Configuring the WSM using Device Manager # Go back one pageGo to the next page#Go to this book's Index

Firewall overview

Firewall devices protect network resources from unauthorized access. Prior to FWLB, firewalls could become bottlenecks or single points-of-failure for your network.

The following figure depicts a firewall configuration without FWLB.

One network interface card on the firewall is connected to the public-side of the network, often to an Internet router. Another network interface card on the firewall is connected to the side of the network with the resources that must be protected.

In this example, all traffic passing between the public, private, and DMZ networks must traverse the firewall, which examines each individual packet. The firewall is configured with rules controlling traffic to allow and traffic to deny. In heavy traffic the firewall can turn into a serious bottleneck. The firewall is also a single point-of-failure device. If it goes out of service, external clients can no longer reach your services and internal clients can no longer reach the Internet.

Sometimes, a Demilitarized Zone (DMZ) is attached to the firewall or between the Internet and the firewall. Typically, a DMZ contains its own servers that provide external clients with access to services, making it unnecessary for public traffic to use private resources. WSM with FWLB provides a variety of options that enhance firewall performance and resolve typical firewall problems.


Go back one pageGo to the next page##Go to this book's Index