First I can connect several PCs to a router, then connect this router to an ADSL modem, and finally via this model (which is connected to an local ISP), all the PCs on the LAN can access to the internet;
Now, let's do this with a firewall, i.e., connect several PCs to a Firewall, then connect this Firewall to an ADSL modem, and finally via this model (which is connected to an local ISP), all the PCs on the LAN can access to the internet, too.
So, my question is when should we use the router and when to use firewall?
Especially, nowadays, a router contains "some" firewall inside, while a firewall also contains "some" router inside.
Though router posses some of the firewall features with the latest ios codes available also the firewall which has limited capability of doing or running routing protocols it depends on the topology where you are deploying them up.
If you need more and more routing functionalities like running multiple igp there comes the router which is specifically desinged for serving that purpose.There are several other features which comes by default in router or firewall which may not be available in them..
on the other hand if you consider the security measure being taken in the corporate world you just can keep the router in the edge to take care of both routing as well as firewalling feature.that will unecessarily load up the router .
So in this case the standalone/seperate firewall box will be the best bet to take care of the security part.
if you have a SMB kinda scenario then you can think of putting both firewalling and routing functionality in single router and configure it up accordingly.
in the same scenario you can avoid using a router and make use of single firewall itself to take care of simple static routing and firewalling integrated on the same box.
In some other scenarios you got to have both router facing the public world (untrusted network) and your local lan behind your firewall.
It basically altogether depends on the kinda traffic,amount of traffic,your requirement and the topology which you desire to have in your network.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...