Perimeter Router, Internal Router and Firewall

Perimeter router
- It is a router providing a serial connection to the outside world and a local alrea network(LAN) connection to the internal network.
- It provides flitering of outside traffic to implement basic security for the DMZ and for the inside network.







http://etutorials.org/shared/images/tutorials/tutorial_56/21fig01.gif


Because the perimeter router is often connected to a slower WAN interface on one side and it doesn’t normally provide routing functions for internal networks, the LAN interface speed isn’t as critical as making sure adequate memory and features exist to handle the outside connection.


Firewall

- It is a device that separates or joins the inside network to the dirty DMZ and any optional protected DMZs.
-It can be a router-running firewall feature set, a specialty server with two or more NICs in different networks, or a specialty device like the Cisco PIX that does nothing but provide firewall services. While suitable applications exist for each type of firewall, generally best is to use a dedicated device performing only security features, and leave routing and serving to other devices.

Unsolicited access from the outside directed to the inside would typically be blocked. Certain well-thought-out exceptions and configurations could be created, so e-mail servers residing on the inside network, instead of the DMZ, could still exchange e-mails.

A typical firewall device has two or more LAN interfaces: one each for the inside and outside networks. Optionally, an additional LAN interface can exist for each protected DMZ network.


References:

http://www.windowsecurity.com/articles/a_firewall_in_an_it_system.html

http://etutorials.org/Networking/Cisco+Certified+Security+Professional+Certification/Part+II+Securing+the+Network+Perimeter/Chapter+5+Securing+Cisco+Perimeter+Routers/Perimeter+Router+Terms+and+Concepts/