Firewall
Application level proxy server
Firewall is a router (computer which is able to forward packets between two or more networks) with some restriction rules applied.Most of current routers can be used as an easy firewall (most of routers allows to define restrictions). It applies by example to Cisco routers, Linux systems,... But real firewall is more complicated. It implements mechanisms to allow dynamically opened holes for incoming connections (for FTP sessions by example) and more.
Application proxy server is a computer which is able to handle requests in some communication protocols (HTTP,FTP,SOCKS,..). For each used protocol appropriate proxy service must be enabled.
Firewall works on the packet level. It can apply rules on packets (by checking the source/destination IP address, source/destination port,...) to decide whether the packet will be forwarded or denied.
Proxy works on application protocol level. They doesn't work on packet level so they can't forward packets.
The client station have to be configured to use firewall as default gateway.
Applications on the client PC have to be configured to use proxy server to access Internet servers.
If you disable the firewall (only the router works) all LAN station have direct and full Internet access.You can imagine the firewall as a set of restrictive rules (all is enabled when these rules are inactive). So you can eliminate/change some rules to create a hole (range) of port by example.
If you disable proxy there is no way to connect from the LAN to the Internet servers.
Services which use low-level TCP/IP protocols (ping, traceroute,..) will work behind firewall (if they are not disabled by firewall restrictions).
Services which use low-level TCP/IP protocols (ping, traceroute,..) will not work behind
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment