One big disadvantage of firewalls in an ever increasing network
application world is that there is no easy way to write new proxies for
Many new applications won't be able to achieve wide spead use in the
corporate world without appropriate "self-defense" security measures, even
with, IMHO, the widespead use of IPv6.
What is needed is a Proxy Application Programming Interface (PAPI) that
will allow third party vendors to write application level proxies for their
new applications for any firewall. PAPI must be as independant as possible
from the underlying Firewall SW, OS and hardware platforms in order to gain
With the constant growth of the computing world and networking in general, I
believe that the concept of PAPI is going to happen evntually.
I am currently considering persuing this concept as part of my Masters
project. I have a few questions for the list.
1) Has (or is) anyone else working on such a thing?
2) What new security concerns would the use of such an API create?
3) What do think? Complete honest (or rambling) opinions welcome.
----- Ed Maillet