Solved

firewall beteen 2 uplinks and 2 redundant switches

Posted on 2015-02-22
5
115 Views
Last Modified: 2015-02-23
Hello Experts,

we have somevservers in a datacenter. at the moment we dont have a physical firewall in place.

We have 2 reduntant uplinks (each from a core router) connected to 2 redundant switches. so each uplink is connected to each switch and the switches themselves are connected to eachother.

we want a physical firewall between the uplinks and the switches.

what is the best way to do this and which type of firewall can we use for this. And will there be a decrease of network performance?

thanks in advance for the help.

Regards,
0
Comment
Question by:PramoIT
  • 3
  • 2
5 Comments
 
LVL 9

Expert Comment

by:Benjamin MOREAU
ID: 40624710
You have to use 2 firewall with "High Availability". You can use, Cisco, Juniper, Sonicwall products...You have a lot of products, it depends of your budget & fonctionnality you want to use.
0
 

Author Comment

by:PramoIT
ID: 40625820
OK, so the set up stays the same, beside the fact that between each uplink and switch there will be one firewall? Do the firewall have to be connected to each other?

What type of firewall is low budget. And can it be done with 1 firewall? This is a small environment that is mostly used for testing.

Thanks.
0
 
LVL 9

Expert Comment

by:Benjamin MOREAU
ID: 40625919
You can use Sonicwall Firewall. They are not very expensive (for exemple TZ210 for small environnement).

If you use only one Firewall, you will not have "high availability" but if it's only for testing, I think only one firewall is OK.

Be careful with you firewall choice; you have to size your firewall with your usage (nb of user, bandwidth...).
0
 

Author Comment

by:PramoIT
ID: 40625936
Hi Benjamin,

Thank you. Can this particular firewall also be used as high availability at a later point if we want to?

In case of 2 firewalls, do we have to maintain the config on both?

Thanks.
0
 
LVL 9

Accepted Solution

by:
Benjamin MOREAU earned 500 total points
ID: 40626614
Sorry for my last post, I said "TZ210" but it's "TZ215" (TZ210 is no longer available).

Yes, you can use High Availability after... you just have to buy an other TZ215 & you can configure it with HA (active/passive mode).

When you make your config, you will do it on active node. Passive node will automatically get the config.

More information here : http://www.sonicwall.com/downloads/TZ215_Series_DS_US.pdf
0

Featured Post

Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question