I am working with an external consultant to design a network for ministry building but I thought to take second opinion from super reddit experts.
Our CTO has advised to use zero trust network architecture.
It would be two-tier network (collapsed core)
We are planning to segment the network with different use cases such as users VLAN A should not talk to user VLAN B, IOT VLAN should not communicate with users and server VLAN.
I am thinking to put a DC FW and then firewall the VLANs gateway to DC firewall or do VRFs in core switches and then terminate the VRFs on the DC firewall.
It will be grateful if anyone can demonstrated any ideas with rough network diagram.
Appreciating any help.
No comments:
Post a Comment