Multiple firewalls are most commonly used to segregate networks of different sensitivity levels. Universities, for example, commonly use a series of layered firewalls to provide different zones of security for various types of users. A border firewall forms a loose perimeter around the entire network, providing a basic degree of protection to the entire enterprise. Other firewalls then segment off restricted portions of the network -- such as data centers, research labs, infrastructure systems and similar devices -- providing an added level of security to protect those systems from other campus users.
The correct firewall architecture for an organization depends upon a number of variables, including the homogeneity of users, the types of sensitive information being handled and the types of systems on the network. For more information on use cases, read my Firewall Architecture Tutorial.
This was first published in June 2009