Learn now how proxy firewall works

When it comes to the question “how proxy firewall works” there are situations, when the activation of security causes a temporary workaround for connection problems.

Most firewalls, proxies or other methods to share the Internet connection can limit the access to PC ports. Operating according to your configuration can block packets you receive from an unknown source.

There are different techniques and implementation of this process you should know about.

How proxy firewall works: Firewall techniques (filtering method) additional online techniques

One distinguishes between:

1. Packet filters
2. Application level firewalls
3. Stateful Inspection

Desktop firewalls are used on a PC that is directly connected to the Internet.

Packet filter

Packet filter (also port filter) is the simplest version of a firewall, in other words it’s nothing but a firewall.

Here, the header of each protocol (IP header, ICMP header, TCP header, UDP header) is verified and processed according to the configured filter rules.

Benefits:

1. good performance, due to the relatively low functionality
2. simple configuration

Cons:

1. complicated attacks more likely won’t be blocked (eg Fragmentation Attack, in which the TCP header is divided between the first and the second packet)
2. Exploitation of vulnerabilities (buffer overflow WinNuke)
3. limited opportunities for logging
4. no content filtering (eg Active-X, cookies, FTP PUT)
5. hard to handle large number of filter rules (source of error!)

Application level firewalls (ALF) / proxy server

The Application Level Firewall is switched into the data stream between the client and server, it flows to the direction of the client server. Therefore, a separate program for any TCP service (the so-called proxy firewall) is essential.

Benefits:

1. proxy works depending on the direction of the data stream
2. malfunction of the proxy firewall is largely a security breach
3. IP address remains invisible
4. good / diverse logging options

Cons:

1. lower performance due to machining on OSI Layer 7
2. not all firewalls and applications are proxy-friendly

Stateful Inspection

Introduced by Checkpoint filter technology, Stateful Inspection can check the status and context information to remember or take it into account when filtering.

Despite the fact that firewall operates mainly at Layer 3, or 4 – eg averted the fragmentation attack in main progress / response is thoroughly detected. Stateful Inspection Firewalls represent a mishmash between a pure filtering and application level firewalls that combine the best of both worlds.

SPI (Staful Packet Inspection) firewalls are now the group of Technology firewalls that are most widely used even on (cheap) DSL routers.

Structure of a (safe) firewall system

When you are low on your budget, it still get protection with a single firewall. In this case, the Intranet is still protected, even if the outer firewall should have been compromised. Computers / servers can be placed in this DMZ without providing an equal access to the entire internal network.

It is also recommended, that you implement an Intrusion Detection System (IDS) and Intrusion Prevention System (IPS).

Personal firewalls / Desktop Firewalls

Personal firewalls also known as desktop firewalls are used on the PC. A related issue is the use of proxy servers, such as Wingate. If you have further questions about this topic, feel free to discuss them on our forum.