Need to separate networks at Layer 3

• Multiple IP subnets
• Separate different classes of machines - especially different levels of trust
  • Access networks: for customers to connect to the Internet (leased lines, modems etc)
  • Service networks: machines which we own and manage (mail servers etc)
  • Hosted servers: machines which customers own but locate in our facilities
  • Office network - should be firewalled anyway
• Can also gain some resilience
  • e.g. put DNS caches on separate networks

Previous slide

Next slide

Back to the index

View Graphic Version

No notes for slide 4