- Posts: 2
- Thank you received: 0
WHAT is Application inspection ???
20 years 5 months ago #4468
by NutE
WHAT is Application inspection ??? was created by NutE
hi guys,
i have a pix 525 firewall... i've been reading about it .. and i reached the "application inspection" part which i can't quite understand it's use.!!!!
can anyone explain it in a simple understandable way???
NutE, Over and Out !!!!
i have a pix 525 firewall... i've been reading about it .. and i reached the "application inspection" part which i can't quite understand it's use.!!!!
can anyone explain it in a simple understandable way???
NutE, Over and Out !!!!
20 years 5 months ago #4480
by TheBishop
Replied by TheBishop on topic Application Inspection
Basically it's a set of application-specific proxies on your firewall. So rather than just making firewall decisions based on IP address or port etc, the firewall "understands" the application-layer protocol being used and knows what is normal behaviour during an HTTP or FTP or SMTP transaction and so will enforce the rules. This means it can detect and block some types of attack that a normal firewall would miss. Also, because it is a proxy, it sits between the sender and recipient, intercepting then passing on the requets and replies at an application level. This in itself adds security too. Many of the higher-end firewall products provide application proxy facilites you can turn on or off as required. The label "Application Inspection firewall" in essence just describes a firewall with those kind of facilities in it's arsenal
Hope that helps...
Hope that helps...
20 years 5 months ago #4500
by NutE
Replied by NutE on topic Re: WHAT is Application inspection ???
thanks man .. that was really helpfull
20 years 5 months ago #4508
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: WHAT is Application inspection ???
TheBishop is right.. basically you have different filtering devices that work at different levels of the OSI model.. for example a router with ACL's is a simple packet filter operating at the network level.. a stateful inspection firewall which understands TCP will be a circuit level gateway and will control traffic at the transport layer.. then you have application proxies.. which will handle your mail / ftp / http etc and understand the protocol so you can filter based on criteria within that protocol right at the application level itself.
Cheers,
Cheers,
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Time to create page: 0.120 seconds