Solved

step by step instructions for redesigning our cisco flat network to create more zones multi subnet vlan zones network

Posted on 2013-10-31
3
31 Views
Last Modified: 2016-06-02
Asked by: whenleySolved by: Netminder


ADDITIONAL / SECONDARY
architecting a secure internet infrastructure in a Microsoft Windows environment

 architecting a secure infrastructure leveraging a VLANS and Reverse Proxy

 designing authentication architecture including domain architecture

enabling a variety of applications including custom, package and reporting systems securely via the internet


1.       F5 BigIP, specifically the LTM and APM modules.  This includes SSL Offloading, NTLM authentication, Kerberos SSO, routing, iRules, security ACLs, etc.

2.       IIS 7.5 and Windows Domain knowledge
0
Comment
Question by:whenley
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 1

Accepted Solution

by:
Brian Whelton earned 500 total points
ID: 40045636
This is potentially a massive question, and the consideration of the load balancing hardware and using SSL off loading would suggest your environment is clearly more then 10 users on one switch.
I would suggest you consult a network consultant after deciding your end target of what you wish to achieve, and discuss it with a few to getting further ideas.

As a rule of thumb I would suggest a separate VLAN for each sever type (web, mail, application, file sharing etc.) and consider carefully how you wish to segment your users.  Just because they are in separate VLANs does not mean they can't access each other VLANs including the server VLANs.  Basically you're creating broadcast domains and if one was to be compromised by way of DHCP starvation, broadcast storm or some other action caused deliberately or by accident.  Separating users, even sitting next to each other will ensure such a condition will ensure some people still work.

Is there wireless and voice considerations?
What are your security considerations regarding access to different parts of the system?
What industry are you in?  Are there restrictions due to the industry such as retention of user data and controlling access to it?
You really need to break you questions up.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question