- Posts: 11
- Thank you received: 0
Difference between proxy server n application level firewall
18 years 7 months ago #14488
by Arani
Picking pebbles on the shore of the networking ocean
Replied by Arani on topic Re: Difference between proxy server n application level firewall
Firewall: Firewall is a router (computer which is able to forward packets between two or more networks) with some restriction rules applied.
Most of current routers can be used as an easy firewall (most of routers allows to define restrictions). It applies by example to Cisco routers, Linux systems,... But real firewall is more complicated. It implements mechanisms to allow dynamically opened holes for incoming connections (for FTP sessions by example) and more....whereas
Proxy Server: Application proxy server is a computer which is able to handle requests in some communication protocols (HTTP,FTP,SOCKS,..). For each used protocol appropriate proxy service must be enabled.
Firewall: Firewall works on the packet level. It can apply rules on packets (by checking the source/destination IP address, source/destination port,...) to decide whether the packet will be forwarded or denied.....whereas
Proxy Server: Proxy works on application protocol level. They doesn't work on packet level so they can't forward packets.
Firewall: The client station have to be configured to use firewall as default gateway...whereas
Proxy Server: Applications on the client PC have to be configured to use proxy server to access Internet servers.
Firewall: If you disable the firewall (only the router works) all LAN station have direct and full Internet access.
You can imagine the firewall as a set of restrictive rules (all is enabled when these rules are inactive). So you can eliminate/change some rules to create a hole (range) of port by example....whereas
Proxy Server: If you disable proxy there is no way to connect from the LAN to the Internet servers.
Firewall: Services which use low-level TCP/IP protocols (ping, traceroute,..) will work behind firewall (if they are not disabled by firewall restrictions)...whereas
Proxy Server: Services which use low-level TCP/IP protocols (ping, traceroute,..) will not work behind proxy.
hope this suffices for now, let us know if you want more information
Most of current routers can be used as an easy firewall (most of routers allows to define restrictions). It applies by example to Cisco routers, Linux systems,... But real firewall is more complicated. It implements mechanisms to allow dynamically opened holes for incoming connections (for FTP sessions by example) and more....whereas
Proxy Server: Application proxy server is a computer which is able to handle requests in some communication protocols (HTTP,FTP,SOCKS,..). For each used protocol appropriate proxy service must be enabled.
Firewall: Firewall works on the packet level. It can apply rules on packets (by checking the source/destination IP address, source/destination port,...) to decide whether the packet will be forwarded or denied.....whereas
Proxy Server: Proxy works on application protocol level. They doesn't work on packet level so they can't forward packets.
Firewall: The client station have to be configured to use firewall as default gateway...whereas
Proxy Server: Applications on the client PC have to be configured to use proxy server to access Internet servers.
Firewall: If you disable the firewall (only the router works) all LAN station have direct and full Internet access.
You can imagine the firewall as a set of restrictive rules (all is enabled when these rules are inactive). So you can eliminate/change some rules to create a hole (range) of port by example....whereas
Proxy Server: If you disable proxy there is no way to connect from the LAN to the Internet servers.
Firewall: Services which use low-level TCP/IP protocols (ping, traceroute,..) will work behind firewall (if they are not disabled by firewall restrictions)...whereas
Proxy Server: Services which use low-level TCP/IP protocols (ping, traceroute,..) will not work behind proxy.
hope this suffices for now, let us know if you want more information
Picking pebbles on the shore of the networking ocean
18 years 7 months ago #14489
by d_jabsd
Replied by d_jabsd on topic Re: Difference between proxy server n application level firewall
Well said Arani.
In addition to the above, a proxy server acts as a middle man. You make a request to the proxy server. The proxy server then makes the request to destination on your behalf. The response comes back to the proxy, which it them forwards back to you. The destination server only ever sees proxy server and is unaware of you. One drawback is that a proxy server is not always a firewall and cannot protect you from yourself unless configured with a fairly restrictive configuration.
An application firewall is more like a security guard. You make a request to destination directly and the firewall stands in front of it analyzing the traffic to determine whether or not to let it pass. The destination, and the firewall, is fully aware of who you are and where you are coming from.
In addition to the above, a proxy server acts as a middle man. You make a request to the proxy server. The proxy server then makes the request to destination on your behalf. The response comes back to the proxy, which it them forwards back to you. The destination server only ever sees proxy server and is unaware of you. One drawback is that a proxy server is not always a firewall and cannot protect you from yourself unless configured with a fairly restrictive configuration.
An application firewall is more like a security guard. You make a request to destination directly and the firewall stands in front of it analyzing the traffic to determine whether or not to let it pass. The destination, and the firewall, is fully aware of who you are and where you are coming from.
18 years 7 months ago #14594
by subha517
Replied by subha517 on topic Re: Difference between proxy server n application level firewall
Hi friends,
Very useful infomation.Thanku.
-subha517
Very useful infomation.Thanku.
-subha517
Time to create page: 0.126 seconds