Firewall Router Switch Best Practice
I am doing some best practice research for a small business. It has come up a lot before online I found out with the debate of Firewall first before router and vice versa. They have a Cisco ASA, 4300 Cisco Router series, and a Cisco SG550x 24 port switch. Comcast business Class is their ISP. I did some background research and there will be no webservers or VPNS needed etc.
I was debating between one of these 2
ISP > ASA > Router > Switch - My recommendation
ISP > Router > ASA > Switch
Any one else have recommendations on best practice?
I was debating between one of these 2
ISP > ASA > Router > Switch - My recommendation
ISP > Router > ASA > Switch
Any one else have recommendations on best practice?
Comments
-
Iristheangel Mod Posts: 4,133 ModIt all depends on what you're doing. i.e. Are you doing VPN? If so, what kind of VPN? Where is the VPN going to be terminated on? Are you going to NAT? Where does the NAT need to be placed? etc etc etc
-
jah8887 Member Posts: 82 ■■■□□□□□□□After talking some more I have a better idea of what they want done. I will list them below
1. They have 2 Cisco WAPs which one would be used for guest wireless and one for business wireless
2. They have a server (Regular File server) they would like it on a different sub net but be able to communicate with their business pcs, which is 192.168.1.0 /24 at the moment.
3. They plan on potentially expanding the network later on if all goes according to plan.
4. Also no remote access, DMZ, or VPN will be needed as of now.
Thanks all for the replies.