Network Adapter Cards and Security

Cluster members can be configured with two network adapters. A load-balanced (front-end) adapter communicates with clients. The management-traffic (back-end) adapter, manages administrative communication within a cluster between members. For security, this architecture is desirable because no back-end administrative data can be transmitted across the Internet and no front-end Internet-originated data should be transmitted within the cluster.

Bb687348.note(en-us,TechNet.10).gif Note   It is very important to secure the back-end because of the possibility of attacking the internal administrative protocols and interfaces of Application Center.

Whenever Network Load Balancing (NLB) is used, two network adapters are required. If the cluster does not use load balancing, only one network adapter is required. (However, a second network adapter will be used if it is available.) Having one network adapter introduces the risk of inappropriate data usage because all network traffic is routed through the same network adapter. This is especially significant if the cluster is serving content that is bound for the Internet. Keep this in mind when making decisions about cluster architecture.

Did you find this information useful? Please send your suggestions and comments about the documentation to acdocs@microsoft.com.