A Formal Screened-Subnet Firewall Example
A small or medium-size business might have reason to invest in a more elaborate firewall architecture. The remainder of the chapter focuses on a single example using the configuration from Figure 6.1, in which the DMZ sits between a dual-homed gateway firewall and an internal choke firewall.
The gateway firewall separates both the DMZ and the LAN from the Internet. Its internal interface connects directly to the DMZ rather than to the private LAN. Public services are hosted from machines on the perimeter DMZ network, each with a separate bastion firewall and security policy of its own. The public servers may or may not have publicly visible interfaces, depending on how your public IP addresses are assigned. ...
Get Linux Firewalls, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
