What factors influence your preference between terminating internet connections at the core switch versus the firewall, and how do you assess the trade-offs between security, network management, and performance considerations in each approach?
It's very easy to show that your edge and core are separated if they are on physically separate devices. For some audits, this is honestly worth the relatively small omeglevoojioowegle cost of a few L2 switches.