Skip to Content
Apache: The Definitive Guide, 3rd Edition
book

Apache: The Definitive Guide, 3rd Edition

by Ben Laurie, Peter Laurie
December 2002
Intermediate to advanced
588 pages
25h 57m
English
O'Reilly Media, Inc.
Content preview from Apache: The Definitive Guide, 3rd Edition

Separate Networks

A more extreme firewall implementation involves using separate networks. In essence, you have two packet filters and three separate, physical, networks: Inside, Inbetween (often known as Demilitarized Zone [DMZ]), and Outside (see Figure 11-1). There is a packet-filter firewall between Inside and Inbetween, and between Outside and the Internet. A nonrouting host,[6] known as a bastion host, is situated on Inbetween and Outside. This host mediates all interaction between Inside and the Internet. Inside can only talk to Inbetween, and the Internet can only talk to Outside.

Bastion host configuration
Figure 11-1. Bastion host configuration

[6] Nonrouting means that it won’t forward packets between its two networks. That is, it doesn’t act as a router.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Tomcat: The Definitive Guide, 2nd Edition

Tomcat: The Definitive Guide, 2nd Edition

Jason Brittain, Ian F. Darwin
HTTP: The Definitive Guide

HTTP: The Definitive Guide

David Gourley, Brian Totty, Marjorie Sayer, Anshu Aggarwal, Sailu Reddy
Learning Apache Tomcat
Nginx HTTP Server - Fourth Edition

Nginx HTTP Server - Fourth Edition

Martin Bjerretoft Fjordvald, Nedelcu

Publisher Resources

ISBN: 0596002033Supplemental ContentErrata Page