Solved

step by step instructions for redesigning our cisco flat network to create more zones multi subnet vlan zones network

Posted on 2013-10-31
3
23 Views
Last Modified: 2016-06-02
Asked by: whenleySolved by: Netminder


ADDITIONAL / SECONDARY
architecting a secure internet infrastructure in a Microsoft Windows environment

 architecting a secure infrastructure leveraging a VLANS and Reverse Proxy

 designing authentication architecture including domain architecture

enabling a variety of applications including custom, package and reporting systems securely via the internet


1.       F5 BigIP, specifically the LTM and APM modules.  This includes SSL Offloading, NTLM authentication, Kerberos SSO, routing, iRules, security ACLs, etc.

2.       IIS 7.5 and Windows Domain knowledge
0
Comment
Question by:whenley
3 Comments
 
LVL 1

Accepted Solution

by:
Brian Whelton earned 500 total points
ID: 40045636
This is potentially a massive question, and the consideration of the load balancing hardware and using SSL off loading would suggest your environment is clearly more then 10 users on one switch.
I would suggest you consult a network consultant after deciding your end target of what you wish to achieve, and discuss it with a few to getting further ideas.

As a rule of thumb I would suggest a separate VLAN for each sever type (web, mail, application, file sharing etc.) and consider carefully how you wish to segment your users.  Just because they are in separate VLANs does not mean they can't access each other VLANs including the server VLANs.  Basically you're creating broadcast domains and if one was to be compromised by way of DHCP starvation, broadcast storm or some other action caused deliberately or by accident.  Separating users, even sitting next to each other will ensure such a condition will ensure some people still work.

Is there wireless and voice considerations?
What are your security considerations regarding access to different parts of the system?
What industry are you in?  Are there restrictions due to the industry such as retention of user data and controlling access to it?
You really need to break you questions up.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now