Physical Configurations
When discussing physical configurations, you need to look at both the hardware and the software as it applies to the firewall. Remembering that one of the reasons the firewall exists is to protect the trusted network from the untrusted network, this host must necessarily be both the funnel for network traffic that is moving between the two networks, making it a possible choke point, and the focus for those who are looking to penetrate your security. If they want to come in, they've got to pass through here first.
Note
Often overlooked, but very important, are rogue users with dial-up connections to the Internet who effectively circumvent all the security your firewall provides.
The Firewall Host
You need to consider the ...
Get Special Edition Using Linux®, Sixth Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
