Swift
asked on
Conceptual DC Design
Attached is a conceptual 3 tier Dc design. From securiy perspective seems like everything has been taken care of in terms of provisioning of active equipments. Note that majority of employees are going to access the provisioned servcies off this Dc from WAN ( MPLS VPN) depicted as " Internal users".
Given the needs:
1. The DC will host variety of applications, both critical and non critical, holding cofidential data as well non confidential data with varying RPO / RTO needs.
2. Not all applications would be built around standard 3 tier architecture model.
3. Most applications will be maintained and supported by varying 3rd parties / vendors.
4. Service / apps hosted within will be accessed by users who are not trusted e.g. Customers, JV partners, Consultants etc.
What do you suggest in terms of design enhancements to cater for the above 4 needs given that we are starting as a green field?
Project1.jpg
Given the needs:
1. The DC will host variety of applications, both critical and non critical, holding cofidential data as well non confidential data with varying RPO / RTO needs.
2. Not all applications would be built around standard 3 tier architecture model.
3. Most applications will be maintained and supported by varying 3rd parties / vendors.
4. Service / apps hosted within will be accessed by users who are not trusted e.g. Customers, JV partners, Consultants etc.
What do you suggest in terms of design enhancements to cater for the above 4 needs given that we are starting as a green field?
Project1.jpg
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I don't know how you can plan around #2 as a "not". My wife will tell me that restaurant is _not_ the right one, but that doesn't help pick a place for dinner. Not understanding that, I passed on it.
#3 & 4 would involve some VLAN and ACL details. But we don't even have basic connectivity drawn in. So going into more detail first seems to be out of order.
#3 & 4 would involve some VLAN and ACL details. But we don't even have basic connectivity drawn in. So going into more detail first seems to be out of order.
ASKER
Your replies are very valid but seems to look into the needs of my first point ( maintaining low RPO / RTO).
Would you let me know some design aspects that would cater to my listed needs of Point 2-4 too?