There are many tools we use as network and security professionals to build a secure network. Routers, virtual private networks, intrusion detection systems and vulnerability scanners are regularly employed to tackle this challenging task. Many would agree that the foundation of . . .
There are many tools we use as network and security professionals to build a secure network. Routers, virtual private networks, intrusion detection systems and vulnerability scanners are regularly employed to tackle this challenging task. Many would agree that the foundation of such a defense is the firewall. While the traditional implementation of a firewall as a router works well in most situations, another version can strengthen existing configurations or succeed where its brethren fail. In this article we will examine the concept of a bridging or transparent firewall which sits in-line with the network it protects.

Due to its fundamental and crucial roles in network security, there is little doubt that most of us work with firewalls everyday. As we all know, these devices inspect and filter traffic before making a decision on what to do with a packet. Normally, they have two interfaces - an internal and an external. The external connection sits downstream from a router connected to the Internet. The internal interface usually leads to a local router or private network. Each interface, or network card, has a layer 3 presence or IP address. An incoming packet from the Internet would reach the external interface, where the firewall would handle the packet according to its ruleset. Next the TTL would be decremented, the packet modified accordingly (i.e. NAT) and routed to its destination or next hop. It's easy to think of many firewalls as simple routers with sophisticated filtering techniques. Conversely, routers have simple filtering capabilities.

The link for this article located at SecurityFocus is no longer available.