Re: Bodermanager vs Blackhole firewall...

[Joseph S D Yao <jsdy () cospo osis gov>]

> Don , your question is whether to use a proxy or not
> for a particular application. and if not use the 
> proxy then what ? do we NAT ?
...
> second a proxy does not allow any direct connection
> between the two parties ie the the two ends say a 
> ftp client inside the trusted network and a FTP 
> server on the Internet. The proxy examines all the 
> connections between the two ends. All the outgoing
> packets get the IP address of the proxy and all the 
> incoming packets are neatly sent to the client on 
> the internal network.

Thereby, a "network address translation" by default occurs.  The IP
address at which the proxy is addressed by the outside world is
different from the IP address at which the client itself is addressed.

--
Joe Yao                         jsdy () cospo osis gov - Joseph S. D. Yao
COSPO/OSIS Computer Support                                     EMT-A/B
-----------------------------------------------------------------------
        PLEASE ... send or Cc: all "COSPO/OSIS Computer Support"
                     mail to sys-adm () cospo osis gov
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.