[c-nsp] Campus Network - Deployment mode of Perimeter Firewalls
Keith Medcalf
kmedcalf at dessus.com
Tue Aug 11 21:02:53 EDT 2020
What is the difference? Does not the "campus network" provide a
service?
--
Be decisive. Make a decision, right or wrong. The road of life is
paved with flat squirrels who could not make a decision.
>-----Original Message-----
>From: cisco-nsp <cisco-nsp-bounces at puck.nether.net> On Behalf Of Nick
>Hilliard
>Sent: Tuesday, 11 August, 2020 03:34
>To: Yham <yhameed81 at gmail.com>
>Cc: cisco-nsp at puck.nether.net NSP <cisco-nsp at puck.nether.net>
>Subject: Re: [c-nsp] Campus Network - Deployment mode of Perimeter
>Firewalls
>
>Yham wrote on 11/08/2020 04:33:
>> Thanks for your comments. I kinda agree with you on avoid using
>> transparent mode however not clear why you wouldn't want your
>> north-south traffic pass through perimeter security devices (FWs).
how
>> would you protect your network from outside if you don't have
firewalls
>> in the traffic path? I have seen some enterprises use by-pass
switches
>> to go around the firewalls in case of an unexpected failure from
where
>> firewalls can't recover.
>
>I missed that this was a campus network, and assumed it was a service
>provider.
>
>Yeah, politically credible reasons for wanting some or all parts of a
>campus behind firewalls of whatever form. It's a completely terrible
>idea if you're a service provider though.
>
>Nick
>
>_______________________________________________
>cisco-nsp mailing list cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list