High Availability with Single-hop or Double-hop DMZ

Many companies use the perimeter network (DMZ) to separate the public network with servers that handle exposed services and the internal network with servers that handle internal services. There are two types of DMZ: single-hop and double-hop, with the latter using three firewalls and therefore being more expensive, but more secure (with three firewalls, using different firewall technologies, you can avoid one weakness or one type of attack breaking all firewalls). A firewall between RAS Secure Gateways and the intranet must allow gateways and systems to connect to a RAS Connection Broker using the standard port.