I'm creating a new network layout for my company, organized into tiers from 0 to 2, plus a hypothetical tier for clients. I'm considering where to place key elements like backup systems, a DMZ, and a jump host. From what I understand, the backup hardware should be in tier 1 while the backup server, being a standard Windows Veeam server, belongs in tier 2. However, even if I can access backups from tier 0 machines, I won't be able to use them without a tier 0 account if they're encrypted. Currently, I have the DMZ located in tier 2 along with other regular application servers, but that doesn't feel quite right to me. The jump host, Guacamole, is also set for tier 2 since users log in with regular accounts instead of tiered ones, but I'm unsure if that's appropriate since it allows access to management servers across different tiers needing tiered accounts. Apologies for the rambling; I'm a bit tipsy. I appreciate any insights you have!
3 Answers
If your backup servers are protecting tier 0 servers, then they should be in tier 0 as well. It’s wise to place backup servers in a specific VLAN and avoid joining them to Active Directory. You might consider a dedicated tier 3 for your DMZ servers and having one Guacamole server per tier to streamline access.
Instead of thinking in terms of tiers, consider using zones for your network. The jump host should be isolated in its own VLAN with restricted access. Your DMZ and backup should be separated too, ensuring that the backup server isn’t joined to the domain at all.
I’m still leaning toward keeping the jump host in tier 2 since it’s accessed by regular accounts. But I’m definitely considering your VLAN suggestion!
Are you referencing the IBM 3-tier model? Usually, you'd have your databases in tier 0, where only app servers can access them. Clients primarily connect to the display tier, which only processes valid API calls. Just think of it linearly: Clients >> UI >> Compute >> Database, and design your firewall subnets accordingly.
When you say 'no access to DMZ aside from the intermediate server,' what exactly do you mean? We currently have a WAF and reverse proxy that’s tightly controlled for our web services on Linux servers in tier 2. Thanks for the jump host advice!