1.2 Key Characteristics of Scalable Internetworks  
  1.2.6 Making the network accessible but secure  
Accessible networks let users connect easily over a variety of technologies. Campus LAN users typically connect to routers at the access layer through Ethernet or Token Ring. Remote users and sites may have access to several types of WAN services. Cost and geography play a significant role in determining what type of WAN services an organization can deploy. Therefore, Cisco routers support all major WAN connection types. As shown in Figure , these services include all of the following:
  • Circuit-switched networks that use dialup lines
  • Dedicated networks that use leased lines
  • Packet-switched networks

Circuit-switched networks are dialup, and leased lines are dedicated.

  • Dialup and dedicated accessCisco routers can be directly connected to basic telephone service or digital services such as T1/E1. Dialup links can be used for backup or remote sites that need occasional WAN access, while dedicated leased lines provide a high-speed, high capacity WAN core between key sites.
  • Packet-switchedCisco routers support Frame Relay, X.25, Switched Multi-megabit Data Service (SMDS), and ATM. With this variety of support, the WAN service, or combination of WAN services, to deploy can be determined based on cost, location, and need.

Often, the easier it is for legitimate remote users to access the network, the easier it is for unauthorized users to break in. An access strategy must be carefully planned so that resources, such as remote access routers and servers, are secure. If a company enables users to telecommute through dialup modem, the network administrator must secure access. The routers can be secured with access lists. Routers can also be secured with authentication protocol, such as the Password Authentication Protocol (PAP) or the Challenge Handshake Protocol (CHAP). These protocols require the user to provide a valid name and password before the router permits access to other network resources.

 

Web Links

Perimeter Security

http://www.cisco.com/warp/public/732/ net_foundation/perimeter_security.html