Distributed enterprise network

Building

Energy

Industry

Entertainment

Human Services

Agriculture

Banking

Insurance

Transport

Intensive development of branch networks and shifting of business activity to subsidiaries create both new tasks and new opportunities for IT-departments.

Stuff productivity in remote chapters directly depends on opportunity to have access to necessary application at all times and experience in using those applications. Branch employees have to use the same set of services that is being used in headquarter. Under these conditions reliable network infrastructure is a must for a company. Well equipped subsidiary network contributes to a successful business development. Network infrastructure is a key component for business-applications work in a distributed environment. Routers with service integration allow providing necessary set of functions in a single tight platform in affiliated branches excluding necessity to use several separate devices.

Most server modules, for example voice mail modules, intrusion detection modules, traffic cache modules etc, have their own hardware-based resources, which eliminate influence of the services on router productivity and are managed with the single administration interface at the same time. Services integration noticeably widens routers application area; reduce network complicacy and its total cost of ownership.

As a result nowadays subsidiaries have a task to implement new technologies and applications that allow working together with the lowest possible solution cost. Generally following functions are needed regardless of whether they are integrated or implemented as independent products:

Routing,
Safe data transmitting through communications channels- traffic encryption using VPN tunnels,
Protection services from unauthorized access- firewalls, devices for intrusion detection and prevention, tools for defense from spoofing attacks, Denial-of-Service attacks, network address translation, antivirus software etc,
Applications for collateral work- IP-telephony, videoconferencing, etc,
Methods of optimization of bandwidth usage- support of the service quality for different types of traffic, tools for bandwidth optimization for communication channels between subsidiaries,
Mobility- Wi-Fi zones establishing.

Generally subsidiaries implement many functions, for example firewalls, intrusion detection and prevention, telephone service, network administration, with the help of specially designated equipment. One branch may use tens of different devices. Usually budget for subsidiary equipment is limited and only equipment needed for connecting with headquarter is been purchased at the beginning. Later special devices are being added either as a result of additional financing or as a response for some kind of action. For example Denial-of-Service attacks can result into buying Firewall and devices for intrusion prevention or spread of virus computer programs may result in installing antivirus software. Such development model assumes minimal seed money. Its main disadvantages are lack of scalability and possible compatibilities between equipment from different vendors.

Other approach lies in using equipment specially designated for integration of different services and applications, that are able to evolve as new ones appears. Main distinct feature of such platforms is architecture optimized for simultaneous performance of closely integrated functions with high productivity. Insignificant lag in productivity and sometimes in functionality, compare to the dedicated devices, is acceptable most of the times, because actual advantages are noticeably higher that disadvantages. Difference in productivity almost vanishes as devices with integrated services are supplied with built-in processors and hard drives for applications productivity increasing. Later, as different services are a part of the same devise, training, supporting and maintaining expenses fall.

We use this exact approach in our work and offer our customers to install Cisco Integrated Services Routers (ISR) in their affiliated branches. Family of IRS routers allows choosing optimal solution for networks of any sizes, considering essential functions, ports density, development prospects, cost and productivity.

Family of Cisco 800 and 1800 routers is designated to be used by small and home offices. Cisco 1841, 2800 and 3800 modular routers support more than 100 interface modules, which allow connecting communication channel using almost any transmitting environment and protocol. If there is a necessity to change an interface customer can change module on its own. Different services can be implemented with the help of Cisco ISO software or by adding hardware accelerators.

Routing

Integrated Services Routers support the fullest set of routing protocols in the industry, including Enhanced Interior Gateway Routing Protocol, Open Shortest Path First, Routing Information Protocol, Border Gateway Protocol, Optimized Edge Routing. IPv4 и IPv6 protocols are also supported.

Virtual Private Networks (VPN)

ISR help to create VPN tunnels between local branch networks as well as for connecting remote users. VPN tunnels between subsidiaries can be IPSec VPN or MPLS VPN. VPN tunnels for connecting remote users can use IPSec or SSL standard. For hardware implementation of encryption new Advanced Integration Module (AIM) is designated, that supports SSL and IPSec tunnels.

Security

Integrated Services Routers, which often are boundary devices in networks, allow using security functions on different levels.

- Firewall (Cisco IOS Firewall) - is a certified firewall with connections control, that protect network from attacks and unauthorized access and allow monitoring network traffic.

- Intrusion-prevention Systems (IPS). Dynamic inspection of network traffic with the purpose of intrusion detection and prevention may be implemented with the help of special module or Cisco IOS software. In addition to the existed signature database, own signatures can be created. IDS module store signature database locally and record all the events into the journal. It can send alerts, discard packet and break connections.

- Users’ identification. Routers support flexible mechanisms of users’ authentication and authorization, it also monitors users traffic.

IP-telephony

With the help of Integrated Services Routers all-sufficient corporate IP-telephony system can be built, including contact center, PSTN gateways, voice mail, automated attendant services, and videoconferencing. Routers’ architecture allows installing modules, which realize voice functions, on mother board, without using outer boards that can be used for interface modules.

IP-telephony solutions for ISR include Cisco CallManager Express, which is a part of Cisco IOS software, Cisco Unity Express and Survivable Remote Site Telephony (SRST) function, which allows router switch local calls and exit into PSTN, in case of connection with CallMAnager server, which is installed in the headquarter, absence. Routers support standard Media Gateway Control Protocol (MGCP), Session Initiation Protocol (SIP) and H.323 protocols and also analogous and digital modules for connection with traditional telephone devices (fax machines, CATS, analogue phones).

Bandwidth Optimization

Specially designated modules for bandwidth optimization allow improving applications productivity, which works through connection channels, reducing the gap between speed access in local and distributed networks.

Specialists of our company have all the necessary resources, solutions and qualification for professional and effective implementation of various difficulty level projects for companies of all sizes.

For any additional information please call +380 (44) 323-23-23, or write e-mails.

Developed by Wizardry