Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1022
Views
0
Helpful
4
Replies

Network Redundancy

ross_rulz
Level 1
Level 1

‎07-20-2011 11:31 PM - edited ‎03-07-2019 01:18 AM

Hi Guys,

Can someone please point me in the right direction with regards to my network setup. (please see network diagram attached).

At the moment we are in the process of moving out IT infrastructure offsite to a ISP DR site. We already have our own little DR site but my boss is looking for our main infrastructure to be going to a big DR site.

I've drawn up a quick network diagram of how it might look but need help from you guys on how I can setup redundancy if parts of the network will fail.

Any suggestions would be highly appreciated.

Thanks,

Ross.

Labels:
103590-Proposed Network Layout.vsd.zip
0 Helpful
4 Replies 4

Jon Marshall
Hall of Fame
Hall of Fame

‎07-21-2011 04:45 AM

Ross

Some of use can't read visio files. Could you repost as a jpg/png ?

Jon

0 Helpful

ross_rulz
Level 1
Level 1
In response to Jon Marshall

‎07-21-2011 04:50 PM

Hi Jon,

I've attached the network diagram as a jpeg now.

Thanks,

Ross.

0 Helpful

boss.silva
Level 1
Level 1

‎07-21-2011 05:52 AM

Hello,

By looking at your diagram, just three things i've observed:

1) Might be only the drawing, but on the right side, there is only one firewall, but mentions a cluster. Is that correct?

2) Does that cisco ASA on the left side have a failover? Doesn't seem like it does. If not, i would advise you to put one. I don't understand the relation of the failover link to be between the center ASA (Council House Building) with the right side one.

3) Might be good to put the checkpoint firewalls in each switch, because if the external DMZ switch 1 crashes, you will get in trouble.

4) Would you have too much traffic traversing the 6509's? Because the link between the 6509-left and 3750 is 1gb fiber, and the link between the 3750 and the 6509-right is a fiber port-channel (density?).

Regards,

Bruno Silva.

0 Helpful

ross_rulz
Level 1
Level 1
In response to boss.silva

‎07-21-2011 04:55 PM

Hi Bruno,

Thanks for your input. I'll answer the questions best I can.

1. Yes the Checkpoint firewall on the right is part of the other two Checkpoint firewall's on the left as they are all in one cluster.

2. No the Cisco ASA on the left does not  have any failover. The relation between the Council house ASA and the one on the right hand side is there's another internal network that hangs off these ASA's and they need to be separated from our corporate inside network.

3. If the external DMZ switch 1 crashes the Checkpoint on the right hand side will take control.

4. There could be to much traffic on the 1gb link. I might need to ask the boss to get another 1gb link.

Thanks,

Ross.

0 Helpful
Customers Also Viewed These Support Documents