Architecting secure networks
On top of what we have already seen until now about the network security, we need to remember a couple more rules as well, which are as follows:
- Different uses means different network
- The importance of the Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)
Different uses means different network
This best practice involves dividing into different networks (usually using VLANs) for different kinds of data. This is a best practice that very often people ignore because is easier to manage flat networks than more structured network.
The advantages of this approach are multiple and in the following sectors:
- Security
- Redundancy
- Performance
- Scalability
Let's start from the last one listed, since it is the easiest to analyze. Very often you create a network with the idea of adding few servers, but later you'll find yourself adding more servers to the same network. At the end, you'll end up needing to add a machine, but you'll have no IP...
