Application Gateway Vs Circuit level Gateway | Difference between Application Gateway and Circuit level Gateway
This page compares Application Gateway Vs Circuit level Gateway and mentions difference between Application Gateway and Circuit level Gateway with packet filters.
Application Gateway
• Host which is running proxy service is known as
Application Gateway. This is needed as packet filtering routers do
not allow TELNET and FTP connections. Both packet filtering routers and
application gateway are used together to provide high levele of security as well as
flexibility.
• A user which needs to connect with in-bound site need to
first connect with application gateway and later to destination host.
• There are many benefits of using application gateway such as
information hiding, robust authentication & logging, cost effectiveness and
less complex filtering rules etc.
• The disadvantages of application gateway is TELNET connectivity
requires two steps to connect either inbound or outbound.
Moreover here user need to connect with firewall rather than connecting
with host directly.
• Examples: TELNET, FTP, E-mail
Circuit level Gateway
• It relays TCP connections .
• No processing or filtering of protocol is done by circuit level gateway.
• Example#1: NNTP server and NNTP client,
here both connects with the firewall and later they can communicate
directly bypassing the firewall. This means firewall simply passes bytes
between the end systems.
• Example#2: Once the connection is established using application gateway,
firewall simply passes bytes between the hosts. This is another example of
circuit level gateway.
Following table mentions difference between Application Gateway, Circuit Level Gateway and Packet filters.
Packet filters | Application Gateway | Circuit level Gateway |
---|---|---|
Simple and least secure | Most secure approach | More secure than packet filter but not as secure as application gateway. |
Many routers provide this functionality | Unique program for each application | Relay TCP connections |
Passes or rejects packets based on rules | good for authentication and logging | Permission granted by port address |
Hard to manage | Not always transparent to users | No application level checking |
Easy to make mistakes | Used for email, FTP, TELNET, WWW | Can understand what is carried in the packet. |
Networking related links
Basics of OSI and TCPIP layers
Networking Gateway
What is Router
What is an IP address
network switch
network bridge
Hub and Types of Hub
What is MAC address
What is Difference between
hub Vs switch circuit switching Vs packet switching firewall Vs router HDLC Vs PPP IGRP Vs EIGRP router Vs bridge switch Vs router WLAN Vs Ethernet LAN LAN vs WAN vs MAN