Internet Edge Design: Single Firewall or Layered Firewalls?
While redesigning Internet Edge of our network many ideas came to the table. One was to use single firewall vs. layered (or dual) firewall design.
In my opinion and experience - if your company have the budget - opting for a layered firewall approach is a better and more secure design than just having a standalone firewall on your edge. In addition, I like to have at least different vendors for each firewall at different layers. Each firewall should be running in different mode (i.e. transparent vs routed).
In this post, I would like to know what others think? Please leave your opinions and ideas in the comment section.