We use the Fatpipes mpvpn to load balance 3 internet connections coming
on on different media (fiber, copper cable) They work great. Remember
if you have an external services (mail, web, etc) you will need to
address dns issues if you manual change isp's. The fatpipes cover this
for you. Their support is great, we have been running 2 for redundancy
for over 3 years now with no issues.
http://www.fatpipeinc.com/mpvpn/index.html
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Dan Denton
Sent: Tuesday, October 23, 2007 2:19 PM
To: security-basics@securityfocus.com
Subject: [SPAM] - Failover internet connections, and implementation... -
Bayesian Filter detected spam
I've a question about failover internet connections. I'm interesting in
knowing what kind of implementations that other SMB's use for
redundancy,
and to switch to in the case of a DOS attack.
Do any of you have redundant highspeed internet connections for your
offices
(versus those for datacenters)? If so, what kind of setup do you have?
Here's the setups I'm considering...
1. Have a second cable modem/dsl modem active, but not hooked into the
network. In the event of a failure, move the connection for perimeter
devices over to the standby connection and reconfigure the perimeter
device
to use a different IP.
2. Have a second set of perimeter devices (firewalls) programmed to use
the
IP's on the second connection, as a hot standby.
My problem with the first option is the time it would take to
reconfigure
firewalls and IDS' to use the other ISP's connection. The problem I have
with the second is the expense of firewalls and IDS' just sitting there
idle.
Any input is greatly appreciated!
Dan
