Features and Benefits
top
The only authorized, authoritative, and comprehensive study guide for Cisco's latest CCDP ARCH exam
* A single source for network design best practices for a wide variety of crucial enterprise networking technologies
* Contains more than 70% new material, including configuration scripts for implementing advanced Cisco-based solutions
* Includes self-assessment review questions, answers, and example configurations prepared by Cisco insiders
Table of Contents
top
Foreword xxv
Introduction xxvi
Chapter 1 Cisco SONA and the Cisco Enterprise Architecture 3
Reviewing Cisco SONA and the Cisco Enterprise Architecture 3
The Hierarchical Model 3
Example Hierarchical Network 4
Review of Cisco SONA 5
Benefits of Cisco SONA 6
Review of the Cisco Enterprise Architecture 7
Review of Cisco SONA Infrastructure Services 9
Review of the Cisco SONA Application Layer 10
Reviewing the Cisco PPDIOO Approach 10
PPDIOO Network Lifecycle Approach 11
Benefits of the Lifecycle Approach 12
Using the Design Methodology Under PPDIOO 13
Identifying Customer Requirements 14
Characterizing the Existing Network and Sites 15
Designing the Topology and Network Solutions 15
Example: Dividing the Network into Areas 16
Summary 17
References 17
Review Questions 19
Chapter 2 Enterprise Campus Network Design 23
Designing High Availability in the Enterprise Campus 23
Enterprise Campus Infrastructure Review 23
Access Layer 23
Distribution Layer 25
Core Layer 26
High-Availability Considerations 28
Implement Optimal Redundancy 28
Provide Alternate Paths 30
Avoid Single Points of Failure 30
Cisco NSF with SSO 32
Cisco IOS Software Modularity Architecture 33
Designing an Optimum Design for Layer 2 36
Recommended Practices for Spanning-Tree Configuration 36
STP Standards and Features 37
Cisco STP Toolkit 37
STP Standards and Features 37
Recommended Practices for Trunk Configuration 39
VLAN Trunking Protocol 40
Dynamic Trunking Protocol 41
Recommended Practices for UDLD Configuration 42
Recommended Practices for EtherChannel 43
Port Aggregation Protocol 43
Link Aggregation Control Protocol 44
Developing an Optimum Design for Layer 3 45
Managing Oversubscription and Bandwidth 45
Bandwidth Management with EtherChannel 45
Bandwidth Management with 10 Gigabit Interfaces 47
Link Load Balancing 47
Link Load Balancing 48
Routing Protocol Design 49
Build Redundant Triangles 49
Peer Only on Transit Links 51
Summarize at the Distribution Layer 51
First-Hop Redundancy 53
Preempt Delay Tuning 54
Overview of Gateway Load Balancing Protocol 55
Optimizing FHRP Convergence 58
Supporting a Layer 2 to Layer 3 Boundary Design 58
Layer 2 to Layer 3 Boundary Design Models 59
Layer 2 Distribution Switch Interconnection 59
Layer 3 Distribution Switch Interconnection (HSRP) 60
Layer 3 Distribution Switch Interconnection (GLBP) 60
Layer 3 Access to Distribution Interconnection 60
Potential Design Issues 63
Daisy Chaining Access Layer Switches 63
Too Much Redundancy 65
Too Little Redundancy 66
Asymmetric Routing (Unicast Flooding) 68
Supporting Infrastructure Services 70
IP Telephony Considerations 70
IP Telephony Extends the Network Edge 70
PoE Requirements 71
Power Budget and Management 72
Multi-VLAN Access Port 73
QoS Considerations 75
Recommended Practices for QoS 76
Transmit Queue Congestion 76
QoS Role in the Campus 76
Campus QoS Design Considerations 77
Cisco Catalyst Integrated Security Features 78
Port Security Prevents MAC-Based Attacks 78
DHCP Snooping Protects Against Rogue and Malicious DHCP Servers 79
Dynamic ARP Inspection Protects Against ARP Poisoning 79
IP Source Guard Protects Against Spoofed IP Addresses 79
Example Catalyst Integrated Security Feature Configuration 80
Summary 81
References 81
Review Questions 82
Chapter 3 Developing an Optimum Design for Layer 3 87
Designing Advanced IP Addressing 87
IP Address Planning as a Foundation 87
Summary Address Blocks 88
Changing IP Addressing Needs 88
Planning Addresses 89
Applications of Summary Address Blocks 89
Implementing Role-Based Addressing 90
