Re: [SQU] Squid and Firewall

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Sat, 10 Mar 2001 01:06:25 +0100

Robert Collins wrote:
>
> It's a matter of the fine points of terminology.
>
> Firewall on it's own usually refers to a complete solution.
> Proxy Firewall refers to application gateways (such as squid),
>
> So a Proxy Firewall may be part of a full firewall solution, but saying
> Proxy Firewall on it's own has the implication that no packet
> filtering/NAT/other firewall tools are part of the discussion.

Not that fine points I would say.

A proxy is not by definition a firewall, but you can use proxies to
build a firewall. A proxy (in this context) is a man-in-the-middle
sofware operating at the application level, accepting requests from
clients and forwarding them to the intended destination.

Yes, there is a concept called proxy based firewall, which is a firewall
built using a set of proxy services (of which Squid can be one).

No, any of these proxy services alone does not make it a firewall. It is
the packaging and over-all system configuration that makes it a
firewall.

/Henrik

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Fri Mar 09 2001 - 17:40:08 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:35 MST