>I've been doing some research on firewalls, and was curious as to what it
>exactly means. Does a fully transparant firewall mean that you don't need
>to enter any passwords, like a basic packet filter? Does a non
>transparant firewall mean that every action will take a longer time, or is
>transparancy simply an effect that a user will feel?
Generally transparency means that the user doesn't notice anything
different (when using an Internet application) as a result of accessing
the Internet from behind a firewall than they would if there was no
firewall.
This means usually that there is no 'modified procedure' or manual
steps that the user has to take in order to use Internet clients
obtained from the Net (or shrink-wrapped from the local computer
store).
There are now 'transparent proxies' supplied in some new commercial
firewalls which handle data (both incoming and outgoing) at the
application layer via application-specific and aware gateway code, but
neither the client user nor machine is aware that an app level proxy is
actually handling (and in many cases modifying and rewriting data) the
TCP socket connections used -- they think that the firewall is just an
IP router to which they route their IP datagrams.
More subject to debate however is whether you can consider to be 'transparent':
o administrator configured (via network admin kits)
Web browser set to use proxy caching HTTP servers.
o installing and configuring the Microsoft Catapult
RWS (Remote Windows Sockets) or a 'Socks' shim on
top of client PC's winsock.dll
They are not usually considered to be 'transparent', because though
they are transparent to the user they are not transparent to the
application or machine.
- Morrow
|
|
