Let's discuss design considerations for site-to-site firewall termination points.
- A Separate VPN Firewall: You might have seen multiple scenarios for enterprise networks. Having a single firewall gives networks less flexibility and a single VPN termination point. However, most networks have at least a dual firewall layer from a security point of view. The first firewall is there to stop all unwanted data traffic and to control DMZ traffic, while the second firewall can be used to terminate a VPN connection, along with next generation firewall features such as URL filtering, and antivirus:
- Remote Access VPN Tunnels—to split or not to split?: Whenever an organization evaluates options to set up VPN for its remote workers and partners, one of the security considerations that arise is whether or not to support a split tunnel model. Let's explore...