ifw01 and ifw02 work as a team, handling business traffic. They and are connected to both the biz01 and biz02 networks. If ifw01 breaks down, ifw02 takes over its work. This provides HA (High Availability).
ifw03 only deals with administrative traffic. It is connected to the adm01 network. Unlike the business network, the administrative network has no backup.
|LIC topology: three firewalls|
Two firewalls control business traffic. They work as a pair. Firewall ifw01 does all the work. If it breaks ifw02 does all the work. To make this work each firewall has to be connected to both the biz01 and biz02 networks.
The three networks are colour coded.
The simple firewall diagram above shows one firewall placed in the middle of each of the three data networks. It's so clean and simple. And so wrong. Each business firewall has to be attached to both business networks.
It is easier to gloss over the wrong bits than to face up to the complex diagram below. Glossing over the wrong bits allows a diagram that looks very much like the diagram for the three ethernet switches.
The topology diagram below shows the three firewalls, their connections to the ethernet switches and the network cable colours.
The diagram shows six switches, not three. This is explained in the VLANs page.
|LIC topology: firewalls (the complex view)|