Connecting networks securely with a switch

[tweir () paradise net nz]

Wizards,
I work for a large solutions company which wants to connect
a network that we have specifically created to our customers
networks via a firewall AND a switch in paralell.  The
reason for the parallel connections is that we intend to use
the firewall for X, ftp, telnet and some other systems
management protocols (Tivoli) and use the switch for backup
data requiring high (multi gig) throughput.  The switch will
be configured to allow only 2 ports for Tivoli Storage
Manager backup traffic.

So basic architecture is:
                 |-----------------------------------
                 |                                  |
                 |                                  |
Customer A |--Switch-----Backup Server-- |          |
           |--Firewall------------------ |(Mgmnt    |
                 |                       |Network)  |
                 |                       |          |
Customer B |-----|                                  |
    |-----------------------------------------

We have hardened the switch per all available guidance.
The reason we are using the switch rather than a high
powered firewall the throughput and the cost.

My questions are:
Has anyone implemented a similar architecture as this?
. . if so do they consider it secure and have they taken any
other risk mitigation steps?
Is there a better way to do this?

Thanks
wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards