adam's notes

Proxy Server

A proxy server is a server that mediates the communications between a client and another server.

  • forwards requests and responses on behalf of clients
  • provides security and performance features
  • serves as a single source for requests
  • rather than inspecting traffic as it passes through, it works on a store-and-forward model:
    • deconstructs each packet
    • performs analysis
    • and rebuilds the packet and forwards it
      • amount of rebuilding depends on the proxy
        • some only manipulate the IP and TCP headers
        • Application-aware proxies might add or remove HTTP headers
        • deep packet inspection proxy might be able to remove content from an HTTP payload

Info

  • should consider proxying as a function, rather than class of device
  • possible to configure proxy server software on general computer
    • most firewall appliances can work as a proxy too
  • proxy can be configured as a virtual appliance

Functions

  • Filter: filters and modifies packets based on an application or service
    • when a proxy performs content filtering
      • it can be considered an application-level firewall
      • block access to sites
      • apply rules to access requests
  • Caching: provides caching services to improve performance
    • E.g., when you request a page from a website, proxy server will retrieve it then cache it in its memory
    • next time someone request that website, the proxy server can retrieve it from its cache, thereby saving internet bandwidth
  • Address translation: convert between private and public addressing schemes
  • Logging: logs user activity for auditing purposes

Use Cases

Companies use proxy servers to:

  • keep spam from reaching their users’ email
  • keep employees from visiting websites that might have objectionable material
  • filter out traffic that might indicate the presence of malware

Types of Proxies

Forward Proxy

A forwarding proxy server provides for protocol-specific outbound traffic.

  • e.g.,
    • web proxy
  • must understand the application it is servicing
    • e.g., web proxy must be able to parse and modify HTTP/S requests and replies
  • can be
    • application specific
    • multipurpose
      • is one configured with filters for multiple protocol types
  • classified as
    • nontransparent
      • redirects requests and responses for clients configured with the proxy address and port number
      • usually uses TCP port 8080
    • transparent
      • aka forced or intercepting proxy
      • redirects requests and responses without the client being explicitly configured to use it
  • Both types of proxy can be configured to require users to be authenticated before allowing access
    • able to use single sign-on (SSO)

Info

A proxy auto-configuration (PAC) script allows a client to configure proxy settings without user intervention.

  • The Web Proxy Auto-discovery (WPAD) protocol allows browsers to locate a PAC file

Benefit of Proxy Servers

  • main benefit
    • clients connect to a specified point within the perimeter network for web access
      • provides for a degree of traffic management and security
  • provide caching engines
    • frequently requested webpages and image assets are retained on the proxy
    • negates need to refetch files for subsequent requests

Web Proxy Server

A web proxy server focuses solely on internet traffic (http/https, DNS).

  • very common in enterprise environments
  • Provides:
    • filtering: acts as filtering service, but can restrict unwanted websites that belong to certain categories (gambling, social media, etc.)
    • content checking: similar to proxy server, can verify that content is valid and doesn’t contain malicious content
    • caching

Reverse Proxy

A reverse proxy provides for protocol-specific inbound traffic.

  • protects servers from direct contact with client requests
  • typically deployed on the network edge
  • may not want to allow hosts on public network to connect directly to application servers
    • due to security and performance factors
  • can configure to listen for client requests from a public network and create the appropriate request to the application server
    • proxy is said to publish the application
    • proxy applies filtering rules and if accepted
      • creates the appropriate request and forwards it to an application server within a specially secured screened subnet zone on the local network
  • applications for reverse proxies:
    • publishing a web server
    • publishing messaging or conferences applications
    • enabling POP/IMAP mail retrieval
  • may handle encryption/decryption and authentication on behalf of application servers
    • reduces overhead on those servers
  • can perform caching to improve performance
  • can be configured to perform load balancing across an application server pool

Graph View

Backlinks