Also known as application proxy
or application-level proxy
, an application gateway is an application
program that runs on a firewall
system between two networks
. When a client
program establishes a connection to a destination
service, it connects to an application gateway, or proxy
. The client then negotiates with the proxy server
in order to communicate with the destination service. In effect, the proxy establishes the connection with the destination behind the firewall and acts on behalf of the client, hiding and protecting individual computers on the network behind the firewall. This creates two connections: one between the client and the proxy server and one between the proxy server and the destination. Once connected, the proxy makes all packet
-forwarding decisions. Since all communication is conducted through the proxy server, computers behind the firewall are protected.
While this is considered a highly secure method of firewall protection, application gateways require great memory and processor resources compared to other firewall technologies, such as stateful inspection.