Figure 1.13reviews the traffic flow in a network containing a bastion host and a
single firewall.This network configuration does not produce a DMZ;the protection
of the bastion host is configured individually on the host and requires extreme care
in setup.Inbound traffic from the untrusted network or the bastion host is dropped
at the firewall,providing protection to the internal network.Outbound traffic from
the internal network is allowed.
www.syngress.com
38Chapter 1 • Networking, Security, and the Firewall
Router
Hardware
or
Software
Firewall
Untrusted
or
Internet
LAN
...Inbound
Traffic...
---Outbound Traffic--
--
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month, and much more.