On my current setup, I have two firewalls.
The router has a firewall function.
And the NAS operating system has a firewall function (the native Linux-based feature).
The new setup will have these too.
But I’m considering putting one of these in, to sit between the router and the Linux firewall.
Is this too much?
Is too much even possible?
I think having a third layer of firewall protection is reasonable.
But do you?
The HP DL380 G5 server requires two, but has capacity for three, NICs (Network Interface Controllers).
There are two standard NIC ports, as you would expect from a heavy-duty internet server.
The third is an iLO2 port.
The reason servers have two NICs is to give the server high availability and redundancy capability, and for load balancing.
But the iLO2 port is a non-public, management-only route on to the server.
So while NIC port 1 and NIC port 2 are filtering and processing inbound/outbound packets, the iLO2 port just sits there, in a semi-dormant state.
iLO2 stands for ‘Integrated Lights-Out’ (v2).
The iLO2 function enables root admins to remotely access a failed/stalled server and perform all manner of remote management functions via a dedicated out-of-band channel, regardless of whether the machine is powered on or not, and regardless of whether an operating system is installed or functional or not.
The downside is that one has to provide the HP DL380 with three network connections.
So that’s six network connections for two servers.
Nine network connections for three servers.
Good job switches and patch panels exist, eh?