To lay a foundation for discussion of secure networks, this
section looks at some basic terms and concepts used throughout the book. In
security terms, you have three types of networks to consider: inside, outside,
and an optional network called the demilitarized zone (DMZ). A firewall is the device that separates or joins these areas.
The firewall can be a router running a firewall feature set or a specialty
server, or it can be a specialty device such as the Cisco PIX that does nothing
but provide firewall services. Figure 2-1 shows a simplified view of the three
areas and the firewall.
The typical firewall device has three or more LAN interfaces: one
each for the inside and outside networks, and one for each DMZ network. Some
early firewalls and those used in small implementations like branch locations or
telecommuter residences might only have two interfaces for separating the inside
network from the outside world. Today the LAN interfaces are typically Fast
Ethernet or Gigabit Ethernet, but there’s no reason they couldn’t be Ethernet,
Token Ring, or Fiber Distributed Data Interface (FDDI).
Sections
Comments (0 posted)
Syndication
