Firewall architectures-screened subnet architecture, Computer Network Security

Screened Subnet Architecture


This setup provides an extra security layer to screened host architecture by creating a perimeter subnet which further isolates internal network from the Internet.In this architecture two screening routers and a single screening host is used. Both routers are connected to create the perimeter subnet also called Demilitarized Zone (DMZ). Screening host sits in this subnet between two routers. One router is facing the Internet and other is facing local network. Now to break into the internal network an attacker has to pass through both the routers. Even if it breaks through screening host it still has to pass through the internal router. The DMZ could also contain all information servers, modem pools and other systems that require careful controlled access.


Advantages


•    Provides maximum depth of defense
•    Local network can provide services to outside without compromising to inside
•    Much flexible than previous solutions


Disadvantages


•    Costly as compared to other architectures
•    Much complex and requires very careful configuration between guarding machines

Posted Date: 9/13/2012 5:52:57 AM | Location : United States







Related Discussions:- Firewall architectures-screened subnet architecture, Assignment Help, Ask Question on Firewall architectures-screened subnet architecture, Get Answer, Expert's Help, Firewall architectures-screened subnet architecture Discussions

Write discussion on Firewall architectures-screened subnet architecture
Your posts are moderated
Related Questions
Question requires you to produce a pcap file from a Wireshark capture.  In addition, you must include a screen capture of Wireshark and some specific information regarding the fram

How does the POP functions? What are the advantages/benefits of IMAP over POP? POP stands for Post Office Protocol, version 3 (POP3) is one of the easiest message access protoc

Using the selected approach, you should then conduct an audit or review of the information security issues associated with the use of computing facility and report on the findings.

Base lining •    Organizations do not have any contact to each other •    No two organizations are identical to each other •    The best practices are a moving target •    K

BUS TOPOLOGY In a bus topology all devices are attached to a single long cable and any device can send data to any other device. For this function, coordination is needed to d

how to form the trojan integrated cirucit and what are the tools are used to simulate the ciruit to our system and how to pass it as input to the clustering algorithm to get the ou

Network Virtual Terminal It is a set of principles describing a very simple virtual terminal interaction. The NVT is needed in the start of a Telnet session. Communication wit

I am ryan, i am looking for data security and network assignment help, Do you have experts in data security?

(a) (i) If m = p·q·r where p, q, and r are prime numbers, what is Φ(m)? (ii) Therefore, Determine Φ(440). (b) Describe the following terms as used in cryptography: (i)

Ask question #Minimum 100 words are there non parasitic viruses