Topologies and IDS • Chapter 7  427


                 TEST DAY TIP
                      You do not need to know how to configure an actual IDS system to pass
                      the Security+ exam, although it can benefit your security career. You
                      only need to master the concepts of IDS and the types of IDS systems
                      available.






                 Security Topologies

                 Not all networks are created the same; thus, not all networks should be physically
                 laid out in the same fashion.The judicious usage of differing security topologies in
                 a network can offer enhanced protection and performance. For example, suppose
                 you have an e-commerce application that uses Internet Information Servers (IISes)
                 running a custom Active Server Page (ASP) application, which calls on a second set
                 of servers hosting custom COM+ components, which in turn interact with a third
                 set of servers that house an Structured Query Language (SQL) 2005 database.
                 Figure 7.1 provides an example of this concept.

                 Figure 7.1 The Complex N-tier Arrangement
















                    Firewall                 Firewall                 Firewall








                                   IIS Servers             COM+ Servers              SQL Servers







                                                                              www.syngress.com