Dual-ISP datacenter architecture with active-active Sophos firewall failover, VMware ESXi virtualization, and multi-VLAN segmentation across VLAN 10 (servers) and VLAN 20 (services). Traffic from Wateen and Orignet ISPs terminates at the Sophos Firewall VM, which distributes to a core switch trunk connecting access switches, domain controllers, and specialized workloads including IPBX, Koha Library, and ManageEngine ServiceDesk. This design eliminates single points of failure at the WAN edge while maintaining network segmentation for security and performance isolation. Fork and customize this diagram to model your own multi-ISP failover topology, adjust VLAN ranges, or add additional service tiers. The architecture demonstrates enterprise-grade redundancy suitable for mission-critical on-premises deployments requiring high availability and granular traffic control.