Firewall help

Unanswered Question
Nov 2nd, 2008

Hello all,

I'm new to the cert world and i'm studying for my ccsp now..

however i have a slight confusing regarding " application firewalls" and "deep inspection firewalls" .Can anyone kindly point out the difference to me if there exists one?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
purohit_810 Sun, 11/02/2008 - 10:13

See in simple definations:

Application firewall : Looks like a proxy. You can stop th attack smaller no of amount.

Ex: Linux proxy or older days Checkpoint.

Deep Inspection Firewall: It detects/protects signature based attack, worms etc. Ex: IDS and IPS. It supports large amount of attacks at a time.


Dharmesh Purohit

ybtheneonet Sun, 11/02/2008 - 10:23

Thanks purohit,

so basically what you are saying is that app firewalls are designed for smaller attacks whereas deep inspection firewalls are designed for more advanced attacks?

Both the firewalls do need separate engines for each application layer protocol they support right?



purohit_810 Mon, 11/03/2008 - 07:52


If you have IDS Sendor, it detects the attack and IPS pushes the policy based on signature blocked.


Dharmesh Purohit


This Discussion