Firewall architectures-dual homed host architecture, Computer Networking

Dual Homed Host Architecture

This setup consists of a host machine with two or more IP addresses for each of its physical port. One port is connected to intranet and other to the Internet. These ports act as its two way interfaces. Data forwarding through IP address is blocked on this machine thus there is no direct communication between local network and the Internet .


The communication between local network and the Internet occurs in either of two ways:
•Local network users are given accounts on the Dual Homed Host machine. In order to access the Internet they must login on the host  machine
•Host machine runs a proxy program for each permitted service. Users can access the Internet through this proxy application. In this case login is not always required


 Advantages


•    More secure than Screening Router scheme
•    Provides better access control


 Disadvantages


•    Since packet forwarding is disabled, a proxy must exist for all services that pass through host machine
•    Not all services can have proxies and might require manual configuration or user input
•    Firewall performance is limited to the performance of the host machine
•    Only Dual Homed Host machine could be accessed from the Internet thus its security is at greater risk

Posted Date: 9/13/2012 5:46:27 AM | Location : United States







Related Discussions:- Firewall architectures-dual homed host architecture, Assignment Help, Ask Question on Firewall architectures-dual homed host architecture, Get Answer, Expert's Help, Firewall architectures-dual homed host architecture Discussions

Write discussion on Firewall architectures-dual homed host architecture
Your posts are moderated
Related Questions
What is Piggy Backing? A process called piggybacking is used to get better the efficiency of the bidirectional protocols. When a frame is carrying data from A to B, it can also


- EIA/ TIA specifies and RJ-45 connector for unshielded twisted-pair (UTP) cable. The letter RJ stand for registered jack and the number 45 refers to a specific wiring sequence.

a)  Assume that the time required to transmit one packet (i.e. the packet length divided by link data rate) is 10ms and the Round Trip Time (from Source to Destination and back) is

Advantages of LS over DV algorithm There  are a number of advantages to link  state  protocols  especially when  compared to  the distance vector based  routing  protocols. The

Half-Duplex - Capability for data transmission in only single direction at a time among sending station and a receiving station.

What is virtual channel? Virtual channel is normally a connection from single source to one destination, although multicast connections are also allowed. The other name for vir

Determine the Objectives of computer security Though computerisation helps a lot in proper organisation of experience, it also opens a Pandora's Box simultaneously. On one

Explain Difference between broadcast domain and collision domain? Ans) Broadcast Domain Send the packet to all the Present Network IT might be send by the person It mig

What are Triggers and Rules? Triggers are special user defined actions generally in the form of stored processes that are automatically invoked by the server based on data rel