TATA
INFOTECH OFFICES 
A proxy based firewall is inherently more secure, since it does not allow any direct connection to be established between the internal network and the outside world
Even though the dotcom revolution has gone bust, the internet has become a vital information resource for more and more businesses. Email, for example, has become a mission critical application. Few companies can remain unaffected for more than a day without email access. Similarly web access, Virtual Private Networks (VPN) and some e-commerce applications are slowly becoming an integral part of day-to-day operations. In order to obtain maximum benefit from all these applications, highly reliable and speedy access to the internet is a must - something that dialup connections cannot provide. Therefore, even small and medium sized enterprises are installing some kind of 24x7 internet access ~ such as leased lines, cable modems, DSL, fiber optic etc.
Round the clock internet access has a major implication on your network security. Until yesterday, there was an "air gap" between your network and the outside world. Anyone who wanted to gain access to the data on your network, had to first cross this gap and physically gain access to your computers. But now this gap has been closed. Your computer network has now become a part of the global network. Anybody online on the internet, anywhere in the world, can access your systems, if you don't have the proper security. The important thing to understand is that providing this security is your responsibility alone and not that of anyone else like your Internet Service Provider (ISP). You and only you are to blame if you do not put a lock on your front door. A firewall is precisely this lock, or rather, a guard at the door of your network. It is no longer a comfort, but a necessity for any organisation which has a 24x7 connection to the internet.
The firewall is a piece of software or hardware, placed at the perimeter of your network that examines and regulates all incoming and outgoing traffic. It decides what is allowed to come in and what is not. How does it do that? Simply put, network traffic is made up of packets, each of which, has a header containing vital information such as the source address, a destination address and the type of packet. The firewall examines each packet header and based on pre-defined rules, either allows the packet to go through or drops it.
From this simple description of firewall functionality, two important aspects become immediately evident. First, the location of a firewall is crucial, unless it can "see" all the traffic, it cannot regulate it. All incoming and outgoing traffic to the internet has to pass through the firewall if it is to enforce security. Second, the rules defined are of paramount importance. Loosely or improperly defined rules can make even the best of firewalls useless as undesirable packets can go where they are not supposed to.
The earliest firewalls were built into routers ~ devices that are placed at the network perimeter for the purpose of directing traffic. Since they were examining packets anyway, it was easy to add some additional rules to drop packets not meeting certain criterion. These hardware firewalls were rudimentary since firewalling was not the device's primary function. The next generation of firewalls were software firewalls. These were dedicated pieces of software that were installed on a PC. These firewalls were very sophisticated and offered a very rich feature set that could help network administrators to gain a high level of control over what exactly was allowed to come in and go out of the network.
TATA INFOTECH - TOTAL SOLUTIONS TOTAL COMMITMENT