Core Distribution and Access Layers
Router , Firewall, DMZ then another firewall,
The first router does basic access control lists,
Standard things to block, telnet traffic, secure shell traffic except for specific devices, at the router level
then the Firewall gets specific,
Then DMZ, any devices that needs to be accessed from the internet, web servers, databases (sales), the web server access the database server,
you put ur e-mail transfer agent, then the transfer goes inside,
A DNS here at DMZ, broadcasting the name resolution on the dmz, receiving info from the inter organization,
Look by name instead of ip, nothing transferred out, another firewall in DMZ
realistically another firewalls to the entrance to the data center
Separate them through blades, firewall blade, diff ports for different functions,
VPN blade terminates inside the firewall, VPN access secure encrypted tunnel between point A and B
-adds a second address header, it will have ENCRYPTED[Application Presentation Session Transport network ]Network Data link and physical
IDS -specific blade, specific traffic at all times, shows you whats going on, you must write the list and implement it
IPS - write information to block new traffic , does it auto magically.
Honeypots, put in DMZ to attract hackers,
-------------------------
Traffic shaping aka QoS guardsmen throughput, throttle back specific types of traffic, organizations you this all the time,
Mission critical and non mission critical data, if info is going slow theirs something wrong,
Info that music flow, Voice and Video, priority
Internet Proxy - (Specific HTTP and HTTPS traffic) Single device buffering and monitoring device, everyone goes through the proxy, all HTTP HTTPD traffic, through the firewall is the proxy device, it will collect the info and send into you, 1 line in the ACL, you can put web monitoring tools into the proxy, block stuff
Networking Devices - talking about controlling traffic