What is a Bastion Host? Answers from an IT Consultant
Many computer terms are fast becoming familiar to the public, but few non-specialists will have heard of bastion hosts. A bastion host is a networked computer that has been configured in special ways so that it will be able to resist cyber attacks and intrusions. Such a computer usually hosts only one application. For example, it is common for a proxy server to consist of a bastion host. The term itself comes from computer scientist Marcus J. Ranum, who was writing about the function of firewalls when he explained that bastion hosts would need “some degree of extra attention paid to their security, may undergo regular audits, and may have modified software.”
Here's everything you need to know about leveraging a bastion host:
Why Have a Bastion Host?
A computer that is a bastion host will serve a special purpose that requires it to reside outside a company’s firewall. A bastion host is the type of computer used to communicate with other systems, networks, or computers that are untrusted. Since its role in the organization and its place outside the company firewall make the bastion host a likely target for attacks, steps are taken to reduce the likelihood of a successful attack.
Securing a Bastion Host
In order to make an attack less feasible, a bastion host will typically host only the services needed for it to carry out its primary mission. All other services are removed in its entirety, or are severely limited. These precautions reduce the likelihood that a threat can successfully be leveraged against the computer. If you're looking for a different class of outsourced IT service, our experts can help. From cloud computing to compliance, we can customize IT solutions to meet your unique business needs. For more information, please reach out to iCorps for a free consultation.