Choose the suitable mode you want to deploy Firewall in network.
Firewalls protect networks by enforcing security policies on it. As Firewalls act as gate to network, deploying them on the network should be done efficiently. Firewalls can behave in different modes to accommodate with network design such they can route or switch or watch the traffic.
- Routed(L3)/switching Mode
- Transparent Mode
Firewall will act as router or switch and pass the traffic based on the packets destination address. You can configure IP address to interfaces as L3 mode or VLAN l2 mode and add them security zones to allow or deny the packets as per security policies.
Firewall will behave as if it not present in network and watch the traffic passing through it. Security zones can be created and security policies can also be applied on the traffic based on source and destination. It cannot perform PAT. The only difference in transparent mode is downstream device will have default gateway to upstream device of the firewall and this do not perform any routing or switching.