Router & Firewall

[xdxml12]

Hi All,

I had a recommendation from a friend of mine to use use a router with a high security firewall for my internet & wan perimeter. My question is why do I need a firewall there when I have a firewall infront of my core switch which will be separated into different zones including an internet zone. Do I really need to implemnt a firewall on my router?

I read a few things about fast packet filter for front end router firewall and back end for other stuff.

Can anyone shed some light on this?

 

[routerman]

If your router is sat on the public Internet I could understand the reasoning, but as long as you secure your router using a VTY ACL, private addresses for management and strong credentials you are locking the box down.

You could use a firewall to prevent access directly to the public IP address of the router, or run a firewall feature set on the router itself if supported.

Andy