Application Gateway Vs Circuit level Gateway | Difference between Application Gateway and Circuit level Gateway

This page compares Application Gateway Vs Circuit level Gateway and mentions difference between Application Gateway and Circuit level Gateway with packet filters.

Application Gateway

• Host which is running proxy service is known as Application Gateway. This is needed as packet filtering routers do not allow TELNET and FTP connections. Both packet filtering routers and application gateway are used together to provide high levele of security as well as flexibility.
• A user which needs to connect with in-bound site need to first connect with application gateway and later to destination host.
• There are many benefits of using application gateway such as information hiding, robust authentication & logging, cost effectiveness and less complex filtering rules etc.
• The disadvantages of application gateway is TELNET connectivity requires two steps to connect either inbound or outbound. Moreover here user need to connect with firewall rather than connecting with host directly.
• Examples: TELNET, FTP, E-mail

Circuit level Gateway

• It relays TCP connections .
• No processing or filtering of protocol is done by circuit level gateway.
• Example#1: NNTP server and NNTP client, here both connects with the firewall and later they can communicate directly bypassing the firewall. This means firewall simply passes bytes between the end systems.
• Example#2: Once the connection is established using application gateway, firewall simply passes bytes between the hosts. This is another example of circuit level gateway.

Following table mentions difference between Application Gateway, Circuit Level Gateway and Packet filters.


Packet filters Application Gateway Circuit level Gateway
Simple and least secure Most secure approach More secure than packet filter but not as secure as application gateway.
Many routers provide this functionality Unique program for each application Relay TCP connections
Passes or rejects packets based on rules good for authentication and logging Permission granted by port address
Hard to manage Not always transparent to users No application level checking
Easy to make mistakes Used for email, FTP, TELNET, WWW Can understand what is carried in the packet.

Networking related links

Basics of OSI and TCPIP layers
Networking Gateway
What is Router
What is an IP address
network switch
network bridge
Hub and Types of Hub
What is MAC address

What is Difference between

hub Vs switch  circuit switching Vs packet switching  firewall Vs router  HDLC Vs PPP  IGRP Vs EIGRP  router Vs bridge  switch Vs router  WLAN Vs Ethernet LAN  LAN vs WAN vs MAN 

RF and Wireless Terminologies