Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
Certification Preparation
Cisco
CCNP (Professional)
Screening router
DCD
Should you use a router in front of your firewall ? And why would you in the first place? I've seen it a couple of time but nobody can say why it was done.
Find more posts tagged with
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
pevangel
I know one reason is because ASAs don't support BGP. I don't know if any newer ones do, but most customers that I've dealt with have ASAs that don't support BGP.
Jobene
Asa X does
I always put a router in front ( with hardening ) and than behind the asa!
Pro: less performanceproblems on the asa
Con:You need Publicaddresses between router and asa for nat
docrice
Plus if you do some basic filtering on the router interfaces, you reduce the amount of random Internet radiation (automated portscans, etc.) from hitting your firewall and creating excessive log noise, which in turn helps make your logs easier to parse, store, and ultimately read.
It does mean an additional hardware in the path which can have problems, of course.
DCD
Thanks for the insight.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
