core switches are interconnected and there is no firewall at present,
Single ISG 1000 will be added to the environment for protecting different zones ( VLANs) in the core switches. One vlan for the internal users(trust) and a second vlan in which 2 servers will be connected(dmz), third vlan will be for towards internet ( Un_trust). in case of two firewalls i would have connected respective interfaces from ISG to each core switches and run NSRP for HA.
How this can be achieved with one firewall, Can I connect one interface to coreswitch1 and another interface to coreswitch2 , for getting the interface redundancy so that failure of switch or link failure to the coreswitch1 will not have impact on the security solution.
Attaching the diagram with two firewalls what will be the best in terms of connectivity and configuration.
I am ok having single point of failure in firewall for now.
My apologies, I am not good in explaining the situation.