Firewall architectures-dual homed host architecture, Computer Networking

Dual Homed Host Architecture

This setup consists of a host machine with two or more IP addresses for each of its physical port. One port is connected to intranet and other to the Internet. These ports act as its two way interfaces. Data forwarding through IP address is blocked on this machine thus there is no direct communication between local network and the Internet .


The communication between local network and the Internet occurs in either of two ways:
•Local network users are given accounts on the Dual Homed Host machine. In order to access the Internet they must login on the host  machine
•Host machine runs a proxy program for each permitted service. Users can access the Internet through this proxy application. In this case login is not always required


 Advantages


•    More secure than Screening Router scheme
•    Provides better access control


 Disadvantages


•    Since packet forwarding is disabled, a proxy must exist for all services that pass through host machine
•    Not all services can have proxies and might require manual configuration or user input
•    Firewall performance is limited to the performance of the host machine
•    Only Dual Homed Host machine could be accessed from the Internet thus its security is at greater risk

Posted Date: 9/13/2012 5:46:27 AM | Location : United States







Related Discussions:- Firewall architectures-dual homed host architecture, Assignment Help, Ask Question on Firewall architectures-dual homed host architecture, Get Answer, Expert's Help, Firewall architectures-dual homed host architecture Discussions

Write discussion on Firewall architectures-dual homed host architecture
Your posts are moderated
Related Questions
Point to Point Architecture The term  peer means equal which can  be informally  interpreted as a process with  capability similar to the other processes with process communic

Multiplexing  and De multiplexing Another  critical set of services that are provided by the transport layer is that of application multiplexing and de multiplexing. This featu

Q. Illustrate about RSA Encryption? RSA Encryption - Public key encryption technique - Encryption steps: - Encode data to be encrypted as a number to create the pla

Define the term - public knowledge information It is essential to distinguish between public knowledge information and the more detailed pieces of information relating to spec

Shortest path  The  dijkstra algorithms  four steps to discover what it called  the shortest path  tree . a.The algorithm  beings  to build  the tree identifying  its root.

Which NetWare protocol provides link-state routing? Ans) NetWare Link Services Protocol (NLSP) gives link-state routing. SAP (Service Advertisement Protocol) advertises network

Concept Of Permutation Network In permutation interconnection networks the information transfer necessitates data transfer from input set of nodes to output set of nodes and po

What are the characteristics of Client/Server? Service Encapsulation of services Shared resources Asymmetrical protocols Mix-and-match Transparency of location

Question: With Vout not connected to any additional circuitry, what power is dissipated in the 7 kW resistor?

What is subnet mask? A subnet mask is combined with an IP address in order to recognize two parts: the extended network address and the host address. Such as an IP address, a s