A dual-homed host is a device with two active network connections, usually one to an IT network and one to an OT or ICS network. It can act as a bridge between otherwise separate environments, whether intentionally for administration and monitoring or accidentally through poor segmentation.
In cyber security, dual-homed hosts matter because they can become high-value pivot points. If an attacker compromises the device, they may move from office systems into engineering or control networks without needing a new exploit. This makes remote access servers, jump boxes, historians, and maintenance workstations especially sensitive in industrial environments. Defenders reduce risk by limiting what a dual-homed host can reach, enforcing strong authentication, logging all access, and isolating OT paths as much as possible. Good network design treats any bridge between IT and OT as a chokepoint that must be monitored and tightly controlled.



