Module 3 Part 2

Enterprise Network Architecture

The design and structure of a network that aims to efficiently move data while ensuring compliance with organizational security policies.

Zone Diagram

A logical network diagram that results from a secure network design process, illustrating how data moves within the network in compliance with organizational policies.

Security Zones

Logical entities containing one or more tiers that segregate and separate parts of the network, allowing for the definition and application of policies for risk mitigation at a zone level.

Tiers

Logical sets of systems collectively addressed as one, based on the function they provide, such as application servers or database clusters, designed for reliability, scalability, or redundancy.

Public Zone

A network area where corporate-owned systems available to the general public reside, lacking strict security controls and accessible externally.

Private Zone

A network area behind a firewall containing systems owned and controlled by the organization, allowing for the imposition of security standards and controls.

Host

Systems within the network, assigned to specific tiers within the private zone to facilitate the organization's control and management of its assets.

Zone Assignment

Process of assigning each tier to a specific zone based on restrictions and requirements.

Trust Level

The degree of confidence in the security and integrity of data within a specific zone.

Perimeter Zone

Area directly exposed to the public zone, containing systems like public-facing websites and communication devices.

Internal Zone

Area where internal systems and applications reside, including web applications, traditional applications, and data storage.

Core Zone

Central zone in enterprise computing, encompassing infrastructure, internet, application, and data zones.

Source Zone

Originating zone of data transmission.

Destination Zone

Receiving zone of data transmission.

Port Number

Specific numerical identifier for communication endpoints in a network.

Protocol

Set of rules governing data exchange between devices.

Transport Layer Protocol

Protocol responsible for end-to-end communication in a network.

Tiers

Different systems like Oracle, SQL, and IBM's DB categorized based on their level within the data zone.

PeopleSoft

Application used for HR services in the university.

SIS (Student Information System)

System where student records are maintained.

Quality

Financial ERP system used for managing university finances.

Laptops and Desktops

Client devices, with laptops posing security risks due to mobility.

Availability

Measure of system uptime, crucial for business continuity.

Downtime

Unplanned system unavailability, measured in a "nines" rating.

Default Deny

Security principle where only explicitly allowed traffic passes through the system.

Firewall

Device that permits permitted data and blocks unauthorized traffic.

Network Segments

Connectivity that links switches, routers, and physical systems together.

Logical Segments

Virtual lines defining network connectivity.

Physical Segments

Traditional LANs connecting physical systems.

Zone Diagramming

Logical way of creating network architectures with defined zones, tiers, and segments.

Microsoft Documentation

Basis for creating network architectures in a structured and secure manner.