Cisco three-layer design model in practice - Question
Posted on 2004-11-18
Hi guys. I'm most tell that I'm not new to networks! Actually I do have a lot of experience on this topic. I'm now preparing myself for the CCNP and a question came into my mind regarding the "three-layer design model". I really want to have a good in-depth understanding about it! I don't want to be limited by the cisco explanation in their module.
Actually, what I want to know is how the information flows between those conceptual layers? From my understanding, it goes like Internet < --- > Core <----> Distribution <----> Access? However, they do say that we should avoid ACL, Firewalls, etc ... on the core layer! Now, in this case, at which layer is the firewall implemented? You might answer me that a firewall is built on the distribution layer! But then I have to ask ... Then we are excluding the core layer from our "natural" flow (it something like Access <---> Distribution < --- > Internet). Right?
Now, if we install a firewall at the core level to provide some security from the internet, well ... we are braking the rule now, right?
Can you get what my point/doubt is, guys?