Secure multi-homing Internet Access

Hi all,

  Due to may different factors, including different filtering policies,
  to different providers might not provide the same Internet view, or even
  Default-routing to the upstream ISPs therefore seems not to be the way to
go. Instead
  full BGP tables can be kept on the enterprise border routers and default
  can be originated on these border routers and injected in the enterprise
  iBGP is used between the enterprise border routers. From any router in the
  enterprise network, the IGP metric is used to get to the nearest border
  and then, the best BGP route is selected, which could very well be on one
  of its iBGP peers. Therefore traffic can flow from any router to Border1,
  Border2, then the upstream ISP router. (Assuming there is a direct path
  Border1 and Border2 (tunnels, MPLS-LSP, etc)).

  Everything's fine (at least I think so) until we throw in some Firewalls
!!! They either
  ought to be on the eBGP path or on the iBGP path. That is between the
  border router and the upstream ISP router or between the enterprise border
  router and the enterprise network. Putting the firewall on the iBGP path
can lead
  to routing loops since the firewall will only have a default route to the
local border
  router. When putting the firewall on the eBGP path, it defaults to its
  interface toward the upstream ISP router and has the enterprise address
  on its inside interface. So far so good, but that means that the upstream
  media type has to be supported by the firewall: oc3, oc12 !!!! ;-(
  And in any case the firewall has to provide proper throughput !!! ;-(

  How are large enterprise implementing secure multi-home internet access ?
  And to what type of bandwidth does this scale ?