and therefore creating firewalls with RouterOS is often seen as an area of complexity where
users fear to tread. As a result, many either make the decision to forego the firewall and hope
for the best or copy firewalls others have created online and thereby never realize the power
that a properly created firewall can have and the protection it can offer their network or their
network connected devices.
I have often heard it said that the best way to protect a network is to put the hosts inside a
vault, lock the door, post a guard and never connect the network to the Internet. Although this
is a bit extreme, the concept is basic and understandable; access to a network is the means by
which a security breach or attack occurs. Remove the access and you remove the threat.
Equally obvious is the fact that our networks need to be connected to the public Internet so
there is the application for firewalls.
Let’s begin with the input chain. The input chain is designed to protect the router itself.
Consider the following diagram:
No comments:
Post a Comment