Datacenter Network Design

---

A data center is a site that is dedicated to provisioning server resources.

• housed in purpose-built facilities
• hosts:
  •  network services
  • application servers
  • storage area networks (SANs)
• has:
  • dedicated networking
  • power
  • climate control
  • physical access control features
• designed to provide a highly available environment for running critical applications
• contains no client PCs
  • except for secure administrative workstations (SAWs) used solely to manage servers

North-South Traffic and East-West Traffic

North-south traffic is a network data flow that goes into and out of an organization’s network or datacenter.

• represents clients outside the data center making requests and receiving responses
• client device is located on a workgroup switch connected to a router
• server is connected to a separate switch or VLAN
• traffic from the client to the server passes “north” from the client’s switch to the router and then back “south” to the server’s switch

East-west traffic is network data that flows between servers within a datacenter.

• most common with cloud datacenters
• e.g., client uploading a photograph as part of a social media post
  • image file might be checked by an analysis server for policy violations
  • search/indexing service would be updated with the image metadata
  • image would be replicated to servers that provision content delivery networks (CDNs)
  • image would be copied to backup servers
• data centers need to use a topology that optimizes secure server-to-server communications
• complicates security design
  • firewalls would create bottleneck
  • leads to virtualized security appliances and zero trust architecture