TAILIEUCHUNG - Dual-Firewall Architecture

The dual-firewall architecture is more complex than the single-firewall architecture, but it is also a more secure overall design and provides for a much more granular level of control over traffic traversing the firewalls | Dual-Firewall Architecture The dual-firewall architecture is more complex than the single-firewall architecture but it is also a more secure overall design and provides for a much more granular level of control over traffic traversing the firewalls. This is because the architecture uses two firewalls ideally of different vendors and models to act as exterior and interior firewalls providing a DMZ segment between the two firewalls as shown in Figure 9-3. Like previous designs traffic is permitted into the DMZ segment as well as from the internal network to the external network but no traffic from the external network is permitted directly to the internal network. Figure 9-3. Dual-Firewall Architecture View full size image The granular control in a dual-firewall architecture comes from the fact that each firewall controls a subset of all the traffic entering and exiting a network. Because untrusted that is external traffic should never be allowed to directly access a trusted that is internal network the exterior firewall can be configured specifically to grant access to and from the DMZ segment and external systems. Similarly the interior firewall can be configured to grant access to and from the DMZ segment and internal resources. This allows for the creation of two distinct and independent points of control of all traffic into and out of all corporate network segments whether they are DMZ segments or internal network segments. When a dual-firewall architecture is implemented with different firewall models for example a Cisco PIX Firewall and a Microsoft ISA Server firewall you also gain additional security because an attacker would need to compromise two separate firewalls which will likely not be susceptible to the same attack methods to gain access to protected resources. In addition an attacker also needs to be knowledgeable in the workings of two different types of firewalls to tamper with the configurations. The downsides of a dual-firewall architecture relate

• An ninh - Bảo mật
• công nghệ thông tin
• an ninh
• bảo mật
• fire wall
• tường lửa
• Fire wall fundamentals
• Dual Firewall Architecture
• Dự thảo về Công nghệ thông tin
• Phát triển Công nghệ thông tin
• Ngành công nghiệp công nghệ thông tin
• Mục tiêu phát triển công nghệ thông tin
• Luật công nghệ thông tin
• Quản trị dự án công nghệ thông tin
• Ý tưởng dự án công nghệ thông tin
• Hoạch đinh chiến lược
• Tổ chức dự án
• Quản trị dự án công nghệ thông tin
• Lập kế hoạch dự án
• Quy trình quản lý dự án
• Ứng dụng công nghệ thông tin
• Công nghệ thông tin trong dạy tin học
• Thiết kế bài giảng điện tử
• Kỹ thuật chèn hình
• Kỹ thuật tạo hiệu ứng
• Cách làm slide thuyết trình
• Hiệu ứng Powerpoint
• tin học
• mạng
• internet
• web
• quản trị mạngcông nghệ thông tin
• quản trị mạng