Two Tier / Dual Firewall design and best practices

Forum|Forum|8 years ago
March 8, 2018
1 reply
9856 views

Not sure what forum this belongs in so please move if this isn't the right place.

Looking for any articles, cookbook recipes, papers, thoughts, etc. on FortiGate best practices for two tier setups. One set will be FortiGate(s), but the other has to be another brand due to HITRUST.

Topology considerations: physical, virtual, hybrid p-v?

Modes: NAT/Route, Transparent, hybrid?

Networking: 10Gb Layer2/3 switch, use L3 on switch?

Thanks for any help!

emnoc

New Member

suggestions and thoughts

1: You need to engage a partnet

2: HITRUST cert does not require two vendors , you should get a consultant in HITRUST assestment and compliance guidelines

3: You requires should include what UTM features that you that would drive your hardware devices and types

4: I doubt a cookbook exists

Necron99Author

New Member

1: Maybe. I was really just looking for people who have been through this setup and see what experiences they could relate when they lived through their environment.

2: That is what our HITRUST auditor told us although I am getting information second hand. I questioned this myself but I will specifically ask to see the requirement now. I really don't think two tier setup is necessary.

3: Understood.

4: Figured but thought I would ask.

Thanks.

emnoc

New Member

FWIW: Auditors like to spew a lot of " his/her opinions" have them provide the compliance regulator paragraph/section .

Ken

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded