SunScreen

SunScreen divides the network into discrete areas, each served by an interface. You set up filtering rules to control the access to one area from another area, which can be another network within your company or an area outside your company.

FIGURE 2-1 shows a sample map of a simple network in which a Screen in routing mode functions as a firewall and router to connect the Engineering network over an unsecured public network (the Internet) through a Screen in stealth mode to other secure networks.

Figure 2-1 Sample Network Map

The ftp-www server might be the public area of the company, also called the demilitarized zone (DMZ), and the engineering, sales, and corporate network segments might be part of the "private" area. SunScreen can then control access between these areas and the rest of the Internet.

Previous: Chapter 1 SunScreen Overview
Next: How SunScreen Works