Proxy Server: A proxy server generally sits on the gateway of a corporate network. When a client (computer) requests an object (web page, image, etc) from an origin server (server hosted publicly on the Internet), a proxy server interrupts the communication and checks if that object is already present in it (when caching is enabled). If it is present, it would provide it to the client by itself. If its not present, the request is forwarded over the Internet to the origin server. Generally, while forwarding such requests, the IP address of the client is changed and the request is forwarded using a common IP address so that the IP addresses of the individual clients is not exposed outside the corporate network. The Origin server receives the request (from what it thinks is the request from the client), processes it, and sends back the response. The proxy server receives it, changes the destination IP address to the client’s original IP address and sends it to the client.
As you can see, the proxy server acts as a forwarder of communications between the client(s) and the origin server (generally over the Internet). The following are some of the main functions that can be performed by the proxy server:
Caching: Proxy server caches (stores) the frequently requested content (web objects) and provides them directly to the clients when requested. This saves a lot of bandwidth and helps in reducing the latency (time taken for an object’s request and arrival).
Security: Since all the communications from the corporate network goes through the proxy server, they can perform certain security related operations like URL filtering (blocking certain websites based on IP/ category), Content filtering (blocking certain content from going outside the network), etc.
Anonymity: Since proxy server presents a common IP address on the Internet, the individual IP addresses of the clients over the corporate network are not exposed. Some proxy servers can forward the request over multiple proxy servers in order to make it difficult for anyone on the Internet to guess the corporate IP address.
SSL Offloading: Some proxy servers can handle encryption/ decryption functions on behalf of the clients and hence can reduce client performance bottlenecks due to those processes, as well as see through the encrypted traffic.
Logs: Proxy servers can maintain logs (URL information, time at which it was requested, longevity of the web sessions, etc) and these logs can be retrieved when required.
The proxy servers are available as open source as well as commercial softwares. These functions can also be performed partly by certain devices like URL Filtering appliances, UTM (Unified Threat Management) Appliances, Application Delivery Controllers, Routers etc.
No comments:
Post a Comment