Results 1 to 6 of 6
  1. #1
    Untangler
    Join Date
    Feb 2009
    Posts
    85

    Smile Why are needed two or more NIC cards for an UT server with about 700 devices?

    Hi.
    I'm attempting to deploy an UT NGFW in a school with about 600 students and 100 teachers.
    All students must connect to internet via Policy Manager and Application Control modules.
    All 100 teachers must give their lesson in this COVID's time by means Microsoft Teams. from inside the School and inside the UT Firewall.
    We have a symmetric Internet connection at 200 Mbps/ 200 Mbps in download and upload.
    If I read UT's Wiki about hardware requirements I see that an UT server must have, among others : 2 or more NIC card.
    The question are:
    1) how the 2 or more NIC cards must be configured in the UT server?
    2) how the 2 or more NIC cards can help the UT server to respond to its hard work load
    Any idea?
    Thanks in advance for your reply.

  2. #2
    Master Untangler
    Join Date
    Oct 2013
    Posts
    202

    Default

    With your setup, you basically need two (2) gigabit-Ethernet ports at the minimum. One is for the WAN (external/internet-facing) and the other is for LAN (internal network, where your teachers are). You can add additional network ports for say, a DMZ or a 2nd LAN network, etc., depending on what you need.

    That's basically what the Wiki is saying.

    As far as capacity is concerned, with just a 200/200 mbps internet connection, having gigabit ports on both WAN and LAN is more than enough.

    I just want to clarify something... Are the 600 students also behind the firewall along with the 100 teachers, or are they all remote/outside the school premises?

  3. #3
    Untangler
    Join Date
    Feb 2009
    Posts
    85

    Default

    Hi oj88.
    Thanks for your reply.
    I take it for granted that at least two NIC card are needed so that the firewall will work correctly.
    My doubt was concerned about the needs of two or more NICs other than the one connected to the internal LAN and the second connected to the WAN (to the Internet modem/router).
    In other words: what benefit I'll obtain if, i.e., if I had one NIC connected to the internal LAN and two NICs connected to the WAN (or viceversa)?
    In addition, all the students and the teacher will be at school behind the firewall in normal conditions, otherwise, in case of stop to the mobility of all or part of the students toward the school (due to COVID's restriction), the teachers will continue to go to School and will make their lessons from inside the school and the firewall by means MS Teams,
    I hope I've been clear.

  4. #4
    Untangle Ninja dwasserman's Avatar
    Join Date
    Jun 2008
    Location
    Argentina
    Posts
    4,348

    Default

    The 3 nic can be used to wan failover, if you have an backup ISP.
    My recommendation in that environment is that you call a Untangle partner close to your location, to evaluate, design and implement a successful project.
    The world is divided into 10 kinds of people, who know binary and those not

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,241

    Default

    Physical interfaces are used for whatever they need to be used for.

    Untangle doesn't support adapter teaming... but if you're routing multiple internal networks it may not be in your best interest to VLAN them all. VLANs are great, but you're limited to that single interface's bandwidth. If you spread out your VLANs you get more interior routing bandwidth. The same thing holds true on the External side, but usually that's more for use of multiple Internet connections for load balancing and fail over purposes.

    Bottom line, you can never have too many interfaces, because they're REALLY hard to add to the mix later when you need them, and when you need them, you need them YESTERDAY. So I always recommend getting more than you think you need now, so that appliance can sit there for the next ten years pushing packets regardless of changes in need.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #6
    Untangler
    Join Date
    Feb 2009
    Posts
    85

    Default

    Hi sky-knight.
    Thanks for your reply.
    In fact I thought to anything like NIC's teaming.
    Anyway I'll purchase at least one another NIC that I'll use as spare part.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2