Network management and security design
For managing network and networking assets, there must always be a centralized secure management utility subnet for services such as DNS, DHCP, NTP, AAA, and network management. By defining boundaries, it becomes much easier to troubleshoot problems with the services when they are in known locations with a few well-known access paths and methods.
Network segmentation
Most of us focus on front door security and threats coming from the outside world by putting some sort of firewall on the perimeter. In reality, relying upon perimeter security alone does not protect your network and information data. Doing this is like putting money into a bank which depends on one armed guard.
The concept of segmentation is based on ancient history, when Roman empires formed and fought units based on the ethnic and geographic identity of captured warriors. The idea was very simple: groups of warriors were formed on the basis of their similar backgrounds so that they could...