Layer 2 Firewall deployment example

This example shows how to deploy Forcepoint NGFW in the Layer 2 Firewall role in an organization.

The scenario presented here is not meant to be representative of a typical installation. The main focus here is to highlight some of the criteria that can be used in planning deployment. The example covers considerations that affect most installations, but does not comprise an exhaustive list of all factors that you might need to consider. The Layer 2 Firewalls can be deployed in alternative ways in this example scenario. For example, depending on issues that are not covered here, such as the physical layout of the individual local networks, the hardware available, and budget constraints.

Single Layer 2 Firewall example

This example uses a Single Layer 2 Firewall in an organization that has a large internal network. Administrators want to prevent hosts connected to different switches in the same network segment from communicating directly at the protocol level. Using the Layer 2 Firewall makes it possible to implement access control for any Ethernet protocols between switches within the same network segment. There is no need to change the network topology.

Figure: Single Layer 2 Firewall in an intranet