Specifications
©
2002, David K. Z. Harris
38
Pg. 38
© 2002
David K. Z. Harris
Advanced Architectures (#7)
Ø Security for large networks
² Distributed Terminal Servers
² Use encrypted IP tunnel
² Management Net is more secure
H
1 2 3 4
H H H
LAN
serial
MGMT
TS
B
logging
R
2
IP
tunnel
to
MGMT
H
1 2 3 4
H H H
LAN
serial
session
MGMT
TS
A
CS
1
NMS
logging
R
1
CC
In an environment where network connection paths are limited, you may want
to consider adding an encrypted tunnel from one of your management
networks to another.
This may cost you some more memory for the routers, and it may drive you to
increase the bandwidth if you are communicating over a WAN link.
It may even push you into a larger router with more capacity (or a hardware
compression solution).
When considering this plan, try to think into the future. If you are ordering
more RAM, more bandwidth, or a more powerful router, will it be capable of
the growing needs of your network.
Changes and upgrades often mean downtime, and you may as well try to do
one change instead of many.