Hi, all
My client currently has two firewall modules with StoneBeat fullcluster
with one ISP which has BGP configuration. Now my client wants to change
the setup to utilize two ISPs (i.e. one in NY, one in CT with different
network number) instead of one ISP and BGP setup. What is the best way
to accomplish this?
The client is thinking that dismantle the firewall cluster and put one
in CT and another one in NY as individual firewall to save firewall
cost. For high availability of DMZ, it might need to setup two DMZs (one
in CT and one NY) in case of the site failure. Do we need to have load
balancer for ISP in front of firewalls to monitor the availability of
ISPs? Internally the client is trying to use router to control users'
internet access with proxy server (i.e. NY users accessing internet
using NY's ISP link, CT users accessing internet using CT's ISP link).
Any recommendations? Thanks.
Ryan
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
