44
this type of firewall is very useful for preventing "IP
spoofing" attacks.
3.2.3. Proxy firewalls
Proxy firewalls are proxy servers and application gateways
that work at the application layer
and are controlled by the
application, allowing access to one application and preventing
others from passing through. Proxy servers are implemented
using hosts with dual NICs, usually running between two
networks, and are intermediaries
between clients and real
servers, isolating direct communication between internal and
external networks. Access to external network servers by
clients of internal networks becomes access to external
network servers by proxy servers, which are then forwarded
to internal clients by proxy servers. The proxy server is like a
server
to the internal client, and it is like a client to the
external network server, which
successfully achieves the
isolation of computer systems inside and outside the firewall,
and reduces the possibility of being attacked because the
external network cannot directly contact the internal network
to be accessed.
In addition, adaptive proxy technology is a revolutionary
technology implemented in recent years in firewalls for
commercial
applications, combining the security of proxy
firewalls and the high speed of packet filtering firewalls, etc.
It can increase performance by at least 10 times without losing
security, and has two basic elements: adaptive proxy server
and dynamic packet filter. The initial security checks of an
adaptive proxy firewall still occur at the application layer, and
once the trusted identity is authenticated, a secure channel is
established and packets can pass directly and quickly through
the network layer.
