We have recently purchased two SSG520M firewalls. One will be installed at our live site and one at our DR site. The two sites are linked via a 1Gb LAN link and we have recently installed a new 2Mb leased line between the two sites to link the firewalls / DMZ etc and possibly the internet routers together via seperate Vlan's.
At the "Live" site we have two Internet connections - a 1Mb leased line with ISPA and a 8Mb ADSL with ISPB.
At the "DR" site we have a 2MB ADSl line with ISPA. All of these sit on different subnets.
In an outbound direction we ideally want to run the two firewalls in an active / active manner and load balance the three external links. Inbound we'd like to have similar with automated failover between links and firewall's.
The external company who are assisting us with this solution are suggesting that we move onto a single ISP and use common IP's with HSRP for failover. However we are an offshore island and the ISP's here ocassionaly go down so we need to ensure we have multiple ISP's for business continuity.
I am a complete novice on this so any advice / guidance would be greatly appreciated.