Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

firewall beteen 2 uplinks and 2 redundant switches

Posted on 2015-02-22
5
Medium Priority
?
136 Views
Last Modified: 2015-02-23
Hello Experts,

we have somevservers in a datacenter. at the moment we dont have a physical firewall in place.

We have 2 reduntant uplinks (each from a core router) connected to 2 redundant switches. so each uplink is connected to each switch and the switches themselves are connected to eachother.

we want a physical firewall between the uplinks and the switches.

what is the best way to do this and which type of firewall can we use for this. And will there be a decrease of network performance?

thanks in advance for the help.

Regards,
0
Comment
Question by:PramoIT
  • 3
  • 2
5 Comments
 
LVL 10

Expert Comment

by:Benjamin MOREAU
ID: 40624710
You have to use 2 firewall with "High Availability". You can use, Cisco, Juniper, Sonicwall products...You have a lot of products, it depends of your budget & fonctionnality you want to use.
0
 

Author Comment

by:PramoIT
ID: 40625820
OK, so the set up stays the same, beside the fact that between each uplink and switch there will be one firewall? Do the firewall have to be connected to each other?

What type of firewall is low budget. And can it be done with 1 firewall? This is a small environment that is mostly used for testing.

Thanks.
0
 
LVL 10

Expert Comment

by:Benjamin MOREAU
ID: 40625919
You can use Sonicwall Firewall. They are not very expensive (for exemple TZ210 for small environnement).

If you use only one Firewall, you will not have "high availability" but if it's only for testing, I think only one firewall is OK.

Be careful with you firewall choice; you have to size your firewall with your usage (nb of user, bandwidth...).
0
 

Author Comment

by:PramoIT
ID: 40625936
Hi Benjamin,

Thank you. Can this particular firewall also be used as high availability at a later point if we want to?

In case of 2 firewalls, do we have to maintain the config on both?

Thanks.
0
 
LVL 10

Accepted Solution

by:
Benjamin MOREAU earned 2000 total points
ID: 40626614
Sorry for my last post, I said "TZ210" but it's "TZ215" (TZ210 is no longer available).

Yes, you can use High Availability after... you just have to buy an other TZ215 & you can configure it with HA (active/passive mode).

When you make your config, you will do it on active node. Passive node will automatically get the config.

More information here : http://www.sonicwall.com/downloads/TZ215_Series_DS_US.pdf
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

782 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question