Using Juniper SSG 140, and it is in production right now. It is working as a 2-legged, with untrusted and trusted interfaces. Untrusted is WAN facing, using segment of registered public IPs - 18.104.22.168/28; trusted is office internal, using segment of 192.168.10/24. Now, we need to have one more (probably 2) firewall. This firewall needs to have 2 interfaces, untrusted for IPs - 22.214.171.124/28, and DMZ, using segment: 172.16.100.0/24;
I heard that we can make use of the virtual firewall feature, btw, how to do it? Any additional license has to purchase?