Are proxy servers a more secure alternative than packet-filtering firewalls?
In the world of security, judging proxy servers and packet-filtering firewalls together is like comparing apples and oranges. While proxy servers play a limited security function, their basic role is to boost performance. The tools cache frequently requested content on the local network and provide a central point for performing content filtering of end-user requests.
Firewalls, on the other hand, act as the "traffic cop" for all inbound and outbound network traffic, ensuring that it meets network security policy. If your networking strategy calls for a proxy server, I would strongly recommend using it in conjunction with a firewall.
That said, some network firewalls combine proxy functionality with packet filtering. These so-called "proxy firewalls" establish connections with local systems on behalf of remote users (and vice-versa), eliminating the direct connection between systems. Such an arrangement allows the proxy firewall to perform content filtering and provide Layer 7 defenses. If you can afford one, these firewalls provide the strongest available level of firewall protection on the market today.
- Michael Cobb takes a closer look inside application-layer firewalls and how they can defend Layer 7.
- Learn why some enterprise professionals are holding back on application firewalls.
Dig Deeper on Network Firewalls, Routers and Switches
Related Q&A from Mike Chapple
The OWASP Top Ten list is not a compliance standard but a set of best practices for enterprises looking to boost Web app security. Here's how to get ...continue reading
A data breach notification policy is important to have, but deciding how to alert customers can be tough. Expert Mike Chapple explains some best ...continue reading
Tokenization technology can be confusing. Expert Mike Chapple explains what the difference is between two types of tokens and how tokenization can ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.