VPN and Firewalls
A VPN can be placed in front of a firewall, be placed behind a firewall, or be part of a firewall implementation. Placing the VPN in front of a firewall is not very common. It is more common to use a firewall/VPN combo or to put the VPN behind the firewall itself.
Combining a VPN system and a firewall is one of the more flexible solutions. It also requires less hardware and thus unfortunately also gives a single point of failure. However, it should be stressed that the best solution is to have a VPN behind the firewall or as part of a DMZ configuration. A separate firewall and VPN is set up because it is more secure. If a potential attacker managed to break your firewall/VPN, your network and also your remote networks could ...
Get Linux Firewalls, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
