(At present, many users have the need for intranet access control, and hope to make full use of the access control ability of the firewall to further subdivide the security sub domain of the intranet. Because office users and internal application hosts are usually connected to the switch, in order to achieve access control and isolation between different VLANs on the switch, the switch processing requirements are relatively high, the implementation is relatively complex, and the maintenance is inconvenient. The test shows that the combination of switch and NetScreen firewall can solve the problem of intranet access control. Through trunk + aggregate interface and firewall zone and policy, it can provide finer grained intranet access control. Let's make a brief introduction with a customer case. Customer requirements: 1. The traffic between all VLANs in the intranet needs to be verified~~~~~)
收藏
