In the First part of this article, we examined the hardware/software requirements for connecting up the branch offices. In this part, we shall look at design features that will make the connection successful.
Design considerations will include features such as tiered scalability, redundancy, route summarization, network address translation, load balancing, simplicity of configuration, link failure detection and unified threat management.
Scalability: This will determine the number of sites that can be connected and deployed without creating an impact on the memory or CPU resources. In other words, the routing design should be scalable enough to support the connections. A medium sized organization should be capable of connecting up 100 to 1,000 locations.
Redundancy: No single point of failure should exist. This links back to High Availability discussed in the previous part of this article. The head and branch offices must have multiple connection links via public and private networks to ensure that failure of one link will automatically switch the user to the other link or permit a manual connection using a different link.
Route Summarization: When a large number of routes are used on the network, a summary of all the routes in use should be automatically performed. This summarization will help the system re-route traffic optimally and ensure that bottlenecks do not create problems for the organization.
NAT or Network Address Translation: A branch or location may contain more than one user. The users within the branch location may be given a private IP address behind NAT devices.
Load Balancing: This is a process of optimizing the WAN by re-routing the traffic on the network during peak loads. Dual homing connections to the Internet may be used for the purpose to optimize performance and create a switchover, whenever one link fails, so that the backup or recovery operation continues without interruption.
Configuration simplification: The purpose is to reduce complexity of set up. The configuration set up is delegated to granular levels. However, this may result in multiplicity of configurations.
Link Failure detection: This mechanism is used to detect link failures during run time. This helps control the data backup and recovery process and keep alive protocols.
Unified threat management (UTM): This design feature, links back to the security management discussed in the previous article. The UTM feature must be enabled across firewalls for bi-directional traffic flows and across a set of inspection devices.