Layer 2 or 3 firewalls
Layer 2 is more commonly used for routing, as it deals purely with MAC addresses and not IP addresses, whereas layer 3 is IP-address aware. Traditionally, layer 2 was the only real way to go without adding latency, because it would perform at roughly the same speed as the wire. With increases in processing power and memory, layer 3 now performs at wire speeds. Generally, when we are looking at edge firewalls (which are generally the first entry point into your system), they will be layer 3 these days. So what does this give us? Firstly, it stops unwanted traffic at the edge: we limit the ports that are accessible to the outside world, and traffic with malicious intent is stopped at the firewall and does not get the ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access