Re: Proxy VS Firewall
From: syN-acK (syN_acK_fiN@yahoo.com)Date: 12/13/01
- Next message: Boyd Williston: "Re: College Firewalls"
- Previous message: syN-acK: "Re: Anyone have Firebox Experience"
- In reply to: mrleo: "Proxy VS Firewall"
- Next in thread: mrleo: "Re: Proxy VS Firewall"
- Reply: mrleo: "Re: Proxy VS Firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: syN_acK_fiN@yahoo.com (syN-acK) Date: Thu, 13 Dec 2001 05:02:06 GMT
I think you are truly confused as to the difference between a proxy and a
caching server. They ARE NOT the same thing.
A proxy intercepts packets and processes them on the application layer. It is
actually the slowest way of processing data through a firewall, but some say
the most secure.
Microsoft calling their product Proxy server, and just because it caches does
not mean proxy=cache.
Gauntlet has lots of proxies, and doesn't cache a thing. So does WatchGuard,
and it doesn't cache. Checkpoint has proxies (they call them security servers,
so people won't yell 'What about stateful inspection?') and they don't cache
anything.
syN-acK
"mrleo" <mrleo@starband.net> wrote:
>Hey first off, just my two cents here.
>
>
> Proxy is defined as a web page caching server *NOT* a firewall. a proxy
>(MS Version) does nothing but *hide* your internal network and cache web
>pages from the rest of the world. Yes you can define the list of allowed
>"protocols" that have the access to be able to pass through the proxy server
>itself, however there is no such thing as a packet filter to verify that the
>sender is allowed to connect
>
>Firewall however will do things such as application filter's, packet
>filtering.But it DOES NOT cache web pages.
>
> Yes there may be some small similarity between the 2, however they should
>not be viewed as the same type of product.
>
>Even some personal software on the market may infact perform both functions
>( Winproxy) This program does both it caches web pages and has a limited
>built in firewall.
>
>
>Webopedia Defition
>
>Firewall
>
>A system designed to prevent unauthorized access to or from a private
>network. Firewalls can be implemented in both hardware and software, or a
>combination of both. Firewalls are frequently used to prevent unauthorized
>Internet users from accessing private networks connected to the Internet,
>especially intranets. All messages entering or leaving the intranet pass
>through the firewall, which examines each message and blocks those that do
>not meet the specified security criteria
>
>Packet filter: Looks at each packet entering or leaving the network and
>accepts or rejects it based on user-defined rules. Packet filtering is
>fairly effective and transparent to users, but it is difficult to configure.
>In addition, it is susceptible to IP spoofing.
>Application gateway: Applies security mechanisms to specific applications,
>such as FTP and Telnet servers. This is very effective, but can impose a
>performance degradation.
>Circuit-level gateway: Applies security mechanisms when a TCP or UDP
>connection is established. Once the connection has been made, packets can
>flow between the hosts without further checking.
>Proxy server: Intercepts all messages entering and leaving the network. The
>proxy server effectively hides the true network addresses.
>
>
>Proxy
>
>A server that sits between a client application, such as a Web browser, and
>a real server. It intercepts all requests to the real server to see if it
>can fulfill the requests itself. If not, it forwards the request to the real
>server.
>
>Improve Performance: Proxy servers can dramatically improve performance for
>groups of users. This is because it saves the results of all requests for a
>certain amount of time. Consider the case where both user X and user Y
>access the World Wide Web through a proxy server. First user X requests a
>certain Web page, which we'll call Page 1. Sometime later, user Y requests
>the same page. Instead of forwarding the request to the Web server where
>Page 1 resides, which can be a time-consuming operation, the proxy server
>simply returns the Page 1 that it already fetched for user X. Since the
>proxy server is often on the same network as the user, this is a much faster
>operation. Real proxy servers support hundreds or thousands of users. The
>major online services such as Compuserve and America Online, for example,
>employ an array of proxy servers.
>Filter Requests: Proxy servers can also be used to filter requests. For
>example, a company might use a proxy server to prevent its employees from
>accessing a specific set of Web sites.
- Next message: Boyd Williston: "Re: College Firewalls"
- Previous message: syN-acK: "Re: Anyone have Firebox Experience"
- In reply to: mrleo: "Proxy VS Firewall"
- Next in thread: mrleo: "Re: Proxy VS Firewall"
- Reply: mrleo: "Re: Proxy VS Firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
