[c-nsp] Network design change

shadow floating nadengine at googlemail.com
Tue Nov 10 10:46:49 EST 2009 

thanks alot Ziv

i'll try to put it in a txt format:


  Site A
                                                                 Site
B

internet

internet
     |

  |
Firewall A

Firewall B
     |   |                                          link under
investigation
|   |
     |   |--------(DMZ Switch)
--------------------------------------------------------------------------------
(DMZ Switch)---|   |
     |

   |
     |

   |
     |

   |
     |                                         Higjh speed link
                                                                   |
Core Switch A ------------------------------------------------------------------------------------------------------------------Core
Switch B


Hi All,
My company has two sites in to 2 different locations that are
connected via high speed link at the core layer  in each site I've 1
DMZ , the network team wants to connect the DMZ switches in both sites
for better performance and "security" - the link under investigation
is shown in red in the picture -   via high speed link without passing
at all by the core network layer, as they say that will aid more in
the replication between server A and backup server A in the DMZs and
also this will help if any of the 2 firewalls had failure to access
both DMZs from any firewall.
 Is that better from security point of view?

appreciating your great help and advice
thanks alot

Regards,
Nad

2009/11/10 Ziv Leyes <zivl at gilat.net>:
> Hi Nad,
> This list accepts only text only messages, so the picture isn't attached to the message we've got.
> I suggest you to upload your diagram to some free image hosting site such as http://imageshack.us/ and post the link here
>
>
>
>
>
> ************************************************************************************
> This footnote confirms that this email message has been scanned by PineApp Mail-SeCure for the presence of malicious code, vandals & computer viruses.
> ************************************************************************************
>
>
>
>
>
>
> ************************************************************************************
> This footnote confirms that this email message has been scanned by
> PineApp Mail-SeCure for the presence of malicious code, vandals & computer viruses.
> ************************************************************************************
>
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list