Cisco Validated Design Program

The Cisco Validated Design (CVD) program is another resource unique to Cisco that can assist you and your organization with faster, more reliable, and more predictable deployment of systems and solutions, and you’ll have confidence that it will be done securely and accurately the first time. These designs incorporate a wide range of technologies and product solutions. CVDs are organized by solution area; in other words, you can research based on your needs: architecture (that is, borderless networks, data centers, and collaboration), technology (that is, security, mobility, and unified communications) or industry (that is, education, government, and healthcare).

This chapter provides a basic overview of just a few of the design guides, along with links to the website where you can download these resources, or you can do more research based on your needs.

Branch/WAN Design Zone Guides

Overview: These guides assist the network designer, or network engineer, in deploying high-value network services on a secure branch network connected to a central site, despite the variety of WAN technologies.

The website (www.cisco.com/en/US/netsol/ns816/networking_solutions_program_home.html) breaks down the design guides by the branch size (small, medium, or large), multicast implementation, and overall design guides for both branch and WAN.

Campus Design Zone Guides

Overview: This section consists of four subsections: Overall Campus Design, High Availability, Network Virtualization, and Unified Access.

The Campus Design guide addresses enterprise campus architectures using the latest advanced services technologies from Cisco and is based on best-practice design principles. It introduces the key architectural components and services necessary to deploy a highly available, secure, and service-rich campus network.

The High Availability design guide gives you an understanding of what enterprise campuses require to maintain a highly available, secure, intelligent network infrastructure to support business solutions (that is voice, video, and wireless). It can help you plan for, and understand, how the system recovers from component outages (planned and failures) and what the expected behavior is during such an outage. Knowing this is a critical step in designing, upgrading, and operating a highly available, secure campus network, and it is provided to you by Cisco.

The Network Virtualization guides provide multiple solutions to business problems and drivers that range from simple to complex. This guide provides solutions for an end-to-end network virtualization solution separated into the following three functional areas: access control, path isolation, and services edge. If you need to provide something as simple as Internet access to visitors or something more complex, such as providing Internet access as a line-of-business and a revenue stream to various clients, you need to peruse these guides.

And finally the Unified Access guide combines switching, wireless, location, identity, policy, and management in a system design to simplify IT network-access management. Unified Access systems also provide for a consistent experience when users access the network. Check out the website at www.cisco.com/en/US/netsol/ns815/networking_solutions_program_home.html.

Data Center Design Zone Guides

The Data Center Design Center has a lot to offer, including the following:

• Application Networking: Cisco provides strategies for implementing various application platforms, such as IBM, Oracle, SAP, Citrix, Seibel, Microsoft, and more.

• The Business Continuity Design Guide: Provides instruction and guidance for implementing high availability clusters to distributed data centers.

• The Cisco Unified Computing Design Guide: Shares how to deliver a scalable, cost-effective architecture for your current and future needs for virtualized Microsoft applications, using computing and storage resources with ease using Oracle applications and Cisco UCS, or improving computing and storage resource allocation within the data center.

• Cloud Computing: This is a hot ticket item. This design guide goes through the steps required to create a flexible data center, enabling you to efficiently share your resources and become better prepared for rapid change management.

• Data Center Networking: Cisco Data Center Business Advantage provides architecture to unify the virtualization capabilities of individual devices to create a fully virtualized data center. This includes such items as Wide Area Application Services (WAAS) designs or creating a virtual data center infrastructure and integrating those WAAS with it.

• Security (Data Center): Comply with regulations and protect your data center from attack. But it goes beyond that. Sure you can get solutions for securing your data center, but you can also learn about security and virtualization in the data center. And with the big push right now to open everything up to the cloud, you had better be sure that you can protect your back-end information. Even if you think you don’t need to read this, you should. Take some time in your afternoon and become better educated on security and virtualization.

• Server Networking: This section tells you how to efficiently and securely deploy your various server networks. This includes data center blade server integration and server farm security.

• Service Provider: Controlling operational and capital costs while maximizing return on server, storage, and network infrastructure. The Service Provider CVD provides validated architectural guidance for building a baseline Service Delivery Center network infrastructure.

• Storage Networking: The Storage Networking CVD shows how to efficiently and cost-effectively implement a storage area network (SAN) solution using the Cisco MDS 9500 series multilayer director or intermingling the IBM FICON with the Cisco MDS 9000. This is an invaluable tool for resource allocation within your data center.

• Virtualization: Bring network, computer/storage, and virtualization platforms closer together to provide unparalleled flexibility, visibility, and policy. This includes three other subtopics: network, server, and desktop virtualization.

You can find more information about the Data Center Design Center at www.cisco.com/en/US/netsol/ns743/networking_solutions_program_home.html.

Security Design Zone Guides

The design zone for security has several sections; Cisco SAFE is one section we explained. But where SAFE differs from the rest of the sections is that SAFE is a tool you can use. The other sections are design guides for network foundation protection, enterprise campus security, and threat control:

• Cisco SAFE: For a detailed description, refer to the previous section, “Cisco SAFE 2.0.”

• Enterprise Campus Security: Leverages network virtualization for security. This CVD represents a chapter of the overarching SAFE Design Guide.

• Network Foundation Protection: Details security architects for the enterprise network. This too represents a separate chapter in the SAFE Design Guide. This portion goes over best practices for securing the network infrastructure by doing things such as setting security policies for infrastructure device access, routing infrastructure, network telemetry, and network policy enforcement.

• Secure Campus: Integration of wireless and security into the campus networks. The overarching purpose of this design guide is to describe the integration and collaboration of network security technology and the Cisco Unified Wireless Network.

• Secure Technology Partners: Solutions to security issues for data security systems to implementing a security information and event management system from Cisco and its partners.

• Security in Branch: Security solutions for branch locations. Branch offices can offer their own challenges, such as high availability, infrastructure protection, secure and persistent connectivity to the home office, and threat defense. This CVD offers guidelines and best practices for addressing these issues.

• Security in WAN: This CVD speaks specifically on the implementation of an IPsec virtual private network (VPN) WAN design. It defines the components required to build a site-to-site VPN system in relation to your WAN connectivity.

• Threat Control: This is another chapter in the SAFE Design Guide. It specifically covers the threat detection and mitigation capabilities available on Cisco Firewall/ASAs, Cisco IPS, Cisco Security Agents (CSA), Cisco Network Admission Control (NAC), and web/email security appliances.

You can find more information about the Security Design Zone Guides at www.cisco.com/en/US/netsol/ns744/networking_solutions_program_home.html.