proxy firewall

A proxy firewall is a network security system that protects network resources by filtering messages at the application layer. A proxy firewall may also be called an application firewall or gateway firewall.  

A proxy firewall is a network security system that protects network resources by filtering messages at the application layer. A proxy firewall may also be called an application firewall or gateway firewall.  

Just like a proxy server or cache server, a proxy firewall acts as an intermediary between in-house clients and servers on the Internet. The difference is that in addition to intercepting Internet requests and responses, a proxy firewall also monitors incoming traffic for layer 7 protocols, such as HTTP and FTP. In addition to determining which traffic is allowed and which is denied, a proxy firewall uses stateful inspection technology and deep packet inspection to analyze incoming traffic for signs of attack. 

Proxy firewalls are considered to be the most secure type of firewall because they prevent direct network contact with other systems. (Because a proxy firewall has its own IP address, an outside network connection will never receive packets from the sending network directly.) Having the ability to examine the entire network packet, rather than just the network address and port number, also means that a proxy firewall will have extensive logging capabilities -- a valuable resource for security administrators who are dealing with security incidents. According to Marcus Ranum, who is credited with conceiving the idea of a proxy firewall, the goal of the proxy approach is to create a single point that allows a security-conscious programmer to assess threat levels represented by application protocols and put error detection, attack detection and validity checking in place.

The added security offered by a proxy firewall has its drawbacks, however. Because a proxy firewall establishes an additional connection for each outgoing and incoming packet, the firewall can become a bottleneck, causing a degradation of performance or becoming a single point of failure. Additionally, proxy firewalls may only support certain popular network protocols, thereby limiting which applications the network can support.

See also: access control list, Squid proxy server

 

 

This was first published in May 2014

Continue Reading About proxy firewall

Glossary

'proxy firewall' is part of the:

View All Definitions

Dig deeper on Application Firewall Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close