Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
640
Views
5
Helpful
1
Replies

Service Layer design

rezamira
Level 1
Level 1

‎06-21-2018 11:32 PM - edited ‎03-01-2019 08:47 AM

Dear guys

hi

i have a question about service layer in datacenter

as i see, servers that want to get services to Internet (out of DC block) placed in service layer and behind the WAF/IDS/IPS, and other servers that just get service to DC block, placed in Access (server farm) layer.

tell me plz, this type of design is accurate or not?

because i heard, all servers should stay in Access (server farm) layer and those should get service to Internet (out of DC block), should be place behind another firewall.

 

Best Regatds

Reza

Labels:
0 Helpful
1 Reply 1

Santhosh S
Cisco Employee
Cisco Employee

‎06-26-2018 08:32 AM

Reza, Hello!

 

Your understanding is correct. In a typical Datacenter design, all the devices that need access to the Internet or any external networks must be placed inside the Demilitarized zone (DMZ), which is a seperate layer constructed in-between the Datacenter LAN and public/external networks.

 

Best Regards,

Santhosh

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents