Tuesday, September 1, 2020

Firewall Design and Implementation

We are planning for implementing the Server Farm Firewalls with the following points into consideration

  • To secure and control the access from the user (access layer) to server farm such as IPS, Access policies, AV
  • East-West traffic inside server farm for stopping malware propagation for critical servers.

In addition to the above, we are also looking for a Web Application Firewall (f5, Imperva) for web servers in DMZ.

The current design is collapsed core. Server Farm access switches are directly connected to Core. The core does inter-VLAN routing and has a default route to pair of Internet edge firewalls which terminate internet connections, VPN and DMZ

I'm looking for a validated design to deploy the solution.

Which firewall would best fit the above requirements Palo Alto, Fortinet, or FTD.



No comments:

Post a Comment