Examples

Example 1

Case Study - ABC (Pvt) ltd , they have a lease line with a router which use for web based e-mail and internet browsing too. They do not have any firewall and they have planned to implement a filrewall in their infra structure. Mentioned router has provided by the ISP and ABC company does not have any control on that router. They cannot change their LAN block too.

Option 1
We can configure the fire wall in tranceparancy mode. (Bridge Mode). There are sevaral advantages and disadvantages in this method. when we consider the bridge mode, all the interfaces are in the same network. Therefore you will not be able to get more control on it. Only thing is you can monitor all the packets transfer in-bound and out-bound.

Further, you can implement other security features which firewall has such as application control and URL filtering etc.

Example 2

Watchguard X1250e is really out dated box which is not available in the market right now. After this series of firewalls, watchguard has introduced an XTM box which has more features than that.  X1250e comes with firm ware version 10.2 and you can upgrade it up to XTM version 11.5 as you upgraded in existing firewall. But you will not be able to upgrade 10.2 to 11.5 in one steps. First of all you have to upgrade it to firmware version 11.3b and then you can upgrade it to firmware version 11.5.

In your case, you have to upgrade new watchguard X1250e box to firmware version 11.5 and then you can configure firebox clustering.

Watchguard high availability feature (HA) can identify as “firecluster” which you would going to implement in your network. There are two options call “Active / Active” and “Active / Passive” fire clustering. When you consider “Active/Active” fire cluster , you can have load balancing feature and when you consider “Active/Passive” fire cluster , you will get the redundancy.