Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
646
Views
5
Helpful
1
Replies

Service Layer design

rezamira
Level 1
Level 1

‎06-21-2018 11:32 PM - edited ‎03-01-2019 08:47 AM

Dear guys

hi

i have a question about service layer in datacenter

as i see, servers that want to get services to Internet (out of DC block) placed in service layer and behind the WAF/IDS/IPS, and other servers that just get service to DC block, placed in Access (server farm) layer.

tell me plz, this type of design is accurate or not?

because i heard, all servers should stay in Access (server farm) layer and those should get service to Internet (out of DC block), should be place behind another firewall.

 

Best Regatds

Reza

Labels:
0 Helpful
1 Reply 1

Santhosh S
Cisco Employee
Cisco Employee

‎06-26-2018 08:32 AM

Reza, Hello!

 

Your understanding is correct. In a typical Datacenter design, all the devices that need access to the Internet or any external networks must be placed inside the Demilitarized zone (DMZ), which is a seperate layer constructed in-between the Datacenter LAN and public/external networks.

 

Best Regards,

Santhosh

Customers Also Viewed These Support Documents