As we all know Firewall create Segmentation in network which divides the network into 2 region
1) Private Network ( Trusted Network) Region.
2) Public Network ( Untrusted Network) Region.
Further the Firewall has a Default policy which sets up an important rule for this network Regions.
Default Policy of Firewall states that - Firewall allows traffic from trusted Region to pass through Untrusted Region.
Also its default policy denies the traffic from untrusted network to the trusted Network.
ACLs need to be applied at the outside interface for allowing sourced traffic from outside network coming to Firewall.
It wont allow by default, only if the orignal traffic is sourced from untrusted or outside network.
Also it takes care of Return Traffic coming through Firewall.
Firewall maintains a state table, which helps it maintaining ip address, port number thus allowing return traffic which was initially sourced from inside network.
 |
FIREWALL DEFAULT POLICY(Allowing traffic from inside nwtwork to Internet) |
No comments:
Post a Comment