You want to use a packet firewall to protect the Hospital network but you are hesitant to choose the right location among the following: putting it on the web server at DMZ, putting it along with the IDS server, putting it on the screened subnet with DMZ, or putting it on the domain boundary. Recommend the right answer with justification as to why or why not.
Option-c
Putting the packet firewall on the screened subnet with DMZ(Demilitarized Zone)
Screened subnet firewall(triple homed firewall) is more secured and to break this the intruder have to bypass through two screening routers.
DMZ has hosts which aren't protected by Screening router so, A screened subnet is used as it is located behind the screening router and if we put firewall at this point then the there is no possibility of untrusted hosts entering into the network.The two screening routers are called access router(external router) and choke router(internal router)
Get Answers For Free
Most questions answered within 1 hours.