Proxy firewalls

Discussion in 'other firewalls' started by Fly, Apr 29, 2008.

Thread Status:
Not open for further replies.
  1. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
  2. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Proxy firewalls could be seen as a grey area, certainly with the various explanations and the way terminology appears to be changed so easily.

    I can look from various points/views.

    Lets say, look at KISS or NOD (SS), these contain AV, so all connections to internet go through internal filtering of known sigs, so those, from that point can be classed as "Proxy". But, if you look at Outpost pro, you will find an "Attack plugin", now all packets are sent through that (when installed/active), so from my personal view, I can see that as a proxy.

    As for:-
    My thinking:

    Proxy firewall will have other attached support, such as AV and/or packet filtering addon

    Deep inspection, similar to above, but such does examine the contents of packet rather than just header info

    stateful inspection, well, this as been discussed before. If we look, say at TCP filtering (which I would still class as TCP SPI), then there are various implementations of such.


    - Stem
     
  3. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    I would define a proxy firewall as one that gets packets from computers on one network, masquerades them and sends them to another network. Not much different from NAT, except that such a firewall would not allow reverse DNS queries to any address on the firewalled network, for instance.
    Mrk
     
  4. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    I guess the McAfee firewall (my current setup) is a proxy firewall (plus perhaps x?) ? (mcproxy.exe)
     
Loading...
Thread Status:
Not open for further replies.