LAN Architecture Diagram and Components

Have you ever wondered about what could be the various networking components
that make an enterprise LAN (Computer Network / Local Area Network)? The above
diagram shows you the connectivity architecture of the major components that form
an enterprise network. We have also included a brief description of the individual
components below:
Internet: The Internet cloud refers to the source of the Internet to an organization.
The organization could be connected to the Internet via Internet Leased Lines/
Broadband/ 3G etc. For connectivity to other branches, a VPN Network over the
Internet could be used (or) A Managed Leased Line/ MPLS circuit could be used as
well.
Router: The Enterprise Router is basically a Layer-3 Network device that connects
disparate networks. It acts as a gateway between the LAN and the WAN networks
and the Internet Leased Lines/ MPLS Circuits/ Managed Leased Lines/ Broadband
networks are all terminated on the router. Some Routers support additional modules
for secure connectivity to other branches through VPN, Intrusion Prevention and
Content Filtering etc. Routers have WAN ports and LAN ports to connect WAN and

LAN connections respectively, and some of them have built-in Wireless/ VOIP
capabilities.
UTM/ Firewall: The Unified Threat Management Appliance (or software) is for
providing gateway level network security for the various end points used in the
organization. The UTM Devices provide the following network security options:
Firewall, Anti-Spam, Anti-Virus, Content Filtering, URL Filtering, Intrusion Prevention
(IPS), Virtual Private Network (VPN), Protection from Internet threats like Phishing
etc.
Core Switch: A Core Switch is generally a Layer-3 based Network Switch that
connects to the various distribution switches, edge switches (through distribution
switches / directly) using Optical Fiber Networks or UTP Copper cabling. They
generally also connect to the computer servers (ERP, Web Server, Mail Server,
Database Server, Application Servers, etc). The core switch is in the center of an
enterprise network and it also provides Inter-VLAN routing. They are either standalone switches (24/48 Ports Copper, 4/24 Port Fiber) or Chassis-based where there
is processing unit and number of blade modules(For connecting fiber/copper) that go
in to empty slots allowing for a flexible configuration.
NAS Device: A NAS Device refers to a Network Area Storage Appliance (This could
also be a Storage Area Network, depending upon the storage requirements) where
bulk of the files/ data are stored for the servers and individual users (PCs) to access
them over the network whenever required. These appliances are mostly disk based
and can be connected anywhere on the network (preferably to a core switch). They
come in sizes ranging from 1 TB(Tera Byte) to multiple Tera Byte configurations.
Wireless Controller: There are many access points to provide wireless (Wi-Fi)
access to the PCs/ Laptops/ Wi-Fi Phones in the enterprise. All these Access Points
are managed/ controlled by an appliance called Wireless Controller. Basically a
wireless controller provides centralized authentication, encryption, network policies,
radio frequency management, failover, load balancing, wireless intrusion scanning
and other functionalities required for the wireless users across the network.
IP Telephony Server: The IP Telephony Server provides the call control functions
(voice switching) for the telephony operations in an enterprise network. Since the IP
Phones connect to the computer networks, these IP Telephony Servers provide
centralized administration and connectivity to PSTN Lines to all the IP Phones/ VOIP

