Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
262
Views
4
Helpful
2
Replies

WAN Design Support

pshah.1979
Level 1
Level 1

‎11-12-2009 02:10 PM - edited ‎03-04-2019 06:41 AM

Hello

We are refreshing our network design with keen eye on security. plz advice if all WAN links, VPN,PROXY should be terminated on DMZ to protect.We got ASA 5540 with default ports. Today each service is running on different box and hits core directly.

WAN Router connected to CoreSwitch

ASA firewall connected to CoreSwitch

Wireless LANController Connected to coreSwitch

VPN Router Connected to CoreSwitch

WAN, VPN, Wireless,Proxy Traffic dont pass the firewall

Web Publishing services,SSL VPN passes the firewal

any suggestion and cisco documentation refrence

Labels:
0 Helpful
2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

‎11-12-2009 02:19 PM

Pratik

Here's a link to the security design docs/guides from Cisco -

http://www.cisco.com/en/US/netsol/ns744/networking_solutions_program_home.html

In answer to your questions -

WAN - doesn't need to go through firewall as long as your WAN is trusted ie. all the remote sites

VPN - should be firewalled

Wireless - again if possible should be firewalled

Proxy traffic - not sure which direction you mean but should really be firewalled in either direction.

Jon

pshah.1979
Level 1
Level 1
In response to Jon Marshall

‎11-12-2009 02:47 PM

very helpful link Jon.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card