- Discussion of key strenths of vyatta, and firewalls in general
- Link to the open-source VyOS version and the commercial Vyatta project
- Talk about Softlayer choices specifically -- why softlayer version is insecure / finnicky with SSL & PPTP options, limitations & cost of the Fortigate appliance
- Show how you can set up private networks inaccessible from the internet
- Show how you can set up public, protected networks that are separated from the private networks
- Highlight VIFs, specifically how they work inside Softlayer, how to support multiple IP ranges
- Show how you can setup VRRP to fail over to another vyatta machine if one goes down
- Talk about benefits like 0-downtime upgrades and infrastructure redundancy
- Show pitfalls in VRRP configuration, which config is targeting your networking vs. vyatta machine-to-machine communication
- Show how you can segment failover into groups, caveats that can cause trouble, simplicity wins here
- Discuss OpenVPN, client support for iOS / Android / Mac / Windows
- Mention split tunnels
- Show firewall rules to allow openvpn connections in
- Show openvpn configuration
- Discuss how to generate client configuration for openvpn connection
- Major point about setting up VM networking to reliably work with OpenVPN connections
- Discuss what we learned -- how to set up split networks, how to handle failures at the firewall gateway and why you want to do that, connecting in a secure way through OpenVPN, and why split tunneling is a great match for lots of setups.