What are the differences between front-end/back-end firewalls and chassis-based firewalls?
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
There are a couple of different technologies referenced in your question. The use of a front-end/back-end topology doesn't prevent you from using a chassis-based device. Let's explore the different characteristics of a firewall.
The front-end/back-end topology is commonly seen in multi-tier applications where the user interacts with a front-end presentation server, and that server interacts with a back-end one. A scenario where this is commonly seen is in the deployment of email systems, such as Microsoft Exchange. Users often interact with a front-end Web server -- running, for example, Outlook Web Access -- to read and send email. That Web server must interact with the back-end mail server, but Internet users do not need to interact directly with the one dedicated to mail. The front-end/back-end topology dictates that a firewall should be placed between the Internet and the Web server, and also between the Web server and the email server, providing maximum security.
A chassis-based firewall is a piece of hardware that runs the firewall software in a dedicated fashion. Often referred to as a firewall appliance, it is sold as a bundle including both hardware and software. The alternative is to purchase firewall software and install it on your own hardware.
From a security perspective, there isn't much of a difference between the two approaches. I generally tend to prefer appliance products from a support perspective because they make a single vendor responsible for any hardware or software issues with a device, preventing multiple vendors from participating in a "blame game" where they try to pass the buck to each other.
- A SearchSecurity.com reader asks Mike Chapple, "What firewall features will best protect a LAN from Internet hack attacks and malware?"
- Firewall management is critical in today's regulatory climate. See how companies looking to streamline firewall management will look to tools from several vendors.
Dig Deeper on Network Firewalls, Routers and Switches
Related Q&A from Mike Chapple
Cloud compliance issues are no reason for enterprises not to move to the cloud. Expert Mike Chapple explains why, as well as what to keep in mind ...continue reading
The GAO reported on SEC cybersecurity weaknesses, even though the SEC regulates cybersecurity. Expert Mike Chapple discusses the effects of this ...continue reading
Enterprise compliance can be a burden to manage, which is where a PCI ISA can be helpful. Expert Mike Chapple explains how a PCI Internal Security ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.