Placement of the firewall

In this expert response, Puneet Mehta tells us where the placement of the firewall should be architecturally.

Puneet Mehta, SDG

Published: 08 Sep 2005

I have come across a network setup with the firewall placed at the gateway and the router placed between firewall and internal LAN. Are there any disadvantages to this architecture?

The important thing here to consider is the placement of the firewall. It's always better to understand the firewall topologies before deploying them or putting systems in those designs.

Here's a quick but in detail information on firewall topology and best practices. Also, don't forget to checkout our firewall resource center.

Your design does not meet any security standards, as one of the major factors is the single point of failure. There is no internal firewall to protect the internal/private network. The router in between will not be able to protect anything if the firewall gets compromised and it will open up the doors for attack. I would suggest you go through the above resources to get a good understanding of the design principles. Once you understand the principles you will be able to identify the problems and rectify them accordingly.

Placement of the firewall

In this expert response, Puneet Mehta tells us where the placement of the firewall should be architecturally.

Dig Deeper on Network infrastructure

local area network (LAN)

How to use a jump server to link security zones

BGP vs. EIGRP: What's the difference?

dynamic multipoint VPN (DMVPN)

Related Q&A from Puneet Mehta

Intrusion detection vs. intrusion prevention

How do I open port 177 on my router so that other clients can get a GUI display of my server remotel

How to protect your network from broadcast and multicast storms