This is just a sample, but it contains the elements you may run across and gives us
something to talk about. Starting at the top left is the person with the browser. The
cloud suggests the open internet, which will pass you through whatever route will get
you to the application.
Firewall
A firewall is a common component of most network architectures. The word
firewall
,
though, is ambiguous at best. It could mean anything from a set of access controls on
a router all the way up to what are called
next-generation firewalls
, which can not only
perform static blocking based on rules configured on the firewall but also perform
dynamic blocking based on any intrusions that may have been detected. A next-
generation firewall may also watch for malicious software (malware) in any commu‐
nication passing through it.
This point will also be noted again, but it’s worth mentioning a few times. What is
being described here is a set of functionality rather than a specific device. A firewall
may be a single device that incorporates one or several security functions, but it may
also be a set of functions that could live on another device. As an example, the fire‐
wall functions may be incorporated into the load balancer, which is the next device in
our architecture.
Load Balancer
On the front end of a larger network design, you may find a
load balancer
. The load
balancer is intended to take a lot of traffic in order to pass it through to the web
servers behind. The point of a load balancer is that it is a simple device that doesn’t do
anything but keep track of usage of the servers behind the scenes. Requests coming in
will be redirected to those servers, based on an algorithm the load balancer knows. It
may be simply round-robin, meaning request 1 goes to server 1, request 2 goes to
server 2, request 3 goes to server 3, before starting all over again at server 1. There is
no sense of the complexity of the request in this scheme or the time it may take to
fulfill the request.
