Guidance on dual-homed server security

Learn more about how a dual-homed server operates, and what security restrictions it entails in this expert response from Anand Sastry.

Anand Sastry, Barclays

What is the guidance/instruction from DoD entities such as DISA on the subject of dual-homed (using two or more NIC cards) servers?

Section 5.3.2 of DISA's Unified Capabilities Requirements (UCR) (.pdf) gives guidance on dual-homed servers, which...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

are servers with two network interface cards (NICs)often used in devices that need a secure internal network, as well as access to the Internet or a broader, less secure WAN. However, the SCADA best practice rejects using a dual-homed server as a segregation device. So, ideally, it's best to avoid a dual-homed setup.

A dual-homed configuration is dependent on the operating system (OS) providing separation between the respective networks that the dual-homed device bridges, but this can be easily -- and is commonly -- overridden by an application. Thus, any worm or virus infections on a dual-homed server will leave both networks vulnerable.

It's better to enforce network separation using a dedicated filtering device (e.g., a firewall)than leveraging software-based methods, such as relying on a dual-homed system's OS. Unless the two NICs on the server are set up for redundancy, dual -homed configurations are generally avoided.

This was last published in February 2011

How to build a VMware lab setup for testing

host bus adapter (HBA)

What is SR-IOV and how can it be deployed on a virtualized server?

What is VMDq and what is needed to deploy it on a virtualized server?

Please create a username to comment.

Top 6 cloud security analytics use cases

McAfee: Attacks on cloud accounts up 630% during COVID-19

Use these CCSK practice questions to prep for the exam

Cisco acquisition of ThousandEyes has many user benefits

Wi-Fi vendors pitch people tracking for COVID-19 safety

5 things to know about MU-MIMO technology in Wi-Fi networks

Leaders discuss challenges, strategies for women in IT

14 tips for CIOs managing shadow IT activities

Top 2020 IT priorities hold fast amid COVID-19; spending takes hit

Ivanti updates its unified endpoint management

AMD's Ryzen, Epyc power surge in desktops, laptops, data centers

How SCIM can automate user provisioning

5 ways to reduce cloud costs

Confront cloud security challenges with these 5 tips

10 open source cloud security tools to know

Wireless Broadband Alliance calls for single global Wi-Fi network

Qualcomm aims to tap into Wi-Fi 6E with ‘world’s most advanced’ mobile wireless portfolio

Government launches IoT security funding round

Dig Deeper on Network device security: Appliances, firewalls and switches

How to build a VMware lab setup for testing

host bus adapter (HBA)

What is SR-IOV and how can it be deployed on a virtualized server?

What is VMDq and what is needed to deploy it on a virtualized server?

Related Q&A from Anand Sastry

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.