An application layer gateway (ALG) is a type of security software or device that acts on behalf of the application servers on a network, protecting the servers and applications from traffic that might be malicious.
An application layer gateway–also known as an application proxy gateway- may perform various functions at the application layer of infrastructure. For example, it’s often used to bypass firewalls or provide other access control features that are not available natively by the application protocol itself.
These functions may include address and port translation, resource allocation, application response control, and synchronization of data and control traffic.
A web proxy is a tool that allows you to act as a proxy for the webserver, enabling you to manage application layer protocols such as SIP and FTP and shield the webserver by blocking connections when appropriate.
Applications are vital to business operations and daily life, and cyber-attacks often target the application layer of IT infrastructures. To ensure business continuity and protect sensitive data and personally identifiable information (PII), you must protect them at every stage of the process, specifically by addressing the application layer. Application layer gateways are one option for securing applications and their data.
A secure web proxy acts like a proxy server for the applications and manages the secure connection between the web browser and the webserver. Typically, a web proxy will perform deep packet inspection and block malicious content. Application Layer Gateways (ALG) is a good fit for organizations that want to create a secure perimeter by filtering traffic for applications and websites. ALG capabilities typically exceed those of application firewalls, which are designed to prevent access to applications, not content and data.
The services and functions of an application layer gateway are delivered by the F5 Advanced Web Application Firewall (Advanced WAF). Similar application protection can be provided as a cloud-based service via the F5 Silverline Web Application Firewall.