Amaranten Firewall is designed completely symmetrically, and may therefore be used in scenarios where, for instance,
several demilitarized zones are needed, or where internal networks need thorough segmentation.

Amaranten firewalls support up to 10 physical Ethernet interfaces, and are fully compliant with the IEEE 802.1Q specification
for virtual LANs. Several thousand VLANs may be defined, and each VLAN is treated as a logical interface in the firewall,
with the same filtering and configuration capabilities as regular interfaces.

The symmetrical design, combined with the flexible routing capabilities of Amaranten Firewall, makes it possible to tie together
even the most complex networks. Routing is not limited to traditional subnets, but may be performed on single IP addresses,
IP ranges and even on groups of IP addresses.

Moreover, the Policy-based routing feature means that routing can be specified per rule in the ruleset of the firewall. This
makes it possible to direct certain network traffic to supplementary security products, such as content filtering or anti-virus
servers. It also opens up the possibility to utilize different service providers for different IP services.

The Amaranten Firewall supports DHCP (Dynamic Host Control Protocol) for dynamic assignment of IP addresses on any
interface in the firewall. Amaranten Firewall also supports full DHCP relaying, including a highly customizable ruleset and
options to dynamically alter its routing table and add proxy ARP entries according to the relayed DHCP leases.