Manualshelf

Design Guide

ManualsBrandsCisco ManualsSwitchesCisco Catalyst 3750-48PS Switch
12345678910
5
LAN Baseline Architecture Overview—Branch Office Network
OL-11333-01
Multilayered Branch Architecture
Figure 2 Services at Various Layers of a Branch Architecture
Edge layer services include WAN, firewall, intrusion detection and prevention, and voice. Edge layer
services and details about the edge design are not covered in this document, but are available at the
following URL:
http://wwwin.cisco.com/ios/systems/ese/. Only the integration of the edge with the
LAN is covered in this document.
Distribution layer services include DHCP, routing, and if required, PBR, while migrating to advanced
services such as segmentation or guest access. The distribution layer can be used to add additional
services if required. Examples of these services include LAN Controller and wireless domain services
(WDS) for WLANs, and appliance-based firewalls or IDS/IPS.
The access layer provides wired and wireless connectivity to end users. The access layer mainly provides
Layer 2 security, authentication, and wireless services. Details of the access and distribution services are
provided in the following sections. The design options are described in the Branch LAN Design Guide.
Access Layer
The user connects to the network via the access layer using either a wired or wireless connection. The
access layer can also provide the following value-added services:
Voice and data VLANs to segregate voice and data traffic
Layer 2 security to protect against malicious attacks
Quality of service (QoS) to prioritize traffic and also to protect against denial of service attacks and
worm mitigation
Authentication services such as dot1X and IBNS
Guest services or guest VLANs at the access layer
ISR at the edge
Services
Services
Services
Access
Distribution
29xx or 35xx
Access Switches
Edge
WAN
AP
180054
Access Point Access Point