This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Where to place UTM before or after Router?

Hi guys, I am in process of redesign of my home network and I got Edgerouter Lite to replace Netgear w/ Tomato. After seeing that edgerouter won't answer all my concerns I am thinking of adding UTM to equation. I know that UTM can handle everything that ordinary router does, but I wan't to have some kind of redundancy. If UTM or router dies, I want to quickly recover and go to limp mode till find replacement. The most important is to have working internet for my work (two laptops) and I don't need UTM, the second on importance list is to have UTM for kids, wife and their devices.

Network setup is currently simple. ISP modem - > Edgerouter -> Layer 3 Switch. Next step might be to add backup link, 4G Modem that will go to Edgerouter who will handle balancing when link goes down, and everyone connected to switch would use internet without knowing that one of links is down.

My question is where to place UTM? Between ISP Modem and router, or between router and switch? I know that most advices on similar questions are to replace router with UTM. Found few posts where UTM is placed before router. But didn't found much information about having UTM behind router, which is the most logical solution to me.

Edgerouter forum guys explained to me that before router I would be able to see whats happening on WAN interface, but loose ability to differentiate whats coming from internal IP addresses. After router I would be able to see what's coming from internal network, but won't be able to see what's happening on WAN interface.

My reasoning is to have router with simple firewalls/port forwarding, NAT, DHCP. All advanced security stuff would be let to UTM to handle, behind router. I won't be able to see what's going on on WAN interface, but at least I hope that if something suspicious pass through router it would be handled by UTM afterward. Maybe there is some way to forward logs from router to UTM to analyze whats going on on WAN. I am more interested on whats going on inside the home network, as I have small kids who are my major concern. For all this to work without having to do anything on user devices, UTM should be set to transparent mode?

Does all this have sense? Is this possible and good solution? I never used any UTM... last time I played with something like this was ZoneAlarm in early 2000 :) So treat me as complete newbie.

This thread was automatically locked due to age.

Parents

Bohdan.S over 8 years ago

Standard deployment would be ISP modem - > UTM -> Layer 3 Switch, and the ISP modem would be in 'bridge' mode, so all it does is connect to the ISP and the UTM handles all the extra stuff (like DHCP, NAT, port forwarding)
Cancel
Vote Up 0 Vote Down

Cancel

Reply

Bohdan.S over 8 years ago

Standard deployment would be ISP modem - > UTM -> Layer 3 Switch, and the ISP modem would be in 'bridge' mode, so all it does is connect to the ISP and the UTM handles all the extra stuff (like DHCP, NAT, port forwarding)
Cancel
Vote Up 0 Vote Down

Cancel

Children

rfcat_vk over 8 years ago in reply to Bohdan.S

further if the utm dies, you rebuild it using an old PC and import your backup and you are online again. The main reason your UTM will die is because of poor choice of hardware.
Cancel
Vote Up 0 Vote Down

Cancel