Firewall architectures-dual homed host architecture, Computer Networking

Dual Homed Host Architecture

This setup consists of a host machine with two or more IP addresses for each of its physical port. One port is connected to intranet and other to the Internet. These ports act as its two way interfaces. Data forwarding through IP address is blocked on this machine thus there is no direct communication between local network and the Internet .


The communication between local network and the Internet occurs in either of two ways:
•Local network users are given accounts on the Dual Homed Host machine. In order to access the Internet they must login on the host  machine
•Host machine runs a proxy program for each permitted service. Users can access the Internet through this proxy application. In this case login is not always required


 Advantages


•    More secure than Screening Router scheme
•    Provides better access control


 Disadvantages


•    Since packet forwarding is disabled, a proxy must exist for all services that pass through host machine
•    Not all services can have proxies and might require manual configuration or user input
•    Firewall performance is limited to the performance of the host machine
•    Only Dual Homed Host machine could be accessed from the Internet thus its security is at greater risk

Posted Date: 9/13/2012 5:46:27 AM | Location : United States







Related Discussions:- Firewall architectures-dual homed host architecture, Assignment Help, Ask Question on Firewall architectures-dual homed host architecture, Get Answer, Expert's Help, Firewall architectures-dual homed host architecture Discussions

Write discussion on Firewall architectures-dual homed host architecture
Your posts are moderated
Related Questions
Simplicity The advantage of this approach is the simplicity  of receiver buffering. The  receiver need not  buffer out of  order packets the sender must maintain the upper an

Message Passing Programme Development Environment In a multicomputer system, the computational load among various processors must be balanced. To pass information among variou

Write the definition of SAN A SAN is a separate network to handle storage requirements. The SAN detaches storage tasks from specific servers and makes a shared storage facility

Q. Explain the process of piggybacking? When a data frame arrives in its place of immediately sending a separate control frame and the receiver restrains itself and waits until

Password Authentication Protocols (PAP) PAP  implements the  traditional username and password  authentication methods. At the  request from  an authenticator the client respon

Undesirable Sharing With  the good  comes  the bad  while  networking  allow  the easy  sharing  of useful  information it also  the sharing  of undesirable  data. One sign

Explain Bus Topology. The physical Bus topology is the easiest and most widely used of the network designs. It having of one continuous length of cable (trunk) and a terminatin

Enumerate about the Home Page and Hot Links Home Page: The primary Web page for an individual or organisation. These pages link to other related pages. Hot Links: A co

What is a Transaction server? With a transaction server, the client includes remote procedures that reside on the server with an SQL database engine. These remote processes on

FIBER OPTIC EXTENSION:  The LAN extension using fiber optic is given in the figure below:   Figure The fiber-modem translates digital data into pulses of light the