Management and security of many servers in different locations within a corporate network is difficult. A good practice is to centralize the servers to server clusters and farms. Server farms are of course in the server rooms and data centers.
Create a farm has the following advantages:
The network traffic is coming and leaves the cluster of servers in a well-defined point. This plan makes it easier to protect, filter, and the order of the traffic.
High availability redundant connections can be installed on servers as well as between the network server cluster and the field of cardiac LAN. This alignment is cheaper than trying to find a level of connectivity to servers across the network.
Load balancing and failover is possible between servers and between network devices.
The amount of the switch with high capacity and security forces will be reduced, and thus also reduces costs.
To protect Datacenter Server must be of a malicious attack is always possible.
Malicious attacks against server farms can affect trade and business to business applications. The two local area networks and storage networks must be ensured in order to reduce the risk of dangerous attacks. Hackers use a variety of hacker tools to scan networks and implementation of a buffer stream of attacks, denial of service attacks and other.
The firewall is often installed by a good margin of safety if the internal and external users want to ensure access to the Internet over the farm. In order to ensure their own server farms, followed by a different method. The firewall demilitarized zones, network analysis and management devices, intrusion detection, host-based and network-based and prevention systems can also provide assistance.
The strategy of the network firewall to the old servers that want to access external networks are in a DMZ. Users, the Internet server or other external networks connect stopped unreliable, see the data on the internal LAN. Members of the local network are treated as a trusted person and generally have few restrictions when accessing servers in the DMZ.
Defense against internal attacks
The attacks are initiated from the internal network are more common than attacks from external sources today. Consequently, the security of the server is quite different. A new level of firewall appliances and intrusion prevention systems will be required between servers and internal networks, and between servers and external users. An additional layer of security between servers may also be required.
The importance of data stored on servers, security policy defined for the appropriate design of the operation.