Firewall architectures-screened host architecture, Computer Networking

Screened Host Architecture


This architecture consists of two host machines: a Screening Router and a Screening Host. Screening Router is placed between a local network and the Internet. Its purpose is to block all direct communication between two networks. Only traffic that is allowed to pass through is that coming from the host machine and destined for the Internet or coming from the Internet and destined for the host machine.

Screened Host is the only machine that can be accessed from the Internet and usually runs proxy applications for allowed services. Other hosts on the intranet must connect to proxy service on the host machine in order to use the Internet.This architecture is more flexible than Dual Homed Host architecture. In this setup if a proxy application does not exist for some secure service it can be allowed to pass through the screening router directly to the client on the local network .

 Advantages


•Provides better security and filtering rules are simple
•Provides transparent outbound access and restricted inbound access


 Disadvantages


•If proxy application does not exist for some service logins have to be provided to the local users to use that service or to abandon that service completely
•If both host machines are not configured properly to work together it may leave holes in the firewall that can be exploited by the attacker

Posted Date: 9/13/2012 5:48:48 AM | Location : United States







Related Discussions:- Firewall architectures-screened host architecture, Assignment Help, Ask Question on Firewall architectures-screened host architecture, Get Answer, Expert's Help, Firewall architectures-screened host architecture Discussions

Write discussion on Firewall architectures-screened host architecture
Your posts are moderated
Related Questions

5. CSMA/CD based Ethernet LANs in various sites and Frame Relay (FR) service to connect them together. You want to make a difference in the organization by upgrading the LANs to be

Question 1 requires you to develop firewall rules based on a fictitious organisation. Scenario: You work for a security-conscious company, xC-Cure, who develop encryption t

Command Structure: Commands are all-upper-case strings, either 4 or 6 characters in length. Table 1 shows the commands, and (for method commands) the parameters, return values, ex

Explain the term- congestion The average queue size over the last cycle and the current cycle is calculated. This value is the threshold. By averaging over two cycles instead o

Radio Waves - Frequency ranges: 3 KHz to 1 GHz - Omni directional - Susceptible to interference by other antennas utilizing same frequency or band - Ideal for long-di

Routing Table A routing  table has columns  for at  three types o information  the network  ID  the cost  and the  ID of the  next  router. The  network  ID is the final  desti

TYPES OF PARALLEL PROGRAMMING There are several parallel programming models in common use. Some of these are: Message Passing; Data Parallel programming; Shared

Question: a) List three characteristics and two potential problems of a peer-to-peer environment. b) List three characteristics and two potential problems of a client/

(a) Explain how a CDMA system works? (b) Explain howWelsh-Hadamard codes are generated. Explain why orthogonality between different spreading codes is important. (c) Consider