Firewall architectures-dual homed host architecture, Computer Networking

Dual Homed Host Architecture

This setup consists of a host machine with two or more IP addresses for each of its physical port. One port is connected to intranet and other to the Internet. These ports act as its two way interfaces. Data forwarding through IP address is blocked on this machine thus there is no direct communication between local network and the Internet .


The communication between local network and the Internet occurs in either of two ways:
•Local network users are given accounts on the Dual Homed Host machine. In order to access the Internet they must login on the host  machine
•Host machine runs a proxy program for each permitted service. Users can access the Internet through this proxy application. In this case login is not always required


 Advantages


•    More secure than Screening Router scheme
•    Provides better access control


 Disadvantages


•    Since packet forwarding is disabled, a proxy must exist for all services that pass through host machine
•    Not all services can have proxies and might require manual configuration or user input
•    Firewall performance is limited to the performance of the host machine
•    Only Dual Homed Host machine could be accessed from the Internet thus its security is at greater risk

Posted Date: 9/13/2012 5:46:27 AM | Location : United States







Related Discussions:- Firewall architectures-dual homed host architecture, Assignment Help, Ask Question on Firewall architectures-dual homed host architecture, Get Answer, Expert's Help, Firewall architectures-dual homed host architecture Discussions

Write discussion on Firewall architectures-dual homed host architecture
Your posts are moderated
Related Questions
Directly linked network have the lowest administrative distance of 0. They are considered the most reliable.

Single Program Multiple Date A common style of writing data parallel programs for MIMD computers is SPMD (single program, multiple data): all the processors implement the same

Question : a) Describe the following core components of a cellular based network: i) Cell ii) MSC iii) HLR & VLR iv) PSTN b) Explain why frequency reuse is consi

Gateway A device linked to multiple physical TCP/IP networks capable of routing or delivering IP packets among them. Router It's a layer 3 device that connects 2 diss

Normal 0 false false false EN-IN X-NONE X-NONE MicrosoftInternetExplorer4

What is tracert? Tracert is a Windows utility program that can used to trace the route taken by data from the router to the destination network. It also represents the number o

Question : (a) Explain the ‘RAD' methodology with a suitable diagram. (b) One of the activities to be performed during Rapid Application Development is Rapid Business Analys

Q. Show the IP Address Representation? IP Addressing IP Address Representation Binary notation - IP address is displayed as 32 bits Dotted-decimal notation -

Transport Layer In computer networking it the transport  layer is where  sessions are  exchanged between  hosts. This layer resides  between  the application layer and  networ

Q. Illustrate Data-Link Layer in osi layers model? Data-Link Layer: This layer takes the data messages or frames from the Network Layer and gives for their actual transmissio