Firewall architectures-dual homed host architecture, Computer Networking

Dual Homed Host Architecture

This setup consists of a host machine with two or more IP addresses for each of its physical port. One port is connected to intranet and other to the Internet. These ports act as its two way interfaces. Data forwarding through IP address is blocked on this machine thus there is no direct communication between local network and the Internet .

The communication between local network and the Internet occurs in either of two ways:
•Local network users are given accounts on the Dual Homed Host machine. In order to access the Internet they must login on the host  machine
•Host machine runs a proxy program for each permitted service. Users can access the Internet through this proxy application. In this case login is not always required


•    More secure than Screening Router scheme
•    Provides better access control


•    Since packet forwarding is disabled, a proxy must exist for all services that pass through host machine
•    Not all services can have proxies and might require manual configuration or user input
•    Firewall performance is limited to the performance of the host machine
•    Only Dual Homed Host machine could be accessed from the Internet thus its security is at greater risk

Posted Date: 9/13/2012 5:46:27 AM | Location : United States

Related Discussions:- Firewall architectures-dual homed host architecture, Assignment Help, Ask Question on Firewall architectures-dual homed host architecture, Get Answer, Expert's Help, Firewall architectures-dual homed host architecture Discussions

Write discussion on Firewall architectures-dual homed host architecture
Your posts are moderated
Related Questions
bus topology disadvantage?

Load the Router with the Supplied Scripts Enable ! config term ! hostname Router1 ! enable secret class ! no ip domain-lookup !  interface FastEth

FDDI has four specifications: 1. Media Access Control it defines how the medium is accessed 2. Physical Layer Protocol it defines data encoding/decoding procedures 3. Phy

a)  Peer-to-Peer Network Computers can act as both servers sharing resources and as clients using the resources. b)  Server-based Network Give centralized control of netwo

Q. Explain File Transfer Protocol? - File Transfer Protocol (FTP) is a TCP/IP client-server application for copying files from one host to another -- Establishes two connect

Network Topologies Topology is study  of the  arrangement or  mapping of  the elements links nodes etc,  of a network especially the physical and logical inter connections bet

A statistical encoding algorithm is being considered for the transmission of a large number of long text files over a public network. Part of the file content is as follows: DOD

As a system administrator, you require to debug igrp but are worried that the "debug IP igrp transaction" command will flood the console. What is the command that you should use?