This is the first time I have seen this and I was curious on the feedback on this configuration...
I'm at a new gig and they have their network setup with two external firewalls (active/passive) for redundancy, then their DMZ, then another pair of firewalls before getting into the Internal network.
I have always just seen one set of firewalls, not two. It has made trouble shooting a complete nightmare, because they do double NAT'ing.
I have read a thing or two that "maybe" this might be something you would do if you used two different vendors to protect against a 0-day exploit, but it seems a little odd to me.
I just thought I would ask the experts.