Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
290
Views
0
Helpful
2
Replies

skipping firewall to utilize fiber link ideal?

Cyber Q
Level 1
Level 1

‎08-01-2022 09:58 AM - edited ‎08-01-2022 08:55 PM

Hello All, I am looking for a little guidance in our network design. Any help is highly appreciated. 

We have fiber ran to our organization but out Cisco ASA does not have a Fiber optic interface installed, but our core switch does. 

Would it be ideal for the fiber to be ran to our core switch then back to the firewall through a copper cable, then to our switch again?

Or would it be a betting design to place a router with a fiber interface in front of our Cisco ASA firewall?

I am thinking about security and the amount of hops. Could it be bad if the switch receives data without firewall? Would one extra hop affect our voip solutions? 

 

Thank you,

Q

Labels:
0 Helpful
2 Replies 2

MHM Cisco World
VIP
VIP

‎08-01-2022 10:02 AM

which ASA model you have ?

 

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎08-01-2022 11:29 AM - edited ‎08-01-2022 11:30 AM

Very unlikely the "extra" L2 hops would cause any performance issues.

As to security, mixing inside and outside FW traffic, on same switch does offer additional exposure to security issues as the one device, in theory, could be a non-secure conduit between the two.  However, personally, I would consider that rather low risk (hey, in theory, one might breach a FW too), especially if the "outside loop" is purely L2 without a SVI, because it would be difficult to even detect your traffic is passing through a transit switch and not just a p2p link of some kind.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card