Are proxy servers a more secure alternative than packet-filtering firewalls?
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
In the world of security, judging proxy servers and packet-filtering firewalls together is like comparing apples and oranges. While proxy servers play a limited security function, their basic role is to boost performance. The tools cache frequently requested content on the local network and provide a central point for performing content filtering of end-user requests.
Firewalls, on the other hand, act as the "traffic cop" for all inbound and outbound network traffic, ensuring that it meets network security policy. If your networking strategy calls for a proxy server, I would strongly recommend using it in conjunction with a firewall.
That said, some network firewalls combine proxy functionality with packet filtering. These so-called "proxy firewalls" establish connections with local systems on behalf of remote users (and vice-versa), eliminating the direct connection between systems. Such an arrangement allows the proxy firewall to perform content filtering and provide Layer 7 defenses. If you can afford one, these firewalls provide the strongest available level of firewall protection on the market today.
- Michael Cobb takes a closer look inside application-layer firewalls and how they can defend Layer 7.
- Learn why some enterprise professionals are holding back on application firewalls.
Dig Deeper on Network Firewalls, Routers and Switches
Related Q&A from Mike Chapple
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ...continue reading
The HHS OCR ruled that healthcare ransomware attacks are HIPAA violations, so these covered entities need to react according to the HHS's guidance. ...continue reading
HIPAA regulations incorporate NIST guidelines and standards, so do healthcare organizations need to be compliant with both? Expert Mike Chapple ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.