He says in page 851 :
"When the user client process sends a message, the proxy firewall runs a server process to receive the request. The server (I said it is the HTTP proxy )opens the packet at the application level and finds out if the request is ligitimate. If it is, the server acts as a client process and sends the message to the real server (I said it is the HTTP Sever) in the corporation. If it is not, the message is dropped and an error message is sent to the external user. Figure 31.11 shows a proxy firewall implementation".
1- Is the proxy firewall always standalone device ?
2- If the proxy firewall can investigate (check ) the application layer by itself , why do I need to send the packet to the HTTP proxy ?
Edited by zillah, 07 June 2006 - 07:58 AM.