Was engaged in doing a Firewall implementation project for a shipping customer. The project involved these preparation:
Pre-migration Preparation (Wed-Thu, 16-17 Dec)
1) Export & Review (current) Symantec Firewall Policies/NAT rules/objects
2) Create Firewall Policies on Fortinet Firewall
Migration Day (Sat-Sun, 2o-21 Dec)
1) Rack up 2 sets Fortinet Firewalls
2) Cables preparation (with Network Engineering team)
3) Initiate Cutover to new Fortinet Firewalls (Active/Passive mode)
4) Configure Fortinet Firewalls to Active/Active mode
5) Perform Firewall policies tests
6) Perform High Availability test (BGP routing test, L2 redundancy test and Firewall HA test)
7) Perform Fortinet Web Filtering test*
Post Migration Follow-Up (21 Dec Monday)
1) On next Business day, follow up with customer on Firewall performance and issues (if any)
2) Only 2 issues reported and 1 resolved on same day. 1 outstanding and customer reviewing their architecture for that issue.
Overall Project Review
================
- Pretty smooth migration on migration day with about 95% objectives achieved
- Issue with network design for 1 x Sonicwall IPSEC firewall (still oustanding)
=============
Project Statistics:
=============
Man-days consumed: 4 Man-days
No. of Fortinet Firewalls implemented: 2 sets
No. of rules migrated: 100+
Customer Satisfaction: Fairly Good
Sunday, December 27, 2009
Subscribe to:
Posts (Atom)
