Juniper Networks Warrior. A Guide to the Rise of Juniper Networks Implementations - Helion

ebook

Autor: Peter Southwick
ISBN: 978-14-493-6172-3
stron: 432, Format: ebook
Data wydania: 2012-11-13
Księgarnia: Helion

Cena książki: 186,15 zł (poprzednio: 216,45 zł)
Oszczędzasz: 14% (-30,30 zł)

Osoby, które kupiły tę książkę, wybierały także »

Tagi: Budowa sieci | Konfiguracja sieci

In this practical book, Juniper Networks consulting senior network engineer, Peter Southwick, offers unique first-person field studies on designing, configuring, and troubleshooting new systems that are changing the networking world. Each chapter-long "travelogue" follows a team of Juniper Networks warriors as they solve specific needs with emerging network platform architectures.

In these case studies, Southwick and his fellow warriors analyze a client’s particular situation, arrive at an architectural solution, and work through the deployment details. For anyone who operates, installs, designs, or works in IT, this book provides an intimate and entertaining look at what’s changing and why.

Among the case studies, you’ll discover how:

A service provider protected customers from malicious traffic with Juniper Networks IDP systems
SRX5800s improved connectivity and security in a data center
Ethernet WAN technology was chosen as a storage solution, rather than a proprietary design on dark fiber
An enterprise severed communications between different departments to comply with government personal credit card standards
Core network and edge devices helped a power company serve local customers and ISPs in the data services market
A hosting company migrated its core, datacenter, edge, and access domains to a state-of-the-art network

"In this uniquely written book, you will get a detailed view of life in the data center, the edge, the core, and the office of the customer’s CIO."
Steve Fazio, CEO, TorreyPoint

Osoby które kupowały "Juniper Networks Warrior. A Guide to the Rise of Juniper Networks Implementations", wybierały także:

Cisco CCNA 200-301. Kurs video. Podstawy sieci komputerowych i konfiguracji. Część 1 790,00 zł, (316,00 zł -60%)
MikroTik. Kurs video. Przygotowanie do egzaminu MTCNA 99,00 zł, (44,55 zł -55%)
Praktyczne projekty sieciowe 67,77 zł, (37,95 zł -44%)
Sieci komputerowe. Kurs. Wydanie II 44,11 zł, (24,70 zł -44%)
Sieci komputerowe. Kurs 34,29 zł, (19,20 zł -44%)

Spis treści

Juniper Networks Warrior. A Guide to the Rise of Juniper Networks Implementations eBook -- spis treści

