Stateful Firewall DMZ Design – Network Security
Stateful Firewall DMZ Design
Network Security
Last Updated on Sun, 19 Feb 2023
After stateful firewalls became more generally available, organizations started replacing the second router in the dual-router DMZ design with a stateful firewall. This design is shown in Figure 7-5.
Figure 7-5. Stateful Firewall DMZ Design
Figure 7-5. Stateful Firewall DMZ Design
This design improves on the dual-router DMZ design by allowing strong filtering between the internal network and the public servers and Internet. Many organizations still use this filtering option today, especially when the performance capabilities of their firewall cannot match the throughput requirements of the public servers.
When a stateful firewall has been deployed, network connectivity can be impacted. Some firewalls do not support advanced routing or multicast functions, which can be an issue in some networks.
In this design, the router still performs some filtering. Stopping nonroutable address space and performing ingress filtering are the two main tasks. See Chapter 6 for more information.
Continue reading here: Modern Three Interface Firewall Design
Was this article helpful?
+3
-1
![Toni Kroos là ai? [ sự thật về tiểu sử đầy đủ Toni Kroos ]](https://evbn.org/wp-content/uploads/New-Project-6635-1671934592.jpg)
