03-09-2025 05:22 AM
hi all,
i am working on an university project where I need design a logical and physical target network for a fictitious company. I chose a manufacturer in the automotive industry. Its more about the fundamentals, than designing every last bit.
Later I will also need to create a components list with all the different functions, networks and IPs as well as a security concept. Before I start with that, I would like to ask if there is anything obvious that I am missing or I should change.
I am an absolute beginner in networking and after reading some literature and documentations I came up with the following design. I am also thinking about how to add some redundancy especially for the OT-network to increase availability.
I would be thankful for any advice.
*Customer Services stands for e.g. diagnosis tools for customer cars
Solved! Go to Solution.
03-09-2025 07:40 AM
Hello @VM0815
Redundancy has to be a key concern, especially for firewalls and switches in the LAN and OT network. Right now, each firewall (CFW01-03, FW02) and switch (SW02, CSW01-03, IDMZSW01) is a single point of failure.
For OT, add redundant firewalls and switches per cell and ensure dual uplinks to the industrial DMZ. For IT, consider dual L3 switches (SW02) with HSRP/VRRP to prevent failures from cutting off connectivity.
03-09-2025 07:40 AM
Hello @VM0815
Redundancy has to be a key concern, especially for firewalls and switches in the LAN and OT network. Right now, each firewall (CFW01-03, FW02) and switch (SW02, CSW01-03, IDMZSW01) is a single point of failure.
For OT, add redundant firewalls and switches per cell and ensure dual uplinks to the industrial DMZ. For IT, consider dual L3 switches (SW02) with HSRP/VRRP to prevent failures from cutting off connectivity.
03-09-2025 07:45 AM
thanks for your input
03-12-2025 09:50 AM
Hi M02@rt37 ,
thanks again for your hints.
I added active and passive firewalls in the cells and also additional switches which could be extended to a ring topology if needed.
In the IDMZ i added stacked switches, which as I understood are easily extendable and can also act as backup in case of failure. these are now behind a dual firewall.
In the internal network I also added a switch stack.
My understanding is, that now at least the communication between internal network and the cells is highly available. The external communication and DMZ is still affected by single point of failures but as availability is not the main concern here, one could accept the risk.
does this sound right?
03-12-2025 10:24 AM
Sounds perfect @VM0815
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide