Skip to main content

Difference between proxy server n application level firewall

More
18 years 7 months ago #14487 by subha517
Hi All,
Could someone tell me the basic difference between a Proxy server and Application level firewall?Where does their functionalities differ?
Thanks
-Subha517
More
18 years 7 months ago #14488 by Arani
Firewall: Firewall is a router (computer which is able to forward packets between two or more networks) with some restriction rules applied.
Most of current routers can be used as an easy firewall (most of routers allows to define restrictions). It applies by example to Cisco routers, Linux systems,... But real firewall is more complicated. It implements mechanisms to allow dynamically opened holes for incoming connections (for FTP sessions by example) and more....whereas
Proxy Server: Application proxy server is a computer which is able to handle requests in some communication protocols (HTTP,FTP,SOCKS,..). For each used protocol appropriate proxy service must be enabled.

Firewall: Firewall works on the packet level. It can apply rules on packets (by checking the source/destination IP address, source/destination port,...) to decide whether the packet will be forwarded or denied.....whereas
Proxy Server: Proxy works on application protocol level. They doesn't work on packet level so they can't forward packets.

Firewall: The client station have to be configured to use firewall as default gateway...whereas
Proxy Server: Applications on the client PC have to be configured to use proxy server to access Internet servers.

Firewall: If you disable the firewall (only the router works) all LAN station have direct and full Internet access.
You can imagine the firewall as a set of restrictive rules (all is enabled when these rules are inactive). So you can eliminate/change some rules to create a hole (range) of port by example....whereas
Proxy Server: If you disable proxy there is no way to connect from the LAN to the Internet servers.

Firewall: Services which use low-level TCP/IP protocols (ping, traceroute,..) will work behind firewall (if they are not disabled by firewall restrictions)...whereas
Proxy Server: Services which use low-level TCP/IP protocols (ping, traceroute,..) will not work behind proxy.

hope this suffices for now, let us know if you want more information

Picking pebbles on the shore of the networking ocean
More
18 years 7 months ago #14489 by d_jabsd
Well said Arani.

In addition to the above, a proxy server acts as a middle man. You make a request to the proxy server. The proxy server then makes the request to destination on your behalf. The response comes back to the proxy, which it them forwards back to you. The destination server only ever sees proxy server and is unaware of you. One drawback is that a proxy server is not always a firewall and cannot protect you from yourself unless configured with a fairly restrictive configuration.

An application firewall is more like a security guard. You make a request to destination directly and the firewall stands in front of it analyzing the traffic to determine whether or not to let it pass. The destination, and the firewall, is fully aware of who you are and where you are coming from.
More
18 years 7 months ago #14594 by subha517
Hi friends,
Very useful infomation.Thanku.
-subha517
More
18 years 7 months ago #14633 by Lindows
Gooooooooo Joooeeeeeeeeeeee!

Just reliving great moments in television.

Lindows
Time to create page: 0.126 seconds