a watchguard firebox is a specially designed and optimized security appliance. three independent network interfaces allow you to separate your protected office network from the internet while providing an optional public interface for hosting web, email, or ftp servers. each network interface is independently monitored and visually displayed on the front of the firebox.

    there are no user-serviceable parts within the firebox. if a user opens a firebox case, it voids the limited hardware warranty.

    the most common and effective location for a firebox is directly behind the internet router, as pictured below:

   

    other parts of the network are as follows:

    management station

    the computer on which you install and run the watchguard

    control center software.

    watchguard security event processor

    the computer that receives and stores log messages and sends alerts and notifications. you can configure the management station to also serve as the event processor.

    trusted network

    the network behind the firewall that must be protected from the security challenge.

    external network

    the network presenting the security challenge, typically the internet.

    optional network

    a network protected by the firewall but still accessible from the trusted and the external networks. typically, the optional network is used for public servers such as an ftp or web server.