This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Clustered ASGs providing different functions

I am interested in general discussion about how to do this and if it is possible with ASGs.
Some firewall products allow the use of specialty servers that are designed to manage/monitor/police one protocol and pass a message back to the main (controlling) firewall that the packet is safe to pass or should be blocked or dropped.

Could a small ASG running only packet filtering pass the HTTP management over to big ASG running only the HTTP proxy, same with the SMTP and the POP3 proxies etc etc.

The down side is each box would a need seperate licence, so I expect for a medium size company a bigger gruntier box is the answer.

But anyway just surmise.

Ian M

This thread was automatically locked due to age.

0 BarryG over 18 years ago

If you wanted all the proxies to be transparent, you could chain several firewalls together, and have each only do a small part of the work, but if any one goes down, you're completely down.
You could probably also do this with NAT.

However, if you don't care about transparency, you can certainly have one box just working as the HTTP proxy, another for SMTP, etc.

Barry
Cancel
Vote Up 0 Vote Down

Cancel