Skip to main content

firewall placement

10 years 4 months ago - 10 years 4 months ago #38455 by skylimit
firewall placement was created by skylimit
Hi all, I've been doing a bit of study on firewalls lately (normally spend most time on routers & switches) and one of the things I'm yet grasp, is placement of a firewall on a network, by design if you link.

For instance, if you have a network based on the Cisco hierarchical model i.e. core, distribution, and access layers, where would you place the firewall?

Here's my understanding.

Access layer (L2 switches) - workstations, servers, etc..pretty simply

Distribution layer (L3 switches) - SVIs for intervlan routing, etc

Core layer (L3 switches) - connection to upstream service provider router, BGP, etc

Would it be possible to place the firewall in front of the core routers even when it doesn't 'quite' do stuff link BGP routing for instance or behind it? what is the most basic placement in such a hierarchical network? I've seen a lot of diagrams onthe web but they don't really show the firewalls

access<---->dist<--->core<--->asa firewall<---> internet/service provider

I don't know if my question makes sense

Any input, notes, links, etc from people experienced in this area will really help me


" are never too old to learn" anon
Last edit: 10 years 4 months ago by skylimit.
Time to create page: 0.138 seconds