Network Design Questions
In the following charts most all the servers are sitting behind the firewall using Port Forwards and Rules to allow outside (WAN) access. Is this a safe design, pros and cons to it? PFSense is running on plenty of hardware, as well as the load balancer. Would any of the server(s) be better placed in the DMZ?
Thanks for Pro's & Con's or suggested reading!
anything that is accessible to anyone (Internet or even intranet) should be on its own network for security reasons.
if its compromised so is the rest of the network.