Enterprise LAN Network Architecture

Have you ever wondered about what could be the various networking components that make an
enterprise LAN (Computer Network / Local Area Network)? The above diagram shows you the
connectivity architecture of the major components that form an enterprise network. We have also
included a brief description of the individual components below:
Internet: The Internet cloud refers to the source of the Internet to an organization. The
organization could be connected to the Internet via Internet Leased Lines/ Broadband/ 3G etc.
For connectivity to other branches, a VPN Network over the Internet could be used (or) A
Managed Leased Line/ MPLS circuit could be used as well.
Router: The Enterprise Router is basically a Layer-3 Network device that connects disparate
networks. It acts as a gateway between the LAN and the WAN networks and the Internet Leased
Lines/ MPLS Circuits/ Managed Leased Lines/ Broadband networks are all terminated on the
router. Some Routers support additional modules for secure connectivity to other branches
through VPN, Intrusion Prevention and Content Filtering etc. Routers have WAN ports and LAN
ports to connect WAN and LAN connections respectively, and some of them have built-in
Wireless/ VOIP capabilities.
UTM/ Firewall: The Unified Threat Management Appliance (or software) is for providing
gateway level network security for the various end points used in the organization. The UTM
Devices provide the following network security options: Firewall, Anti-Spam, Anti-Virus,
Content Filtering, URL Filtering, Intrusion Prevention (IPS), Virtual Private Network (VPN),
Protection from Internet threats like Phishing etc.
Core Switch: A Core Switch is generally a Layer-3 based Network Switch that connects to the
various distribution switches, edge switches (through distribution switches / directly) using
Optical Fiber Networks or UTP Copper cabling. They generally also connect to the computer
servers (ERP, Web Server, Mail Server, Database Server, Application Servers, etc). The core
switch is in the center of an enterprise network and it also provides Inter-VLAN routing. They
are either stand-alone switches (24/48 Ports Copper, 4/24 Port Fiber) or Chassis-based where
there is processing unit and number of blade modules(For connecting fiber/copper) that go in to
empty slots allowing for a flexible configuration.
NAS Device: A NAS Device refers to a Network Area Storage Appliance (This could also be a
Storage Area Network, depending upon the storage requirements) where bulk of the files/ data
are stored for the servers and individual users (PCs) to access them over the network whenever
required. These appliances are mostly disk based and can be connected anywhere on the network
(preferably to a core switch). They come in sizes ranging from 1 TB(Tera Byte) to multiple Tera
Byte configurations.
Wireless Controller: There are many access points to provide wireless (Wi-Fi) access to the
PCs/ Laptops/ Wi-Fi Phones in the enterprise. All these Access Points are managed/ controlled
by an appliance called Wireless Controller. Basically a wireless controller provides centralized
authentication, encryption, network policies, radio frequency management, failover, load
balancing, wireless intrusion scanning and other functionalities required for the wireless users
across the network.
IP Telephony Server: The IP Telephony Server provides the call control functions (voice
switching) for the telephony operations in an enterprise network. Since the IP Phones connect to
the computer networks, these IP Telephony Servers provide centralized administration and
connectivity to PSTN Lines to all the IP Phones/ VOIP devices over the network including the
assigning of extension/ DID numbers and IVR (Interactive Voice Response).
Distribution Switches: Distribution Switches provide an aggregation layer for network
switching. The distribution switches connect to both copper UTP cable network as well as
optical fiber networks. The distribution switches are connected to the core switch on one end and
to the edge switches on the other. Generally, there may be one distribution switch for each
department and a network is sometimes formed without the distribution/ aggregation layer by
connecting the network endpoints directly to them.
Edge Switches: The Edge/ endpoint switches are basically Layer-2 switches that provide direct
connectivity to the various network devices like PCs, laptops, Wireless Access Points etc using
the Copper UTP cables. They come in various configurations including 8 Port/ 16 Port, 24 Port,
48 Port etc. They support 10/100 Mbps as well as 10/100/1000 Mbps connectivity to the various
network devices. Some of them even support POE (Power Over Ethernet) for electrical power
required for operation of certain network devices (like Wireless Access Points, IP Phones etc)
and some of them could be stacked to each other for providing a single management interface/
combined backplane for multiple such edge switches.
Wireless Access Points: The Wireless Access Points contain built-in radios which provide
wireless signals for connecting certain network devices that has an in-built wireless adapter.
Basically these access points send wireless signals that can be interpreted by the wireless enabled
network clients for communicating the data/ information over the wireless medium. Their job is
just to collect these signals, convert them in to wired signals and send it over the LAN network
for the wireless controller to interpret them and take appropriate action. They generally have a
coverage range of 20-30 meters indoor and 80-100 meters outdoor and each device can connect
to more than 15 wireless devices within their coverage area. They operate in the 2.4 and 5 Ghz
frequency spectrum.
Network Endpoints/ Devices: There are various network devices/ endpoints connecting to the
LAN via edge switches/ wireless access points. Some of them include PC/ Laptop/ PDA etc for
data connectivity, IP Phones, Cell Phones/Wi-Fi Phones, Soft Phones for voice connectivity, IP
Surveillance Cameras/ IP Video Conferencing devices for video over IP. There are also network
based accessories like network printers, MFPs (Multi-Function Printers), Scanners etc.
connecting to the enterprise computer network.