Hello Gents and Ladies,
I have two design questions that I want to run past you all. I want to know the pros/cons and how I deploy.
- I have a client that uses Palo Altos to terminate 10G Internet circuits. I have heard of people landing circuits on firewalls but I have never seen it done. I'm used to a router at the edge, either doing BGP or static and then a firewall cluster as you move inside. What have yall seen?
- The same client has each firewall directly connected to each other through HA. I have seen each HA interface talk over an L2 switch (dedicated VLAN). What are the pros and cons of each that yall have seen?
- MPLS for traffic isolation. I usually follow the KISS model when i design and I often find introducing MPLS for traffic engineering and isolation to be a bit overkill regardless of the number of tenants you have - Of course service providers and hyper-scale customers are in a different league. I'm referring to Enterprise environments. Say I have 200 customers, whats the advantage here of MPLS?
No comments:
Post a Comment