Alan Freedman -- The Computer Language Company - Computer Desktop Encyclopedia
Computer Desktop Encyclopedia
Longest-Running Tech Reference on the Planet

A CDE Definition

You'll love The Computer Desktop Encyclopedia (CDE) for Tech Term of the Day (TTOD)


bastion host

A computer system in a network that is fortified against illegal entry and attack, because it is exposed to the outside world (the Internet). Bastion hosts are used for services such as website hosting, mail, DNS lookups and FTP transfer and are located on the public side of a perimeter net (DMZ). The name comes from medieval fortresses built with bastions, which were projections out from the wall that enabled more men to gather behind in order to shoot their arrows. See firewall.

Bastion Hosts in a Firewall
In this "screened subnet" firewall architecture, several bastion hosts reside in their own perimeter net, which is protected by screening routers on both ends.


The primary method for keeping a computer secure from intruders. A firewall allows or blocks traffic into and out of a private network or the user's computer. Firewalls are widely used to give users secure access to the Internet as well as to separate a company's public Web server from its internal network. Firewalls are also used to keep internal network segments secure; for example, the accounting network might be vulnerable to snooping from within the enterprise.

In the home, a personal firewall typically comes with or is installed in the user's computer (see Windows Firewall). Personal firewalls may also detect outbound traffic to guard against spyware, which could be sending your surfing habits to a website. They alert you when software makes an outbound request for the first time (see spyware).

In the organization, a firewall can be a stand-alone machine (see firewall appliance) or software in a router or server. It can be as simple as a single router that filters out unwanted packets, or it may comprise a combination of routers and servers each performing some type of firewall processing. For more about the various firewall techniques, see firewall methods.

An Excellent Resource
O'Reilly's "Building Internet Firewalls, 2nd Edition" by Zwicky, Cooper and Chapman is one of the best books written on Internet and Web security. It covers a huge range of firewall and related topics and should be a "must have" for anyone interested in the subject. (O'Reilly & Associates, Inc., 2000, ISBN 1-56592-871-7)

Personal Use Only

Before/After Your Search Term
baselining toolbastion server
bash shellBAT
bashtaggingBAT file
BASICBat keyboard
basic cellbatch
basic diskbatch control
basic encoding rulesbatch data entry
BASIC in ROMbatch environment
Basic Ratebatch file
BASIC Stampbatch file abc's

Terms By Topic
Click any of the following categories for a list of fundamental terms.
Computer Words You Gotta KnowSystem design
Job categoriesUnix/Linux
Interesting stuffPersonal computers
InternetIndustrial Automation/Process Control
Communications & networkingAssociations/Standards organizations
HistoryDesktop publishing
ProgrammingHealthcare IT
System design