Anthony Lucia
asked on
Proxy without scanning content
I have read some excellent posts and have learned a lot, but have to ask one last question on this subject
If I have a proxy within the DMZ, and I do not scan for content, check for viruses, etc, and I do nothing to the content or block access based upon content, I might as well use port forwarding
Is this correct
If I have a proxy within the DMZ, and I do not scan for content, check for viruses, etc, and I do nothing to the content or block access based upon content, I might as well use port forwarding
Is this correct
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
nm
If I have a proxy within the DMZ, and I do not scan for content, check for viruses, etc, and I do nothing to the content or block access based upon content, I might as well use port forwarding
Is this correct
As the other experts suggest, it's not such a straight forward answer/decision.
Using an internal proxy like you're using is pretty much just packet forwarding so yes, it is similar to port forwarding.
Port forwarding however does not offer the same services as a proxy server.
So while we may be answering your question correctly...we do worry that you may not be asking the right question. This is where the articles become a little meaningless.
Don't forget there are many different types of proxy servers
http://en.wikipedia.org/wiki/Proxy_server
Question: Is your proxy only servicing clients on your internal network or do you have users coming in from the WWW who also need to access your proxy?
By using port forwarding only, you could be exposing your servers which would have been obfuscated by the proxy server so the backend services would have limited exposure to the Internet.
The big question is: What is your objective here? What do you want to achieve?
Do you want to: Remove an "unnecessary" server or get an understanding of the concepts? Or other?