-
June 8th, 2006, 10:04 AM
#1
Senior Member
proxy firewall and this scenario from Forouzan Book
I have got this scenario from Forouzan Book "Data Communications and Networking" 3ed
Code:
http://highered.mcgraw-hill.com/sites/0072515848/student_view0/chapter31/powerpoint_slides.html
He says in page 851 :
"When the user client process sends a message, the proxy firewall runs a server process to receive the request. The server (I said it is the HTTP proxy )opens the packet at the application level and finds out if the request is ligitimate. If it is, the server acts as a client process and sends the message to the real server (I said it is the HTTP Sever) in the corporation. If it is not, the message is dropped and an error message is sent to the external user. Figure 31.11 shows a proxy firewall implementation".
Code:
http://img234.imageshack.us/img234/1307/proxyfirewallforouzanch310bc.jpg
If the proxy firewall can investigate (check ) the application layer by itself , why do I need to send the packet to the HTTP proxy ?
-
June 8th, 2006, 11:02 AM
#2
It's
[Client]---->[Proxy]--->[Server]
Sometimes a filtering proxy is called an application firewall.. Very confusing terms..
I prefer to call something that filters on layer3/4 a firewall and something that filters on layer 7 a proxy but those definitions tend to blur these days...
If the proxy firewall can investigate (check ) the application layer by itself
No, the proxy firewall runs a http proxy that takes care of the checking..
Oliver's Law:
Experience is something you don't get until just after you need it.
-
June 9th, 2006, 07:14 PM
#3
Senior Member
I prefer to call something that filters on layer3/4 a firewall and something that filters on layer 7 a proxy
Really it will be easier to distiguish if they used these terminologies.
the proxy firewall runs a http proxy that takes care of the checking..
Let me clarify with you that I understood you correclty.
As you can see in the link that I have posted, there are 3 devices:
1- Proxy firewall device
2- Proxy HTTP box
3- HTTP Server box
What did you mean by the "Proxy firewall" device runs a http proxy ? because i can see that they are two separate devices,,,,Am I right ?
If the "Proxy firewall" device run http proxy, why do I need to have proxy http server in this scenario ?
Did you mean to say that the "Proxy firewall" device here is for filtering layer 3 and layer 4 and not for filtering layer 7 ?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|