At the risk of sounding repetative, I will state the fact that the key of building a good and secure firewall is to design the network in an intelligent way, identify points of security, and understand how packets are flowing through the network.
When designing and deploying large networks, it's recommended to identify how and where routers must be placed in the network and how to scale the routers for the functions they must perform.
Large networks are often built in layers. The largest networks use a three-layered hierarchy consisting of the following three layers:
Core layer
Distribution layer
Access layer
The three-layer network hierarchy is not always suited for all large networks, and some routers can perform functions of more than one layer.
Usually, a three-layered network design looks something like this:
The core layer usually contains routers that have internet or local peering connections. There are high-speed links between them, and routes are...