this is definately an advantage of transparent firewall, they don't need to
worry about the unexperienced routing daemon on the firewalls. But in most
cases, the firewalls are deployed at the network edges, that means, if they
have a good IP address design, they need only the static routes, combining
with the security rules, non-layer 2 firewall deployment is easy to be managed
?
but you may be right, I am not a security guy, hehe
routing