Can you explain the difference between a proxy server and proxy firewall? How do they work together?
That's an important distinction and it requires a little insight into the history of these devices. Proxy firewalls, or application gateway firewalls, are a fairly recent addition to mainstream security environments. Until a few years ago, the stateful inspection firewall was the most advanced firewall protection. While stateful firewalls can monitor open connections, they cannot inspect application layer traffic. Therefore, if you were to allow HTTP traffic through your firewall, a stateful inspection firewall would not prevent an HTTP-based attack. Proxy firewalls, on the other hand, combine stateful inspection technology with the ability to perform deep application inspections. They also analyze layer 7 protocols, such as HTTP and FTP and monitor traffic for additional signs of attack. To make this work, the firewall must act as a proxy; that is, the client opens a connection with the firewall (usually unbeknownst to the client) and the firewall opens a separate connection to the server on the client's behalf.
Proxy servers, however, don't provide the benefits of a firewall. Like proxy firewalls, they act as a middleman for connections, but they don't provide stateful inspection or other firewall technology. They're generally used to provide content filtering and performance enhancements (such as caching) for local user's Web traffic. Since most proxy firewalls can provide all of the benefits of a proxy server, administrators typically use dedicated proxy servers where they wish to remove the performance load from the firewall.
Dig deeper on Application Firewall Security
Related Q&A from Mike Chapple, Enterprise Compliance
Social media compliance is not typically considered a big issue for companies, but expert Mike Chapple explains why it should be.continue reading
Metadata tagging is not just for security. Expert Mike Chapple explains how tagging tools can be used to achieve PCI DSS compliance.continue reading
Before using the HIPAA-compliant cloud services from Google, there are some things companies need to know, according to expert Mike Chapple.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.