Re: Gauntlet adaptive proxies

[Kevin Steves <stevesk () sweden hp com>]

On Thu, 12 Nov 1998, Darren Reed wrote:
: > One quote from the paper is: "With an adaptive proxy firewall, initial
: > security examinations are still conducted at the secure application
: > layer, but subsequent packets can be redirected through the network
: > layer as soon as the security clearance has been made".  In the case
: > above I assume the proxy has built a new TCP connection to the
: > destination server, then at some point decides it's OK to packet filter
: > the connection.  What about address and sequence number translation in
: > this case?
: 
: I can't see that as being an obstacle.  All the information is there,
: somewhere, you just have to get it and massage it appropriately when
: sending packets back and forth.

It's certainly doable.  But I guess it's not clear from the whitepaper
whether Gauntlet's adaptive proxy implementation does this (vs. maybe
delaying the connection to the destination host until the security
clearance has been made?).  I'd like more details (maybe a technical
whitepaper instead of a marketing/management whitepaper).

: Heck, I can envisage being able to even go back into "proxy mode" from
: packet forwarding.

That would be cool.