Computer >> Computer tutorials >  >> Programming >> Programming

What is the difference between application level gateway and hardware level gateway in information security?


Application-level Gateway

An application gateway or application level gateway (ALG) is a firewall proxy which offers network security. It filters incoming node traffic to certain specifications which define that only transmitted network application information is filtered. Such network applications such as File Transfer Protocol (FTP), Telnet, Real Time Streaming Protocol (RTSP) and BitTorrent.

An application layer gateway also known as an application proxy gateway. It can perform a several functions at the application layer of an infrastructure, generally known as layer 7 in the OSI model. These functions can include address and port translation, resource allocation, software response control, and synchronization of information and control traffic.

By acting as a proxy for the application servers and handling application protocols including SIP and FTP, an application layer gateway can control application session initiation and shield the application servers by avoiding or removing connections when appropriate to deliver application layer security.

Application gateways supports high-level secure network system communication. For instance, when a user requests access to server resources including files, Web pages and databases, the user first connects with the proxy server, which then creates a connection with the main server.

The application gateway resides on the user and server firewall. The proxy server hides Internet Protocol (IP) addresses and other secure data on the user behalf. A computer’s internal system can interact with an external computer using firewall protection. The application gateway and external computer function without user data or knowledge of the proxy server IP address.

Hardware Level Gateway

A hardware firewall is a physical device that connects between a computer network and a gateway. For instance, a broadband router. A hardware firewall is defined as an Appliance Firewall. In the other terms, a software firewall is a simple program set up on a computer that works through port numbers and other installed software. This kind of firewall is called a Host Firewall.

A hardware firewall supports redundancy in firewall rules so that a mistake that accidentally enable malicious traffic by host-based firewall software doesn’t leave the complete system open. For instance, a covered device utilizing built-in Microsoft Windows host-based firewall can “automatically” be updated to enable traffic by software installers without user communication, which can leave the covered device vulnerable.

Hardware firewalls also carry out much quicker than a software dependent solution, and are much more scalable. More devices can be added as needed with relative simplicity. Performance should be one of the key considerations when selecting a firewall solution because of the fact that some network traffic traveling into and out of the organization’s network will move through the device and it takes time and processing overhead to determine each packet to determine what needed to be completed with it.