Download presentation
Presentation is loading. Please wait.
1
Internet Bastion Hosts Internal Network Router/Firewall Mail FTP
2
Internet Router/Firewall FTP Mail Router/Firewall Internal Network
3
Internal Host Internal Host
Internet Router/Firewall DMZ Segment Mail Internal Host Internal Server Internal Host
4
Internet ??? Internal Network Router/Firewall App Server Mail
5
Point-To-Point Connection
Management Router/Firewall Application Router/Firewall ISP Router Colocation Facility Point-To-Point Connection VPN Connection OR Internet Router/Firewall Corporate Facility Mail Proxy Router/Firewall Internal Network
6
Company A Company B D M Z Corp A Corp B
Router/Firewall Router/Firewall D M Z VPN or Direct Line VPN or Direct Line Router/Firewall Corp A Corp B Router/Firewall Router/Firewall Internet
7
Allows system management
Mail Internet DNS Router/Firewall www SNMP SSH Syslog SNMP Query Syslog www SSH SNMP Trap SSH Mail Mail Router/Firewall Allows system management Deny everything else DNS SNMP Trap Syslog SSH SNMP Query Loghost Management Station SNMP Monitor
8
Console Server Loghost Dumb Log Monitor SSH GW
Internet Console Router/Firewall Console Console www / DNS / Mail SSH Console Server Mail Syslog Loghost OOB SNMP Trap Syslog SSH SNMP Trap Serial Dumb Log SNMP Query Int SSH SSH Monitor OOB SSH GW Router/Firewall Internal Network
9
Internet Monitor Syslog Corp Proxy Monitor Syslog
Promiscuous No IP Router/Firewall Router/Firewall Emergency! Promiscuous No IP Promiscuous No IP Monitor Syslog FTP Prod Mail Corp Mail Corp Proxy Monitor Syslog Router/Firewall Internal Corp Network Router/Firewall Monitor Pull Application Monitor Syslog Backup Monitor Syslog Router/Firewall Monitor Master IDS Master SSH GW
Similar presentations
