Web Application

Network Diagram Example

UML provides no special kind of diagram to describe logical or physical network architecture of the designed or existing system. Deployment diagrams could be used for this purpose with elements limited mostly to devices with neither artifacts nor actual deployments shown.

The example of the network diagram below shows network architecture with configuration usually called "two firewall demilitarized zone". Demilitarized zone (DMZ) is a host or network segment located in a "neutral zone" between the Internet and an organization’s intranet (private network). It prevents outside users from gaining direct access to an organization’s internal network while not exposing a web, email or DNS server directly to the Internet.

Example of networking diagram for web application with two firewall DMZ configuration.

An example of networking diagram for web application with two firewall DMZ configuration.

A two firewall DMZ configuration with complex security rules provides better protection over a router firewall DMZ configuration and is often able to analyze incoming and outgoing HTTP traffic and protect against application layer attacks aimed at the web servers.

Load balanced web servers shown in the DMZ communicate to the application and database servers located in the private network (intranet).