Cisco Cisco Nexus 5010 Switch 白書
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 56 of 75
Complex Deployment Scenarios
Often high-performance firewalls in routed mode combine two functions in one: tenant-edge firewall and east-west
firewall. This approach allows the firewall both to present itself as a default gateway for a certain number of specific
subnets and to enforce security policies for traffic forwarded between VRF instances, all in one firewall context
(Figure 24).
Figure 24. Logical Diagram Showing a Single Tenant-Edge Firewall Acting as a Default Gateway for Subnets F1 and F2 as
Well as Enforcing Security Policies between VRF A, VRF B, and VRF EXT