Chapter 8 - The Physical Design

Abstract

This chapter discusses some of the best practices for designing a network topology, including routing, router placement, Internet connectivity, addressing and subnetting, and firewall considerations. These components have a bearing on the infrastructure used and therefore require careful consideration when deploying an infrastructure. Designing the topology requires both physical and logical approaches. The “physical” approach to designing a network topology involves the network design that matches the physical or geographic location of an organization. In a “logical” approach, the topology would match an organizational chart. Security is one of the most important aspects of a network topology design. A router is the first line of defense against the Internet. Internet Protocol (IP) filtering can be used to control what data get through to the network. Routers can filter data by address, but firewalls are much more granular and can filter data by the Media Access Control (MAC) address, IP address, and Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) port, among others. Therefore the ability to configure the rules to control the type of traffic that is permitted to pass through a firewall provides the organization with a much greater degree of control over the integrity of the network and the activity of the clients that connect to it.