1 qfx5100 stack Redundant connections from my ISP, 2 physical firewalls. Each firewall needs access to both of the ISP connections. 4 access only ports, 2 on each stack member in a layer 2 VLAN, no trunk ports. The rest of the VLANs on this stack are internal, data and phones. Is this enough security? Is there a better way to ensure the traffic is segregated? I'm not opposed to getting a dedicated switch for this, but would rather not. New to Junos so any help is appreciated.