40 g connectivity

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

40 g connectivity

L4 Transporter

Hi,

I have the below topology 

pa1.png

 

 

PA has two 40 g ports and my core has 4 40g ports . server SW  also has  40 g ports ( the switch is for connecting servers ) 
core required two 40g Ports for cross-connection.

So remaining two 40g connections,

Do I need to use it to connect  the DC fW,or yes which link ?

or Do I need to use it to connect to server switches ? 

 

Thanks

 

 

6 REPLIES 6

Cyber Elite
Cyber Elite

Hello,

I would say it depends on how much traffic you are trying to push through the firewalls. That will ultimately give you the answer. However I suspect that 10G would probably be enough.

Regards,

Hi @OtakarKlier 

 

Thanks for the reply. I am going to use a VDIsolution for 1000 users.

I am not sure How do I size for this purpose or where do I place the vdi servers .

a vdi and image deployment solution require a 40G fw . 

My internet bandwidth is around 600-800 Mbps , the vdi solution will be published outside 

Thanks

 

Thanks 

 

 

 

Cyber Elite
Cyber Elite

Hello,

Since you are limited in the number of ports to use and you have 4 firewalls, this might decide the design.

I know its not much to go on, but I think you'll see the solution when whiteboarding it.

 

Regards,

hi @OtakarKlier 

There is no 4  firewall ( 2 firewalls in active-standby mode )  (Maybe only one )  .

Thanks

Cyber Elite
Cyber Elite

Hello,

I saw 4 in the drawing, so they must not be in play. Thinking about it, I might connect the servers to the switches at at 40G ports. What gets sent to the clients should be less traffic than server to server communications.

 

Just a thought.

Cyber Elite
Cyber Elite

@simsim,

You haven't really stated where your VDI servers are going to live, but I assume that you'll have a set of access gateways in your DMZ that will be public facing. I've seen some people just place VDI deployments in their "server" security zone and run with that, but I tend to like to see VDI treated the same as any other access client. That might mean that they are placed in the "inside/trust" zone, or that they get their own security zone to keep them isolated from the rest of your "server" infrastructure. 

Not knowing the rest of your network or anything about what sort of bandwidth you're actually passing, its hard to say anything too definitive about where you should use your available 40G links. Knowing very little about your network, I would assume that a 1000 user VDI deployment is probably going to be where most of your traffic is coming from. With that being said I would likely put that additional bandwidth in that VDI zone.  

  • 2369 Views
  • 6 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!