Proxy Settings; Proxy Policies; Understanding The Http Proxy - Watchguard Firebox X20E User Manual

8

Proxy Settings

A proxy monitors and scans connections. It examines the commands used in the connection to make
sure they are in the correct syntax and order. A proxy also looks at the content that is sent back and
forth during the connection. If the content does not match the criteria you set, the proxy terminates
the connection.
Although this guide often describes proxies and packet filters in the same context, they are actually
very different. While a packet filter operates only at the network and transport protocol layers, a proxy
operates at the application layer. It uses deep packet inspection to make sure that connections are
secure. The proxy opens each packet in sequence, removes the network layer header, and examines
the packet's payload. It then puts the network information back on the packet and sends it to its desti-
nation.
Proxies are an important tool for network security. Attackers frequently use content such as executable
programs or files written in scripting languages to send computer viruses. Although a packet filter can-
not find the unauthorized content in the packet data payload, a proxy knows these content types are
not allowed. The Firebox X Edge e-Series supplies proxy policy filters that monitor and examine HTTP,
SMTP, POP3, and FTP connections. WatchGuard proxies also look for application protocol anomalies. If
a packet is not built correctly, or contains content that is unexpected or does not match the rules in
your Edge configuration, the proxy blocks it.

Proxy Policies

The Edge includes four standard proxies:
HTTP (web traffic)
•
FTP (file transfer)
•
POP3 (email)
•
SMTP (email)
•

Understanding the HTTP proxy

Hyper Text Transfer Protocol (HTTP) is a request/response protocol between clients and servers. The
HTTP client is usually a web browser. The HTTP server is a remote resource that keeps or creates HTML
User Guide 103