Can you explain the difference between a proxy server and proxy firewall? How do they work together?
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
That's an important distinction and it requires a little insight into the history of these devices. Proxy firewalls, or application gateway firewalls, are a fairly recent addition to mainstream security environments. Until a few years ago, the stateful inspection firewall was the most advanced firewall protection. While stateful firewalls can monitor open connections, they cannot inspect application layer traffic. Therefore, if you were to allow HTTP traffic through your firewall, a stateful inspection firewall would not prevent an HTTP-based attack. Proxy firewalls, on the other hand, combine stateful inspection technology with the ability to perform deep application inspections. They also analyze layer 7 protocols, such as HTTP and FTP and monitor traffic for additional signs of attack. To make this work, the firewall must act as a proxy; that is, the client opens a connection with the firewall (usually unbeknownst to the client) and the firewall opens a separate connection to the server on the client's behalf.
Proxy servers, however, don't provide the benefits of a firewall. Like proxy firewalls, they act as a middleman for connections, but they don't provide stateful inspection or other firewall technology. They're generally used to provide content filtering and performance enhancements (such as caching) for local user's Web traffic. Since most proxy firewalls can provide all of the benefits of a proxy server, administrators typically use dedicated proxy servers where they wish to remove the performance load from the firewall.
Dig Deeper on Application Firewall Security
Related Q&A from Mike Chapple
Are nonprofit organizations, like higher education institutions, subject to FTC cybersecurity regulations and oversight? Expert Mike Chapple explains.continue reading
It's important for healthcare organizations to have a clear social media policy. Expert Mike Chapple explains what needs to be in the policy to stay ...continue reading
SOC 2 evaluations can be helpful tools for organizations assessing their HIPAA compliance, but companies should not solely rely on them. Compliance ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.