> You'll need the other Litchfield for that :) lol :) >Who here has database servers, app servers, admin and dev workstations, >each in its own subnet (4 subnets), >with firewalls between each subnet, >all inside the company's intranet? >I'd just like to know why and what security expectations, imperatives, >constraints/conditions are being addressed/resolved by such a setup? It depends on what you’re trying to protect. If it’s nuclear launch codes then yes – defence in depth – which this config is a typical example of – is the way to go. If the data is a list of recipes for cupcakes though this would indeed be overkill :) Cheers, David