Proxy severs have been around for quite a while now. Most likely, the history of proxy servers dates back to the beginnings of networking and the internet itself. Proxy servers were originally developed as a tool for caching frequently accessed Web pages. A proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server evaluates the request according to its filtering rules. It may filter traffic by Internet Protocol (IP) address or protocol. If the request is validated by the filter, the proxy provides the resource by connecting to the relevant server and requesting the service on behalf of the client. A proxy server may optionally alter the client’s request or the server’s response, and sometimes it may serve the request without contacting the specified server. In this case, it ‘caches’ responses from the remote server, and returns subsequent requests for the same content directly.
How Proxy Servers Work
Proxy servers functions as a middle-man between the public internet and internal network. An example is an internal host makes a request to access a website. The request goes to the proxy server, which examines the packet including the header and data against rules that are pre-configured by the administrator. The proxy server recreates the packet with a different IP address. The proxy server then sends the packet to its destination (the IP has now changed to by the proxy server to the receiver). The returned packet is sent to the proxy server which inspects the packet again and compares the packet against the rule base. The returned packet is rebuilt by the proxy server after inspection and sent to the originating host appearing as if it has been sent by the external host and not the proxy server.
A proxy server uses ports to filter connections between your computer and other networks. When you set your internet to use a proxy, your computer’s data is sent to the proxy to be filtered, rather than directly to the internet. In turn, the proxy server receives the data, filters it for you and then sends it to the internet using a different port. Proxy servers use network addressing schemes to show one general IP address to the filter-out network. The proxy server acts like a funnel; it takes a lot of information from various sources, and filters it all into one specific address. Proxy servers can also be used backwards, as a way to restrict your computer from reaching certain places on the internet. Proxy servers are capable of performing many complex tasks such as masking an IP address. Every computer is assigned an IP address. Proxy servers allow you to go through them in order to mask your computer info. Once you are connected to a proxy, it filters your IP address and masks it as a different IP address. Web pages will not load as fast due to the fact that the data is being filtered each time you request a web page. All that is required is that you find a proxy, enter the information about the proxy, and activate it. There are several different types of proxy servers, designed for different purposes.
Functions and Different Types of Proxy Servers
The different types of proxy servers are Caching proxy server, Web proxy/content filtering web proxy, Anonymizing proxy server, Transparent and non-transparent proxy server, Intercepting proxy server, and Forward proxy/Reverse proxy server.
1. Caching Proxy Server
Caching proxies were the first kind of proxy server. Caching proxy server speeds up service requests by recover content saved from a previous request made by the same client or even other clients. These servers keep local copies of frequently requested resources. This allows large organizations to reduce their upstream bandwidth usage and cost, but it also increases performance. Caching proxy servers are the most common type servers that ISP’s and large businesses use. They were the first kind of proxy server. These kind of servers help reduce the cost of hardware.
Proxy Server performs two types of caching, passive caching and active caching. Passive caching occurs on behalf of every Web Proxy service request for content. As browsers request content, the service consults the cache to see whether a current copy of the object exists. If no copy exists, the service downloads a fresh copy from the Web server and serves it to the client. Active caching is caching that the proxy server performs during its idle periods. This proxy server proactively downloads the most frequently requested pages your local proxy server cache learns. Caching proxies provides large organizations to significantly reduce their upstream bandwidth usage and cost. Poorly implemented caching proxies have had downsides, they may have an inability to use user authentication. These are known as http proxy/caching problems.
2. Web Proxy
A web proxy is the heart if the World Wide Web traffic. It is commonly used to serve as a web cache. (Is the caching of web documents to reduce bandwidth usage, server load, and lag). Some proxy programs provide the means to deny access to Uniform Resource Locator (URL) in a blacklist, which provides content filtering. These proxies are mostly used in corporate, educational or library environment, or anywhere that content filtering is needed.
3. Content Filtering Webproxy
A content filtering web proxy server provides administrator control over the content that may be relayed through the proxy. Content methods used for content filtering include URL or Domain Name System (DNS) blacklist, URL regex filtering, Multipurpose Internet Mail Extensions (MIME) filtering, or content keyword filtering. A content filtering filter can handle user authentication, which controls web access. They can also generate logs that give detailed information about URLs accessed by specific users, and they can monitor bandwidth usage statistics. Another good feature is the ability to communicate with daemon based and Internet Content Adaptation Protocol (ICAP) based antivirus software to provide security against virus and other malware that scans incoming content in real time before it enters the network.
This server provides administrative control over the content that may be relayed through the proxy. A content filtering proxy will often support user authentication, to control web access. It also usually produces logs, either to give detailed information about the URLs accessed by specific users, or to monitor bandwidth usage statistics. Content filtering is commonly used in both commercial and non-commercial organizations to ensure that internet usage is under the acceptable use policy.
4. Anonymizing Proxy Server
Anonymous proxy server generally tries to utilize unidentified web surfing. There are different variations of anonymizers. The most used anonymizers is the open proxy. They are more difficult track, and open proxies are good for those that are seeking anonymity. Some users are only interested in anonymity for added security, by hiding their identities from potentially malicious websites. An anonymizing server works by receiving the server request from the anonymizing server, but the other server doesn’t get information about the end user’s address. Even though, the requests are not anonymous to the anonymizing server, which adds a level of trust.
5. Transparent and Non-Transparent Proxy Server
A transparent proxy is a proxy that does not modify the request or response beyond what is required for proxy authentication and identification. A non-transparent proxy is a proxy that modifies the request or response in order to provide some added service to the user agent, such as group annotation services, media type transformation, protocol reduction, or anonymity filtering. Transparent proxy servers have a security flaw that was published by Robert Auger 2009 and advisory by the Computer Emergency Response Team (CERT) was issued listing dozens of affected transparent and intercepting proxy server.
6. Intercepting Proxy Server
An intercepting proxy server adds a proxy server with a gateway or router. The connection is made by the client browsers through the gateway are diverted to the proxy without the client side configuration. Connections may also be diverted from a server or other circuit level proxies. Intercepting proxies are commonly known as a transparent proxy or forced proxy, because the existence of the proxy is transparent to the user, or the user is forced to use the proxy regardless of the local settings.
7. Forward Proxy/Reverse Proxy Server
Forward proxies are proxies that are able to retrieve from a wide range of sources, mostly the anywhere on the internet. Reverse proxies are more specialized sub types of the general forward proxy concept. A reverse proxy is a proxy server that is installed near one or more web servers. All traffic coming from the internet and with a destination of one of the web servers goes through the proxy server. The use of reverse originates in its counterpart forward proxy since the reverse proxy sits closer to the web server and serves only restricted set of websites.
Goals of Proxy Server
When implementing a proxy server into the company’s environment, you have to consider the goals that proxy systems can help the company achieve. Some of these goals are concealing internal clients, blocking and filtering URLs or content, E-Mail protection, improving performance, ensuring security and providing user authentication.
Concealing Internal Clients
One of the biggest benefits a company can achieve by using a proxy server is its ability to conceal internal clients from external clients who try to gain access to the internal network. For Example, three internal hosts with IP address 10.1.1.1, 10.1.1.2 or 10.1.1.3. When the internal hosts make a connection to the external hosts, the external hosts will see the IP address of 208.84.211 which is the proxy server. This process acts like Network Address Translation (NAT), however, unlike NAT proxy servers rebuild the packets and sends to its destination.
Blocking and Filtering Content
Many organizations have strict Internet policies regarding offensive material and employees accessing particular sites during certain hours. For instance, proxies can block and filter this kind of traffic including entertainment, pornography or gaming sites. This can greatly enhance bandwidth in a network.
Most people believe using a proxy server is just for web access; however it can be used to protect the internal Exchange server. For example, a message is sent from an internal user through the Exchange server. The Exchange forwards the message to the Simple Mail Transfer Protocol (SMTP) server. SMTP is used to send mail between servers, which is located in the Demilitarized Zone (DMZ). A DMZ is a network of publicly accessible servers, such as a Web server, that is connected to the firewall but isolated from the internal network. The SMTP server will, strip out the IP source address, then rebuilds the packet and forwards to the external source. External sources will not see the source IP but the “proxy server”, which will greatly reduce viruses and spam.
Most people also believe that, proxies slow down a network and provide a single point of failure. However, proxy servers can enhance a networks performance by caching Web pages. Cache is a section of disk space on a drive reserved for storage when applications need resources. Instead of accessing the original Web page for every request (which can cause the network traffic to increase), an internal user can access a cached copy of a Web page. This load balances the Web server, which does not have to keep retrieving the same documents.
Another benefit of using proxy servers is their ability to provide detailed log file information because all data goes through a single checkpoint. A log file contains information about access and events that have occurred on a server, operating system, or specific application. Log files are one of the most important and often-neglected sources of information. If neglected and used improperly, the log file can grow which can become very huge and it should only log the services you consider to be critical. Proxy servers provide a reliable way to monitor network traffic.
Recongizing the Single point of Failure
If a proxy server crashes or fails, because of attackers then your entire network will not have access to the Internet. This problem just does not exist in proxies, however your entire network from firewall, routers and servers. The best way to protect your network from a single point of failure is to have redundancy with load balancing. Load balancing is balancing the load of requests through another proxy server, based on the best response time and lightest load for the request.