A bastion host is a special purpose computer on a network specifically designed and configured to withstand attacks. The computer generally hosts a single application, for example a proxy server, and all other services are removed or limited to reduce the threat to the computer. It is hardened in this manner primarily due to its location and purpose, which is either on the outside of a firewall or in a demilitarized zone (DMZ) and usually involves access from untrusted networks or computers.
A bastion host is a computer that is fully exposed to attack.
The firewalls and routers can be considered bastion hosts.
These are several examples of bastion host systems/services:
DNS (Domain Name System) server
FTP (File Transfer Protocol) server
VPN (Virtual Private Network) server
There are two common network configurations that include bastion hosts and their placement.
requires two firewalls, with bastion hosts sitting between the first “outside world” firewall, and an inside firewall, in a DMZ
only one firewall exists in a network, bastion hosts are commonly placed outside the firewall
http://biometauth.com/wp-content/uploads/2017/11/logo.png00Satish KARRYhttp://biometauth.com/wp-content/uploads/2017/11/logo.pngSatish KARRY2017-11-21 18:14:132017-11-21 18:14:13Authentication : What is a bastion host?