1. Please for A company to design A export for the three layers of network firewall, the company has four departments, (A member of the department will be distributed in more than one switch), one department is the finance department, the finance department only allow specific data access; Company has internal server, ensure safe premise, office workers can access to business, please describe the configuration steps, don't need a specific command, but as a description of the clear,
Requirements: 1) to ensure the safety of network unimpeded; 2), various departments need to separate; 3), if appear every online can be traced to individual risk,
(drawing + shows that segment you)

CodePudding user response:

Internet firewall, DMZ - internal server
|
Three core layer switches - layer 2 switches divide vlan access for each department

Firewall configuration on VPN allows access to
Each other between the core acl control switch configuration vlan access

The Internet can be traced to individual risk, can consider to binding on the layer 2 switch port, IP and MAC address

CodePudding user response:

Upstairs positive solution, this is a classic structure