central site should include which bandwidths are required by each
remote or branch and the additional bandwidth needed for growth. The cost of WAN
services is also a central office concern because it supplies the bulk of the bandwidth
needed for the enterprise. In addition, security and access control are other concerns at the
central site.
·
Branch office
--A branch office is smaller than a central site and gives a presence to the
company in a specific region. The branch office considerations involve connecting to the
central site while knowing the value/cost ratio of the bandwidth. In addition, the availability
of the central site connection should be considered. Is backup needed? Does dial-on-
demand suffice for this connection? What kind of data will be transferred? Like the central
site, costs need to be controlled in the branch office site, but money is not the overriding
concern.
·
SOHOs and ROs
--CCDPs implementing SOHOs and ROs are generally more cost-
conscious because of the number of the offices in a given situation. The small SOHO or
RO must have the capability to connect using the WAN service selected and available, but
maintaining multiple unlike devices is not a good idea. For instance, it is best to use the
1600 family at all remotes sites, including the home sites, even if some sites don't need
that much power. The placement of unneeded power is balanced by the fact that the
engineer must maintain only a few configuration plans.
How to Best Use This Chapter
By taking the following steps, you can make better use of your study time:
·
Keep your notes and answers for all your work with this book in one place for easy
reference.