How Will Your Network Architecture Influence Your Firewall Setup?

ByKelly Herrod

All companies have some form of network architecture, which is how your business structures its network to meet the regular needs of all your devices. Depending on the type of network architecture you currently utilize, your firewall setup in Dallas, TX should be scaled up or even down. What should you expect?

After developing your company’s network architecture, your IT professionals should institute one of five types of firewall setups, including:

  • Next gen
  • Application-level gateways
  • Circuit-level gateways
  • Stateful inspection
  • Packet filtering

In this article, we’ll first explain the various types of network architecture setups your company might use. Then we’ll delve into firewall architecture to determine which types gel with which network architecture models. You won’t want to miss it.

The Common Network Architecture Setups

Let’s discuss network architecture in greater detail, as the size and status of your network determine the level of firewall protection your company will require.

As we touched on in the intro, network architecture refers to a computer network’s design. This framework considers communication protocols, operational procedures, and physical components of the network.

The three types of network architectures are wide-area, data center, and access networks. Here’s a detailed explanation of all three.

Wide-Area Networks

A wide-area network or WAN is for when companies want to cover a large area with their network. Examples of such industries that would use WAN are government entities, schools, and many businesses.

Let’s say your company has a WAN network. Even if your customers were located across the world, they can still use your services or shop for your products. If your company were to change locations and establish your headquarters elsewhere, you wouldn’t have to worry about disruptions in your everyday business dealings.

The Internet that you’re reading this article on right now can be considered a WAN network, at least technically.

WANs can connect local area networks or LANs, although a LAN is not itself considered network architecture. A WAN is often private, although that depends on its nature.

Using leased lines, routers link LANs on another side of a secondary router. Besides leased lines, WANs are also built with packet switching, which utilizes protocols such as Frame Relay, Asynchronous Transfer Mode or ATM, Multiprotocol Label Switching or MPLS, and Packet over SONET/SDH.

Data Center Networks

The second type of network architecture is the data center. These pools use network, storage, and computational resources as part of one communication network. Datacenter buildings often rely on these networks, hence the name, and allow thousands–often tens of thousands–of servers to use cloud computing software or hardware.

There are several sub-types of data center networks, so let’s discuss these as well.

  1. DCell

A DCell network links servers to one another. Each server has several Network Interface Cards or controllers. A cell hierarchy guides the DCell network. For example, cell0 has a certain number of servers as well as a network switch that you can use to activate those servers.

Then cell1 builds on cell0, and cell2 builds on cell1, and so on and so forth. Due to the nature of DCell architecture, it’s incredibly scalable.

  • Fat Tree DCN

DCN stands for data center network, so fat tree DCN uses commodity bandwidth switches to limit strains on bandwidth. Fat tree DCN follows a hierarchy as well in how the network architecture organizes core, aggregate, and access layers. Instead of cells, fat tree DCN’s hierarchy features k pods.  

  • Three-Tier DCN

The third type of data center network architecture is three-tier DCN. This tree-based topology features fewer layers than fat tree DCN. The bottom layer has edge layer switch connections from server to server. Then, in the layers above that, layer switches connect them. These aggregate layers are attached via core layer switches.

Access Networks

The third type of network architecture is an access network. These networks allow subscribers to use a service, such as phones. College campuses are likely to institute an access network so their employees across campus can be on the same network.

The 5 Types of Firewall Setups – How Network Architecture Influences Them

Next, let’s go over the five different firewall setups that we listed in the intro. Now we can put the pieces together and discuss the ways that network architecture influences your Dallas firewall.

Next Gen

A next-generation or next-gen firewall safeguards your network from both external and internal threats alike. How? The firewall will filter all traffic to your network, keeping out that which is unwanted.

The basic features of next-gen firewalls are IP mapping, network monitoring, support for VPN (both Secure Sockets Layer or SSL and IPsec VPNs), and packet filtering. The more advanced features such as application control and SSL inspection make next-gen firewalls worth using for your company.

With one of these firewalls instituted, your company’s servers would be safe from malware, hacking, and other digital attacks. This would allow your company to continue using multi-cloud applications and co-location networking.

Next-gen firewalls can also identify update paths so they can continue to better serve your company and protect you from dangers online and offline.

Application-Level Gateway

A proxy or application-level gateway reviews data packets and traffic, doing so on the application level (hence the name). BitTorrent currently uses this type of firewall, as does Real Time Streaming Protocol or RTSP, Telnet, and File Transfer Protocol or FTP.

