Blanco has a simple address space, documented with the open source IPplan software. The subnets we will use in our examples for this and subsequent chapters are shown in Figure 3-12 and appear highlighted in the following code snippet:

10.10.0.0/16        Redwood City Campus
|-- 10.10.0.0/19        Data Centers
|-- 10.10.32.0/19       Site 1 Desktop Networks
|  |-- 10.10.32.0/24      Building 1 1st floor
|  |-- 10.10.33.0/25      Building 1 2nd floor
|  |-- 10.10.33.128/25  Building 2

10.10.0.0/19        Data Centers
|-- 10.10.0.0/20        Building 3 Data Center
|  |-- 10.10.0.0/25        Windows Server Subnet
|  |-- 10.10.0.128/25      Oracle 10g Subnet
|  |-- 10.10.1.0/26          ESX VMWare Farm
|  |-- 10.10.1.64./26       Web Application Servers

Figure 3-12. Blanco Wireless subnet data in IPplan software

In keeping with best practices, Blanco collects NetFlow from its Cisco routers in both the DMZ backbone and the data center gateways. Blanco uses the OSU flow-tools package to collect and analyze NetFlow for monitoring and incident response.

Blanco has a class C network allocated, which is used for customer-facing web services. This network exists in Blanco’s single DMZ network with two Internet connections provisioned from ...