1
00:00:00,760 --> 00:00:05,900
In the section we're on talk about how to create an ideal network.

2
00:00:05,930 --> 00:00:12,560
We're going to talk about some best practices about creating an ideal network.

3
00:00:12,750 --> 00:00:17,750
The first we need to keep our network physically safe.

4
00:00:17,980 --> 00:00:24,790
In an ideal network firstly we should keep our network physically safe for this purpose.

5
00:00:24,790 --> 00:00:32,980
We should keep our devices in a secure data center which includes fire suppression professional cooling

6
00:00:32,980 --> 00:00:44,000
subsystems and etc. and we need to monitor our data center using cameras to prevent unauthorized access.

7
00:00:44,010 --> 00:00:52,220
Another important thing we need to focus for physical security should be using separate cable and pads

8
00:00:52,240 --> 00:00:59,300
for electric and data to prevent electromagnetic interference.

9
00:00:59,350 --> 00:01:06,640
And let's take a look to keeping our networks safe on the from this software point of view.

10
00:01:06,700 --> 00:01:14,980
There are lots of network security threats that we can face on the Internet or local area networks.

11
00:01:14,980 --> 00:01:24,990
Come on software treats are virus worm through our Jim malware and at Celera and to mitigate these threats

12
00:01:25,000 --> 00:01:32,700
we need to use software or hardware firewalls and onto viruses and something like that.

13
00:01:34,910 --> 00:01:41,250
So from the password point of free let's say a look how we can keep our networks safe.

14
00:01:41,280 --> 00:01:48,980
Another important thing is to keep our network safe is using strong passwords.

15
00:01:49,010 --> 00:01:56,330
We need to use strong passwords for our enterprises and network devices as well.

16
00:01:56,450 --> 00:02:06,620
And we must anchor up to our passports on network devices by using service password encryption command

17
00:02:07,740 --> 00:02:08,960
and lessons.

18
00:02:08,970 --> 00:02:15,900
Take a look from the access point of few since the SS age anchor drifts through a remote connection

19
00:02:15,900 --> 00:02:16,950
session.

20
00:02:16,950 --> 00:02:29,300
We should use SSA age instead of that we should also used to repel a authentication authorization and

21
00:02:29,420 --> 00:02:34,840
accounting to protect the access to our network devices.

22
00:02:34,910 --> 00:02:43,280
Authentication means users must use username and password before accessing devices.

23
00:02:43,430 --> 00:02:51,410
Authorization means we should authorize users with different levels for example and operator level and

24
00:02:51,530 --> 00:02:55,120
or an admin level or something like that.

25
00:02:55,670 --> 00:03:04,070
And accounting means we need to record you have troops or X accesses for device configuration chains

26
00:03:04,880 --> 00:03:12,500
and and in an ideal network monitoring is a really really important part.

27
00:03:12,500 --> 00:03:21,500
Today we need to monitor the words configuration change the US interruptions and network traffic with

28
00:03:21,800 --> 00:03:23,200
monitoring tools.

29
00:03:23,210 --> 00:03:30,200
And we need to receive emails from network monitoring softwares to be informed quickly

30
00:03:33,800 --> 00:03:41,000
and let's say collude to privatizing critical traffic All traffics in our networks.

31
00:03:41,000 --> 00:03:45,290
Guys don't have the same importance.

32
00:03:45,290 --> 00:03:54,920
We should prioritize critical traffic and if there is a congestion in our traffic our privatized traffic

33
00:03:54,920 --> 00:03:58,920
should use our bandwidth first.

34
00:04:02,310 --> 00:04:11,700
We should also use redundant devices and parts to mitigate the device hardware and the cabling problems.

35
00:04:11,700 --> 00:04:18,570
For example let's say that if this device fails the communication can go ahead.

36
00:04:18,600 --> 00:04:28,800
By using this device or for example if this cable fails no problem again we can go ahead our communication

37
00:04:28,800 --> 00:04:35,400
from this path or by using this path or something like that.

38
00:04:35,740 --> 00:04:41,430
4 is a management to end troubleshooting and efficient use of resources.

39
00:04:41,490 --> 00:04:45,990
We should use hierarchical design on our network.

40
00:04:45,990 --> 00:04:58,020
This design consists of three levels and their access layer distribution layer and the car layer in

41
00:04:58,110 --> 00:04:59,720
access layer.

42
00:04:59,730 --> 00:05:10,440
This is the network of the end the way such as pieces IP phones printers and some layer two suites and

43
00:05:10,440 --> 00:05:11,960
something like that.

44
00:05:12,250 --> 00:05:20,310
Is this the operation is the layer which mandates individual branch of his wider network connections

45
00:05:20,730 --> 00:05:29,280
and the core layer is the layer which provides high speed forwarding services to move packets between

46
00:05:29,550 --> 00:05:34,020
distribution layer devices in different regions of network.