An application proxy firewall is able to scan all incoming application data for viruses. It would be more efficient to have each host scan the application data it receives for viruses, since this would effectively distribute the workload among the hosts.
Why might it still be preferable to have the application proxy perform this function?
Suppose that packets sent between Alice and Bob are encrypted and integrity protected by Alice’s firewall and Bob’s firewall with a symmetric key known only to Alice’s firewall and Bob’s firewall.
a. Which fields of the IP header can be encrypted and which cannot?
b. Which fields of the IP header can be integrity protected and which cannot?
c. Which of the firewalls—packet filter, stateful packet filter, application proxy—will work in this case, assuming all IP header fields that can be integrity protected are integrity protected, and all IP header fields that can be encrypted are encrypted? Justify your answer.