If you decide to go this route, I would recommend a firewall solution that can handle the throughput with the least amount of latency. Most likely a firewall appliance. For example, if you are gigabit between your server LAN and your insecure LAN, the Cisco 5550 is the minimum unit you would need to get into to support a 1 Gig. http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_data_sheet0900aecd802930c5.html
If you have L3 switches, you may already have the capabilities without an additional appliance, but YMMV depending on the throughput capabilities of the L3 processor. -A On Thu, Aug 12, 2010 at 3:11 PM, Heath Henderson <[email protected]> wrote: > I set this ip in one location. Lots of rules to manage. In the end it was > easier to ensure all servers were running their built in firewalls. > > This suggestion came up again in dealing with cloud setups. Ultimately > separating the school network into two segments and treating all internal > traffic as "external" traffic and therefore setting access to everything from > home and school the same. > > Right now it is still a suggestion. > > > -Heath Henderson > > On Aug 12, 2010, at 12:27 PM, Brian Tobin <[email protected]> wrote: > >> We all use a firewall for to segment off the internet and our local network. >> Anyone out there currently running a firewall between their servers and >> their workstations? Our servers have their own vlan, but they are not >> firewalled off from the rest of the network. >> >> >> Brian Tobin >> DeKalb Community Unit School District 428 >> 901 s 4th st >> DeKalb, IL 60115 >> [email protected] >> [email protected] >> W815.754.2284 >> M302.468.6246 >> | Subscription info at http://www.tech-geeks.org | > | Subscription info at http://www.tech-geeks.org | > -- "Don't ask yourself what the world needs. Ask yourself what makes you come alive and then go do that. Because what the world needs is people who have come alive." -Dr. Howard Thurman ****************************** Aaron Keith Hackney [email protected] Cell 210.325.2196 ****************************** | Subscription info at http://www.tech-geeks.org |
