Using Bridges; Overview - Check Point UTM-1 Edge User Manual

Chapter 7
This chapter describes how to connect multiple network segments at the data-link layer,
using a bridge.
This chapter includes the following topics:
Overview ..................................................................................................221
Workflow..................................................................................................227
Adding and Editing Bridges .....................................................................228
Adding Internal Networks to Bridges.......................................................232
Adding Internet Connections to Bridges ..................................................237
Deleting Bridges.......................................................................................242

Overview

The UTM-1 appliance enables you to connect multiple network segments at the data-link
layer, by configuring a bridge. Bridges offer the following advantages:
•
Easy network segmentation
Bridges can be used to compartmentalize an existing network into several security
zones, without changing the IP addressing scheme or the routers' configuration.
Ordinarily, if you need to deploy a firewall within an internal network, you can divide
the existing subnet into two networks and configure a new routing scheme. However,
in some deployments, the amount of network reconfiguration required prohibits such a
solution. Adding a bridge not only allows you to segment your network quickly and
easily, but it allows you to choose whether to enable the firewall between network
segments.
If you enable the firewall between bridged network segments, the gateway operates as
a regular firewall between network segments, inspecting traffic and dropping or
blocking unauthorized or unsafe traffic. In contrast, if you disable the firewall between
bridged network segments, all network interfaces assigned to the bridge are connected
Chapter 7: Using Bridges

Using Bridges

Overview

221