Whats is core difference between Firewall and Proxy Server?

Question

I have a hosted VM with a provider, which I've set up mainly as a private mail server. It needs to be protected by some sort of firewall, but there are several to choose from, apart from just writing rules for iptables by hand. I don't think I'll be needing an extreme amount of rules.

Writing rules for iptables is not something I've done in many years, so I was wondering about using either ufw, shorewall or ferm. Has anyone got any experience with either of these? I'm looking for something that is easy to set up and maintain. A pointer to a good guide on any of these would also be much appreciated, especially one that centers on protecting a machine that doesn't serve as a firewall for an entire network, it only has the one interface.

Any suggestions?

Answer 1

A firewall and a proxy server are both components of network security. To some extent, they are similar in that they limit or block connections to and from your network, but they accomplish this in different ways. Firewalls can block ports and programs that try to gain unauthorized access to your computer, while proxy servers basically hide your internal network from the Internet. It works as a firewall in the sense that it blocks your network from being exposed to the Internet by redirecting Web requests when necessary.

Answer 2

Firewalls are a typical security measure, good for on-point security on a computer-by-computer basis. However, proxy servers can help manage networks on an entire network scale. Firewalls reflect a direct management of connections, while proxy servers reflect a control and routing of connections. And while both function in different ways, both can function separately or together as network security solutions.

Answer 3

Lets first understand what is proxy server and then its easy to understand the firewall -

Proxy is a men in the middle so when we try to access a node in which proxy server is coming we send the request to proxy and proxy to external world. Take an example of office where single connection is used for the internet by a number of employees. Each computer in the local net has the private IP and when we access the website in outside network. Request first go to the proxy and proxy hides the private ip (src-ip) and replace it with the public IP (it is called netting) and request go to the external website. And in the return path public-ip of proxy (dst-ip) is replaced with the private ip of the destination computer and packet gets delivered.

Except man in the middle both are same i.e. providing security in the network.