Hi all, I've been doing a bit of study on firewalls lately (normally spend most time on routers & switches) and one of the things I'm yet grasp, is placement of a firewall on a network, by design if you link.
For instance, if you have a network based on the Cisco hierarchical model i.e. core, distribution, and access layers, where would you place the firewall?
Distribution layer (L3 switches) - SVIs for intervlan routing, etc
Core layer (L3 switches) - connection to upstream service provider router, BGP, etc
Would it be possible to place the firewall in front of the core routers even when it doesn't 'quite' do stuff link BGP routing for instance or behind it? what is the most basic placement in such a hierarchical network? I've seen a lot of diagrams onthe web but they don't really show the firewalls