network topology including many services

Posted by mete on Server Fault See other posts from Server Fault or by mete
Published on 2011-01-08T21:00:01Z Indexed on 2011/01/08 21:55 UTC
Read the original article Hit count: 349

Filed under:
|
|
|
|

I know this is yet another question on how to setup network but I hope you are not bored of such questions yet.

The site is also an office, so it includes windows dc, windows ad, exchange, sql, file sharing, development app servers and other pcs.

In addition to office (internal) things, there are both test and prod environments consisting of a web server-app server-sql stack. There is also ftp service open to public.

I consider:

dmz1 - web server - exchange edge - ftp

dmz2 - app server - sql for app server

internal - dc and ad - exchange hub and transport - internal file sharing - sql for internal use - app servers for internal use - pcs

public -> dmz1, only web, ftp and smtp public -> dmz2 not possible public -> internal not possible

dmz1 -> dmz2 is possible from web servers to app servers by using http or ajp dmz1 -> internal is only possible for exchange, otherwise not possible

dmz2 -> internal not possible

Does this sound ok ? Any other recommendations ? It will be configured using either MS ISA or Jupiter SSG. Thank you.

© Server Fault or respective owner

Related posts about networking

Related posts about isa