[j-nsp] Using SRX's for BGP and Firewalling
Keegan Holley
keegan.holley at sungard.com
Mon Nov 8 13:54:26 EST 2010
One of the things that turned us off to the SRX series was the fact that
code upgrades have to be done on both firewalls if you run them in HA mode.
That's kind of a big deal if you want hitless upgrades or there are issues
with the upgrade itself. BGP is one of the main reasons to use a juniper fw
over a cisco in some designs, but I find myself liking the SSG/Netscreen
code better for now, even though Juniper has stated that they plan to move
everything to JunOS.
On Mon, Nov 8, 2010 at 10:38 AM, Maqbool Hashim <mhashim at ntsuk.co.uk> wrote:
> Hi,
>
> I'm looking at doing a multihomed BGP setup using two upstream Internet
> providers. We are obtaining PI space and would like to announce our PI
> space via BGP to our upstreams. I'm looking at using one of the SRX range
> from Juniper to handle the BGP and firewalling requirement for us. We don't
> need a full routing table. Is it a realistic proposal to do the BGP and
> firewalling on one device (an SRX) ? Or am I creating a rod for my own back
> by not using separate BGP routers and using separate devices to do the
> firewalling for me. I'd be interested in hearing if other people are using
> the SRX's in a similar way.
>
> Maq
>
> ----------------------------------------------------------------------
> This e-mail and any files transmitted with it are confidential and intended
> solely for the use of the individual or entity to whom they are addressed.
> If you are not an intended recipient, please delete this e-mail immediately
> and notify NTS(UK) Ltd on 0844 815 5925
> This e-mail does not necessarily reflect the Company's opinion and should
> not be interpreted as such.
> This message was scanned by Proofpoint Protection Server - please contact
> NTS for further information.
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
>
More information about the juniper-nsp
mailing list