Greetings all,
A client has N7K Core switches connected to N5K Distribution (Fabricpath) which connect everything from standalone servers to enclosures. But uses Firewalls connected to the N7K as gateways for the vlans in the DC (So screening / routing internal and external traffic).
The idea is to move to VXLAN, which requires new N9K Spine and Leaf switches.
So my question is, where do these firewalls fit in? Where would we need to connect them to inspect traffic between internal VLANs in the same "zone" and external zones?
Would make sense to put a firewall as a Border Leaf but that would be for interzone traffic, but not sure that would be a good idea for internal Zone traffic.
The information out there is overwhelming and I cant seem to find something similar. If someone has an idea or can point me in the right direction that wo