|
|
|
|
-first (counting from user via corporate access
zone to company intranet) firewall protects the access servers from attacks
and limits acceptable traffic for example certain ports (DNS, DHCP etc.)
|
|
-first firewall may be removed or combined with
security gw in less security demanding offices
|
|
-second firewall control the access to intranet
or acts as termination point for IPSEC/VPN tunnel
|
|
-there may even be visitor zones without
encryption for company visitors to be able to connect to Internet and via
Internet to their own intranet
|
|
|