devices over the network including the assigning of extension/ DID numbers and IVR
(Interactive Voice Response).
Distribution Switches: Distribution Switches provide an aggregation layer for
network switching. The distribution switches connect to both copper UTP cable
network as well as optical fiber networks. The distribution switches are connected to
the core switch on one end and to the edge switches on the other. Generally, there
may be one distribution switch for each department and a network is sometimes
formed without the distribution/ aggregation layer by connecting the network
endpoints directly to them.
Edge Switches: The Edge/ endpoint switches are basically Layer-2 switches that
provide direct connectivity to the various network devices like PCs, laptops, Wireless
Access Points etc using the Copper UTP cables. They come in various
configurations including 8 Port/ 16 Port, 24 Port, 48 Port etc. They support 10/100
Mbps as well as 10/100/1000 Mbps connectivity to the various network devices.
Some of them even support POE (Power Over Ethernet) for electrical power required
for operation of certain network devices (like Wireless Access Points, IP Phones etc)
and some of them could be stacked to each other for providing a single management
interface/ combined backplane for multiple such edge switches.
Wireless Access Points: The Wireless Access Points contain built-in radios which
provide wireless signals for connecting certain network devices that has an in-built
wireless adapter. Basically these access points send wireless signals that can be
interpreted by the wireless enabled network clients for communicating the data/
information over the wireless medium. Their job is just to collect these signals,
convert them in to wired signals and send it over the LAN network for the wireless
controller to interpret them and take appropriate action. They generally have a
coverage range of 20-30 meters indoor and 80-100 meters outdoor and each device
can connect to more than 15 wireless devices within their coverage area. They
operate in the 2.4 and 5 Ghz frequency spectrum.
Network Endpoints/ Devices: There are various network devices/ endpoints
connecting to the LAN via edge switches/ wireless access points. Some of them
include PC/ Laptop/ PDA etc for data connectivity, IP Phones, Cell Phones/Wi-Fi
Phones, Soft Phones for voice connectivity, IP Surveillance Cameras/ IP Video
Conferencing devices for video over IP. There are also network based accessories

like network printers, MFPs (Multi-Function Printers), Scanners etc. connecting to

the enterprise computer network.

Enterprise Campus This functional area contains the modules required to build a hierarchical,
highly robust campus network. Access, distribution, and core principles are applied to these
modules appropriately.
Enterprise Edge This functional area aggregates connectivity from the various elements at the
edge of the enterprise network, including to remote locations, the Internet, and remote users.
Service Provider Edge This area is not implemented by the organization; instead, it is included
to
represent connectivity to service providers such as Internet service providers (ISPs), WAN
providers,
and the public switched telephone network (PSTN).
Enterprise Composite Network Model Functional Areas

Modules Within the Enterprise Composite Network Model.

The Enterprise Campus functional area comprises the following modules:

Building Contains access switches and end-user devices (including PCs and IP phones).
Building Distribution Includes distribution multilayer switches to provide access between
workgroups and to the Core.
Core Also called the backbone, provides a high-speed connection between buildings
themselves,
and between buildings and the Server Farm and Edge Distribution modules.
Edge Distribution The interface between the Enterprise Campus and the Enterprise Edge
functional areas. This module concentrates connectivity to and from all branches and teleworkers
accessing the campus via a WAN or the Internet.
Server Farm Represents the campuss data center.
Management Represents the network management functionality, including monitoring,
logging,
security, and other management features within an enterprise.

Figure 1-8 illustrates how the Building, Building Distribution, and Core modules map directly onto
the
hierarchical models access, distribution, and core layers. The figure also shows how multiple
buildings can be represented by multiple sets of a Building and a Building Distribution module, with
each connected to the
Core.
Multiple Buildings Represented Within the Enterprise Campus.

The Enterprise Edge functional area is the interface between the Enterprise Campus functional
area (through the Edge Distribution module) and the Service Provider Edge functional area. It is
composed of the following four modules:
E-commerce Includes the servers, network devices, and so forth necessary for an
organization to provide e-commerce functionality, such as online ordering
Corporate Internet Provides Internet access for the organization, and passes VPN traffic from
external users to the VPN and Remote Access module
VPN and Remote Access Terminates VPN traffic and dial-in connections from external users
WAN Provides connectivity from remote sites using various WAN technologies
The three modules within the Service Provider Edge functional area are as follows:
ISP Represents Internet connections (in Figure 1-7, two instances of this module are shown,
representing a dual-homed connection to two ISPs)
PSTN Represents all nonpermanent connections, including via analog phone, cellular phone,
and
Integrated Services Digital Network (ISDN)
Frame Relay/Asynchronous Transfer Mode (ATM) Represents all permanent connections to
remote locations, including via Frame Relay, ATM, leased lines, cable, digital subscriber line (DSL),
MPLS, and wireless bridging