Knowledge Search


×
 

INTEGRATING FIREWALL SERVICES IN THE DATA CENTER NETWORK ARCHITECTURE USING SRX SERIES SERVICES GATEWAY

  [TN78] Show Article Properties


Description:
The purpose of this document is to provide readers with details about various design considerations and implementation guidelines to deploy firewall services in the data center core using high-end Juniper Networks SRX Series Services Gateways. The firewall services in the data center core can provide additional security and help meet compliance requirements by segmenting deployed server networks and by securing traffic within server networks.
This document briefly reviews the technical concepts of the SRX Series Services Gateways related to design and implementation of firewall services. Deployment scenarios are based on a logical 3-tier architecture (access, aggregation, and core) which can be collapsed physically into a 2-tier architecture (collapsed aggregation/core) or a single logical switch. The design principles discussed in this document are generic and can be applied to a customer’s respective physical network design as long as all traffic is received at the attachment layer of the firewalls to the network.
In this document, we review the following deployment scenarios and design considerations:
• Active/passive firewall cluster deployment with active/passive data center network infrastructure
• Active/passive firewall cluster deployment with active/active data center network infrastructure
• Active/active firewall cluster deployment with active/active data center network infrastructure
After reviewing deployment scenarios, implementation steps and validated configuration details are presented. The design is validated with Juniper Networks switching and routing products; however, the same design options can be applied for data center deployment with any other standard switching/routing platforms. This will help readers to compare different options related to their specific data center network design and make appropriate decisions for firewall deployment.



INTEGRATING FIREWALL SERVICES IN THE DATA CENTER NETWORK ARCHITECTURE USING SRX SERIES SERVICES GATEWAY [PDF]
Keywords:
Data Center Security, Security architecture, firewall, HA, High availability
Source:
Technical Marketing