Solved

step by step instructions for redesigning our cisco flat network to create more zones multi subnet vlan zones network

Posted on 2013-10-31
3
38 Views
Last Modified: 2016-06-02
Asked by: whenleySolved by: Netminder


ADDITIONAL / SECONDARY
architecting a secure internet infrastructure in a Microsoft Windows environment

 architecting a secure infrastructure leveraging a VLANS and Reverse Proxy

 designing authentication architecture including domain architecture

enabling a variety of applications including custom, package and reporting systems securely via the internet


1.       F5 BigIP, specifically the LTM and APM modules.  This includes SSL Offloading, NTLM authentication, Kerberos SSO, routing, iRules, security ACLs, etc.

2.       IIS 7.5 and Windows Domain knowledge
0
Comment
Question by:whenley
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 1

Accepted Solution

by:
Brian Whelton earned 500 total points
ID: 40045636
This is potentially a massive question, and the consideration of the load balancing hardware and using SSL off loading would suggest your environment is clearly more then 10 users on one switch.
I would suggest you consult a network consultant after deciding your end target of what you wish to achieve, and discuss it with a few to getting further ideas.

As a rule of thumb I would suggest a separate VLAN for each sever type (web, mail, application, file sharing etc.) and consider carefully how you wish to segment your users.  Just because they are in separate VLANs does not mean they can't access each other VLANs including the server VLANs.  Basically you're creating broadcast domains and if one was to be compromised by way of DHCP starvation, broadcast storm or some other action caused deliberately or by accident.  Separating users, even sitting next to each other will ensure such a condition will ensure some people still work.

Is there wireless and voice considerations?
What are your security considerations regarding access to different parts of the system?
What industry are you in?  Are there restrictions due to the industry such as retention of user data and controlling access to it?
You really need to break you questions up.
0

Featured Post

Three Considerations for Containers

Containers like Docker and Rocket are getting more popular every day. In my conversations with customers, they consistently ask what containers are and how they can use them in their environment. If you’re as curious as most people, read our article on Experts Exchange.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
Arrow Electronics was searching for a KVM  (Keyboard/Video/Mouse) switch that could display on one single monitor the current status of all units being tested on the rack.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question