• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Showing Firewalls in Deployment Diag.

 
Roy Pozarelli
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm considering showing 2 "<<device>> Firewalls" in my Deployment Diagram to represent what is "inside" the DMZ. Ex. Outer firewall -> Web Servers -> Inner Firewall -> Application Servers -> ... as opposed to a single firewall and just labeling the Web Servers as inside the DMZ. It clearly makes it more obvious with the first approach. However, it seems to me that you can set-up a DMZ with a single Router/Firewall in the "real world". I understand that this is just an assignment for the OCMJEA Part 2, so I would argue for clarity, however it should reflect reality (the whole point of a diagram). There is also a cost issue that doesn't seem to come up in the requirements, but does in the real world.

Your thoughts about how to depict this?
 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 35269
383
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Assumptions are your friend. Seriously, you can document in the assumptions that you assumed cost was more important than security or vice versa and how it impacted your deisgn.
 
Roy Pozarelli
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Jeanne thanks for your reply. I'm aware of documenting assumptions. Could you address the real issue that I was trying to bring up. That being the issue of having a "more clear diagram" vs. "real world" issues. I can see being "knocked" on either side of that debate (this won't work in the real world vs. the diagram is not clear). Could you please speak to that side of the issue that I first posed? TIA.
 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 35269
383
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Roy,
Sorry, I thought I did. Either decision is valid for that example. It depends on the requirements and domain of the system.

For the more general question (that I didn't pick up on), I tried to keep my diagram to the simplified end of things and use the assumptions to document why those seemed like acceptable choices.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic