RE: Gauntlet 6 "adaptive proxy"

["Shivdasani, Meenoo" <Meenoo.Shivdasani () venterscience org>]

Kevin,

Basically, what adaptive proxy in Gauntlet 6 does is run the initial connection through the usual proxy mechanism and 
then memorize the fact that the connection has passed the usual checks at which point the connection is handled at the 
packet filter level rather than taking it up to the proxy level.  When you use adaptive proxy, you can't do things like 
content filtering or virus scanning at the application level.  If I remember correctly, those checks take precedence 
over adaptive proxy so if you have them enabled, adaptive proxy doesn't kick in even if you have it enabled.

The security trade-off is the fact that the traffic bypasses the application level checks.

M

-----Original Message-----
From:   Kevin Kadow [mailto:kevin () msg net]
Sent:   Tue 8/17/2004 8:51 PM
To:     firewall-wizards () honor icsalabs com
Cc:     
Subject:        [fw-wiz] Gauntlet 6 "adaptive proxy"
I know it's ancient (but vendor supported until 2005), but can anybody share insight into this Gauntlet feature?

I'm trying to eke out every bit of performance I can from my old GFW6.0 machines, and have been told that I should turn 
on  "adaptive proxy" to boost HTTP and FTP performance.

The docs imply a security trade-off, but do not give details.

Thanks,

Kevin Kadow
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards