Howdy,
I'm assisting deployment of a web app running on two systems. A Windows box running IIS (with public IP mapped to a DMZ IP) is the front end to a mongodb deployment on a Linux system. Originally the database was on an internal node and our admin noticed large bandwidth consumption in our firewall. I suggested moving the database to our DMZ and creating a vlan for those two hosts. Our admin has said DMZ-only traffic (server to server in their own vlan) will task our firewall. My understanding is it is possible to configure a separate vlan that would keep most of that server-to-server traffic in the switch. Can someone comment 'generically' on traffic isolation so as to minimize firewall load. We are running fortigate 6.2 in HA mode with all firewalls/switches brand new.
TIA, packetdropped
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.