<div>
Good logic, but everything is still within a router, how does it prevent any attacks...
</div>


Good logic, but everything is still within a router, how does it prevent any attacks...

<div>
<div class="content wysiwyg-content">
I am new to the world of firewalls... and going over the ZBFWs. I am not sure what is the motive for creating such a FW, I see am example where the INSIDE and outside are grouped as int zones and the traffic is inspected with policy maps, all within a router. Well, all this could be done with prev int based ACL rules. What is something that is pushing for the need to have ZBFWs.<br />
<br />
thanks, 
</div>
</div>


I am new to the world of firewalls... and going over the ZBFWs. I am not sure what is the motive for creating such a FW, I see am example where the INSIDE and outside are grouped as int zones and the traffic is inspected with policy maps, all within a router. Well, all this could be done with prev int based ACL rules. What is something that is pushing for the need to have ZBFWs.

thanks, 

Zone based firewalls

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Encryption

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.