Firewall Wizards mailing list archives
ASP/Hosting Architecture
From: Don Kendrick <strider () mailworks org>
Date: Tue, 2 Nov 2004 10:22:04 -0500
Dear Wizards,Need some direction/advise from anyone that has worked in the development of a network/firewall architecture for an ASP or hosting company. I'm currently working on developing a plan for an organization that will host multiple organization's IT infrastructures. Some of the organizations have a high risk tolerance and some have (or should have) a very low tolerance.
When you look at developing a network/security architecture for an organization, you are usually looking at one organization's assets and can then apply the standards for tiering (presentation, application, and data) and segmentation based on criticality and confidentiality.
The problem is how do we do this in an environment that also has to be segmented based on owner. Things start to not scale well quickly. Lots of firewalls, segmented SAN/NAS devices, segmented enterprise backup systems. If you don't address some of this you run the risk of the weakest link being exploited to escalate into other more secure co-located systems that might share infrastructure.
I'm sure that there are some organizations with this type of problem that do it the wrong way, basically going flat with the tiering and/or data segmentation and only segmenting (maybe even only with VLANs) on the data owner (hosting client).
Is anyone doing it right? How do you make it scale? Any models, ideas? don _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- ASP/Hosting Architecture Don Kendrick (Nov 04)
- Re: ASP/Hosting Architecture Paul D. Robertson (Nov 04)
- Re: ASP/Hosting Architecture Kerry Thompson (Nov 12)
- Re: ASP/Hosting Architecture Chris Pugrud (Nov 18)
- Re: ASP/Hosting Architecture Paul D. Robertson (Nov 18)
- Re: ASP/Hosting Architecture Chris Pugrud (Nov 18)
- Re: ASP/Hosting Architecture Jian Zhen (Nov 23)
- Re: ASP/Hosting Architecture Paul D. Robertson (Nov 18)
- Re: ASP/Hosting Architecture Paul D. Robertson (Nov 04)