Results 1 to 3 of 3

Thread: proxy firewall and this scenario from Forouzan Book

  1. #1
    Senior Member
    Join Date
    Dec 2004
    Posts
    140

    proxy firewall and this scenario from Forouzan Book

    I have got this scenario from Forouzan Book "Data Communications and Networking" 3ed

    Code:
    http://highered.mcgraw-hill.com/sites/0072515848/student_view0/chapter31/powerpoint_slides.html
    He says in page 851 :

    "When the user client process sends a message, the proxy firewall runs a server process to receive the request. The server (I said it is the HTTP proxy )opens the packet at the application level and finds out if the request is ligitimate. If it is, the server acts as a client process and sends the message to the real server (I said it is the HTTP Sever) in the corporation. If it is not, the message is dropped and an error message is sent to the external user. Figure 31.11 shows a proxy firewall implementation".

    Code:
    http://img234.imageshack.us/img234/1307/proxyfirewallforouzanch310bc.jpg

    If the proxy firewall can investigate (check ) the application layer by itself , why do I need to send the packet to the HTTP proxy ?

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    It's

    [Client]---->[Proxy]--->[Server]

    Sometimes a filtering proxy is called an application firewall.. Very confusing terms..

    I prefer to call something that filters on layer3/4 a firewall and something that filters on layer 7 a proxy but those definitions tend to blur these days...

    If the proxy firewall can investigate (check ) the application layer by itself
    No, the proxy firewall runs a http proxy that takes care of the checking..
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    Senior Member
    Join Date
    Dec 2004
    Posts
    140
    I prefer to call something that filters on layer3/4 a firewall and something that filters on layer 7 a proxy
    Really it will be easier to distiguish if they used these terminologies.

    the proxy firewall runs a http proxy that takes care of the checking..
    Let me clarify with you that I understood you correclty.

    As you can see in the link that I have posted, there are 3 devices:

    1- Proxy firewall device

    2- Proxy HTTP box

    3- HTTP Server box

    What did you mean by the "Proxy firewall" device runs a http proxy ? because i can see that they are two separate devices,,,,Am I right ?

    If the "Proxy firewall" device run http proxy, why do I need to have proxy http server in this scenario ?

    Did you mean to say that the "Proxy firewall" device here is for filtering layer 3 and layer 4 and not for filtering layer 7 ?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •