Security Basics mailing list archives
Re: Application Firewall
From: "Bryan S. Sampsel" <bsampsel () libertyactivist org>
Date: Fri, 18 Jul 2008 09:20:04 -0600 (MDT)
Actually, that's not quite true. The BlueCoat is a specialized device that protects one thing. However, I would not deploy it in the open on its own, as I would a Borderware or Sidewinder firewall. It's an application proxy, but it is not a full firewall in and of itself. A Sidewinder, even before they added packet filter capabilities, does qualify as a firewall. As did the old Raptor and Gauntlet firewalls. The Cisco ASA is a stateful packet inspection firewall, but does not protect the upper areas of the OSI model. Nor does it present a hardened IP stack between two ends of a protected connection. It filters the connection, but when a connection is allowed, it is directly connected to the end point. Whereas, with the Sidewinder Firewall, if an FTP proxy is sitting between the client and server, the client connects to the proxy and hardened IP stack of the Sidewinder. The Sidewinder's proxy, which does have some additional protections/limitations that can be configured, then initiates the connection to the server on behalf of the client. Even when using a "generic" proxy, at the very minimum, the client is protected by the hardened IP stack of the Sidewinder. While a straight packet filter firewall has its place, it does not protect to the same extent. ? aditya mukadam ? wrote:
Application level firewalls are actually not firewalls but can be called as intelligent proxies. Cisco ASA is a stateful firewall. I know BlueCoat proxy which would categorize as application level firewall.
Current thread:
- Application Firewall ams . sec (Jul 18)
- Re: Application Firewall ॐ aditya mukadam ॐ (Jul 18)
- Re: Application Firewall Bryan S. Sampsel (Jul 21)
- Re: Application Firewall ॐ aditya mukadam ॐ (Jul 22)
- Re: Application Firewall Sanjay R (Jul 31)
- Re: Application Firewall Bryan S. Sampsel (Jul 21)
- Re: Application Firewall Adriel Desautels (Jul 18)
- Re: Application Firewall Ivan . (Jul 21)
- Re: Application Firewall Bryan S. Sampsel (Jul 18)
- Re: Application Firewall Adriel Desautels (Jul 21)
- Re: Application Firewall Paul Wong (Jul 27)
- Re: Application Firewall Adriel Desautels (Jul 21)
- <Possible follow-ups>
- Re: Application Firewall Kyu Kwak (Jul 21)
- RE: Application Firewall Roni Bachar (Jul 30)
- Re: Re: Application Firewall antman84ca (Jul 21)
(Thread continues...)
- Re: Application Firewall ॐ aditya mukadam ॐ (Jul 18)