Comment
by
on ‎04-03-2019 02:42 AM

@kerplunk 

 

A geat question. 90% of schools in Ireland use the school broadband scheme, which they are provided for with a Juniper Firewall by the Department that takes care of security and filtering (in theory), but gives schools an extremely limited range of ips (usually around 100 per school) to use.

 

So I take the lan side connection from the Juniper, have it go into the wan on the USG, and using then have a new DHCP range inside for anything and everything, with IPS off.

 

In the case of a school not going with the broadband scheme (first one coming up in two weeks), USG pro is used instead as it will be the edge device, and IPS will be enabled,