Follow Us On Social Media

Key Facts About Local Area Networks

Local Area Networks: What You Never Knew (+Examples)

Posted on by Adeniyi Salau

Contents hide
1 Zone-Based Policy Firewall
2 Common Security Architectures
2.1 Action Point
2.2 Related posts:

A Local Area Network is a network infrastructure that spans a small geographical area. LANs have specific characteristics:

 

  • LANs interconnect end devices in a limited area such as a home, school, office building, or campus.
  • A LAN is usually administered by a single organisation or individual. Administrative control is enforced at the network level and governs the security and access control policies.
  • LANs provide high-speed bandwidth to internal end devices and intermediary devices, as shown in the figure.

 

WANs
The figure shows a WAN which interconnects two LANs. A WAN is a network infrastructure that spans a wide geographical area. WANs are typically managed by service providers (SPs) or Internet Service Providers (ISPs).
WANs have specific characteristics:
  • WANs interconnect LANs over wide geographical areas such as between cities, states, provinces, countries, or continents.
  • WANs are usually administered by multiple service providers.
  • WANs typically provide slower speed links between LANs.
PEOPLE ALSO READ:  2 Major Benefits Of Online Banking Platform

Zone-Based Policy Firewall

Zone-based policy firewalls (ZPFs) use the concept of zones to provide additional flexibility. A zone is a group of one or more interfaces that have similar functions or features. Zones help you specify where a Cisco IOS firewall rule or policy should be applied.
In the figure, security policies for LAN 1 and LAN 2 are similar and can be grouped into a zone for firewall configurations.
By default, the traffic between interfaces in the same zone is not subject to any policy and passes freely. However, all zone-to-zone traffic is blocked. In order to permit traffic between zones, a policy allowing or inspecting traffic must be configured.
The only exception to this default deny any policy is the router self zone. The self zone is the router itself and includes all the router interface IP addresses. Policy configurations that include the self zone would apply to traffic destined to and sourced from the router.
By default, there is no policy for this type of traffic. Traffic that should be considered when designing a policy for the self zone includes management plane and control plane traffic, such as SSH, SNMP, and routing protocols.

Common Security Architectures

Firewall design is primarily about device interfaces permitting or denying traffic based on the source, the destination, and the type of traffic. Some designs are as simple as designating an outside network and an inside network, which are determined by two interfaces on a firewall.
Here are three common firewall designs.
Private and Public
Demilitarized Zone
Zone-Based Policy Firewalls
As shown in the figure, the public network (or outside network) is untrusted, and the private network (or inside network) is trusted.
Typically, a firewall with two interfaces is configured as follows:
  • Traffic originating from the private network is permitted and inspected as it travels toward the public network. Inspected traffic returning from the public network and associated with traffic that originated from the private network is permitted.
  • Traffic originating from the public network and travelling to the private network is generally blocked.
PEOPLE ALSO READ:  How To Obtain Email Digital Signature
Sharing Is Caring. If you enjoy this article, help us share with others.
truehost

Related posts:

  1. The Ultimate Online Privacy Guide for Journalists
  2. Differences Between Wireless And Wired LANs
  3. How To Establish Incident Response Capability
  4. Understanding Diamond Model Of Intrusion Analysis

Leave a Reply

Your email address will not be published. Required fields are marked *