a computer system that is exposed to attack, and may be a critical component in a network security system
a computer that is exposed to attack to it's position in the corporate network
a computer that is fully exposed to attack
a dual-homed device (a device with two network interfaces)
a gateway between an inside network and an outside network
a gateway computer that runs firewall software and is situated between a trusted network and an untrusted network
a secured computer that allows an untrusted network (such as the Internet) access to a trusted network (your internal network)
a secure host that supports a limited number of applications for use by outsiders
a server computer that is allowed to be addressed directly from the public network and is designed to screen the rest of its network from security exposure
a system identified by the firewall administrator as a critical strong point in the network's security
a system that is placed on the public side of the DMZ, and thus exposed to attack, but which is fortified to the extent possible to avoid being compromised
A bastion host has been hardened in anticipation of vulnerabilities that have not been discovered yet.
A secure computer that forms part of a security firewall and runs applications that communicate with computers outside an organization. (See Firewall).
A system that has been hardened to resist attack, and which is installed on a network in such a way that it is expected to potentially come under attack. Bastion hosts are often components of firewalls, or may be ``outside'' web servers or public access systems. Generally, a bastion host is running some form of general purpose operating system (e.g., Unix, VMS, NT, etc.) rather than a ROM-based or firmware operating system.
A specific host that is used to intercept packets entering or leaving a network. and the system that any outsider must ordinarily connect with to access a system or service that is inside the network s firewall. Typically the bastion host must be highly secured because it is vulnerable to attack due to its placement. See dual-homed gateway.
A computer system that must be highly secured because it is vulnerable to attack, usually because it is exposed to the Internet and is a main point of contact for users of internal networks. It gets its name from the highly fortified projects on the outer walls of medieval castles. Bastions overlook critical areas of defense, usually having strong walls, room for extra troops, and the occasional useful tub of boiling hot oil for discouraging attackers.
Another term for a firewall.
A computer placed outside a firewall to provide public services (such as World Wide Web access and FTP) to other Internet sites, hardened to withstand whatever attacks the Internet can throw at it. Hardening is accomplished by making the box as single-purpose as possible, removing all unneeded services and potential security vulnerabilities. Bastion host is sometimes inaccurately generalized to refer to any host critical to the defense of a local network.
A type of firewall deployment where all traffic between two networks is directed through the security-hardened host.
Typically a firewall implemented on top of an operating system that has been specially configured and hardened to be resistant to attack.
A bastion host is a computer on a network that provides a single entrance and exit point to the Internet from the internal network and vice versa.