as it's described in the lab.gear section - my lab is mostly virtual but for some specific security features the physical HW is needed. I'm trying to emulate as much as possible due to very high costs for physical devices. with no ROI of course :o)
started to build the lab environment by studying the INE CCIE Sec v4 topology - the physical wiring and tried to modify it to be able to run their labs and ATC, but also to easily adjust it (with no cabling changes) to any other vendor's lab.
own real-based topology
the real CCIE Security lab exam topology leaked out so I was able to build the original topoogy in my lab just to reflex the requirements that might be needed during the exam. and of course to be more familiar with this topology. I modified the original structure and tried to fit it to UNL/Virtual environment but had to adjust few things of course as this is covered more to the details below.
there is a lot of inter-switch connections and think it doesn't make any sense to draw a diagram for this, so all the links are listed in the following table ...
don't be scared during the UNL implementation phase as it's really messy because of enormous count of links of 18 networking devices. you can see below it doesn't make any sense to use the unl web to manage this:
and lastly, the list of my network devices:
- routers - R1-R7, UNL IOL, 4xETH, 256M RAM, 15.4(2)T4
- switches - SW1-SW6, UNL IOL-L2, 24xETH, 256M RAM, Nov3/2015_HighIron
- fw - ASA1-ASA3, UNL, asa-8.42, 512M RAM
- fw - ASA4, UNL, asa-8.2, 512M RAM
- ips/ids - IPS, UNL, ips-6.0.6, 1024M RAM