Cyber-Burn

Hi shonen, Hopefully this finds you before your deadline. Brings back memories of when I was in the networking academy... Anyway, I will give you my thoughts on the matter and Hopefully this will help. 1: Suggested models for layer 2 (access), Layer 3 (distribution) and core layer switches? Core of the network would be a 6500E chassis with the series 720 supervisor. The exact chassis is going to depend on the type of switches that you deploy on your network. If you are looking at 10/100 then you would need to find a chassis that will support enough gig backbone links for your distribution layer. If you are going with gig to the desktop then you can go with gig backbones, but the industry is moving to 10 gig. Table 2 on the below page will help you make the determination. Cisco 6500 Datasheet For the distribution layer I would go with 4500E chassis and the Supervisor 6E for the enhanced backplane speeds (24 Gbps per slot as opposed to 6 Gbps on the standard chassis. This will allow you to get a higher port density, up to a 24 port gigabit sfp line card to run to the access layer switches. For the access layer I would go with stackable switches for redundancy. The 3750-E series would be an ideal access layer switch. The stackable nature of the switch allows the backbone or uplink connections to the distribtution layer to be shared between all of the switches in the stack, increasing the maximum bandwidth to the device. Each switch comes with the twin gig converter that allows for 4 SFP gig ethernet ports or two 10 gig ethernet ports. 2: Suggested Media, connectors and appropriate modules/expansion slots for interconnecting the fiber back bone (core, distribution and access layers). This as I said depends on your connection methods to the desktop. I personally run gig to the desktop, usually 2 gig to each 48 port switch depending on usage, and redundant 10 gig links from the distribution to the core. If you know what you want to run I can give you an idea of what to use for the modules. 3: Suggested iSCSI Switch and media for linking the SAN to the server? I personally do not use iSCSI so I will have to defer to someone else on this. 4: I am having a bit of a mental blank but I believe there is a protocol that can be used to setup a virtual port for the gateway on a router. Its generally used when two routers are connected to a network to have fail over in the event a router dies. HSRP - Hot Standby Router Protocol. HSRP Information 5: From my limited understanding RADIUS only authenticates users but does not encrypt traffic, is this correct? You are correct on RADIUS. Radius is only for AAA and does not encrypt traffic. The only item is RADIUS that is encrypted is the password with a MD5 hash. An IPSec tunnel would be the best bet in addition to RADIUS for the encryption of the traffic. 6: If you are to use AAA authentication on a router which is more secure Tacacs+ RADIUS or other? I would suggest TACACS+ only for the fact that the entire packet is encrypted as opposed to just the password in RADIUS.