Forgive my criticisms:
The paper is founded on some incorrect assumptions.
It groups application specific proxies with generic proxies. Generic or
'plug-gw' proxies are not desireable because they don't filter application
commands, and are viewed as nearly as weak as packet filtering. Application
specific proxies are aware (to varying levels) of application commands.
A proxy server typically comprises of application specific proxies, and does
not comprise of only generic proxies. Generic proxies are avoided at all
costs, at least until management wants 'something added'. Occasionally
generic proxies are used as last resort, then replaced, for example
RealAudio and SQLnet were initially filtered with plug-gw proxies until
application (RealAudio/SQLnet) specific proxies were released.
The paper then continues to compare generic proxy functions with packet
filters and concludes they are the same. A discussion on NAT ensues which
is not an equivalent technology to either.
Bill Stout
At 12:29 AM 6/6/97 -0400, Ryan Russell/SYBASE wrote:
>Well, I finally got around to writing down my arguments
>on the above subject. Check it out at:
>
>http://futon.sfsu.edu/~rrussell/spfvprox.htm
>
>Warning: It's lengthy.
>
>Comments welcome.
>
> Ryan
>
_____________________________________________________________________________
Bill Stout (Systems Engineer/Consultant) stoutb @
pios .
com
Pioneer Standard (Computer Systems & Components) http://www.pios.com/
San Jose, CA (Location of 1 of 52 U.S. offices) (408) 954-9100
*My opinions do not reflect that of the company, and visa-versa, thankfully.*
|
|
