A router containing a firewall capable of supporting a plurality of
different security levels. The router of the present invention creates a
plurality of Virtual Local Area Networks (VLANs) using a network switch.
The VLAN Rules Table (VRT) allows a network administrator to designate a
trust level for each VLAN. The trust level may be different for every
VLAN and the administrator may designate different rules for each VLAN.
The Security Program (SP) analyzes each packet passing through the
firewall and determines if the packet is permitted under the rules for
the VLAN trust level. An alterative embodiment in which the switch in the
router is divided into a plurality of sub-switches is also disclosed. In
the alternative embodiment, the firewall need only compare the packet to
rules which were not applied in the lower trust levels, eliminating the
redundant rules from the comparison process.