Firewall architectures-dual homed host architecture, Computer Networking

Assignment Help:

Dual Homed Host Architecture

This setup consists of a host machine with two or more IP addresses for each of its physical port. One port is connected to intranet and other to the Internet. These ports act as its two way interfaces. Data forwarding through IP address is blocked on this machine thus there is no direct communication between local network and the Internet .


The communication between local network and the Internet occurs in either of two ways:
•Local network users are given accounts on the Dual Homed Host machine. In order to access the Internet they must login on the host  machine
•Host machine runs a proxy program for each permitted service. Users can access the Internet through this proxy application. In this case login is not always required


 Advantages


•    More secure than Screening Router scheme
•    Provides better access control


 Disadvantages


•    Since packet forwarding is disabled, a proxy must exist for all services that pass through host machine
•    Not all services can have proxies and might require manual configuration or user input
•    Firewall performance is limited to the performance of the host machine
•    Only Dual Homed Host machine could be accessed from the Internet thus its security is at greater risk


Related Discussions:- Firewall architectures-dual homed host architecture

Which layer is responsible for coordinating communication , Which layer is ...

Which layer is responsible for coordinating communication between systems Ans) The Session layer performs the following: Responsible for establishing and maintaining connections

Filtering incoming frames, FILTERING INCOMING FRAMES: An analyzer may ...

FILTERING INCOMING FRAMES: An analyzer may be configured to process and filter frames. It may count frames of a specific size or type. It may also shows only frames from or to

link layer - computer network, Link Layer To move  to packet  from o...

Link Layer To move  to packet  from one node( host  or packet swtich0 to  net node  in the  route the network  layer  relies  on the  services  of the link layer. Particularl

Snort deployed in the dmz network, Let's consider the network shown in Figu...

Let's consider the network shown in Figure 1 where Snort is deployed. In Figure 1, why is Snort deployed in the DMZ instead of the Internal Network? In Figure 1, say True or

Assigment, what the domain name of 128.252.160.2000

what the domain name of 128.252.160.2000

Ip checksum, This code properly implements the IP checksum function on a 32...

This code properly implements the IP checksum function on a 32-bit machine: unsigned short cksum(unsigned short *buf, int count) { unsigned long sum = 0; while (count--) { sum += *

What is meant by transparency, Transparency really means adumbrating the ne...

Transparency really means adumbrating the network and its servers from the users and even the application programmers.

Three main functions at layer three of the osi model, Identify the 3 major ...

Identify the 3 major functions at layer 3 of the OSI model Ans) Layer three explains the path, forwards the packet and executes software / logical addressing.

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd