Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

step by step instructions for redesigning our cisco flat network to create more zones multi subnet vlan zones network

Posted on 2013-10-31
3
Medium Priority
?
42 Views
Last Modified: 2016-06-02
Asked by: whenleySolved by: Netminder


ADDITIONAL / SECONDARY
architecting a secure internet infrastructure in a Microsoft Windows environment

 architecting a secure infrastructure leveraging a VLANS and Reverse Proxy

 designing authentication architecture including domain architecture

enabling a variety of applications including custom, package and reporting systems securely via the internet


1.       F5 BigIP, specifically the LTM and APM modules.  This includes SSL Offloading, NTLM authentication, Kerberos SSO, routing, iRules, security ACLs, etc.

2.       IIS 7.5 and Windows Domain knowledge
0
Comment
Question by:whenley
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 1

Accepted Solution

by:
Brian Whelton earned 2000 total points
ID: 40045636
This is potentially a massive question, and the consideration of the load balancing hardware and using SSL off loading would suggest your environment is clearly more then 10 users on one switch.
I would suggest you consult a network consultant after deciding your end target of what you wish to achieve, and discuss it with a few to getting further ideas.

As a rule of thumb I would suggest a separate VLAN for each sever type (web, mail, application, file sharing etc.) and consider carefully how you wish to segment your users.  Just because they are in separate VLANs does not mean they can't access each other VLANs including the server VLANs.  Basically you're creating broadcast domains and if one was to be compromised by way of DHCP starvation, broadcast storm or some other action caused deliberately or by accident.  Separating users, even sitting next to each other will ensure such a condition will ensure some people still work.

Is there wireless and voice considerations?
What are your security considerations regarding access to different parts of the system?
What industry are you in?  Are there restrictions due to the industry such as retention of user data and controlling access to it?
You really need to break you questions up.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question