Zoning networks with public and private services
Companies that offer services that should be reachable by third parties need to separate these public services from the private parts of their network. In business-to-consumer industries, a public service may be a web shop or a community platform; in busines-to-business industries, typical examples are data sharing platforms for suppliers or partner companies. All companies may operate a local mail server or web server. Such public services are placed in a demilitarised zone (DMZ), separated from the private part of the network by a firewall.
The firewall is typically combined with a network address translation (NAT) router, that provides local hosts with a private network address, while being reachable from the internet under a public address and forwarding packages between the two networks.
Secure switching effectively puts each host in its own protective zone, building a peer-to-peer tunnel for each communication flow. Rack-mountable switches connect all hosts and provide them with a localised, private address, thus replacing a NAT router; by authenticating all connections, they replace the firewalls. In the end, the concept of local and demilitarised zones to ensure the necessary separation of public traffic and private data can be abandoned completely.
Secure switches solve the problem that expert knowledge on authentication, encryption and tunnelling is required to add essential security that is not part of the basic internet protocols.
Products to plug and protect
Stackable, 24- or 48-port 1-Gb through 40-Gb ethernet switches and wireless access points.
More about our product suite
Frequently asked questions
Details on compatibility, differences with VPN, cloud applications and security.
To the questions and answers