tailieunhanh - Performing Application Filtering
Application filtering is one of the most difficult types of filtering that firewalls perform, because it requires the firewall to process the data at the application layer (Layer 7) of the OSI model | Performing Application Filtering Application filtering is one of the most difficult types of filtering that firewalls perform because it requires the firewall to process the data at the application layer Layer 7 of the OSI model. Application filtering is one of the two primary components of an application proxy firewall the other being the proxy functionality provided by the firewall. Chapter 2 Firewall Basics and Chapter 8 Application Proxy Firewalls discuss application proxy firewalls in more detail. The purpose of application filtering is to enforce a specific security policy on various services provided through the firewall. Whereas network firewalls enforce policy-based on information between Layers 3 and 4 an application firewall goes further. Consider that an attacker can compromise a web server behind a firewall by attacking through the web service. Attacks such as Structured Query Language SQL injection cross-site scripting and viruses and worms represent significant problems because they attack the end host through the specific port that is required to be open in the network firewall. To solve this problem many vendors and some open source efforts have developed firewalls that can inspect the data payload of the packets passing through the firewall and determine whether they violate the security policy of the end host. If they do violate the policy these devices can prevent the attacks from affecting the target system. Applications That Are Hard to Firewall The difficulty with application firewalls stems from the fact that the transaction between the client and the server is complex and can be made more so if the protocol or the data in the communication expands or increases the complexity of the transaction. Protocols such as extensible Markup Language XML and Simple Object Access Protocol SOAP make web application firewalls especially tricky. To provide proper web application security the application firewall must have a detailed understanding of .
đang nạp các trang xem trước