FAQ: What is a Proxy and why use one?

By jobeard
Apr 5, 2007
  1. General
    A proxy server is software that is placed between the user's browser and the ISP connection:
    your browser --- a proxy --- the ISP
    A proxy serves to provide:
    1. blocking offensive web content.
    2. reformat web pages for a specific purpose or audience;
    3. to intercept computer viruses and other hostile content served from remote web pages.
    4. enterprise policy enforcement
    5. logging all accesses to external sites


    Many organizations — including corporations, schools, and families —
    use a proxy server to enforce acceptable network use policies (see content-control software)
    or to provide security, anti-malware and/or caching services.
    A traditional web proxy is not transparent to the client application,
    which must be configured to use the proxy
    (manually or with a configuration script). In some cases, where alternative
    means of connection to the Internet are available (e.g. a SOCKS server or NAT connection),
    the user may be able to avoid policy control by simply resetting the client
    configuration and bypassing the proxy. Furthermore administration of browser
    configuration can be a burden for network administrators.

    An intercepting proxy combines a proxy server with NAT. Connections made by
    client browsers through the NAT are intercepted and redirected to the proxy without
    client-side configuration (or often knowledge).

    Intercepting proxies are commonly used in businesses to prevent avoidance of
    acceptable use policy, and to ease administrative burden, since no client
    browser configuration is required.

    Intercepting proxies are also commonly used by Internet Service Providers in
    many countries in order to reduce upstream link bandwidth requirements by
    providing a shared cache to their customers.

    In a classical proxy configuration ports 21,22,23,25,80,110,443 are DENIED outbound
    access which stops programs like FTP,SSH,Telnet,Browsers, and Email from accessing
    the Internet. These programs are then configured to access
    a local proxy server on the LAN, say Paranoid.lansys.ourdomain using the same
    official ports shown here. The proxy server then does its job and accesses the
    Internet using a hidden, private IP address to which the clients have no routing.
    The proxy then forwards or rejects interior request per the admin policies being enforced.

    Another configuration is to force the clients to use some other port, eg
    using port 8080 for a browser in place of the standard port 80.

    The third technique is to use a Winsock implementation which adds an LSP
    to the client TCP Stack.

    When connected to a LAN which operates a proxy, you become a good citizen
    of that environment (and also subject to any possible monitoring).
    The downside occurs when you take your laptop home for the evening and
    attempt to access the Internet via your ISP. As the configuration on your
    laptop is set for the proxy environment, it's highly probable that you go no where FAST!
    Every request will timeout and you can't access your email either.

    One good technique to manage multiple ISP connections is to use a Profile Manager,
    like that provided by Netscape; one profile per ISP and the
    proxy is honored only when in the enterprise environment.
    Another technique is to create separate Internet Connections under the
    Control panel-Internet Options.

    Laptop systems which move from hotspots,home, and to an office or university location
    are exposed for various problems when any admin implements a proxy server.
    The home user NEVER needs a proxy and where present in your configuration,
    it represents an attempt to control your experience or monitor your activity
  2. Nodsu

    Nodsu TS Rookie Posts: 5,837   +6

    One more important property of a proxy server is content caching. Depending on the clients' usage pattern, one can reduce internet traffic significantly by caching content on the proxy server.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...