Firewall architectures-screened subnet architecture, Computer Network Security

Screened Subnet Architecture


This setup provides an extra security layer to screened host architecture by creating a perimeter subnet which further isolates internal network from the Internet.In this architecture two screening routers and a single screening host is used. Both routers are connected to create the perimeter subnet also called Demilitarized Zone (DMZ). Screening host sits in this subnet between two routers. One router is facing the Internet and other is facing local network. Now to break into the internal network an attacker has to pass through both the routers. Even if it breaks through screening host it still has to pass through the internal router. The DMZ could also contain all information servers, modem pools and other systems that require careful controlled access.


Advantages


•    Provides maximum depth of defense
•    Local network can provide services to outside without compromising to inside
•    Much flexible than previous solutions


Disadvantages


•    Costly as compared to other architectures
•    Much complex and requires very careful configuration between guarding machines

Posted Date: 9/13/2012 5:52:57 AM | Location : United States







Related Discussions:- Firewall architectures-screened subnet architecture, Assignment Help, Ask Question on Firewall architectures-screened subnet architecture, Get Answer, Expert's Help, Firewall architectures-screened subnet architecture Discussions

Write discussion on Firewall architectures-screened subnet architecture
Your posts are moderated
Related Questions
You are hired as a consultant to help design a digital library in which books are scanned and stored digitally and made available to users of the World Wide Web. Assume that the li

Social Network development in Java: Project Title: SUGGESTLOCAL (Nov 2006-April 2007) Role             : Developer Domain        : Social Network Client          :

Benchmarking An alternative approach to risk management is Benchmarking. It is process of seeking out and studying practices in other organizations which one’s own organization de

Question : (a) How does a 2-key rollover differ from the N-key rollover? (b) Why is isolation so important in interfacing? (c) Explain what is software debouncing.

a. PKI and PGP are two methods for generating and managing public keys for use in protocols such as secure email. Compare and contrast the trust models for public keys used in PKI

Question: a) Give two reasons why the building-block approach is favoured to the traditional network design approach. b) With reference to network monitoring parameters, dis

DEPLOYMENT AND IMPLEMENTING OF AN IDS The strategy for deploying IDS should consider various factors. These factors will determine the number of administrators required to insta

IPV6 NEXT HEADER It is given in the figure below:

Problem (a) Distinguish between passive and active attacks. (b) Give two reasons why it is important to organise security awareness programs for users. (c) Describe how

Attacker's Motives behind the Cyber Attack Before adapting the necessary measures to deal with the problem, understanding and evaluating the blogger's psyche and his motivation