11-1. IOS Transparent Firewall
Usually, an IOS firewall operates in routed firewall mode, in which each interface has an IP address and packets are handled as if the firewall is a Layer 3 device. After all, an IOS firewall has a router at its core.
Having a router already positioned in a network facilitates a straightforward configuration of the firewall functions without disrupting or segmenting the existing IP addressing structure. Each router interface just receives firewall inspection configuration on top of the normal routing functions.
You can also configure an IOS firewall as a transparent firewall, operating as a Layer 2 device. Doing so can be useful in some environments, because the firewall can be introduced into an existing network ...