Enterprise Three-Tier Network Topology
About This Architecture
Enterprise three-tier network topology integrating OCI cloud connectivity with on-premises infrastructure using Palo Alto firewalls and H3C switches. Internet traffic flows through the Untrust Zone into a Palo Alto Firewall managing three security zones (Untrust, DMZ, Trust), which then routes to core H3C S6520 switches configured in stack HA with 10GbE interconnect for redundancy. The Trust Zone internal network spans multiple VLANs (10, 20, 30, 50, 100) distributed across L3 Aggregation Switches and L2 Access Switches, connecting office PCs and wireless APs at 1GbE. This architecture demonstrates defense-in-depth with perimeter security, core layer redundancy, and VLAN-based segmentation for business, wireless, server, and management traffic. Fork this diagram on Diagrams.so to customize VLAN assignments, add additional access switches, or integrate OCI FastConnect for hybrid cloud connectivity. The stack HA design eliminates single points of failure at the core layer while maintaining cost-effective 1GbE access for end devices.
People also ask
How do you design a three-tier enterprise network with high availability and security segmentation using firewalls and switch stacking?
This diagram shows a three-tier architecture where a Palo Alto Firewall manages perimeter security across Untrust, DMZ, and Trust zones, feeding redundant H3C S6520 core switches in stack HA configuration. Traffic distributes through L3 Aggregation Switches to L2 Access Switches, with VLANs 10-20 for business, VLAN 30 for wireless, VLAN 50 for servers, and VLAN 100 for management, ensuring traffic
- Domain:
- Networking
- Audience:
- Network architects designing enterprise three-tier LAN topologies with high availability and security segmentation
Generated by Diagrams.so — AI architecture diagram generator with native Draw.io output. Fork this diagram, remix it, or download as .drawio, PNG, or SVG.
