Quote:
|
Originally Posted by pathological
... What i would LIKE to do is in the rack put 1 or 2 for redundancy, OpenBSD servers in there, to run the firewalls. Now these will be Xeons with like a gig of RAM so i would almost use them for more than just firewall purposes, but that is just a possibility, i am sure we can get a low end server for this purpose ...
|
I would advise against using your firewall boxes for anything other than firewalling. The more services you run on a box, the more vulnerable it becomes. Your firewalls should be rock solid bastions of defence. As for your rack config, the physical layout of your boxes in the rack isn't really the issue*, it's the logical configuration you should be more concerned with. Don't just focus on your firewalls, take a layered approach to security models and think about all of the traffic, services, users and data that your systems involve.
I can't view the image you posted. I use
ImageShack to host images for stuff like this forum, check it out. Post a visio diagram of your network layout (
**NO real external IPs/Addresses or other company identifying information!!**) if you can ...
* I won't go into UPS, power & cooling considerations for now.
