Have you ever wondered how a typical IT network setup is done in any organisation? Here is a typical IT network architecture of an organisation. Different organisation may adopt little alteration but have almost similar basic setup. Here for making topic simple, we have not considered redundant setup, else almost every device will be deployed in pair.
If firewall is placed before IPS, it will have to work on all traffics coming from router, which will increase load on it. But if we place IPS after firewall, it will not have to work on those traffics which are already blocked by firewall leaving less load on IPS.
As shown here, the ISP(Internet Service Provider) link is terminated on router to connect different office network at different locations. Routers are main components which route data traffic towards other gateways as configured and allowed in router configuration. This is a part of WAN i.e. Wide Area Network.
The traffic from router is fed to firewall device which are configured to block unwanted traffic in or out of organisation. At this level only, IT managers block the websites which are malicious in nature or not have any business requirement. Websites can be blocked by IP as well as by URL. Blocking at URL level is a easier job, rather at IP level, as knowing IP of every URL is not always possible. Apart from blocking URLs, firewall also block any malicious data traffic coming in automatically via virus attack as hackers are always in search of attacking corporate networks to demand for bribe.
The traffic which are allowed from firewall are then passed on to IPS device, which work on digital signatures present in data packets, any malicious signature is blocked by IPS. This is required because traffic from allowed websites also can be hacked and malicious data traffic can be added to it which can then enter our corporate network and cause loss of data.
Next part of core layer is the core switch which is always a high end switch having almost all fiber ports except management ports. Its a modular switch which can take additional cards which are nothing but a complete switch in itself. This helps in upgrading the switch if port requirements increases as organisation grows up. Core switches are always deployed in pair (cluster) as other devices of setup. This switch provides up-link to next layer switch i.e. distribution switch.
Next comes the distribution switch(DS) which can be multiple in numbers based on floor in building to cater all the access switches in particular floor. Dependency of all access switches of floor is there on these DS which are taking link from core switch of building or campus. These DS act as link provider for next layer i.e. access switches.
The final and lowest layer of network consist of access switches which are used to connect end user devices like laptop, desktops and IP phones. There is one more purpose this layer and that is to connect all servers in the organisation which internal users may access for one or the other services like AD, DNS, DHCP, SCCM, GUP server, file servers, print servers etc. Switches configured for connecting servers are also some times referred as "Server Farm" as all servers are catered by this access switch.
This was a typical IT network setup of an organisation. Core layer devices are mostly hosted in data center or main server room of any organisation and in highly protected infrastructure. Rest switches are placed outside data center in secured IT room. We will see redundant network setup in next upcoming topics.
0 Comments