Firewall architectures-screened host architecture, Computer Networking

Screened Host Architecture


This architecture consists of two host machines: a Screening Router and a Screening Host. Screening Router is placed between a local network and the Internet. Its purpose is to block all direct communication between two networks. Only traffic that is allowed to pass through is that coming from the host machine and destined for the Internet or coming from the Internet and destined for the host machine.

Screened Host is the only machine that can be accessed from the Internet and usually runs proxy applications for allowed services. Other hosts on the intranet must connect to proxy service on the host machine in order to use the Internet.This architecture is more flexible than Dual Homed Host architecture. In this setup if a proxy application does not exist for some secure service it can be allowed to pass through the screening router directly to the client on the local network .

 Advantages


•Provides better security and filtering rules are simple
•Provides transparent outbound access and restricted inbound access


 Disadvantages


•If proxy application does not exist for some service logins have to be provided to the local users to use that service or to abandon that service completely
•If both host machines are not configured properly to work together it may leave holes in the firewall that can be exploited by the attacker

Posted Date: 9/13/2012 5:48:48 AM | Location : United States







Related Discussions:- Firewall architectures-screened host architecture, Assignment Help, Ask Question on Firewall architectures-screened host architecture, Get Answer, Expert's Help, Firewall architectures-screened host architecture Discussions

Write discussion on Firewall architectures-screened host architecture
Your posts are moderated
Related Questions
Network Service Model The network  service  model  defines  the characteristics of end to end  transport of data between  one edge of the  network  to the  other  that is betwe

Q. Resolution of domain name system? - Mapping a name to an address or else an address to a name - Resolver is a DNS client used by an address to provide mapping - In re

Operating System - Server and Client Various operating systems that support Intranets are all variants of Windows and Unix. In addition to these, certain other software releva

1. Introduction This document describes the research-based assignment for this module. This assignment consists of two parts: A formal report And a presentatio

Q. What do you understand by Protocol? Ans:  In the context of data networking, a protocol is a formal set of rules and conventions that governs how computers interchange infor

Uneven Load Distribution In the parallel computer, the problem is dividing into sub-problems and is assigned for computation to various processors. But sometimes the sub-probl

Define the term Socks- Network security As it is well known, each type of network security protects data at a different layer of the OSI model. Built-in at each layer lies the

Q. Describe OSI Routing Architecture? End systems (ESs) as well as intermediate systems (ISs) use routing protocols to distribute (-advertise?) some or all of the informati

With an object server, the Client/Server application is taken as a set of communicating objects. Client object commune with server objects using an Object Request Broker (ORB). The

Question: (a) What do you meant by the term ‘LAN'? How is a LAN different from a WAN? (b) Explain three types of cables which are commonly used with LANs. (c) Three com