Networking / Beginners

Screened host

A screened host firewall architecture uses a host (called a bastion host) to which all outside hosts connect, rather than allowing direct connection to other, less secure, internal hosts. To achieve this, a filtering router is configured so that all connections to the internal network from the outside network are directed toward the bastion host.

Tip: If a packet-filtering gateway is to be deployed, then a bastion host should be set up so that all connections from the outside network go through the bastion host to prevent a direct Internet connection between the organization's network and the outside world.

[Previous] [Contents] [Next]

In this tutorial:

  1. Firewall Security Policy
  2. Firewall protection
  3. Firewall architectures
  4. Multi-homed host
  5. Screened host
  6. Screened subnet
  7. Types of firewalls
  8. Packet-filtering gateways
  9. Application gateways
  10. Hybrid or complex gateways
  11. Routing versus forwarding
  12. IP spoofing
  13. DNS and mail resolution
  14. Intranet
  15. Network trust relationships
  16. Virtual private networks
  17. Qualification of the firewall administrator
  18. Remote firewall administration
  19. Firewall backup
  20. System integrity
  21. Physical firewall security
  22. Firewall incident handling
  23. Upgrading the firewall
  24. Revision/update of firewall policy
  25. Examples of service-specific policies