Section 5.3.2 of DISA's Unified Capabilities Requirements (UCR) (.pdf) gives guidance on dual-homed servers, which are servers with two network interface cards (NICs)often used in devices that need a secure internal network, as well as access to the Internet or a broader, less secure WAN. However, the SCADA best practice rejects using a dual-homed server as a segregation device. So, ideally, it's best to avoid a dual-homed setup.
A dual-homed configuration is dependent on the operating system (OS) providing separation between the respective networks that the dual-homed device bridges, but this can be easily -- and is commonly -- overridden by an application. Thus, any worm or virus infections on a dual-homed server will leave both networks vulnerable.
It's better to enforce network separation using a dedicated filtering device (e.g., a firewall)than leveraging software-based methods, such as relying on a dual-homed system's OS. Unless the two NICs on the server are set up for redundancy, dual -homed configurations are generally avoided.
This was first published in February 2011