Firewall architectures-screened subnet architecture, Computer Network Security

Screened Subnet Architecture

This setup provides an extra security layer to screened host architecture by creating a perimeter subnet which further isolates internal network from the Internet.In this architecture two screening routers and a single screening host is used. Both routers are connected to create the perimeter subnet also called Demilitarized Zone (DMZ). Screening host sits in this subnet between two routers. One router is facing the Internet and other is facing local network. Now to break into the internal network an attacker has to pass through both the routers. Even if it breaks through screening host it still has to pass through the internal router. The DMZ could also contain all information servers, modem pools and other systems that require careful controlled access.


•    Provides maximum depth of defense
•    Local network can provide services to outside without compromising to inside
•    Much flexible than previous solutions


•    Costly as compared to other architectures
•    Much complex and requires very careful configuration between guarding machines

Posted Date: 9/13/2012 5:52:57 AM | Location : United States

Related Discussions:- Firewall architectures-screened subnet architecture, Assignment Help, Ask Question on Firewall architectures-screened subnet architecture, Get Answer, Expert's Help, Firewall architectures-screened subnet architecture Discussions

Write discussion on Firewall architectures-screened subnet architecture
Your posts are moderated
Related Questions
In Star topology all computers are connected using a central device known as hub. Star networks are one of the most general computer network topologies. In its simplest way, a

For this assignment you will create a program called MMWordFix (Multi-Mode WordFix). This program prompts the user to select one of three word filters (uppercase, lowercase, encryp

Question (a) Inspect the following ifconfig output of an IPv6 interface: i. What is the hidden Hardware Address of the interface on Line #1? ii. What is the hidden subn

QUESTION: (a) For the bit stream 010011, sketch the waveforms for each of the code indicated. Assume that the signal level for a space in NRZ-L is positive; the signal level f

QUESTION: (a) Briefly explain the steps involved in Network Simplex Method. (b) What data structures you would expect in the Network Simplex Method. Show the data struct

Problem 1: a) One of the limitations of file processing systems is data inconsistency. Briefly explain with the help of an example what do you understand by this phrase. b)

VIRTUAL PACKETS These data packets serve same reason in Internet as frames on LAN. Every packet has a header. Routers, which are normally gateways, transfer packets between ph

Question: (a) A Wireless Mesh Network (WMN) is a communications network made up of radio nodes organized in a mesh topology. i. Describe the function of a TAP in WMNs. ii.

Host-Based IDS A host-based IDS (HIDS) resides on a particular computer or server and monitors activity only on that system. HIDS also called as system integrity verifiers as th