Enterprise Network Topology - Untrust to Trust

OCIFlowchartadvanced
Enterprise Network Topology - Untrust to Trust — OCI flowchart diagram

About This Architecture

Enterprise network topology implementing zero-trust segmentation across untrusted internet, DMZ, and internal office zones using Palo Alto firewall and H3C switching fabric. Traffic flows from ISP Internet through Palo Alto Firewall Border Security Gateway to dual H3C S6520 Core Switches, which distribute to Web Server VLAN 20, Database Server VLAN 30, and office networks via H3C L3 Aggregation Switches and L2 Access Switches. This three-tier architecture with VLAN isolation enforces least-privilege access between trust boundaries, protecting critical servers and endpoint devices. Fork and customize this diagram on Diagrams.so to model your organization's network segmentation strategy and firewall policies. The dual-core switch design provides redundancy and load balancing across aggregation and access layers.

People also ask

How do you design an enterprise network topology that segments untrusted internet traffic from trusted office networks using firewalls and VLAN isolation?

This diagram shows a three-tier enterprise network using Palo Alto Firewall as the border security gateway between untrusted ISP Internet and trusted zones. Traffic is segmented via dual H3C S6520 Core Switches into DMZ servers (VLAN 20/30) and office networks (VLAN 100-130), with H3C L3 Aggregation Switches and L2 Access Switches enforcing VLAN-based least-privilege access to endpoint devices.

enterprise-networkingnetwork-segmentationpalo-alto-firewallh3c-switchesvlan-architecturezero-trust-security
Domain:
Networking
Audience:
Network architects designing enterprise security perimeters with untrust-to-trust segmentation

Generated by Diagrams.so — AI architecture diagram generator with native Draw.io output. Fork this diagram, remix it, or download as .drawio, PNG, or SVG.

Generate your own flowchartdiagram →

Diagrams.so

About This Architecture

Enterprise network topology implementing zero-trust segmentation across untrusted internet, DMZ, and internal office zones using Palo Alto firewall and H3C switching fabric. Traffic flows from ISP Internet through Palo Alto Firewall Border Security Gateway to dual H3C S6520 Core Switches, which distribute to Web Server VLAN 20, Database Server VLAN 30, and office networks via H3C L3 Aggregation Switches and L2 Access Switches. This three-tier architecture with VLAN isolation enforces least-privilege access between trust boundaries, protecting critical servers and endpoint devices. Fork and customize this diagram on Diagrams.so to model your organization's network segmentation strategy and firewall policies. The dual-core switch design provides redundancy and load balancing across aggregation and access layers.

People also ask

How do you design an enterprise network topology that segments untrusted internet traffic from trusted office networks using firewalls and VLAN isolation?

This diagram shows a three-tier enterprise network using Palo Alto Firewall as the border security gateway between untrusted ISP Internet and trusted zones. Traffic is segmented via dual H3C S6520 Core Switches into DMZ servers (VLAN 20/30) and office networks (VLAN 100-130), with H3C L3 Aggregation Switches and L2 Access Switches enforcing VLAN-based least-privilege access to endpoint devices.

Enterprise Network Topology - Untrust to Trust

OCIadvancedenterprise-networkingnetwork-segmentationpalo-alto-firewallh3c-switchesvlan-architecturezero-trust-security
Domain: NetworkingAudience: Network architects designing enterprise security perimeters with untrust-to-trust segmentation
0 views0 favoritesPublic

Created by

June 10, 2026

Updated

June 10, 2026 at 2:41 AM

Type

flowchart

Need a custom architecture diagram?

Describe your architecture in plain English and get a production-ready Draw.io diagram in seconds. Works for AWS, Azure, GCP, Kubernetes, and more.

Generate with AI