 - A screened subnet (also known as a "triple-homed firewall") is a network architecture that uses a single firewall with three network interfaces.
- Interface 1 is the public interface and connects to the Internet.
- Interface 2 connects to a DMZ (demilitarized zone) to which hosted public services are attached.
- Interface 3 connects to an intranet for access to and from internal networks.
Even if the firewall itself is compromised, access to the intranet should not be available, as long as the firewall has been properly configured.
The purpose of the screened subnet architecture is to isolate the DMZ and its publicly-accessible resources from the intranet, thereby focusing external attention and any possible attack on that subnet. The architecture also separates the intranet and DMZ networks, making it more difficult to attack the intranet itself. When a properly configured firewall is combined with the use of private IP addresses on one or both of these subnets, attack becomes that much more difficult.
| LAST UPDATED: |
05 Feb 2008
|
 |
Read more about screened subnet:
|
|
Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com
|
 |
 |
| |
RELATED GLOSSARY TERMS
| Terms from Whatis.com − the technology online dictionary |
 |
bastion host
(SearchSecurity.com)
|
|
firewall
(SearchSecurity.com)
A firewall is a set of related programs, located at a network gateway server, that protects the resources of a private network from users from other...
|
|
|
