Proxy Firewall
Proxy Firewall
Most modern firewalls distinguish between packet filtering and proxy server services. A firewall proxy server is an application that acts as an intermediary between two end systems (client & server machines). Firewall proxy servers operate at the application layer of the firewall, where both ends (source/client and destination/server machines) of a connection are forced to conduct the packet transfer through the proxy.
Proxy acts on behalf of both the inside client and outside server. Proxy server runs few programs that can be secured and trusted. Client and server never interact directly with each other. When client wants to communicate with server it is directly contact the proxy and proxy itself treat as a server, unlike when server wants to communicate with client it is directly contact the proxy and proxy itself treat as a client. So both client and server assume that they are communicating directly with each other but actually they are communicating with proxy server.
Proxy firewalls are the most secure types of firewalls which operate at the application layer, proxy server are also referred to as application layer firewall and it is expensive as well as hard to configure. Proxy acts as an intermediary – computers make a connection to the proxy which then initiates a new network connection based on the request. This prevents direct connections and packet transfer between either sides of the firewall, which makes it harder for intruders, hackers and malicious programs or to discover where the location of the network is.
A proxy firewall provides internet access to computers on a network but is mostly deployed to provide safety or security by controlling the information going in and out of the network. Firewall proxy servers filter, cache, log, and control requests coming from a client to keep the network secure and free of intruders and viruses.
There is often only one computer in a proxy firewall with a direct Internet connection – other computers has access to the Internet using that computer in a proxy firewall as gateway. A proxy gateway receives a request from a client inside the firewall, and then sends this request to the remote server outside of the firewall. The response from the server is then read and sent back to the client. Usually, the same proxy is used by all of the client computers within a network – this enables the proxy to efficiently cache documents that are requested by multiple clients.
When the user client sends a message or packet, the proxy firewall sends it to proxy server. Proxy server opens the packet at the application level and finds out if the request is authorized or not. If it is authorized, the Proxy server sends packet to the main actual server. If it is not authorized, the packet is dropped and error message is sent to the user. In this way the requests of the external users are filtered based on the contents at the application layer to protect internal network by unauthorized users (hackers) and programs like viruses, worms, Trojan horses etc.
Below figure shows step by step process of how http request and response from client to server are handled with the help of proxy firewall:
1. User who operates on client machine sends a request for a particular webpage from internet website with the help of web browser which is configured to use firewall proxy server.
2. Firewall proxy server accepts connection request from the client on behalf of actual server, issues an authentication request and verify the user for authorization.
3. After verification, if user is authorized it makes the http request web page on behalf of end user and forward it.
4. Main web server responds to http request of client user from proxy server. But note that this server is not aware that this request is coming from proxy server not from client/end user.
5. Once page is cached or received from main server, firewall proxy server sends the requested web page to end/client user.