Juniper Networks Warrior
Dedication
SPECIAL OFFER: Upgrade this ebook with OReilly
Preface
- What Is the New Network Platform Architecture?
- How to Use This Book
- Whats in This Book?
- A Note About This Book
- Conventions Used in This Book
- Using Code Examples
- Safari Books Online
- How to Contact Us
- Acknowledgments
1. An Enterprise VPN
- Company Profile
  - Network
  - Traffic Flow
  - Need for Change
  - Class of Service
  - Design Trade-Offs
    - Routing and survivability
      - Remote locations
      - Main location
    - Class of service
- Implementation
  - Prototype Phase
  - Class of Service
  - Cut-Over
  - Main Site
  - Remote Site JAX
  - Remote Sites PHL and IAD
  - Backup Site BNA
- Conclusions
2. Maintaining IDP Systems
- IDP8200 Background
  - Command-Line Interface
  - Web Management Interface
  - NSM Management
- Support Tasks
  - Daily Tasks
  - IDP Policies
  - Rulebase Optimization
  - Other Tasks
    - Updating the detector engine
    - Updating IDP appliance OS
    - Updating attacks
- Conclusion
3. Data Center Security Design
- Discussion
  - Design Trade-Offs
  - Decision
- Configuration
  - Take One Configuration: Clustering
  - Take 2 Configuration: Active/Active without Reths
  - Take 3 Configuration: Active/Active with One-Legged Reths
  - Testing
- Summary
4. Layer 3 to Layer 2 Conversion
- Problem
  - Q-in-Q Framing
  - VPLS Overhead
- Solutions
  - RFC 4623
    - Customer MTU restrictions
    - Move the MTU
- Configurations
  - Management
    - lo0.0
    - Access
  - Protocols
    - MPLS
    - BGP
    - OSPF
  - Core Router Configurations
  - Distribution Switch Configurations
  - Distribution Router Configurations
  - Rate Control
  - CPE Switch Configuration
- Conclusion
5. Internet Access Redress
- Objective
- Design
  - Trade-offs
    - Routing
    - IBR integration
    - IDP
    - Filter-based forwarding
    - Clustering
- Configuration
  - Clustering
  - Security
    - Routing instances
    - Interfaces, zones, and policies
    - NAT
    - Security logging
  - Routing
    - BGP
    - OSPF
    - Default route
    - Out-of-band management network
- Implementation
  - Lessons Learned
    - Feature interactions
    - Network interactions
    - Administrative issues
- Conclusion
6. Service Provider Engagement
- Company Profile
  - Physical Network Topology
  - Services
  - Design Approach
    - MX connectivity
    - EX connectivity
    - Deployment
    - Management network
  - Design Trade-Offs
    - OSPF
    - VPLS
    - BGP
    - MPLS
    - Trade-off choices
- Configurations
  - Boilerplate Configuration
  - MX Interfaces
  - EX Boilerplate and Interfaces
  - OSPF
  - MBGP
  - MPLS
  - RSVP
  - Layer 3 VPN
  - VPLS
  - OBM
- Conclusion
7. A PCI-Compliant Data Center
- Introduction
  - Client Goals
  - Design Trade-Offs
    - Firewalls
    - Routing
    - Addressing
    - Survivability
- Recommended Design
  - Switching Layer
  - Routing Layer
  - Firewall Layer
  - Virtualization
- Configurations
  - EX4200 Configuration
  - MX240 Configuration
  - Firewall Configuration
- Deployment
  - Initial Connectivity
  - The Maintenance Window
  - PCI Compliance
- Summary
8. Facilitating Dark Fiber Replacement Using a QFX3500
- Existing Design
  - Introduction to Fibre Channel
- Proposed Design
  - Concerns and Resolutions
    - Naming
    - Network quality
  - Network Upgrade
  - Advantages and Benefits of the Solution
- QFX3500 Fibre Channel Gateway Configurations
  - Management Configurations
  - Fibre Channel Gateway Interface Configuration
  - DCB Configuration
- EX4500 Transit Switch Configurations
  - Interfaces and VLANs
  - Transit Switch DCB Configuration
- Verification
- Conclusions
9. MX Network Deployment
- Plans and Topology
- Phase 1
- MX Configuration
  - Management Configuration
  - Routing Engine Protection
  - Policy Configurations
    - Prefer to receive an aggregate of the locally assigned addresses
    - No subnets longer than /24
    - No RFC 1918 prefixes
    - Authentication on all BGP links
    - The ISPs will ignore the use of MEDs
    - The ISPs will respond to local preference
    - The ISPs will forward a default route if required
    - The ISPs will accept prepending only for the local AS
    - The ISP will not act as a transit network for any other traffic except for its customers
  - Protocol Configurations
    - OSPF
    - BGP
- Phase 2
- Final Phases
- Conclusion
10. A Survivable Internet Solution for a Fully Distributed Network
- Original Network Architecture
  - WAN Connectivity
  - Addressing
  - Internal Connectivity
  - Firewalls
- Problem Definition
- Proposed Solution 1
  - Solution 1 Advantages
  - Solution 1 Details
  - Solution 1 Issues
- Proposed Solution 2: OSPF over Tunnels
  - Early Death of Solution 2
  - Configuration for Solution 2
- Final Solution: Static Routes over Tunnels
  - Solution Advantages
  - Solution Issues
    - RPF checks
    - Default gateway failure detection
  - Email Server Address Resolution
- Firewall Configurations
- Conclusion
11. Internet Access Rebuild
- Requirements
- Existing Network
  - Routing Protocols
- Solution Options
  - Three-Layer Design
  - Two-Layer Design
  - One-Tier Design
- Configurations
  - Deployment Scenario
  - Management Staging and Testing
  - Top-of-Rack Switch Testing
  - ISP Link Testing
  - Production Configuration
  - Cut-Over
- Conclusion
Index
About the Author
Colophon
SPECIAL OFFER: Upgrade this ebook with OReilly
Copyright