Hub and Spoke topology
I'd never heard of Hub and spoke before but from reading it looks like it would fit our needs quite well for a VPN to our remote sites. We have a "headquarters" and 3 remote sites, a fourth in the near future. Our hub would be our NSA 5600. The spokes are TZ570s. Remote sites are a dozen or less PCs/devices so much smaller than headquarters. Can the NSA 5600 handle this load and potentially a 5th and 6th site down the road? I'm sure we'll have replaced the NSA 5600 by that point but never the less wanted to ask.
For efficiency ideally I'd want all WAN traffic not destined for VPN to use the local gateway. With the added routing + VPN, will the TZ570s be able to handle that load as well?
The 570s were purchased by the powers that be above myself so I'm playing catch up to find out if they will handle what we're trying to do.
Another thought is having access consistent among all sites. Outside of exporting the entire config. of the main firewall, is there a better way to export just access rules, content filter objects etc.?