Schematex
network·Cisco-convention topology icons + security-zone topology·cloud, security, infrastructure·complexity 3/3·since v0.6.0

Zero-trust cloud VPC topology

Network topology for a zero-trust SaaS VPC with VPN entry, DMZ, private application subnet, database subnet, firewall segmentation, and annotated VPN/fiber/trunk links.

For the cloud network architect

Open in Playground →
network·§
↘ preview
100%
Network diagram — Zero-trust SaaS VPC 10 devices, 10 links, 4 boundaries. Topology: hierarchical. Links: 1 fiber, 4 vpn, 5 copper. Warnings: trunk link edgeproxy–fw connects no switch-class device (line 28). Zero-trust SaaS VPC DMZ 10.20.10.0/24 10.20.30.0/24 Admin Zone 10G VPN VPN · OIDC VPN · device posture 1G Trunk · VLAN 110 Access · VLAN 210 · 1G Access · VLAN 210 · 1G Access · VLAN 230 · 1G VPN Internet Identity Provider VPN Client VPN Segmentation FW LB Public ALB PXY Reverse Proxy API 1 10.20.10.11 API 2 10.20.10.12 Postgres HA 10.20.30.20 Admin Laptop
UTF-8 · LF · 32 lines · 881 chars✓ parsed·4.1 ms·11.8 KB SVG

Scenario

Zero-trust diagrams need to show both the physical/logical topology and the policy boundary: public traffic reaches only the DMZ, administrators enter through VPN and identity checks, and application servers reach the database through a segmented firewall path.

Annotation key

Network syntax