Campus Network Architectures and Technologies
- 476 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
Campus Network Architectures and Technologies
About This Book
Campus Network Architectures and Technologies begins by describing the service challenges facing campus networks, and then details the intent-driven campus network architectures and technologies of Huawei Cloud Campus Solution. After reading this book, you will have a comprehensive understanding of next-generation campus network solutions, technical implementations, planning, design, and other know-how. Leveraging Huawei's years of technical expertise and practices in the campus network field, this book systematically describes the use of technical solutions such as virtualization, big data, AI, and SDN in campus networks. You will be able to reconstruct campus networks quickly and efficiently utilizing this informative description. Additionally, this book provides detailed suggestions for campus network design and deployment based on Huawei's extensive project implementation experience, assisting with the construction of automated and intelligent campus networks required to cope with challenges.
This is a practical, informative, and easy-to-understand guide for learning about and designing campus networks. It is intended for network planning engineers, network technical support engineers, network administrators, and enthusiasts of campus network technologies.
Authors
Ningguo Shen is Chief Architect for Huawei's campus network solutions. He has approximately 20 years' experience in campus network product and solution design, as well as a wealth of expertise in network planning and design. Mr. Shen previously served as a system engineer for the campus switch, data center switch, and WLAN product lines, and led the design of Huawei's intent-driven campus network solution.
Bin Yu is an Architect for Huawei's campus network solutions. He has 12 years' experience in campus network product and solution design, as well as extensive expertise in network planning and design and network engineering project implementation. Mr. Yu once led the design of multiple features across various campus network solutions.
Mingxiang Huang is a Documentation Engineer for Huawei's campus network solutions. He has three years of technical service experience, and four years of expertise in developing campus network product documentation. Mr. Huang was previously in charge of writing manuals for Huawei router and switch products. He has authored many popular technical series, including Be an OSPF Expert, Insight into Routing Policies, and Story behind Default Routes.
Hailin Xu is a Documentation Engineer for Huawei's campus network solutions. He has two years of marketing experience in smart campus solutions, and six years of expertise in developing network products and solution documentation. Extremely familiar with Huawei's campus network products and solutions, Mr. Xu was previously in charge of writing manuals for Huawei routers, switches, and campus network solutions. In addition, he has participated in smart campus marketing projects within such sectors as education, government, and real estate.
Frequently asked questions
Information
CHAPTER 1
1.1 Campus Network Overview
1.1.1 What Is a Campus Network?
1.1.2 How Do Campus Networks Differ?
- Network scaleCampus networks can be classified into three types: small, midsize, and large campus networks, each differing in the number of terminal users or Network Elements (NEs). This is described in Table 1.1. Sometimes, the small campus network and midsize campus network are collectively called small- and medium-sized campus networks.
TABLE 1.1 Campus Network Scale Measured by the Number of Terminal Users or NEs Campus Network CategoryTerminal UsersNEsSmall campus network<200<25Midsize campus network200–200025–100Large campus network>2000>100A large campus network generally has complex requirements and structures, resulting in a heavy operations and maintenance (O&M) workload. To handle this, a full-time professional O&M team takes charge of end-to-end IT management, ranging from campus network planning, construction, and O&M to troubleshooting. This team also builds comprehensive O&M platforms to facilitate efficient O&M. In contrast to large campus networks, small/midsize campus networks are budget-constrained and usually have no full-time O&M professionals or dedicated O&M platforms. Typically, only one part-time employee is responsible for network O&M. - Service targetsIf we look at campus networks from the perspective of service targets, we will notice that some campus networks are closed and restrictive, only allowing internal users, while others are open to both internal and external users. The source of network security threats differs between closed campus networks and open campus networks. Therefore, they both have distinct network security requirements and solutions.Users on a closed campus network are typically internal employees. Their online behaviors are relatively fixed and can be effectively controlled through internal rules and regulations as well as reward and punishment. Therefore, the threats to a closed campus network mainly come from external intrusion. For this reason, a closed campus network usually uses a stronghold model to prevent unauthorized access from external and internal networks. Specifically, network admission control (
