Proxy vs Firewall
I got asked the question recently, “What is the difference between a proxy and a firewall?”
I’ll paraphrase my simple analogy in response:
If you think of a firewall as a telephone, you can think of a proxy as a telephone operator.
As analogous to a firewall, you can think of calling the server via telephone, and then speaking directly to the server in order to make a request, and the server responds to you directly. The telephone might have some rules built in to it, about who you are allowed to call, and when (these are the firewall rules).
Extending this analogy, a proxy is like a telephone operator. Rather than make a request to the server directly, you are only allowed to call the operator. The operator receives your entire request, and then makes a separate call to the server. After passing the request to the server, the operator then receives the entire response from the server, and passes the response to you.
Now, imagine that the operator must consult a long list of rules to see if your request is valid before passing it to the server, and also must compare the server response to another long list of rules to ensure that it’s valid before passing the response back to you. This is known as filtering.