Introduction

As some point in their careers, network administrators will need to reassess their current network deployments and determine if they are designed to meet the needs of their growing companies. Perhaps, when the company was a small startup, it was convenient to have the database, the Web server, and the user community on the same network. But as a company grows and services are added, and additional resources continually exposed to various parts of the internal and external infrastructure, the administrator will probably wonder if this environment is really benefiting the company or just creating unnecessary risk to corporate information assets. Once administrators make this decision, they are confronted with the possibility of added complexity as well as the cost of making the recommended changes.

One solution that can help address these possible issues is the transparent mode capability of a NetScreen firewall. Transparent mode provides the capability to convert a NetScreen firewall from a layer 3 device to a layer 2 device. Rather than requiring the administrator to redesign the entire network for physical and network changes to servers and devices, he or she has the option to implement a flexible alternative that can help to simplify deployment efforts and reduce the costs.

Interface Modes

Before we talk about transparent mode, let's quickly review the other interface modes on a NetScreen firewall. The interfaces on a NetScreen firewall can operate in three different modes: NAT (Network Address Translation), route, and transparent. The following is a review of...