1.2 Key Characteristics of Scalable Internetworks
1.2.7 Making the network accessible but secure

Accessible networks allow users to connect easily over a wide variety of technologies. Campus LAN users typically connect to routers at the access layer through Ethernet or Token Ring. Remote users and sites depend on one of several WAN services. The variety of WAN services will differ from area to area. Because cost and geography play a significant role in determining what type of WAN services an organization can deploy, Cisco routers support all major WAN connection types. As shown in the figure, these include circuit-switched (dialup) networks, leased lines (dedicated), and packet switched networks.

  • Dialup and dedicated access - Cisco routers can be directly connected to basic telephone service or digital services such as T1/E1. Dialup links can be used for backup or at remote sites that need occasional WAN access, while dedicated leased lines provide a high-speed, high-capacity WAN core between key sites.
  • Packet switched - Cisco routers support Frame Relay, X.25, Switched Multi-megabit Data Service (SMDS), and ATM. With this variety of support, the WAN service, or combination of WAN services, to deploy can be determined based on cost, location, and need.

Often, the easier it is for legitimate remote users to access the network, the easier it is for unauthorized users to break in. An access strategy must be carefully planned so that resources, such as remote access routers and servers, are secure. If a company enables users to telecommute via dialup modem, the network administrator must secure access routers with access lists or an authentication protocol such as the Password Authentication Protocol (PAP) or the Challenge Handshake Protocol (CHAP). These protocols require the user to provide a valid name and password before the router permits access to other network resources.