Application Firewalls

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

What is the difference between an Application level firewall and an Application Level Gateway? OR are they the same thing? My reasoning is that the application firewall becomes a gateway or proxy (its how it works?) or have i missed something - if someone has some reading material for me online its much appreciated thanks!

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Application layer firewall


Application-level gateway

 

Microsoft's inbuilt firewall on Windows server 2003, wins xp and windows 2000 pro are examples of stateless firewall as these check simple tcp/ip packet routes.

However, stateless firewall is not as drastic when it comes to what is allowed and what isn't of it's own default settings unless a rule is configured.

On the other hand a stateful firewall as an example is the Cisco pix 500 series, sonicwall and the list goes on as they are more fussy in terms of what is allowed through the tcp/ip protocol stack. Cheerio and hope this helps.

 

There isn't really a great deal of difference between them Zim. Technically, its usually accepted that an ALG is 'seamless' - i.e. once in place it doesn't require any further configuration to make it work; whilst an ALF is basically a proxy, which means you need to configure something else (client) to get it to function.

You generally tend to find ALGs are built into firewalls. For instance, all enterprise firewall vendors implement ALGs for FTP because FTP needs to be 'session aware' as, whilst port 21 is used as the control port for FTP communications it creates ephemeral high ports for the actual data transfer.

ALFs are usually either sepearte programs/applications, or are added-on functions in a firewall (usually paid for by subscription or as licensed extra modules)

In practice though, despite these theoretical differences, there's very little difference between what an ALG and an ALF do - they firewall traffic at layer 7 (or below, depending on the application being used)

 

Thanks for the input guys!

 

how does this sound?

 

Bump!

 

cant anyone verify what i written please guys?