Firewall architectures-screened subnet architecture, Computer Network Security

Screened Subnet Architecture


This setup provides an extra security layer to screened host architecture by creating a perimeter subnet which further isolates internal network from the Internet.In this architecture two screening routers and a single screening host is used. Both routers are connected to create the perimeter subnet also called Demilitarized Zone (DMZ). Screening host sits in this subnet between two routers. One router is facing the Internet and other is facing local network. Now to break into the internal network an attacker has to pass through both the routers. Even if it breaks through screening host it still has to pass through the internal router. The DMZ could also contain all information servers, modem pools and other systems that require careful controlled access.


Advantages


•    Provides maximum depth of defense
•    Local network can provide services to outside without compromising to inside
•    Much flexible than previous solutions


Disadvantages


•    Costly as compared to other architectures
•    Much complex and requires very careful configuration between guarding machines

Posted Date: 9/13/2012 5:52:57 AM | Location : United States







Related Discussions:- Firewall architectures-screened subnet architecture, Assignment Help, Ask Question on Firewall architectures-screened subnet architecture, Get Answer, Expert's Help, Firewall architectures-screened subnet architecture Discussions

Write discussion on Firewall architectures-screened subnet architecture
Your posts are moderated
Related Questions
what is computer network?

Question: a) What do you meant by Privacy? b) Name the four privacy violations. c) Often, aggregate information and anonymized information can be combined to identif

Problem a) Give three reasons why traditional Network Design approach is less appropriate for many of today's networks? b) The network requires of users are organized into m

Problem (a) The IEEE 802 series of standards describe both the Physical and Data Link layers of their respective technologies. Two important standards are 802.3 and 802.5, respect

Question: (a) Your office administrator is being trained to take server backups. Which authorization model could be ideal for this situation: MAC, DAC or RBAC? Justify your a

A  half-duplex (HDX) system gives communication in both directions, but only one direction at a time. Hardly, once a party stats receiving a signal, it must need for the transmi

Elements of Cryptosystems Cryptosystems is characteristically made up of algorithms, data handling techniques, and procedures which are combined in multiple ways to ensure confi

Question: (a) Explain the following terms: Information Communication Technology, Operating System and Application Software. (b) Define what a computer is, give four anatomi

Question : (a) How does a 2-key rollover differ from the N-key rollover? (b) Why is isolation so important in interfacing? (c) Explain what is software debouncing.

Probelm 1: Give the History and Evolution of Wireless Communication System. Complete explanation Probelm 2: Describe the process of Components Identification and cal