How to Make a Firewall Sandwich

Serves one (1) enterprise gateway.

Scott Berinato (CIO)
05 February, 2002 13:14
Comments

Here's a nice recipe for making a tasty, high-performance security checkpoint to replace a bland, low-performing single point of failure at the border between your network and the Internet.

FIREWALL SANDWICH - Serves one (1) enterprise gatewayINGREDIENTS2 load-balancing switches, fresh 1GB type is best 2 to 60 firewalls, to taste (see number four below) 1 bushel of Cat 5 Ethernet wiring, separated 1 PC with firewall management software 1 Internet connection 1 ounce of freshly prepared security policy Parsley sprigs.

DIRECTIONS

1. Sprinkle security policy until it coats the entire enterprise.

2. Install management software on a PC. Use it to create the rules the firewalls will use to filter traffic coming in and going out of the network. Set aside with Internet connection.

3. At edge of the network, put in 1 load-balancing switch so that the end connecting to the Internet faces out. (The load balancers will make sure no single firewall is overloaded with traffic. They will also move traffic to a working firewall if another firewall breaks down.) Let sit.

4. Place firewalls behind switch. Depending on taste, place as few as 2 or as many as 60 or more firewalls in the sandwich. More firewalls will yield higher performance and less chance of failure.

5. Interconnect firewalls using Cat 5 Ethernet wiring (see picture). Also, connect firewalls to management PC for configuration.

6. Put second load-balancing switch behind firewalls.

7. Connect the switches to the firewalls with remaining Cat 5 wiring.

8. Plug Internet connection into the front switch and enterprise connection into the back switch.

9. Plug in power supplies. Turn all boxes on.

10 Decorate with parsley sprigs.

11. Serve in a cool room, 24/7.

Bon appA©tit!

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email CIO
Follow CIO on twitter

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Whitepapers

Latest Stories

Community Comments

"Ich kenne einige Leute, die aus Kanadakommen. Eines Tages werde ich auch ..."

Australia's first 4G smartphone is the HTC Velocity 4G
"Actually when someone doesn't know then its up to other visitors that ..."

Swedish e-commerce startup's execs linked to NYC sex crime
"Hi to all, how is everything, I think every one is getting ..."

Face Time - Interview with John Brennan and Robert DiStefano
"I am truly thankful to the owner of this website who has ..."

How to implement next-generation storage infrastructure for Big Data
"hwjae , click here http://www.breastenhanceproduct.org/how-to-benefit-from-herbal-breast-enhancements"

Pfizer's Future Depends on IT Transformation

Latest Blog Posts

Whitepapers

Key Considerations in Modernising Your Backup and Deduplication Solutions
There is a definite need for better data backup solutions in today’s enterprise data centers. The question is whether to continue with software-only backup and deduplication solutions, or to make the move to a purpose-built backup appliance with deduplication capabilities. This paper provides a structured approach to assessing the advantages of the appliance model. Read this whitepaper.

Learn more »
Traditional Backup is Dead - Are you prepared?
Conventional backup and recovery approaches clearly can't keep up with ever-growing storage rates. It's time to take on a new strategy.

Learn more »
Shedding Light on Backup and Availability Challenges in Virtual Environments
This IDG white paper explores specific backup and availability challenges organisations must surmount as they move to virtualise their business-critical applications. It then shows how attaining proper service levels for these applications requires a high degree of visibility into the VMware virtual environment.

Learn more »

All whitepapers

Most Read
Most Commented

Get exclusive access to Invitation only events CIO, reports & analysis.

Latest Jobs

Zones

Featured Whitepapers

Miercom Report - Plug and Play Switches

Avaya engaged Miercom to evaluate the plug and play features and ease of configuration of the ERS 4548GT- PWR Edge Switch. The energy efficiency of the ERS was compared to ...

Recent comments

"Ich kenne einige Leute, die aus Kanadakommen. Eines Tages werde ich auch ..."
Australia's first 4G smartphone is the HTC Velocity 4G
"Actually when someone doesn't know then its up to other visitors that ..."
Swedish e-commerce startup's execs linked to NYC sex crime
"Hi to all, how is everything, I think every one is getting ..."
Face Time - Interview with John Brennan and Robert DiStefano
"I am truly thankful to the owner of this website who has ..."
How to implement next-generation storage infrastructure for Big Data
"hwjae , click here http://www.breastenhanceproduct.org/how-to-benefit-from-herbal-breast-enhancements"
Pfizer's Future Depends on IT Transformation

Follow CIO

Market Place

Gartner Security & Risk Management Summit, 16-17 July 2012, Sydney

Cyber Security Summit 2012 | 1-3 August | Save $150 using promo code CSO | Check out agenda today

Latest Jobs

Subscribe to CIO

Critical. Authoritative. Strategic. CIO magazine addresses the issues vital to the success of IT and business executives. Solutions-oriented editorial provides a greater understanding of the role IT plays in achieving corporate goals. Subscribe to the print edition today.

Download OPML file for import with all IDG RSS feeds

CSO Online Data Security Briefing

How to Make a Firewall Sandwich

Comments

Post new comment

Building trusted relationships

Planning your IT career

Taking the risk out of diversity

5 open source help desk apps to watch

NBN Co focuses on continuous delivery to meet its deadlines

How to create a clear project plan

5 open source billing systems to watch

10 Tips for Dealing with a Bully Boss

Face Time - Interview with John Brennan and Robert DiStefano

Pfizer's Future Depends on IT Transformation

All Systems Down

IT service management going social

Australia's first 4G smartphone is the HTC Velocity 4G

HP Business Efficiency - Money Payback Guarantee Resource Centre

The Australian Cloud

Miercom Report - Plug and Play Switches

The Pathways ICT Leadership Development Program Brochure and Curriculum 2012