Recommended Deployment Configurations
This section describes recommended deployment configurations for Simphony.
The Simphony product is deployed on a cluster of servers. The simplest deployment architecture is the Server-Oriented Architecture (SOA) shown in Overview of Simphony Security.
The general architectural recommendation is to use the well-known and generally accepted Internet-Firewall-DMZ-Firewall-Intranet architecture shown in the following figure.
Figure 1-2 Traditional DMZ
-
Blocking any traffic types that are known to be illegal
-
Providing intrusion containment, should successful intrusions take over processes or processors
See Port Numbers in Appendix A for more information about Simphony network port usage.
Parent topic: Simphony Security Overview