office to office connection

[Mogles49]

Hi everyone,

I was hoping i could ask your expertise for a paper i have to write. I am new to Cisco currently beginning to work on the basics. Here are the questions and relates to office to office connection scenarios:

* if price is no option how would you connect two remove offices? (distance would be city to city)
* if reliability is the key factor what solution would you select?
* if speed is a requirement what solution would be more appropriate?
* if security is the top priority, what solution would apply?

i.e. if security is required, pix to pix vpn tunnel.
if reliability is required, dual cisco router with fail over.
(I am making things up as i don't know)

Thanks in advance if you can provide some information. This would help me tremendously with the initial paper setup.

 

[unclerico]

* if price is no option how would you connect two remove offices? (distance would be city to city)

if the two offices were in the same metro area i would choose MetroE or get permission like a lot of hospitals to bury my own fiber or use existing raceways/conduit that are already built underground

* if reliability is the key factor what solution would you select?

most metro networks are built on a dual redundant SONET ring which gives incredible reliability. depending on where you are located and how many carriers service your area you may need to go with microwave as a secondary or tertiary option. at&t, level 3, comcast, etc. may all be able to sell you services, but they may all be using sprint as the LEC and they all may go into the same CO so you won't get the true diversity that you need. if you are connecting offices that are many state's or counties away from one another the chances of getting truly diverse circuits is almost nil. as for CPE I would go with dual routers or l3 switches that have the available throughput necessary to forward your traffic at the speeds you need.

* if speed is a requirement what solution would be more appropriate?

it all depends. if all you are doing is sharing files and e-mailing back and forth a 20meg circuit may be enough. if you are doing medical imaging or autocad work across the WAN/MAN then you may be thinking 100meg and upwards of 1 or 10gig.

* if security is the top priority, what solution would apply

IPSec of course, whether it is site-to-site between two routers/firewalls, using IPv6 on the LANs, or even GETVPN over an MPLS connection

 

[imbadatthis]

* if price is no option how would you connect two remove offices? (distance would be city to city)

if the two offices were in the same metro area i would choose MetroE or get permission like a lot of hospitals to bury my own fiber or use existing raceways/conduit that are already built underground

how about MPLS network instead ?? its probably alot cheaper than running your own Fiber...
our MPLS network was 15K to put in , vs 1.2million we are spending to connect two locations using fiber...


as for reliability, MPLS can have CI (two SEDs with fiber coming from two different COs) which should give you four 9 reliablity ... you can get five 9s if you pay a bit more..

most MPLS networks can go around 800MB/s or more...

IPSEC like unclerico suggested, IKE : [DH group 5, aes 256, and RSA-SIG authentication] with PFS enabled for IPSEC side should do it..

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.