Although the idea of having one box perform both switching and firewall functions seems advantageous, it is not that simple. Sometimes a firewall can be supplanted by a layer 3 switch, but at other times replacing a firewall with a switch would be foolish.
Department of the Interior
More and more, layer 3 routing switches are being deployed across the entire network, says Steve Shalita, a senior manager of product marketing at Cisco Systems. "Intelligence everywhere in the network is what makes sense," he told NewsFactor.
No longer is it sufficient to have firewall capabilities just at the edge of the network. IT administrators need security down to the access point at which anyone enters the network, at servers, and at WAN connections, Shalita said. Identity-based network services provide access and control based on who the user is, what services are available to them, and other factors.