Understanding Application Gateway In Network Security
In my previous article, I have talked about some of the network firewall types that we have in network security. Now, I want to talk about some of the facts that you need to know about application gateway in network security. Follow me as we look at that in this article.
An application gateway also known as an application proxy or application-level proxy is an application that runs on firewalls. This type of firewall derives its name from the fact that it works by negotiating with various type of applications to allow their traffic to pass through the firewall.
In network terminology, negotiation is a term used to refer to the process of authentication and verification. In other words, rather than looking at the protocol and the port the packet is using, an application gateway will examine the packet application and the server-side application to which it is trying to connect.
It will then determine if that particular client application traffic is permitted through the firewall. This is significantly different from a packet filtering firewall, which examines the packet and has no knowledge of what sort of application sent them. Application gateways enable the administrator to allow access to specified certain types of applications such as web browsers or FTP clients.
When a client program such as a web browser establishes a connection to a destination service, it connects an application gateway or proxy. The client than negotiates with the proxy server in order to gain access to the destination service.
In effect, the proxy establishes a connection with the destination behind the firewall and act on behalf of the client, hiding and protecting individual computers on the network behind the firewall. This process actually creates two connections. There is one connection between the client and the proxy server and another connection between the proxy and the destination.
Once a connection is established, the application gateway makes all decisions about which packet to forward. Since all communication is conducted through the proxy server, computers behind the firewalls are protected.
With an application gateway, each support client program requires a unique program to accept client application data. This sort of firewall allows for individual user authentication, which makes them quite effective at blocking unwanted traffic. However, a disadvantage is this firewall uses a lot of system resources. The process of authenticating client applications uses more memory and CPU time than simple packet filtering.
Application gateways are also susceptible to various flooding attacks for two reasons. The first potential cause of a flooding attack may be the additional times it takes for an application to negotiate to authenticate a request. Remember that both the client application and the user may need to be authenticated. This takes more time than simply filtering packets based on certain parameters.
For this reason, a flood connection request can overwhelm the firewall, preventing it from responding to legitimate requests. Application gateways can also be more susceptible to flooding attacks because once a connection is made, a packet is not checked.
If a connection is established, then that connection can be used to send a flooding attack to the server it has connected to, such as a web server or e-mail server.
This vulnerability is mitigated somewhat by authenticating users. Provided the user logon method is secure, the likelihood that someone can use a legitimate connection through an application gateway for a flooding attack is reduced.
Now Tell Us Your Own Side Of This Story.
We would also like to hear what you feel about the topic we discussed today. Your feedback is very important to us. Feel free to drop your comments and recommendations. If you have a contrary opinion, you can drop that too.
You can also become part of our Facebook Page CRMNigeria for more updates. You can do that by clicking on the link or searching for our page on Facebook.
You can also become part of our WhatsApp Group Here.
Enjoy Latest Music From across the globe. Download TubeNaira.