Hi,
I'm looking at improving the network setup in our IDC and looking for some
advice - Currently we have the firewall connected to the external net
connection
and then 3 internal networks. This box has 4 NIC's.
We are getting another box for the firewall and getting HA.
I'm thinking about reducing the number of NIC's in the firewall boxes from 4
to
2 and perhaps even 1. I'm planning on using VLAN tagging (802.1q) for
sorting
out the networking as internally i do not want to change things. I see that
checkpoint support 802.1q VLAN's out of the box so this side of things
should be OK.
Can someone advise me on if they think this is a good/bad idea? I've spoken
to
Checkpoint support and they say that FW-1 is supported in this configuration
so
i'm happy with things from that point of view. As we run this on Linux (or
SPLAT) i'm happy with the OS side of things also. Just looking for info on
how
others run their networks to minimise single points of failure etc. The
switch(s) that i'm thinking about getting are going to have redundent PSU's
etc
and be centrally manageable so that if i add another switch i can make them
all
aware of each other and have packets go between the switches, as long as
they
are on the same VLAN.
sound sensible?
thanks
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
