Application-Level Gateway - HP 7102dl - ProCurve Secure Router Configuration Manual
Procurve secure router 7000dl series - advanced management and configuration guide
Hide thumbs
Also See for 7102dl - ProCurve Secure Router:
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages) ,
- Advanced management and configuration manual (1005 pages)
Table of Contents
Advertisement
ProCurve Secure Router OS Firewall—Protecting the Internal, Trusted Network
Circuit-level gateway
192.168.1.99
Session
Secure Router OS firewall
192.168.1.99
Figure 4-2. Circuit-Level Gateway Versus Secure Router OS Firewall
For information on how to configure NAT, see Chapter 6: Configuring
Network Address Translation.
Application-level Gateway
Like a circuit-level gateway, an application-level gateway acts as a proxy
server between a trusted client and an untrusted host. Application-level
proxies filter packets at the OSI Application Layer (Layer 7). That is, they
accept only packets generated by services they are designed to copy, forward,
and filter. For example, only a Telnet proxy can copy, forward, and filter Telnet
traffic. The proxy server reads each packet and filters particular commands
or information relating to applicable application protocols.
Each protocol needs its own proxy; the proxies themselves are sometimes
called application-level gateways (ALGs). For example, an FTP ALG regulates
an FTP session between a trusted and untrusted host.
Application-level gateways can be prohibitively draining on resources. Each
protocol needs a separate ALG, and the gateway imposes two separate con-
nections (from the trusted network to the gateway and from the gateway to
the trusted network).
Internet
Router A
10.1.1.1
Session
Internet
Router A
10.1.1.1
Session
Source IP NATed
192.168.1.99
10.1.1.1
Overview
4-7
- Quick Links:
- Procurve Secure Router
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
