Large enterprises with several departments need to have the flexibility to restrict users’ communication from different departments across the campus and to the data center applications based on the department they belong to.
Which one of the following design approaches or mechanisms would you suggest using without introducing operational complexity or cost increases?
A . Provision a separate physical network per department.
B . Place a pair of firewalls at the data center and require users to use VPN to log in and access the
required applications per department.
C . Use lists end to end across the network to achieve the required communication restriction
between the users who belong to different departments.
D . Use network virtualization, in which each department will be assigned its own virtual network to
achieve end-to-end traffic separation.
Answer: D
Leave a Reply