Solved

step by step instructions for redesigning our cisco flat network to create more zones multi subnet vlan zones network

Posted on 2013-10-31
3
19 Views
Last Modified: 2016-06-02
Asked by: whenleySolved by: Netminder


ADDITIONAL / SECONDARY
architecting a secure internet infrastructure in a Microsoft Windows environment

 architecting a secure infrastructure leveraging a VLANS and Reverse Proxy

 designing authentication architecture including domain architecture

enabling a variety of applications including custom, package and reporting systems securely via the internet


1.       F5 BigIP, specifically the LTM and APM modules.  This includes SSL Offloading, NTLM authentication, Kerberos SSO, routing, iRules, security ACLs, etc.

2.       IIS 7.5 and Windows Domain knowledge
0
Comment
Question by:whenley
3 Comments
 
LVL 1

Accepted Solution

by:
Brian Whelton earned 500 total points
ID: 40045636
This is potentially a massive question, and the consideration of the load balancing hardware and using SSL off loading would suggest your environment is clearly more then 10 users on one switch.
I would suggest you consult a network consultant after deciding your end target of what you wish to achieve, and discuss it with a few to getting further ideas.

As a rule of thumb I would suggest a separate VLAN for each sever type (web, mail, application, file sharing etc.) and consider carefully how you wish to segment your users.  Just because they are in separate VLANs does not mean they can't access each other VLANs including the server VLANs.  Basically you're creating broadcast domains and if one was to be compromised by way of DHCP starvation, broadcast storm or some other action caused deliberately or by accident.  Separating users, even sitting next to each other will ensure such a condition will ensure some people still work.

Is there wireless and voice considerations?
What are your security considerations regarding access to different parts of the system?
What industry are you in?  Are there restrictions due to the industry such as retention of user data and controlling access to it?
You really need to break you questions up.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now