Learn about security zones, compartmentalisation, and virtual firewall architecture in the Netservers FireRack system.
Understanding the core concepts and architecture of the Netservers FireRack firewall system.
The Netservers FireRack firewall is an internet security appliance designed to provide highly compartmentalised security with devolved management. It is hence ideally suited for environments such as co-location hosting or college networks where badly maintained or untrustworthy computers on the same network as yours could otherwise pose a threat.
The FireRack architecture is based around the concept of 'security zones'. A security zone is either a single computer or a group of computers that are only able to talk directly to each other. All communication between a computer within a security zone and any other computer outside of that zone must be allowed by the firewall rules for that zone. For two computers in two different zones on the same FireRack firewall to inter-communicate, the firewall rules for both security zones must allow this. This compartmentalisation prevents the security of one zone from being compromised by changes to the configuration of another zone. Administration of each security zone can hence be delegated to different persons in a safe manner.
It is this combination of compartmentalisation and delegation of a zone that constitutes a FireRack Virtual Firewall. Each virtual firewall effectively acts on network traffic as if it were a separate physical firewall connected between the zone and a central interconnecting network, as illustrated below, and can be managed independently just as each real firewall could.
See how FireRack compares to traditional firewall implementations.
Using Traditional Firewalls
Using A FireRack Firewall