1. Governance
   1. Policy
      1. prod should be protected from events in non prod
      2. Non related business applications should be aggregated into isolated areas
   2. Standards
      1. Physical Segregation
         1. Firewalls
         2. Loadbalancers/WAFs
         3. Out of Band Network
         4. 3rd Party Networks
      2. Logical Segregation
         1. Area segregation
         2. VLANs
      3. QoS
   3. Baseline
      1. OWS in different VLAN to other areas
      2. Stress test and DDOS can occur without impacting other areas
   4. Guidelines
      1. Separate F5 clusters for Areas
      2. Separate Internal Firewalls for Areas
   5. Procedures
      1. Creation of new VLANs
      2. Addition of new network hardware
      3. Addition of new servers
      4. Addition of new applications
2. Controls
   1. scope
      1. Deliverables
         1. network change
         2. policy
         3. vlan migration
         4. Design
      2. Analysis
   2. cost
   3. time
3. Analysis
   1. Review
      1. Current VLANs
      2. Areas
      3. Networks
4. Design
5. Implementation
   1. Network
   2. Datacentre