What are the disadvantages of proxy-based firewalls?

Network security expert Mike Chapple explains why he strongly recommends the use of proxy-based firewalls.

Mike Chapple, University of Notre Dame

How do you overcome the disadvantages of proxy-based firewalls?

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Proxy-based firewalls provide the most advanced firewall security technology currently available on the market. I use them myself and strongly recommend their use for protecting sensitive information, especially in public-facing Web applications.

Proxy firewalls function by acting as a true intermediary between the client and the server. Traditional stateful inspection firewalls simply analyze traffic to determine whether it should be allowed before passing it directly to the protected server. Proxy firewalls, on the other hand, actually establish connections with both the client and the server, allowing them to inject themselves into the connection stream. This provides them with the ability to perform deep application-layer inspection of traffic to identify application-level attacks, such as SQL injection exploits.

The main disadvantage to proxy-based firewalls is their cost. They are significantly more expensive than standard stateful inspection firewalls both in terms of actual financial cost and processing time used. The best way to compensate for this is to use the proxy features sparingly. If an application will not significantly benefit from proxy filtering, disable application filtering for that particular rule. This will help to squeeze maximum performance out of the firewall.

This was last published in June 2009

firewall

Web application firewall (WAF)

The 5 different types of firewalls

What are the 5 types of network firewalls and how are they different?

Please create a username to comment.

Cloud security risks and the countermeasures you need now

Enhance your cloud threat protection with 5 tools, and more

Privacy-preserving machine learning assuages infosec fears

Evolution of WLAN technology improves data rates, security

Future of wireless communications unifies 5G and Wi-Fi 6

SASE market emerges as the 'wave of the future'

Dell, PwC, Peapod accelerate digital transformation initiatives

4 ways CIOs can drive IT cost savings during the pandemic

Post COVID-19 strategies for CIOs on leading through crisis

Microsoft launches Windows File Recovery tool

Citrix microapps look to ease office reopening

VMware Workspace One unifies reshaped digital workforces

SUSE buys Rancher Labs for Kubernetes expertise

Why enterprises choose multi-cloud environments

Oracle Cloud at Customer adds Dedicated Regions

Executive interview: Toyota’s Melody Ayeli on the significant role of ITAM

Aryaka, 8x8 enhance enterprise communications across managed SD-WAN

Facebook iOS SDK flaw linked to onset of Spotify app outage blighting Apple device users

Dig Deeper on Network device security: Appliances, firewalls and switches

firewall

Web application firewall (WAF)

The 5 different types of firewalls

What are the 5 types of network firewalls and how are they different?

Related Q&A from Mike Chapple

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.