Firewall Wizards mailing list archives
Re: Secure Computing Sidewinder?
From: <lordchariot () embarqmail com>
Date: Fri, 13 Jun 2008 19:30:21 -0400
Last time I played with ISA, it wasn't an application-layer gateway, it was a bastardized SOCKS circuit-layer gateway. That means it was doing more to enforce what connected than what went through it.
I'd be interested/grateful if you could expand on that?
Historically, at the time of MS proxy 1 & 2, it was not a gateway routing device. It was an http proxy, a SOCKS proxy and a WinSock proxy. The WinSock proxy needed a Windows client loaded into each and every client PC. This was a shim into the WinSock TCP stack that intercepted and forwarded IP packets to the MS Proxy server in a generic (SOCKS-like) way. When the packet arrived at MS Proxy, there was a small set of firewall-like enforcement rules that would allow or deny based on protocol/port/IP. Then it would start an onward session from the Proxy to the destination and forward the contents, much like SOCKS does. There was no application inspection performed. By using the shim into the TCP stack on the client, the application didn't have to be proxy-aware or SOCKSified. However any other non-Windows client was hosed and had to make sure they could go out via HTTP proxy or SOCKS. I cut my teeth on TCP/IP and MS Proxy back in the day, but by the time ISA came out (2000?), I had already moved on to a 'real' application-layer firewall. e² _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Secure Computing Sidewinder? Paul Hutchings (Jun 10)
- Re: Secure Computing Sidewinder? ArkanoiD (Jun 10)
- Re: Secure Computing Sidewinder? K K (Jun 10)
- Re: Secure Computing Sidewinder? Paul Hutchings (Jun 11)
- Re: Secure Computing Sidewinder? Paul D. Robertson (Jun 11)
- Re: Secure Computing Sidewinder? Paul Hutchings (Jun 12)
- Re: Secure Computing Sidewinder? lordchariot (Jun 13)
- Re: Secure Computing Sidewinder? Paul Hutchings (Jun 11)
- Re: Secure Computing Sidewinder? Keith A. Glass (Jun 11)
- Re: Secure Computing Sidewinder? Paul D. Robertson (Jun 11)
- Re: Secure Computing Sidewinder? K K (Jun 11)