Application Gateways
A Very Brief Introduction
Prof. David Bernstein
James Madison University
Computer Science Department
bernstdh@jmu.edu
Filters
Traditional:
Each datagram is examined in isolation; some are allowed to pass and others aren't
Stateful:
Track TCP connections and use state information to determine which datagrams can and can't pass
Filters (cont.)
An Observation:
Filtering is done based on IP addresses and ports
Shortcomings:
We sometimes want to restrict access based on identity (e.g., username)
Application Gateways
Defined:
An application-specific server through which inbound and outbound data must pass
Problems:
Reduced performance
One gateway per application
There's Always More to Learn