Security Basics mailing list archives
Re: Application Firewall
From: "Sanjay R" <2sanjayr () gmail com>
Date: Fri, 1 Aug 2008 19:09:36 +0530
On Fri, Aug 1, 2008 at 2:30 PM, ॐ aditya mukadam ॐ <aditya.mukadam () gmail com> wrote:
sanjay>> Application level firewalls are firewalls. Proxy, if used in a special way, is a type of application level firewall. however, it will be nice and interesting to hear "why application level firewall is NOT a firewall?"Aditya:For a firewall to work at application level, you would (90% of the time) need to proxy the traffic through it for best results. So, we can call it 'application level firewall' or 'intelligent proxies'.
sanjay>> Agreed and this is what i wanted to say. My confusion was your statement that " Application level firewalls are actually not firewalls." Firewall is a concept/mechanism to provide some access control. Based on the information that you require to have access control, the more granularity to you want, higher in the stack you move on. Proxy, as name suggests, are just proxy for some application i.e it understands that application very well. So, if you take advantage to this understanding and mingle some control mechanism, it becomes Application firewall. for this same reason, we have many proxies (only proxies) out there, like Webscarab etc and they are not come under firewall.
Take a look at below links which would throw some moe light on this topic. http://en.wikipedia.org/wiki/Application_layer_firewall http://www.networkcomputing.com/1405/1405f3.html It would be interesting to know Which firewalls have you worked on ? Any Application level firewall ?
sanjay>> Yes. ISA, to name one.
Thanks, Aditya Govind Mukadam On Wed, Jul 30, 2008 at 8:22 PM, Sanjay R <2sanjayr () gmail com> wrote:sorry for a late response. .. On Fri, Jul 18, 2008 at 7:26 PM, ॐ aditya mukadam ॐ <aditya.mukadam () gmail com> wrote:Application level firewalls are actually not firewalls but can be called as intelligent proxies. Cisco ASA is a stateful firewall.sanjay>> Application level firewalls are firewalls. Proxy, if used in a special way, is a type of application level firewall. however, it will be nice and interesting to hear "why application level firewall is NOT a firewall?"I know BlueCoat proxy which would categorize as application level firewall. Thanks, Aditya Govind Mukadam On Thu, Jul 17, 2008 at 7:44 PM, <ams.sec () gmail com> wrote:Hi everyone, Can anyone please list out some name of application level firewalls. Would Cisco ASA qualify as a application firewall? I have heard it needs certain addons to provide application screening functionality. Thanks a zillion. Ams-- Computer Security Learner
-- Computer Security Learner
Current thread:
- Re: Application Firewall ॐ aditya mukadam ॐ (Aug 03)
- Re: Application Firewall Sanjay R (Aug 03)
- Test Case on Firewall/IDS/Swithches and Routers/Load Balancer harshad.mengle (Aug 05)
- Re: Test Case on Firewall/IDS/Swithches and Routers/Load Balancer ॐ aditya mukadam ॐ (Aug 06)
- <Possible follow-ups>
- Re: Application Firewall Steve Armstrong (Aug 03)