A bastion host is a specialized computer that
is deliberately exposed on a public network. From a secured network
perspective, it is the only node exposed to the outside world and is therefore
very prone to attack. It is placed outside the firewall in single firewall
systems or, if a system has two firewalls, it is often placed between the two
firewalls or on the public side of a demilitarized zone (DMZ).
The bastion host processes and filters all
incoming traffic and prevents malicious traffic from entering the network,
acting much like a gateway. The most common examples of bastion hosts are mail,
domain name system, Web and File Transfer Protocol (FTP) servers. Firewalls and
routers can also become bastion hosts.
Posts
0 comments:
Post a Comment