LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What network security devices protect the enterprise perimeter, and what does each do?

The three main perimeter security devices are: VPN (Virtual Private Network)-enabled routers (encrypted remote access), Next-Generation Firewalls (deep packet inspection), and Network Access Control devices (AAA (Authentication, Authorization, and Accounting) enforcement).

Device Function Key Features
VPN-Enabled Router Provides secure encrypted tunnels for remote users across public networks IPSec (Internet Protocol Security), SSL (Secure Sockets Layer) VPN; VPN services can be integrated into the firewall
Next-Generation Firewall (NGFW) Deep inspection and control of network traffic Stateful packet inspection, application visibility, NGIPS (intrusion prevention), AMP (advanced malware protection), URL (Uniform Resource Locator) filtering
Network Access Control (NAC) Controls who can access the network and enforces policies Authentication, authorization, accounting (AAA); Cisco ISE is an example; manages access across wired, wireless, and VPN

Important: These perimeter devices protect against external threats. But if an attacker is already inside the LAN (Local Area Network) (rogue device, compromised host, malicious insider), perimeter defenses don't help. That's where Layer 2 security (port security, DHCP (Dynamic Host Configuration Protocol) snooping, DAI (Dynamic ARP Inspection)) becomes essential.

Go deeper:

From Quiz: NETW2 / LAN Security Concepts | Updated: Jul 14, 2026