So let’s say, as an example, that your client wanted to access files on your server. To do so, they’d go through the application-level gateway. This server connects with your company’s main server but prohibits the client from seeing your IP address and sensitive information of that kind.

Circuit-Level Gateway

The third type of firewall is a circuit-level firewall. These are like the go-between for transport land application layers within the Internet protocol suite stack, specifically TCP/IP. As packets move between TCP, the circuit-level gateway oversees illegitimate session requests and removes their access.

If you send data through another computer when using a circuit-level gateway, then the gateway looks like the original source even if it isn’t. One of the main downsides of using a circuit-level gateway is how it won’t filter data down to each packet.

However, the lower price of a circuit-level gateway makes it appealing to newer companies such as startups, as they’re often on tight budgets.

Stateful Inspection

A stateful inspection firewall, also known as a stateful firewall, is yet another network firewall that counts how many connections are on the network at any one time, including Internet Control Message Protocol or ICMP, User Datagram Protocol or UDP, and Transmission Control Protocol or TCP data.

Then the firewall will add one of three labels, which are closing, established, or listen. When entries go through, they’re put in a table, then packets that are related to that session go through. These are called related packets.

You can set the amount of time for stateful inspection firewalls to disconnect a packet from its table. If the apps transmit keepalive data to one another, the firewall will keep the connections going even if they’re not active. 

Packet Filtering

The fifth type of network firewall is packet filtering. As the networks talk to one another, nodes send packets that should match the firewall’s rules. The firewall might accept the packets or exclude them from proceeding, relying on the destination IP and the source to make that decision.

The IP addresses between its source and destination should match, then the packet can proceed. Yet packet filtering can also check TCP and UDP protocols as well as others for further verification.

Conclusion

Network architecture includes wide-area networks or WANs, data center networks, and access networks. Since the purposes of each network are different, your company cannot apply a blanket firewall for its network needs.

Selecting an overzealous type of firewall for a WAN connection could prevent customers from being able to check out, which will lead to reduced sales. Yet if you get too lax with your firewall, then your company’s servers will not be protected from threats such as malware.

At Herrod Tech, our team of experts can get your firewall setup in Dallas, TX configured right the first time. You won’t have to worry about a firewall overpowering your network nor vulnerabilities. Call our managed Dallas IT support today to learn more.

Similar Posts

The Best Password Practices for Small and Medium-Sized Businesses

The Best Password Practices for Small and Medium-Sized Businesses

ByKelly Herrod

Data breaches are only increasing in number as 2021 continues, says the Identity Theft Resource Center. If your small or medium-sized business hasn’t recently evaluated your password practices, now is as good a time as any to do so. What are some password management tips for SMBs? Here are 9 password best practices small and medium-sized businesses should…

How to Effectively Troubleshoot Your Network Issues

How to Effectively Troubleshoot Your Network Issues

ByKelly Herrod

In your office is an interconnected network of computers that are all be linked to the same server, Internet connection, or even the same printer. The convenience of a shared network is unmatched, yet network issues can take down multiple computers at the same time. It’s for that reason that your Dallas company must have…

UAC Virtualization for the Windows Operating System

UAC Virtualization for the Windows Operating System

ByKelly Herrod

If you’re not familiar with UAC virtualization, it’s a technology that allows businesses to run multiple isolated versions of the same operating system on a single server. This can be a great way to save money on hardware and software costs, as well as reducing the amount of time needed to manage and maintain your…

Managed Services and IT Support Guide

Managed Services and IT Support Guide

ByKelly Herrod

IT support, managed services; these are topics we’ve covered extensively on our blog. Today, we’re culling all our best information on both IT and managed services into one ultimate guide. This mega-guide will be jam-packed full of information that Dallas companies can use in their IT decision-making. We’ll explain IT support and managed IT services…

4 Common Issues That Can Be Easily Solved by an Application Support Team

4 Common Issues That Can Be Easily Solved by an Application Support Team

ByKelly Herrod

Does your Dallas company have an application support team? The duties of these IT professionals are to review not only how your app works, but the machines that run the app. They also troubleshoot app-related issues and errors, but what kind? Here are 4 common issues that an application support team could easily solve for…

What is Multi-Factor Authentication?

What is Multi-Factor Authentication?

ByKelly Herrod

What Is Multi-Factor Authentication? What Are Some Examples?  More and more, when you sign up for and then log into an account on a website, you come across multi-factor authentication. Although it’s a tad inconvenient for you, the user of a service, multi-factor authentication is for your online safety and security. How exactly does it work? Multi-factor authentication requires…