• Title/Summary/Keyword: 듀얼-홈드 게이트웨이

Search Result 3, Processing Time 0.015 seconds

Implementation of Hybrid Firewall System (혼합형 방화벽 시스템 구현 연구)

  • Jung, Ji-Moon; Woo, Sung-Gu;Lee, Syng-Ho;Choi, Sung
    • Proceedings of the Korea Database Society Conference
    • /
    • 2000.11a
    • /
    • pp.364-367
    • /
    • 2000
  • 본 논문은 스크리닝 라우터에서 패킷 필터 규칙을 통과한 모든 트래픽이 베스쳔 호스트로 전달되도록 스크린드 호스트 게이트웨이를 사용하였으며, 스크린드 호스트 게이트웨이의 단점인 스크리닝 라우터의 경로정보가 내부 네트워크로 직접 전달되지 않도록 듀얼-홈드 게이트웨이를 사용하였다. 듀얼-홈드 게이트웨이에서는 두 개의 네트워크 인터페이스간에 트래픽이 직접 전달되지 않기 때문에 응용 게이트 웨이 서버를 통해서 트래픽이 전달되고 모든 접속기록이 베스쳔 호스트에 기록되도록 하였다. 또한 외부 네트워크와 내부 네트워크 사이에 완충지역인 DMZ를 두어 공개 서버를 사용하기 쉽게 구현하여, 스크리닝 라우터와 스크린드 호스트 게이트웨이의 문제점을 해결하는 효과적인 혼합형 방화벽 모델을 제안하고자 한다.

  • PDF

An Implementation of Firewall System Supporting High Speed Data Transmission in 3-tier Client/server Systems (3계층 클라이언트/서버 시스템의 고속 전송 침입 차단 시스템 구현)

  • 홍현술;정민수;한성국
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.5 no.7
    • /
    • pp.1361-1373
    • /
    • 2001
  • In the firewall systems of 3-tier client/server systems, in general, data transmission speed is declined rapidly according to the duplicated proxy services in application server and fire wall server. In this paper, an application server configuration containing the proxy functions of firewall system is proposed so that the high speed data transmission can be achieved. The proposed application server can form the dual-homed gateway by means of the additional network interface card. The screened router of application server forms the screened subnet gateway that can separate the internal network. The proposed server configuration is more effective in traffic control than the traditional firewall systems and provides high speed data transmission with the functions of firewall. It can be also cost-effective alternative to the firewall system.

  • PDF

Implementation of Hybrid Firewall System for Network Security (전산망 보호를 위한 혼합형 방화벽 시스템 구현)

  • Lee, Yong-Joon;Kim, Bong-Han;Park, Cheon-Yong;Oh, Chang-Suk;Lee, Jae-Gwang
    • The Transactions of the Korea Information Processing Society
    • /
    • v.5 no.6
    • /
    • pp.1593-1602
    • /
    • 1998
  • In this paper, a hybrid firewall system using the screening router, dual-homed gateway, screened host galeway and the application level gateway is proposed, The screened host gateway is comjXlsed of screening router, DMZ and bastion host. All external input traffics are filtered by screening router with network protrcol filtering, and transmitted to the bastion host performing application level filtering, The dual homed gateway is an internlediate equipment prohibiting direct access from external users, The application level gateway is an equipment enabling transmission using only the proxy server. External users can access only through the public servers in the DMZ, but internal users can aeee through any servers, The rule base which allows Telnet only lo the adrnilllslratol is applied to manage hosts in the DMZ According to the equipmental results, denial of access was in orderof Web. Mail FTP, and Telnet. Access to another servers except for server in DMZ were denied, Prolocol c1mials of UDP was more than that of TCP, because the many hosts broadcasted to networds using BOOTP and NETBIOS, Also, the illegal Telnet and FTP that transfer to inside network were very few.

  • PDF