From the figure above (illustrated using Microsoft Visio 2010), is a simple company's network with back-to-back firewall implementation. It consist of a local area network (internal network) and a demilitarized network (perimeter network) connecting to the Internet (external or public network). Before we discuss more about what is a perimeter router, internal router and firewall; you may wish to read and understand more about the internal network and perimeter network by clicking on the highlighted link.
A perimeter router is a router which connects the perimeter network to the external network (as you can see from the figure above). A perimeter router can work as a firewall as well as a NAT device, controlling the network traffic between the company's network and the public network; and translating between the private and public IP address for communication between the two networks. In any cases, the perimeter router should be configured to allow any traffic from the external network to access only the devices in the perimeter network; any traffic from the external network should be denied access to the internal network of the company for security purposes.
A internal router is basically a router placed between the company's internal network and the perimeter network. The internal router work like a firewall with access list created. It route traffic from the internal network to the external network and block any traffic from the external network into the internal network. A internal router may be configured with any routing protocol such as RIP v2, EIGRP (Cisco only) or OSPF for routing.
Firewall is an application or a appliance designed to permit or deny network transmissions based on the firewall policy. The firewall policy is a set of rules or controls used to protect networks from unauthorized access while permitting legitimate communications to pass. A firewall rules can be configure with inbound and outbound rules base on the IP address, the URL, an application, services (List of Official Internet Protocols) or etc.
Take a look at this interesting video below, about how packets are being transmitted by the routers through the firewall ports (How network works).
Reference:
http://en.wikipedia.org/wiki/Firewall_(computing)
No comments:
Post a Comment