Network topology (Best practice)

view full story

http://serverfault.com – Currently all of our Servers and VPN equipment is setup using public IPs ( For example our web server would be setup with a public ip). We currently use iptables to manage our firewall rules on each individual server only allowing access to certain ports. Current Setup Internet Router -> Servers We are in the process of changing the network topology to utilize a central firewall rather than iptables. Propose Setup Internet Router -> Firewall -> Servers When looking into this setup it has brought up many questions. I just want to make sure I am following best practice principles and secur (HowTos)