The Practice of Network Security: Deployment Strategies for Production Environments

10.4. Layer 2 Firewalls

A relatively new type of firewall has emerged over the last couple of years: Layer 2. Layer 2 firewalls are “invisible”; they sit on the network and watch packets and filter out bad packets, but they are never seen.

The disadvantage to a typical firewall is that it is a destination on the network. A traditional firewall has a public and a private network, so it has addresses that can be attacked. A frustrated intruder, who is unable to bypass the security mechanisms, can attempt to launch a DoS attack against the firewall directly. Many firewalls are set up so that if the firewall application crashes, the server underneath simply becomes a router—directing traffic from the public to the private network. ^[2]

^[2] Thankfully, ...

Get The Practice of Network Security: Deployment Strategies for Production Environments now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Practice of Network Security: Deployment Strategies for Production Environments by Allan CISSP Liska

10.4. Layer 2 Firewalls

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly