Firewall architectures-dual homed host architecture, Computer Networking

Assignment Help:

Dual Homed Host Architecture

This setup consists of a host machine with two or more IP addresses for each of its physical port. One port is connected to intranet and other to the Internet. These ports act as its two way interfaces. Data forwarding through IP address is blocked on this machine thus there is no direct communication between local network and the Internet .


The communication between local network and the Internet occurs in either of two ways:
•Local network users are given accounts on the Dual Homed Host machine. In order to access the Internet they must login on the host  machine
•Host machine runs a proxy program for each permitted service. Users can access the Internet through this proxy application. In this case login is not always required


 Advantages


•    More secure than Screening Router scheme
•    Provides better access control


 Disadvantages


•    Since packet forwarding is disabled, a proxy must exist for all services that pass through host machine
•    Not all services can have proxies and might require manual configuration or user input
•    Firewall performance is limited to the performance of the host machine
•    Only Dual Homed Host machine could be accessed from the Internet thus its security is at greater risk


Related Discussions:- Firewall architectures-dual homed host architecture

Explain how the LAN model be developed, Explain how the lan model be develo...

Explain how the lan model be developed The LAN model can be developed incrementally. If LAN is just a long cable. it cannot be brought down by single failure (if servers are re

Explain the Physical layer, Explain the Physical layer The Physical lay...

Explain the Physical layer The Physical layer of the OSI model sets standards for sending and receiving electrical signals among devices. It explains how digital data (bits) ar

Application layer - fundamentals of networks, Application Layer The ap...

Application Layer The application layer provides  an  interface between  application  entities and the  users computer. This layer offers services to a variety of aspects of d

Definition of csma/cd, Definition of CSMA/CD CSMA/CD (Carrier Sense Mu...

Definition of CSMA/CD CSMA/CD (Carrier Sense Multiple Access with Collision Detection) is used to minimize collisions, coordinate traffic and maximize number of frames deliver

Error detection in lrc - performance, LRC - Performance Detects ev...

LRC - Performance Detects every burst errors up to length n (number of columns) If two bits in one data unit are damaged as well as two bits in exactly same positions

Describe in a generic manner the packet of ipsec, Can you describe in a gen...

Can you describe in a generic manner the packet of IPSec

What is the terminal emulation, What is the Terminal Emulation, in which la...

What is the Terminal Emulation, in which layer it comes? Ans) The use of software, installed on PC or LAN server, that permits the PC to function as if it were dumb terminal dir

Bit stream structure, In OSI 7 layer model, a header, or possibly a trailer...

In OSI 7 layer model, a header, or possibly a trailer, can be added to the data unit at each layerI 7 layer, but we will define a simple virtual packet which contains only 8bit dat

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd