Skip to main content

Basic Network Architecture

·180 words·1 min
Posts Essential architecture network diagram
Table of Contents
A simple network architecture design based on layered approach.

Architecture
#

Here’s a typical layered achitecture design, with DMZ and Backend networks, and connected via firewalls.

%%{init: {'theme': 'forest'}}%% flowchart TD %% Nodes Internet("fa:fa-globe Internet") Firewall1("fa:fa-shield Firewall") DMZ["DMZ Network"] Firewall2("fa:fa-shield Firewall") Backend["Backend Network"] DNS("fa:fa-server DNS Server") Web("fa:fa-server WEB Server") AppServer("fa:fa-server App Server") Database("fa:fa-database Database") %% Grouping nodes in Subgraphs subgraph DMZ DNS Web end subgraph Backend AppServer Database end %% Edge connections between nodes Internet --> Firewall1 --> DMZ DMZ --> Firewall2 --> Backend

Network Diagram
#

This is a network diagram that based on the architecture above.

%%{init: {'theme': 'forest'}}%% graph TB External("fa:fa-globe Internet/cloud") FW{{"fa:fa-shield Enterprise FW"}} subgraph Backend [DC Backend] direction LR AppSvr(("fa:fa-server App Server")) DBSvr1[("fa:fa-database Database")] DBSvr2[("fa:fa-database Database")] DBSvr1 ~~~ AppSvr ~~~ DBSvr2 end subgraph office direction TB ITOPS("fa:fa-user IT Ops") Users("fa:fa-users Users") Users ~~~ ITOPS end subgraph DMZ direction TB DNS("fa:fa-server DNS_Server") WEB("fa:fa-server WEB_Server") DNS ~~~ WEB end subgraph DC [Data Center] direction LR FW <---> DMZ office ---> FW end External <---> DC <---> Backend

Both diagrams are created with mermaid.js.

Links#

Related

Ten Immutable Laws of Security (v2)
·358 words·2 mins
Essential immutable laws
The 10 Immutable Laws of Security was first published by the Microsoft TechNet in 2000.
MS Patch Tuesday
·307 words·2 mins
Blogger Essential cli patchtuesday python
To get vulnerability stats and updates for Patch Tuesday from MSRC.
Challenges In Vulnerability Management
·268 words·2 mins
Posts vulnmgmt
Vulnerability management faces challenges in both agent-based and network scan-based approaches