Firewall architectures-dual homed host architecture, Computer Networking

Assignment Help:

Dual Homed Host Architecture

This setup consists of a host machine with two or more IP addresses for each of its physical port. One port is connected to intranet and other to the Internet. These ports act as its two way interfaces. Data forwarding through IP address is blocked on this machine thus there is no direct communication between local network and the Internet .


The communication between local network and the Internet occurs in either of two ways:
•Local network users are given accounts on the Dual Homed Host machine. In order to access the Internet they must login on the host  machine
•Host machine runs a proxy program for each permitted service. Users can access the Internet through this proxy application. In this case login is not always required


 Advantages


•    More secure than Screening Router scheme
•    Provides better access control


 Disadvantages


•    Since packet forwarding is disabled, a proxy must exist for all services that pass through host machine
•    Not all services can have proxies and might require manual configuration or user input
•    Firewall performance is limited to the performance of the host machine
•    Only Dual Homed Host machine could be accessed from the Internet thus its security is at greater risk


Related Discussions:- Firewall architectures-dual homed host architecture

Write the statement which is true regarding full duplex, Allows for transmi...

Allows for transmission and receiving of data concurrently

Describe in brief about tree topology, Tree topology Comments 1 -...

Tree topology Comments 1 - This features star nodes on a bus network 2 - All the disadvantages and advantages of both types of networks described above apply to this s

Illustrate error detection-simple parity check, Q. Illustrate Error Detecti...

Q. Illustrate Error Detection-Simple Parity Check? Error Detection-Simple Parity Check A redundant bit called as Parity Bit? is added to every data unit. Even Pa

Achieving universal services, The purpose of internetworking is universal s...

The purpose of internetworking is universal service across heterogeneous networks. To give this service all computers, and routers have to agree to forward information from a sourc

Transmission robustness and security, Transmission robustness and security ...

Transmission robustness and security Unless properly designed, a wireless LAN might be interference prone and simply eavesdropped. The design of a wireless LAN must allow relia

Media, explain history of internet?

explain history of internet?

Describe physical layer in osi layers model, Q. Describe Physical Layer in ...

Q. Describe Physical Layer in OSI layers model? Physical Layer : Controls the transmission of the actual data onto the network. It describes the electrical signals, line state

Explain the multipath resistance, Explain the Multipath resistance The ...

Explain the Multipath resistance The chipping codes used for CDMA not only exhibit low cross-correlation but also low autocorrelation. Thus, a version of the signal that is del

Show the distribution of name space, Q. Show the Distribution of Name Space...

Q. Show the Distribution of Name Space? Distribution of Name Space --Information for domain name space must be stored on multiple servers (DNS servers) to be efficient

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd