Hi all,
I want to implement a failover FW structure and a IDS too. So, the
picture will be
|
| Internet. Cat6 to main router
------------
| TAP | ----> IDS
-----------
| |
| |
FW1 FW2
| |
| |
------------------
| Main switch |
------------------
|
Internal network
Obviously, the FW1 and FW2 redudancy is maded by CARP and dedicated
NIC/wire.
My dumb question is
¿I need a TAP with 2 replication-ports (in relation to main traffic
incoming port)? I'm thinking in the case that one FW fails, so I supose
I need the main traffic arrives to the both FW. ¿Am I right?
If I'm right ¿what TAP provider do you advise to me (netoptics, comfract...)
--
Thanks,
Jordi Espasa Clofent
