What is a proxy firewall?
A proxy firewall is a network security system that protects network resources by filtering messages at the application layer. A proxy firewall is also be called an application firewall or gateway firewall.
A proxy firewall is also a proxy server, but not all proxy servers are proxy firewalls. A proxy server acts as an intermediary between clients and servers. It can cache webpages to reduce bandwidth demands, compress data, filter traffic and detect viruses. A proxy server can also be used to hide user information or to connect to services that would be blocked. On the other hand, a proxy firewall inspects all network traffic to detect and protect against potential threats. It can also detect network intrusion and enforce security policies.
Proxy firewall vs. traditional firewall
A proxy firewall acts as a gateway between internal users and the internet. It can be installed on an organization's network or on a remote server that is accessible by the internal network. It provides security to the internal network by monitoring and blocking traffic that is transmitted to and from the internet.
In contrast, a traditional firewall acts as a gateway between two networks. By blocking unwanted external traffic, a traditional firewall protects the computers and networks behind it from unauthorized access and attacks.
Filtering at the application level
Proxy firewalls filter traffic at the application layer, which is Layer 7 of the Open Systems Interconnection model. The technology is similar to traditional packet filtering firewalls, but proxy firewalls add an extra level of protection. A proxy firewall has its own Internet Protocol (IP) address, so an outside network connection will never receive packets directly from the sending network.
Proxy firewalls are often used as the first layer of defense in a secure web or application infrastructure. In this regard, they protect the network from external threats, while ensuring that internal web services and applications can be used safely with no impact on performance.
How are proxy firewalls used?
Proxy firewalls protect critical systems from unauthorized access. They act as a barrier between authorized users and unauthorized users. Proxy firewalls can be deployed within a hardware device, such as a router or firewall. They can also help accomplish the following:
- ensure that only authorized users have access to the resources of a computer network;
- filter out unwanted messages and packets on an internet network; and
- protect against network intrusion and espionage.
Proxy firewalls are also used to restrict access to sensitive sites or sites that are only relevant to specific users. For example, a proxy firewall can be used to prevent employees from accessing Facebook or Twitter during working hours, while still allowing them access to their personal accounts.
Proxies can be installed in the network itself -- between the internet and the internal network -- or on each individual computer.
Advantages and disadvantages of proxy firewalls
It is important to assess both the advantages and disadvantages of proxy firewalls when deciding how or if to use them.
The main advantages of proxy firewalls include the following:
- Security. Proxy firewalls are the most secure type of firewall because they prevent direct network contact with other systems. As previously mentioned, because it has its own IP address, the proxy firewall keeps external network connections from receiving network packets directly from the sending network.
- Logging capabilities. Proxy firewalls have the ability to examine the entire network packet, rather than just the network address and port number. This capability provides extensive logging capabilities -- a valuable resource for security administrators when dealing with security incidents.
- Threat assessment. Marcus J. Ranum is given credit for coming up with the idea of a proxy firewall. He described it as an easier way for programmers to assess the threat levels of application protocols and deploy error and attack detection and validity checking.
- Control and granularity. Another advantage of proxy firewalls is they offer more control and granularity than other types of firewalls. This is because they can be configured to apply levels of security to individual users and groups and contain access logs for detailed reports on user activities.
Proxy firewalls disadvantages include the following:
- Challenging to use. The main problem with proxy firewalls is that they are difficult to use. Many users disable them when they become frustrated that the applications they are using are unable to access the internet.
- Slow performance. Proxy firewalls can slow internet connections. Because they operate as a third party between the internet and the computer or device in use, they establish an additional connection for each outgoing and incoming packet. As a result, the firewall can become a bottleneck and slow performance.
- Single point of failure. For the same reason that they slow performance, proxy firewalls can also become a single point of failure in the system.
There are many kinds of firewalls, including firewall as a service. Find out about them as part of our guide to Secure Access Service Edge.