Proxy Server

A proxy server is a dedicated computer or a software system running on a computer that acts as an intermediary between an endpoint device, such as a computer, and another server from which a user or client is requesting a service. The proxy server may exist in the same machine as a firewall server or it may be on a separate server, which forwards requests through the firewall.

An advantage of a proxy server is that its cache can serve all users. If one or more Internet sites are frequently requested, these are likely to be in the proxy's cache, which will improve user response time. A proxy can also log its interactions, which can be helpful for troubleshooting.

How proxy servers work

When a proxy server receives a request for an Internet resource (such as a Web page), it looks in its local cache of previously pages. If it finds the page, it returns it to the user without needing to forward the request to the Internet. If the page is not in the cache, the proxy server, acting as a client on behalf of the user, uses one of its own IP addresses to request the page from the server out on the Internet. When the page is returned, the proxy server relates it to the original request and forwards it on to the user.

Proxy servers are used for both legal and illegal purposes. In the enterprise, a proxy server is used to facilitate security, administrative control or caching services, among other purposes. In a personal computing context, proxy servers are used to enable user privacy and anonymous surfing. Proxy servers can also be used for the opposite purpose: To monitor traffic and undermine user privacy.

To the user, the proxy server is invisible; all Internet requests and returned responses appear to be directly with the addressed Internet server. (The proxy is not actually invisible; its IP address has to be specified as a configuration option to the browser or other protocol program.)

Users can access web proxies online or configure web browsers to constantly use a proxy server. Browser settings include automatically detected and manual options for HTTP, SSL, FTP, and SOCKS proxies. Proxy servers may serve many users or just one per server. These options are called shared and dedicated proxies, respectively. There are a number of reasons for proxies and thus a number of types of proxy servers, often in overlapping categories.

Forward and reverse proxy servers

Forward proxies send the requests of a client onward to a web server. Users access forward proxies by directly surfing to a web proxy address or by configuring their Internet settings. Forward proxies allow circumvention of firewalls and increase the privacy and security for a user but may sometimes be used to download illegal materials such as copyrighted materials or child pornography.

Reverse proxies transparently handle all requests for resources on destination servers without requiring any action on the part of the requester.

Reverse proxies are used:

• To enable indirect access when a website disallows direct connections as a security measure.
• To allow for load balancing between severs.
• To stream internal content to Internet users.
• To disable access to a site, for example when an ISP or government wishes to block a website.

Other types of proxy servers

• Transparent proxies are typically found near the exit of a corporate network. These proxies centralize network traffic. On corporate networks, a proxy server is associated with -- or is part of -- a gateway server that separates the network from external networks (typically the Internet) and a firewall that protects the network from outside intrusion and allows data to be scanned for security purposes before delivery to a client on the network. These proxies help with monitoring and administering network traffic as the computers in a corporate network are usually safe devices that do not need anonymity for typically mundane tasks.
• Anonymous proxies hide the IP address of the client using them allow to access to materials that are blocked by firewalls or to circumvent IP address bans. They may be used for enhanced privacy and / or protection from attack.
• Highly anonymous proxies hide even the fact that they are being used by clients and present a non-proxy public IP address. So not only do they hide the IP address of the client using them, they also allow access to sites that might block proxy servers. Examples of highly anonymous proxies include I2P and TOR.
• Socks 4 and 5 proxies provide proxy service for UDP data and DNS look up operations in addition to Web traffic. Some proxy servers offer both Socks protocols.
• DNS proxies forward domain name service (DNS) requests from LANs to Internet DNS servers while caching for enhanced speed.

Proxy server security

Proxy servers in many forms enhance security but like many things in computing may be vulnerable themselves. To prevent DoS attacks and network intrusion, administrators should keep software up to date, use load balancing, enforce secure authorization and authentication and block unsolicited traffic, malicious and open proxies.

?