Manualshelf

User`s guide

ManualsBrandsEnterasys ManualsComputer equipmentANG-3000
351352353354355356357358359360
322 XSR Users Guide
Firewall Feature Set Overview Chapter 13
Configuring Security on the XSR
Figure 54 XSR Firewall Topology
There are many possible network configurations for a firewall. The figure
above shows a scenario with the firewall connected to the trusted network
(internal) and servers that can be accessed externally (via the DMZ).
The XSR firewall feature set inspects packets coming in from open ports and
either passes them on to the router or drops them based on policies defined in
the policy database which is configured using the XSR’s CLI.
In this example, the firewall acts as a shield for traffic coming in and out of the
external and DMZ networks. The internal interface does not have nor does it
need firewall inspection enabled because it is a trusted network.
DMZ
Internal
HTTP server
Internet
Policy DB
Firewall
inspection
enabled
External
Client
Firewall
inspection
enabled
SMTP server
XSR
Router