[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference noted::seal

Title:SEAL
Moderator:GALVIA::SMITH
Created:Mon Mar 21 1994
Last Modified:Fri Jun 06 1997
Last Successful Update:Fri Jun 06 1997
Number of topics:1989
Total number of notes:8209

1753.0. "Dual-homed and screened subnet architecture?" by TENNIS::KAM (AltaVista Software 714/261-4133 DTN 535.4133) Sat Feb 01 1997 03:06

A customer was reading a book by Reilly and Associates and it indicates that
"It's OK to Use a Dual-homed Hosts and Screened Subnets" configuration as a
firewall.  They have indicated that this is the only discussion that they have
not included an illustration as an example.  

Therefore, he asked me if I knew what this architecture looked like.  They 
came up with this diagram that they thought the editors were talking about.

They included the following text:
"You can get significant increases in security by combining a dual-homed host
architecture with a screened subnet architecture.  To do this, split the
perimeter network and insert a dual-homed host.  The router provide protection
from forgery, and protect from failures where the dual-homed host starts to
route traffic.  The dual-homed host provides fine controls on the connections
than packet filtering.  This is a belt-and-suspenders firewall, providing
excellent multilayered protection, although it requires careful configuration
on the dual-homed host to be sure you're taking full advantage of the
possibilities." 

Customer wants to use this architecture to isolate a gambling system, it's
web-based, that they plan to put in the perimeter network.

Any ideas would be appreciated.

	Regards,


                         INTERNET
                           | |
                           | |
                   +=======| |=============================+
                   #       | |                             #
                   #     Screening                         #
                   #      Router            ftp/www host   #
                   #       | |                  | |        #
                   #       | |                  | |        #
                   #    ---+ +------------------+ +------  #
                   #            Perimeter Network          #
                   #    --------------+ +----------------  #
                   #                  | |                  #
                   #              Dual-homed               #
                   #                 Host                  #
                   # Firewall         | |                  #
                   +==================| |==================+
                                      | |
                                      | |
         -----------------------------+ +----------------------------
                              Internal Network
         --------+-------------------+----------------+------------
                 |                   |                |
                Host 1             Host 2           Host 2
T.RTitleUserPersonal
Name		DateLines