Bit Splitting for Route Summarization 90
Example: Bit Splitting for Area 1 91
Addressing for VPN Clients 91
NAT in the Enterprise 92
NAT with External Partners 92
Designing Advanced Routing 93
Route Summarization and Default Routing 93
Originating Default 94
Stub Areas and Default Route 95
Route Filtering in the Network Design 96
Inappropriate Transit Traffic 96
Defensive Filtering 97
Designing Redistribution 99
Filtered Redistribution 99
Migrating Between Routing Protocols 101
Designing Scalable EIGRP Designs 101
Scaling EIGRP Designs 102
EIGRP Fast Convergence 102
EIGRP Fast-Convergence Metrics 103
Scaling EIGRP with Multiple Autonomous Systems 104
Example: External Route Redistribution Issue 104
Filtering EIGRP Redistribution with Route Tags 105
Filtering EIGRP Routing Updates with Inbound Route Tags 105
Example: Queries with Multiple EIGRP Autonomous Systems 107
Reasons for Multiple EIGRP Autonomous Systems 108
Designing Scalable OSPF Design 108
Factors Influencing OSPF Scalability 109
Number of Adjacent Neighbors and DRs 109
Routing Information in the Area and Domain 110
Designing Areas 110
Area Size: How Many Routers in an Area? 111
OSPF Hierarchy 112
Area and Domain Summarization 113
OSPF Hub-and-Spoke Design 113
Number of Areas in an OSPF Hub-and-Spoke Design 114
Issues with Hub-and-Spoke Design 114
OSPF Hub-and-Spoke Network Types 116
OSPF Area Border Connection Behavior 117
OSPF Area Filtering 118
Application of Interarea Filtering 119
Full-Mesh Topology and Mesh Group 120
OSPF Flooding Reduction 121
Fast Convergence in OSPF 121
Fast Convergence with Fast Hellos 122
Fast Convergence with SPF 122
Overview of OSPF Incremental SPF 122
Incremental SPF Convergence Times 123
Bidirectional Forwarding Detection 123
Designing Scalable BGP Designs 124
Scaling BGP Designs 124
Full-Mesh IBGP Scalability 125
Scaling IBGP with Route Reflectors 126
BGP Route Reflector Definitions 126
Route Reflector Basics 128
Scaling IBGP with Confederations 129
BGP Confederation Definitions 129
Confederation Basics 130
Confederations Reduce Meshing 130
Deploying Confederations 132
Summary 134
References 135
Review Questions 135
Chapter 4 Advanced WAN Services Design Considerations 139
Advanced WAN Service Layers 139
Enterprise Optical Interconnections 140
Overview of SONET and SDH 141
Enterprise View of SONET 142
WDM Overview 142
CWDM Technical Overview 143
DWDM Technical Overview 144
DWDM Systems 145
RPR Overview 146
RPR in the Enterprise 146
Metro Ethernet Overview 147
Metro Ethernet Service Model 147
Metro Ethernet Architecture 148
Metro Ethernet LAN Services 150
Ethernet Private Line Service 151
Ethernet Relay Service 152
Ethernet Wire Service 153
Ethernet Multipoint Service 153
Ethernet Relay Multipoint Service 154
End-to-End QoS 154
Choosing the Right Service 156
VPLS Overview 156
VPLS Architecture Model 157
VPLS in the Enterprise 158
Hierarchical VPLS Overview 159
Scaling VPLS 159
QoS Issues with EMS or VPLS 161
EMS or VPLS and Routing Implications 161
VPLS and IP Multicast 162
VPLS Availability 162
MPLS VPN Overview 162
Customer Considerations with MPLS VPNs 163
Routing Considerations: Backdoor Routes 164
Routing Considerations: Managed Router Combined
with Internal Routing 164
Routing Considerations: Managed Router From Two
Service Providers 165
Implementing Advanced WAN Services 166
Advanced WAN Service Selection 166
Business Risk Assessment 167
WAN Features and Requirements 168
SLA Overview 170
SLA Monitoring 171
Summary 172
References 172
Review Questions 173
Chapter 5 Enterprise Data Center Design 177
Designing the Core and Aggregation Layers 177
Data Center Architecture Overview 177
Benefits of the Three-Layer Model 179
Data Center Core Layer Design 179
Layer 3 Characteristics for the Data Center Core 181
OSPF Routing Protocol Design Recommendations 182
EIGRP Routing Protocol Design Recommendations 183
Aggregation Layer Design 185
Scaling the Aggregation Layer 185
STP Design 186
Integrated Service Modules 188
Service Module Placement Consideration 188
Active STP, HSRP, and Service Context Alignment 189
Active/Standby Service Module Design 190
Active/Active Service Module Design 191
Establishing Inbound Path Preference 192
Designing the Access Layer 193
Using VRFs in the Data Center 193
Overview of the Data Center Access Layer 194
Layer 2 Looped Designs 195
Layer 2 Looped Topologies 196
Layer 2 Looped Design Issues 197
Layer 2 Loop-Free Designs 199
Loop-Free Topologies 200
Example: Loop-Free U Design and Layer 2 Service Modules 201
Example: Loop-Free U Design and Cisco ACE Service Module 203
Layer 2 FlexLink Designs 203
FlexLink Issues and Considerations 204
Comparison of Layer 2 Access Designs 206
Layer 3 Access Layer Designs 208
Multicast Source Support 209
Benefits of Layer 3 Access 210
Drawbacks of Layer 3 Access 210
Blade Server Overview 210
Blade Server Connectivity Options 212
Blade Servers with InfiniBand 213
Blade Server Trunk Failover Feature 215
Layer 2 or Layer 3 Access Design? 216
Scaling the Data Center Architecture 217
Modular Versus 1RU Designs 217
Cabinet Design with 1RU Switching 218
Example: Network Topology with 1RU Switching Model 219
Cabinet Design with Modular Access Switches 221
Example: Network Topology with Modular Access Switches 221
Server NIC Density 223
Hybrid Example with a Separate OOB Switch 223
Oversubscription and Uplinks 224
Optimizing EtherChannel Utilization with Load Balancing 224
Optimizing EtherChannel Utilization with Min-Links 225
Scaling with Service Layer Switches 226
Scaling Service on Cisco ACE Modules 227
Scaling Spanning Tree and High Availability 228
Scalability 228
STPs in the Data Center 228
STP Scaling 229
STP Logical Interfaces 230
STP Scaling with 120 Systemwide VLANs 231
STP in 1RU Designs 232
STP Scaling Design Guidelines 233
High Availability in the Data Center 233
Common NIC Teaming Configurations 234
Server Attachment Methods 235
High Availability and Failover Times 236
High Availability and Cisco NSF with SSO 237
Summary 239
References 239
Review Questions 240
Chapter 6 SAN Design Considerations 245
Identifying SAN Components and Technologies 245
SAN Components 246
RAID Overview 248
Storage Topologies 248
DAS 249
NAS 249
SAN Technologies 250
SCSI Overview 250
Fibre Channel Overview 251
Fibre Channel Communications Model 252
VSAN 253
IVR 254
FSPF 254
Zoning 255
FICON 256
SANTap 256
Designing SAN and SAN Extension 258
Port Density and Topology Requirements 258
Device Oversubscription 259
Traffic Management 260
Fault Isolation 260
Convergence and Stability 260
SAN Designs with the Cisco MDS 9000 Family 261
SAN Consolidation with VSANs 261
Comprehensive SAN Security 261
Simplified SAN Management 262
Single-Switch Collapsed-Core Design 262
Small-Scale, Dual-Fabric Collapsed-Core Design 263
Medium-Scale, Dual-Fabric Collapsed-Core Design 263
Large-Scale, Dual-Fabric Core-Edge Design 264
SAN Extension 266
SAN Extension Protocols 267
iSCSI 269
SAN Extension Developments 270
High-Availability SAN Extension 271
Summary 273
References 273
Review Questions 273
Chapter 7 E-Commerce Module Design 277
Designing High Availability for E-Commerce 277
E-Commerce High-Availability Requirements 277
Components of High Availability 277
Redundancy 278
Technology 278
People 279
Processes 280
Tools 281
Common E-Commerce Module Designs 281
Common E-Commerce Firewall Designs 281
Typical E-Commerce Module Topology 282
Using a Server as an Application Gateway 282
Virtualization with Firewall Contexts 284
Virtual Firewall Layers 285
Firewall Modes 286
Common E-Commerce Server Load Balancer Designs 288
Functions of a Server Load Balancer 288
Cisco Server Load Balancer Products 289
SLB Design Models 290
SLB Router Mode 290
SLB Inline Bridge Mode 291
SLB One-Armed Mode 292
Common E-Commerce Design Topologies for Connecting to Multiple ISPs 295
One Firewall per ISP 295
Stateful Failover with Common External Prefix 296
Distributed Data Centers 298
Integrated E-Commerce Designs 299
Base E-Commerce Module Design 299
Base Design Routing Logic 301
Base Design Server Traffic Flows 301
Two Firewall Layers in the E-Commerce Module Design 304
Traffic Flows in a Two-Firewall Layer Design 305
One-Armed SLB Two-Firewall E-Commerce Module Design 305
Traffic Flows in a One-Armed SLB Two-Firewall Layer Design 308
Direct Server Traffic Flows in a One-Armed SLB Two-
Firewall Layer Design 308
One-Armed SLB E-Commerce Module Design with Firewall Contexts 308
Traffic Flows in a One-Armed SLB Design with Firewall Contexts 310
One-Armed SLB E-Commerce Module Design with CSS 313
Testing E-Commerce Module Designs 313
Tuning E-Commerce Module Designs 315
BGP Tuning 315
Enhanced Object Tracking 317
HSRP and IP SLAs Tracking Example 318
Injecting Routes and IP SLAs Example 319
Optimized Edge Routing 320
Optimized Edge Routing Operations 322
Optimized Edge Routing Topologies 324
DNS-Based Site Selection and Failover: GSLB with Cisco
Global Site Selector 325
Summary 327
References 328
Review Questions 329
Chapter 8 Security Services Design 333
Designing Firewalls 333
Firewall Modes 333
Virtual Firewall Overview 335
Firewall Context Design Considerations 336
MSFC Placement 337
Active/Active Firewall Topology 338
Active/Active Topology Features 339
Asymmetric Routing with Firewalls 339
Asymmetric Routing with ASR Group on a Single FWSM 340
Asymmetric Routing with Active/Active Topology 340
Performance Scaling with Multiple FWSMs 341
Example: Load Balancing FWSMs Using PBR 341
Load Balancing FWSMs Using ECMP Routing 342
PVLAN Security 342
FWSM in a PVLAN Environment: Isolated Ports 344
FWSM in a PVLAN Environment: Community VLANs 345
Zone-Based Policy Firewall 346
Designing NAC Services 347
Network Security with Access Control 348
NAC Comparison 348
Cisco NAC Appliance Fundamentals 349
Cisco NAC Appliance Components 349
Cisco NAC Appliance Policy Updates 350
Process Flow with the Cisco NAC Appliance 351
Cisco NAS Scaling 351
Cisco NAS Deployment Options 352
Cisco NAS Gateway Modes 353
Cisco NAS Operating Modes 354
Cisco NAS Client Access Modes 354
Layer 2 In-Band Designs 355
Physical Deployment Models 355
Cisco NAC Appliance Designs 355
Layer 2 In-Band Designs 355
Layer 2 Out-of-Band Designs 358
Layer 3 In-Band Designs 359
Layer 3 Out-of-Band Designs 360
NAC Framework Overview 362
Router Platform Support for the NAC Framework 364
Switch Platform Support for the NAC Framework 366
Cisco Client Security Software 366
Designing Intrusion-Detection and -Prevention Services 368
IDS and IPS Overview 368
Intrusion-Detection Systems 368
Intrusion-Prevention Systems 368
IDS and IPS Overview 369
IDS and IPS Design Considerations 371
IDS or IPS Deployments 371
IPS Appliance Deployment Options 372
IPS Deployment Challenges 373
IDS or IPS Management Interface Deployment Options 374
IDS and IPS Monitoring and Management 374
Scaling Cisco Security MARS with Global Controller Deployment 376
Summary 377
References 377
Review Questions 378
Chapter 9 IPsec and SSL VPN Design 383
Designing Remote-Access VPNs 383
Remote-Access VPN Overview 383
Example: Cisco Easy VPN Client IPsec Implementation 384
SSL VPN Overview 384
Clientless Access 385
Thin Client 386
Thick Client 386
Remote-Access VPN Design Considerations 387
VPN Termination Device and Firewall Placement 388
Routing Design Considerations 388
Address Assignment Considerations 388
Other Design Considerations 389
Designing Site-to-Site VPNs 390
Site-to-Site VPN Applications 391
WAN Replacement Using Site-to-Site IPsec VPNs 391
WAN Backup Using Site-to-Site IPsec VPNs 391
Regulatory Encryption Using Site-to-Site IPsec VPNs 392
Site-to-Site VPN Design Considerations 392
IP Addressing and Routing 392
Scaling, Sizing, and Performance 393
Design Topologies 397
VPN Device Placement Designs 397
VPN Device Parallel to Firewall 398
VPN Device on a Firewall DMZ 398
Integrated VPN and Firewall 399
Using IPsec VPN Technologies 400
IPsec VPN Overview 400
Extensions to Basic IPsec VPNs 400
Cisco Easy VPN 401
Overview of Cisco Easy VPN Server Wizard on Cisco SDM 401
Overview of Easy VPN Remote Wizard on Cisco SDM 402
GRE over IPsec 403
GRE over IPsec Design Recommendations 404
DMVPN 405
DMVPN Overview 405
DMVPN Design Recommendations 407
Virtual Tunnel Interfaces Overview 407
Group Encrypted Transport VPN 409
GET VPN Topology 409
Managing and Scaling VPNs 410
Recommendations for Managing VPNs 410
Recommendations for Managing VPNs 412
Considerations for Scaling VPNs 412
Determining Packets per Second 413
Routing Protocol Considerations for IPsec VPNs 417
Summary 419
References 419
Review Questions 420
Chapter 10 IP Multicast Design 425
IP Multicast Technologies 426
Introduction to Multicast 426
Multicast Versus Unicast 426
IP Multicast Group Membership 427
Multicast Applications and Multicast Adoption Trends 427
Learning About Multicast Sessions 429
Advantages of Multicast 429
Disadvantages of Multicast 429
Multicast IP Addresses 430
Layer 2 Multicast Addresses 431
Multicast Address Assignment 433
Cisco Multicast Architecture 434
IGMP and CGMP 436
IGMP Version 1 (IGMPv1) 436
IGMP Version 2 (IGMPv2) 436
IGMP Version 3 (IGMPv3) 437
Multicast with Layer 2 Switches 438
PIM Routing Protocol 440
PIM Terminology 440
Multicast Distribution Trees 443
Deploying PIM and RPs 447
PIM Deployment Models 447
ASM or PIM-SM 447
Bidirectional PIM 450
Source Specific Multicast 452
RP Considerations 454
Static RP Addressing 455
Anycast RP 455
Auto-RP 456
Boot Strap Router 459
Securing IP Multicast 461
Security Considerations for IP Multicast 461
Security Goals for Multicast Environments 461
Unicast and Multicast State Requirements 462
Unicast and Multicast Replication Requirements 464
Attack Traffic in Unicast and Multicast Networks 465
Scoped Addresses 466
Multicast Access Control 467
Packet Filter-Based Access Control 467
Host Receiver-Side Access Control 468
PIM-SM Source Control 470
Disabling Multicast Groups for IPv6 471
Summary 472
References 474
Review Questions 474
Chapter 11 VoWLAN Design 479
Cisco Unified Wireless Network Review 479
Radio Frequency Communication 479
Antennas 480
IEEE 802.11 Operational Standards 481
IEEE 802.11b/g Standards in the 2.4-GHz Band 481
IEEE 802.11a Standard in the 5-GHz Band 483
WLAN Components 484
Cisco-Compatible WLAN Clients 485
Autonomous APs 487
Lightweight APs 487
WLAN Operation 487
The Cisco UWN Architecture 488
Cisco UWN Elements 488
Cisco UWN Lightweight AP and WLC Operation 489
Using VoWLAN in an Enterprise Network 491
VoWLAN Drivers in the Enterprise 491
Voice-Ready Architecture 492
Voice Impact on WLANs 493
VoWLAN Infrastructure Considerations 494
Roaming 494
Intracontroller Roaming 495
Intercontroller Roaming at Layer 2 495
Intercontroller Roaming at Layer 3 497
Mobility Groups 498
Enhanced Neighbor Lists 499
QoS 500
IEEE 802.11e and Wi-Fi Multimedia 500
End-to-End QoS 501
Call Admission Control 501
Security 502
VoWLAN Authentication and Encryption Recommendations 502
Other Design Recommendations for VoWLAN Security 503
Intelligent VoWLAN Clients 504
Cisco Unified Wireless IP Phone 7921G 504
VoWLAN Coverage Considerations 505
SNR 506
Nonoverlapping Channels 508
802.11b/g Channels 508
Cell Overlap Guidelines 509
802.11a Channels 510
General Recommendations for VoWLANs 511
VoWLAN Site Surveys 512
Site Survey Process 513
Spectrum Analysis Tool 514
WCS Planning Tool 514
AP Locations 515
Traditional Large Cell Deployment 515
Small Cell Deployment for VoWLANs 515
Alternative Cell Deployment 516
Conducting a Site Survey 517
Site Survey Documentation 518
VoWLAN Steps to Success Partner Program 519
Summary 520
References 522
Review Questions 522
Chapter 12 Network Management Capabilities Within Cisco IOS Software 527
Cisco IOS Embedded Management Tools 527
Network Management Support in Cisco IOS Software 527
Application Optimization and Cisco IOS Technologies 528
Syslog 529
Cisco IOS Syslog Message Standard 531
Syslog Issues 533
NetFlow 534
NetFlow Overview 534
NetFlow Flows 535
Traditional NetFlow IP Flows 536
NetFlow Flow Record Creation 536
NetFlow Cache Management 540
NetFlow Export Versions 542
Flexible NetFlow 542
