Are proxy servers a more secure alternative than packet-filtering firewalls?
In the world of security, judging proxy servers and packet-filtering firewalls together is like comparing apples and oranges. While proxy servers play a limited security function, their basic role is to boost performance. The tools cache frequently requested content on the local network and provide a central point for performing content filtering of end-user requests.
Firewalls, on the other hand, act as the "traffic cop" for all inbound and outbound network traffic, ensuring that it meets network security policy. If your networking strategy calls for a proxy server, I would strongly recommend using it in conjunction with a firewall.
That said, some network firewalls combine proxy functionality with packet filtering. These so-called "proxy firewalls" establish connections with local systems on behalf of remote users (and vice-versa), eliminating the direct connection between systems. Such an arrangement allows the proxy firewall to perform content filtering and provide Layer 7 defenses. If you can afford one, these firewalls provide the strongest available level of firewall protection on the market today.
- Michael Cobb takes a closer look inside application-layer firewalls and how they can defend Layer 7.
- Learn why some enterprise professionals are holding back on application firewalls.
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Mike Chapple
Explore the differences between wired and wireless network security, and read up on best practices to ensure security with or without wires. Continue Reading
Choosing to encrypt confidential data with AES or DES encryption is an important cybersecurity matter. Learn about the important differences between ... Continue Reading
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ... Continue Reading