Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2390
Views
0
Helpful
2
Replies

Firewall between DC and DR

Go to solution
csco11522833
Level 1
Level 1

‎12-07-2018 10:47 PM - edited ‎03-12-2019 04:17 AM

Hi,

I need suggestion, we have Data Center and Disaster Recovery connected with point to point link. link is connection our DC sever segment with DR server segment. It is mainly for replication of data. in future VM, vlan extension is possible. 

 

Now client is asking us to install firewall. at both end of point to point link. Here I want to tell you that server segment at each end is fully separated with firewall. 

 

My concern is Why we need firewall between server segment between DR and DC connected with P2P link. Can we go for firewall. What will be the impact of having firewall between DC and DR server segment on replication and other services between DC and DR.

 

I have not seen firewall between DC and DR server segment in my previous projects.

Labels:
Preview file
22 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Abheesh Kumar
VIP Alumni
VIP Alumni

‎12-07-2018 11:44 PM

Hi,
So you have a dedicated P2P connection in between DC&DR , then my suggestion is not necessary a Firewall in between that. As per your post your serverfarm is already protected by firewalls.
But some organisations like banks and all have more security constraints and they design to add a firewall.

HTH
Abheesh

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Abheesh Kumar
VIP Alumni
VIP Alumni

‎12-07-2018 11:44 PM

Hi,
So you have a dedicated P2P connection in between DC&DR , then my suggestion is not necessary a Firewall in between that. As per your post your serverfarm is already protected by firewalls.
But some organisations like banks and all have more security constraints and they design to add a firewall.

HTH
Abheesh
0 Helpful

Go to solution
Dennis Mink
VIP Alumni
VIP Alumni

‎12-08-2018 02:16 AM

Typically you would have one fw per dc. Links are most times layer 2 with stretched vlans. So each dc had an internet break out and fw in ha deployed.

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card