NAC) is introduced to authenticate user names, accounts, tokens, certificates, and other credentials in order to prevent non-internal users from accessing the network. Additionally, firewalls are deployed at the borders of different security zones, for example, at the network ingresses and egresses. Open campus networks paint a different picture. An open campus network aims to serve the public as much as possible. To this end, network access authentication needs to accommodate both convenient public access and effective user identification. A viable solution is to use a mobile number plus a short message service (SMS) verification code or adopt social account authentication. These approaches can simplify account management. However, public network access is unpredictable, and there may be many network security threats. As such, a user behavior control system is often deployed inside the network to prevent intentional and unintentional illegal behaviors. For example, if a user terminal is infected with a network virus, the virus may spread to attack the entire network system. To contain attacks, the user behavior control system must be able to identify user behaviors as well as isolate and clean up traffic from these users. This ensures that users can access the Internet as normal, without affecting other users on the network. In real-world situations, a campus network usually has both closed and open subnets. A typical campus network that serves the public always has a closed subnet for internal office and administration purposes. Likewise, a campus network designed for internal personnel is typically partially open to outsiders. For example, an enterprise campus network opens up some portions of the network to guests for improved communication and collaboration. Some parts of an e-Government campus network are open for citizens who will enjoy convenient government services. In these cases, the closed subnet and open subnet belong to different security zones and must be isolated from each other. Typical isolation methods include physical isolation, logical network isolation, and firewall isolation. For networks that require strong security, physical isolation is generally used. That is, the closed and open subnets cannot communicate with each other at all. - Service supportCampus networks can be classified into single-service and multi-service campus networks, depending on the services carried. The complexity of services carried on the campus network determines the network complexity.In the beginning, campus networks carried only data services, and other services were supported by disparate dedicated networks. Currently, most small- and medium-sized enterprises have a limited number of network services. For example, a small enterprise that rents offices in an office building uses the network infrastructure provided by the office building owner. Therefore, small enterprise campus networks typically require only internal data communication services. Generally speaking, a single-service campus network has a simple architecture.An advanced large campus network is a completely different story. It usually serves an independent large campus, where various basic services, such as firefighting management, video surveillance, vehicle management, and energy consumption control, are provided. If a dedicated network was deployed for each basic service, the cost would be prohibitively high and O&M would be terribly complex. To change this, digital and Ethernet technologies are gradually introduced for these basic services. Doing so facilitates the use of mature Ethernet, and a campus network is gradually made capable of supporting multiple services. The network carries multiple services with different requirements, which are isolated from each other and effectively ensured. Due to this, the campus network architecture is becoming more and more complex and virtuali...
Table of contents
- Cover
- Half Title
- Series Page
- Title Page
- Copyright Page
- Table of Contents
- Summary
- Introduction
- Acknowledgments
- Authors
- Chapter 1 ◾ Getting to Know a Campus Network
- Chapter 2 ◾ Campus Network Development Trends and Challenges
- Chapter 3 ◾ Overall Architecture of an Intent-Driven Campus Network
- Chapter 4 ◾ Building Physical Networks for an Intent-Driven Campus Network
- Chapter 5 ◾ Building Virtual Networks for an Intent-Driven Campus Network
- Chapter 6 ◾ Automated Service Deployment on an Intent-Driven Campus Network
- Chapter 7 ◾ Intelligent O&M on an Intent-Driven Campus Network
- Chapter 8 ◾ E2E Network Security on an Intent-Driven Campus Network
- Chapter 9 ◾ Open Ecosystem for an Intent-Driven Campus Network
- Chapter 10 ◾ Intent-Driven Campus Network Deployment Practices
- Chapter 11 ◾ Huawei IT Best Practices
- Chapter 12 ◾ Intent-Driven Campus Network Products
- Chapter 13 ◾ Future Prospects of an Intent-Driven Campus Network
- Acronyms and Abbreviations