Q & A on Application Level Gateways,

Q: Please could you help me understand this - how do application (level) gateways work?

A: An application gateway is a running program that connects two or more (heterogeneous) distributed systems. For example, one type of application gateway is used to connect heterogeneous e-mail systems. To understand the motivation, assume that you work for a company that runs proprietary e-mail software internally. If the company wants to send e-mail across the Internet, it must format the message according to the Internet standard and must use standard Internet protocols to transfer the messahe. An application gateway can be placed between the two -- the gateway accepts outgoing mail in the proprietary format, reformats it to use the Internet standard, and sends it. Similarly, the application gateway accepts all incoming e-mail, reformats it to use the proprietary system, and forwards each message to the appropriate recipient using the proprietary e-mail system.

Q: How are they related to ip packet filtering.

A: Application gateways are seldom used to perform packet filtering because the overhead is high (each packet must be transferred from inside the operating system to the application gateway and back into the operating system for transmission, and there is usually a context switch as well). Thus, most packet filtering is performed by a router or by protocol software inside an operating system.