Firewall architectures-dual homed host architecture, Computer Networking

Dual Homed Host Architecture

This setup consists of a host machine with two or more IP addresses for each of its physical port. One port is connected to intranet and other to the Internet. These ports act as its two way interfaces. Data forwarding through IP address is blocked on this machine thus there is no direct communication between local network and the Internet .


The communication between local network and the Internet occurs in either of two ways:
•Local network users are given accounts on the Dual Homed Host machine. In order to access the Internet they must login on the host  machine
•Host machine runs a proxy program for each permitted service. Users can access the Internet through this proxy application. In this case login is not always required


 Advantages


•    More secure than Screening Router scheme
•    Provides better access control


 Disadvantages


•    Since packet forwarding is disabled, a proxy must exist for all services that pass through host machine
•    Not all services can have proxies and might require manual configuration or user input
•    Firewall performance is limited to the performance of the host machine
•    Only Dual Homed Host machine could be accessed from the Internet thus its security is at greater risk

Posted Date: 9/13/2012 5:46:27 AM | Location : United States







Related Discussions:- Firewall architectures-dual homed host architecture, Assignment Help, Ask Question on Firewall architectures-dual homed host architecture, Get Answer, Expert's Help, Firewall architectures-dual homed host architecture Discussions

Write discussion on Firewall architectures-dual homed host architecture
Your posts are moderated
Related Questions
Configure the Physical Topology Step 1: Cable the network. Refer to the figure and table below for the essential cables. Step 2: Physically connect lab devices. C

What are the IP address ranges for public and private IP address?

Define in details about computer networks ? Discuss a variety of types of networks topologies in computer network. Also discuss a variety of costs and disadvantage of all topology

- EIA/ TIA specifies and RJ-45 connector for unshielded twisted-pair (UTP) cable. The letter RJ stand for registered jack and the number 45 refers to a specific wiring sequence.

In OSI 7 layer model, a header, or possibly a trailer, can be added to the data unit at each layerI 7 layer, but we will define a simple virtual packet which contains only 8bit dat

ARP - Address Resolution Protocol It is the protocol that traces IP addresses to MAC addresses. RARP - Reverse Address Resolution Protocol It is the protocol within the TC

Many benefits of configuring VLAN as listed below: • Performance Enhancements: It reduces heavy load on the network by permitting operations at lower latencies by using VLAN t

A.) JPEG and PICT B.) MPEG and MIDI C.) ASCII and EBCDIC For example, the Presentation layer would be liable for changing from EDCDIC to ASCII. Data compression, decompres

If the host has the subnet ID why do we require a subnet mask?

Assume that the clock-driven scheme for generating starting sequence numbers is used with a 16-bit wide clock counter (that is, sequence numbers range from 0 to 2^16).  The clock t