The network infrastructure of an organization consists of a host of network devices such as routers, switches, firewalls, and so on. These devices are vital for the successful conduct of the business of the organization. It is these devices that carry the data of the organization to legitimate users and it is same devices that transport the data to the attacker in the case of a security attack. It is important to ensure that the network devices don't participate directly in any sabotage and are not manipulated to send information to unauthorized users.
To understand the security of the network devices, it is important to dissect the network device into its constituent functional layers, or planes as they are commonly called. All network devices can be thought of as having three functional planes, as shown in the following figure:

 
                                             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
             
     
         
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                