Hi folks
Healthcare network admin here. We are deploying some internet-facing (for public use) web servers and we are looking at implementing most of the best practices in the new infra.
From an architecture standpoint, NON-PROD and PRODUCTION will share two different networks behind the firewall. We currently do not plan to separate the network for non-production for web/app/DB, they would share the same network. All communication with different internal LAN servers like AD has to pass through the centralized firewall.
We are doing a reverse proxy with a WAF as two-tier architecture, WAF is DMZ and handling termination of external traffic.
We have to stay HIPAA compliant.
What's your opinion on this.
No comments:
Post a Comment