Dont Understand Firewall Concept

dppagc

So here I have a layer switch. There are firewalls as well as servers connected to it. How do I make sure that traffic to and from the server will go through the firewall? Wont it just exit through the switch and bypass the firewall? Sorry my concept not strong

OctalDump

Firewalls are used to protect zones of your network. If you want the server to be in a different zone of the network, then you need to physically or logically isolate it so that all traffic must go through the firewall.

A common, basic, set up would be to have a firewall with three different zones - a DMZ for public facing services, your private internal LAN, and public or internet zone. Any traffic passing between zones has to go through the firewall. You can also do this with two different firewalls.

An even more basic set up is to have your private LAN separated from the internet with a firewall. In this case, all your internal computers are in the same trust zone and no traffic between them goes through the firewall, but all traffic to and from the internet goes through the firewall.

You can get more complex set ups, with multiple firewalls and multiple zones eg segregating traffic between departments in a company.

If you have a switch and a firewall, and want to filter traffic between devices connected to that switch, then you need to either logically segregate the computers into different zones using VLANs, or physically segregate them, for example by putting the firewall between the server and switch.