Data center architecture has been changing quite dramatically over the past few years. In many data centers, organic growth had left them broken up into application silos. The standard three-tier architecture was copied for each application leading to a fairly hierarchical network. In this architecture, some core security services, such as firewalls and intrusion prevention, were concentrated at the root of the network tree, closest to the ingress routers and around any DMZs.rnOther security appliances, such as SSL accelerators or authentication/authorization systems, might be added to a specific applicationrnsilo, often as a "temporary" addition or fix. Passive monitoring appliances might also be plugged in to span ports, monitoring traffic at strategic intersections in the network tree.All of those different security systems are now being consolidated, creating a dedicated purpose-built security subnet architecture.
展开▼
