Firewall architectures-dual homed host architecture, Computer Networking

Assignment Help:

Dual Homed Host Architecture

This setup consists of a host machine with two or more IP addresses for each of its physical port. One port is connected to intranet and other to the Internet. These ports act as its two way interfaces. Data forwarding through IP address is blocked on this machine thus there is no direct communication between local network and the Internet .


The communication between local network and the Internet occurs in either of two ways:
•Local network users are given accounts on the Dual Homed Host machine. In order to access the Internet they must login on the host  machine
•Host machine runs a proxy program for each permitted service. Users can access the Internet through this proxy application. In this case login is not always required


 Advantages


•    More secure than Screening Router scheme
•    Provides better access control


 Disadvantages


•    Since packet forwarding is disabled, a proxy must exist for all services that pass through host machine
•    Not all services can have proxies and might require manual configuration or user input
•    Firewall performance is limited to the performance of the host machine
•    Only Dual Homed Host machine could be accessed from the Internet thus its security is at greater risk


Related Discussions:- Firewall architectures-dual homed host architecture

Firewalls - point to point, Firewalls After several  security  related ...

Firewalls After several  security  related internet  newsgroups  started overflowing  with posts it becomes  clear something  hand to done to help  secure  networks. The first

Define the term - frame and packets, Define the term - frame and packets ...

Define the term - frame and packets Frames sum up packets. When a packet arrives at data link layer, the complete packet, header, data and remaining all, is used as data field

DHCP, Describe DHCP concept

Describe DHCP concept

Filtering incoming frames, FILTERING INCOMING FRAMES: An analyzer may ...

FILTERING INCOMING FRAMES: An analyzer may be configured to process and filter frames. It may count frames of a specific size or type. It may also shows only frames from or to

Explain token passing -token ring, Token Passing - Token Ring (IEEE 802.5) ...

Token Passing - Token Ring (IEEE 802.5) Needs that station take turns sending data Token passing coordinates process Token is a especially formatted three-byte fr

Dynamic configuration and signaling, Dynamic Configuration int pvm...

Dynamic Configuration int pvm_addhosts( char **hosts, int nhost, int *infos ) Add hosts to the virtual machine. hosts is an array of strings naming the hosts to be

Show the network layer in an internetwork, Q. Show the Network layer in an ...

Q. Show the Network layer in an internetwork? - Receives data from Transport layer - Responsible for creating Packet - Each packet contains - Universal Address of Sour

Program for two library methods with thread , #include void subdomain(...

#include void subdomain(float x[ ], int istart, int ipoints) { int i; for (i = 0; i x[istart+i] = 123.456; } void sub(float x[ 10000], int npoints) {

Protocols and standards - cable network architecture, Q. Protocols and Stan...

Q. Protocols and Standards - Cable Network Architecture? - Essential in creating as well as maintaining an open and competitive market for equipment manufacturers and in guaran

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd