1.5 KiB
1.5 KiB
[DRAFT] Core Infrastructure Security Concept
DMZ
- There is a dedicated and additionally protected (firewall) infrastructure network within the DMZ
- This network holds the provisining infrastructure and is used for staging new nodes
- After new nodes are staged and hardened the nodes are moved out into the "real" DMZ network(s)
- VLAN and IP need to be changed
- Node will be still able to connect to the repo server as well as puppet and metric server in the infrastructure network (this way it is ensured that nodes are actively managed and still get updates)
The content of the repos in the DMZ are pushed from the PSI network. The repo servers in the DMZ only hold the latest packages - we do not have snapshotting, etc. (need to be discussed).
TODO
-
we need to define a dedicated DMZ stack
- minimal os / software stack
- firewall enabled and blocking everything except the specially configured ports
-
Every node in the DMZ must have a responsible person (it would be better group)!
- Maybe have one group that takes care of all DMZ servers?
Notes
The idea is that we first setup a repo server and then peu-a-peu install the other infrastructure components
Decision whether we have to use a satellite or not
- Security Level
- Architecture Network (amount of traffic)
- Architecture Icinga (load satellite)
Security
- Zones
- Network segmentation (VRF)
- 985 subnets in 185 network segments
- A network segmentation does have a security level attached