Network design principles for effective architectures
It's important for network architects to consider several factors for an effective network design. Top principles include flexibility and scalability, redundancy and security.
Enterprises don't just spin up networks spontaneously. Network architects thoroughly plan and design the network infrastructures before building them out.
Enterprise network design seeks to deliver a reliable architecture that performs well and is affordable to build, operate and maintain. It encompasses a selection of physical components, the necessary protocols and the configurations required to implement those protocols.
Network design principles
Network architects adhere to some basic principles of design to build an infrastructure that supports enterprise needs. Key network design principles for teams to consider include the following:
- Flexibility and scalability.
- Redundancy.
- Security.
Network architects should also consider the manageability, sustainability, longevity and other criteria specific to the needs of their organization. Regardless of which design principles enterprises choose to prioritize, a well-designed system is easier and less expensive to operate. Moreover, the team can easily expand, upgrade and eventually replace their network in the future.
Flexibility and scalability
Flexibility is fundamental to network design. As enterprises evolve, their network needs evolve, too. The enterprise network must be able to adapt to meet those changing needs. The ability to scale up or down in different parts of the network to deal with demand is one of the most important aspects of network flexibility.
Network architects learn to design around multiple hierarchical layers, with each layer being separately scalable. They also use components that can accommodate a broad range of network protocols and strategies to support shifts in requirements and usage.
Redundancy
Network architects typically specify the most reliable components they can afford to achieve reliability. However, they also design networks with the expectation of component failure or other problems that could knock out individual pieces, such as cable cuts or power outages.
Network architects typically design networks with redundancy to achieve reliability. Redundancy adds extra capacity in the network by forming multiple connections among components and multiple pathways from one component to another. When a path breaks or a component drops or becomes unreachable, failover protocols help the remaining parts figure out how to talk to each other via another path. This redundancy lets traffic continue to flow.
Security
A network increases an enterprise's risk surface, so it's crucial for network architects to minimize the added operational, legal and cybersecurity risks. The network team must first specify the components or network services that they can operate securely. The team must configure these resources to provide only authorized staff with access to the management layers.
These components must also support other security standards and policies. These might include requirements for multifactor authentication for administrative access or implementation of the IEEE 802.1X standard to force authentication for access to any port.
Begin the network design
Network architects begin to design systems at a macro level. They focus on how the hierarchical design meets business needs, while also providing the options to address unforeseen needs economically. This requires the network team to work with business line leaders to better understand what the infrastructure needs to enable that work.
The team should also build the network with the organization's corporate strategy in mind. For example, does the company want to expand existing facilities to broaden its customer base in a new geography? Or does the company want to expand because it plans to spin up new facilities in that region?
The network team must find out its organization's goals and augment the design to incorporate as much redundancy as they can afford. In most environments, this means the network has redundant paths among switches in a location and among locations in a WAN. These additional paths can range all the way up to fully duplicated network infrastructures that run parallel to the original architecture.
Finally, the team must ensure that all network equipment specified for the implementation can meet known security requirements and have the flexibility to adapt to future ones for as long as possible.
Design networks to run efficiently
When network architects design networks, they build them to be flexible, redundant and secure from the start. This makes it easier for network engineering and operations teams to keep the network active and enables them to easily modify it to meet new needs.
Architects should ensure the network has extra capacity to cope with significant growth. Teams can add additional edge switches and wireless controllers to achieve this, for example. When network teams add additional redundancy, it also makes it easier to add components at any other layer to accommodate more growth.
Redundancy also simplifies how teams implement and enforce new security policies when the network has greater capacity. It ensures a component failure doesn't weaken the network, as traffic automatically reroutes until the team repairs or replaces the failed part.
Teams can accomplish these goals when they have an architecture with these key network design principles in mind.
John Burke is CTO and a research analyst at Nemertes Research. Burke joined Nemertes in 2005 with nearly two decades of technology experience. He has worked at all levels of IT, including as an end-user support specialist, programmer, system administrator, database specialist, network administrator, network architect and systems architect.
