I need to decide on how to implement a connection from a remote site to our main office over carrier ethernet. We have Ciena 3930's as the ethernet demarc devices at both locations; at the main office, the switch runs to our firewall. For the remote site, the question is whether to use a layer 3 implementation, with the current firewall there between the demarc switch and our access switch, or leave out the firewall and connect the demarc switch directly to our access switch.
Are there any real benefits from leaving out the firewall and stretching layer 2 over the WAN? It seems like a better idea to contain the layer 2 traffic at the remote site with the firewall.
No comments:
Post a Comment