Creating firewalls may block some malicious attempts on your network, but this step is far from running an entirely secure network. As a network administrator or security consultant, to design a proper firewall for your network you need to know what you defend your network from. We cannot fully discuss this topic, even in 1000 pages, but we want to explain some principles that you should consider in running a safe network.
As hard as it may seem to protect your network from the outside world, the most dangerous threats always come from inside your network. Whether it is a user with malicious intentions or a hacker who broke into a less important part of your network, the inner threat is the worse.
Besides outside and inside attacks on your network, there is one more attack type, called MIM (Man In the Middle) attack. This involves two trusted parts of your network that transit one or many routers that you don't control.
For instance, we might have a network in one...