Firewall architectures-screened host architecture, Computer Networking

Screened Host Architecture


This architecture consists of two host machines: a Screening Router and a Screening Host. Screening Router is placed between a local network and the Internet. Its purpose is to block all direct communication between two networks. Only traffic that is allowed to pass through is that coming from the host machine and destined for the Internet or coming from the Internet and destined for the host machine.

Screened Host is the only machine that can be accessed from the Internet and usually runs proxy applications for allowed services. Other hosts on the intranet must connect to proxy service on the host machine in order to use the Internet.This architecture is more flexible than Dual Homed Host architecture. In this setup if a proxy application does not exist for some secure service it can be allowed to pass through the screening router directly to the client on the local network .

 Advantages


•Provides better security and filtering rules are simple
•Provides transparent outbound access and restricted inbound access


 Disadvantages


•If proxy application does not exist for some service logins have to be provided to the local users to use that service or to abandon that service completely
•If both host machines are not configured properly to work together it may leave holes in the firewall that can be exploited by the attacker

Posted Date: 9/13/2012 5:48:48 AM | Location : United States







Related Discussions:- Firewall architectures-screened host architecture, Assignment Help, Ask Question on Firewall architectures-screened host architecture, Get Answer, Expert's Help, Firewall architectures-screened host architecture Discussions

Write discussion on Firewall architectures-screened host architecture
Your posts are moderated
Related Questions
Q Illustrate Return to Zero encoding? - In NRZ-I long strings of 0s may still be a problem - May comprise synchronization as part of the signal for both 1s and 0s - How?

Question 1 Brief the Fourth generation network. List its advantages and disadvantages Question 2 Explain the steps involved in component identification and call establishm

Q. Explain about Multiplicative Decrease ? Multiplicative Decrease (MD) if a time-out take places the threshold is set to one maximum segment size (TCP Tahoe, TCP Reno).

REPEATERS:  Repeaters are needed when copper wire communication is takes place. According to the fact that electrical signal goes weaker while travelling over copper lines. A

Explain Bus Topology. The physical Bus topology is the easiest and most widely used of the network designs. It having of one continuous length of cable (trunk) and a terminatin

A default route is analogous to a default gateway. It is used to decrease the length of routing tables and to give complete routing capabilities when a router may not know the rout

Shortest path  The  dijkstra algorithms  four steps to discover what it called  the shortest path  tree . a.The algorithm  beings  to build  the tree identifying  its root.

Station Types No-transition mobility moreover stationary or moving only inside a BSS BSS-transition mobility is able to move from one BSS to another, but confined inside one

Hierarchy of DNS Servers DNS uses a large number of server organized in hierarchical  fashion  and distribution  around the world. No single DNS server has all  of the  mappin

Enumerate about the Home Page and Hot Links Home Page: The primary Web page for an individual or organisation. These pages link to other related pages. Hot Links: A co