The scenario discussed in the previous section is hardly unique. It is one that enterprises confront with incresaed frequency as they transition from “traditional” IT hosting/delivery models to public-cloud/hybrid-cloud architectures.
In this section we formalize and abstract the key elements of that scenario, to get at the underlying dynamics and describe them in generalized terms. We will start with the network topology depicted in the following isometric figures:
/grphth-3.svg)
- The figure on the left groups security zones as vertically-oriented parallel columns ( a column per-zone), and groups sites as horizontally-oriented planes ( a plane per site).
- The figure on the right groups sites as vertically-oriented parallel columns ( a column per-site), and groups zones as horizontally-oriented planes ( a plane per zone).
- In both figures, the intersection of site and zone represents the portion of a specific “zone” that is present at a specific “site”
- Or, the portion of a specific “site” that is present at a specific “zone” (if you prefer)