Flexible NetFlow Overview 542
Flexible NetFlow Advantages 543
NetFlow Collectors 545
NetFlow Deployment 545
NBAR 546
NBAR Overview 546
NBAR Packet Inspection 546
NBAR Protocol Discovery 548
NBAR and NetFlow 548
Examining NBAR Protocol Discovery Statistics 549
NBAR and Cisco AutoQoS 551
Cisco AutoQoS VoIP 553
Cisco AutoQoS for the Enterprise 554
IP SLAs 556
IP SLAs Overview 556
SLAs 556
IP SLAs Measurements 557
IP SLAs Capability Support 560
IP SLAs Functions 560
IP SLAs Source and Responder 560
IP SLAs Operations 560
IP SLAs Operation with Responder 561
IP SLAs with Responder Timestamps 562
IP SLAs SNMP Features 563
Deploying IP SLAs Measurements 564
Impact of QoS Deployment on IP SLAs Statistics 565
Scaling IP SLAs Deployments 566
Hierarchical Monitoring with IP SLAs Measurements 567
Network Management Applications Using IP SLAs Measurements 568
CiscoWorks IPM Application Example 568
IP SLAs Network Management Application Considerations 568
Summary 570
References 571
Review Questions 572
Appendix A Answers to Review Questions 577
Acronyms and Abbreviations 591
Index 604
About the Authors
top
Keith Hutton is an information technology professional with close to 20 years of experience in the industry. Over the course of his career, Keith has worked as a professional services engineer, presales engineer, third-line operational support engineer, engineering team lead, instructor, and author. Keith currently works as a professional services engineer for Bell Canada, responsible for the design and configuration of network security infrastructures. Keith has a B.A. honors degree from Queen's University, and is a certified Cisco instructor, Cisco Certified Network Professional (CCNP), Cisco Certified Design Professional (CCDP), and Cisco Certified Internetworking Professional (CCIP).
Mark Schofield has been a network architect at Bell Canada for the past six years. Working for the largest service provider in Canada, he has designed Multiprotocol Layer Switching (MPLS) virtual private networks (VPNs) with IP quality of service (QoS) for large enterprise customers. During the past five years at Bell, he has been involved in the design, implementation, and planning of large national networks for Bell Canada's federal government customers. As part of a cross-company team, he developed Bell Canada's premier MPLS VPN product. Mark has a MLIS from the University of Western Ontario and a B.A. and M.A. degrees from the University of Guelph. Industry certifications include the Cisco Certified Systems Instructor (CCIP), Cisco Certified Network Professional (CCNP), Citrix Certified Enterprise Administrator (CCEA), and Microsoft Certified Systems Engineer (MCSE).
Diane Teare is a professional in the networking, training, project management, and elearning fields. She has more than 20 years of experience in designing, implementing, and troubleshooting network hardware and software, and has been involved in teaching, course design, and project management. She has extensive knowledge of network design and routing technologies, and is an instructor with one of the largest authorized Cisco Learning Partners. She was recently the director of e-learning for the same company, where she was responsible for planning and supporting all the company's e-learning offerings in Canada, including Cisco courses. Diane has a bachelor's degree in applied science in electrical engineering and a master's degree in applied science in management science. She is a certified Cisco instructor and currently holds her Cisco Certified Network Professional (CCNP), Cisco Certified Design Professional (CCDP), and Project Management Professional (PMP) certifications. She coauthored the Cisco Press titles Campus Network Design Fundamentals, the three editions of Authorized Self-Study Guide Building Scalable Cisco Internetworks (BSCI), and Building Scalable Cisco Networks; and edited the two editions of the Authorized Self-Study Guide Designing
for Cisco Internetwork Solutions (DESGN) and Designing Cisco Networks.
