FAQ: What is a Proxy and why use one?

Status
Not open for further replies.
D

DelJo63

General
A proxy server is software that is placed between the user's browser and the ISP connection:
Code:
your browser --- a proxy --- the ISP
A proxy serves to provide:
  1. blocking offensive web content.
  2. reformat web pages for a specific purpose or audience;
  3. to intercept computer viruses and other hostile content served from remote web pages.
  4. enterprise policy enforcement
  5. logging all accesses to external sites


Intercepting

Many organizations — including corporations, schools, and families —
use a proxy server to enforce acceptable network use policies (see content-control software)
or to provide security, anti-malware and/or caching services.
A traditional web proxy is not transparent to the client application,
which must be configured to use the proxy
(manually or with a configuration script). In some cases, where alternative
means of connection to the Internet are available (e.g. a SOCKS server or NAT connection),
the user may be able to avoid policy control by simply resetting the client
configuration and bypassing the proxy. Furthermore administration of browser
configuration can be a burden for network administrators.

An intercepting proxy combines a proxy server with NAT. Connections made by
client browsers through the NAT are intercepted and redirected to the proxy without
client-side configuration (or often knowledge).

Intercepting proxies are commonly used in businesses to prevent avoidance of
acceptable use policy, and to ease administrative burden, since no client
browser configuration is required.

Intercepting proxies are also commonly used by Internet Service Providers in
many countries in order to reduce upstream link bandwidth requirements by
providing a shared cache to their customers.

Configurations
In a classical proxy configuration ports 21,22,23,25,80,110,443 are DENIED outbound
access which stops programs like FTP,SSH,Telnet,Browsers, and Email from accessing
the Internet. These programs are then configured to access
a local proxy server on the LAN, say Paranoid.lansys.ourdomain using the same
official ports shown here. The proxy server then does its job and accesses the
Internet using a hidden, private IP address to which the clients have no routing.
The proxy then forwards or rejects interior request per the admin policies being enforced.

Another configuration is to force the clients to use some other port, eg
using port 8080 for a browser in place of the standard port 80.

The third technique is to use a Winsock implementation which adds an LSP
to the client TCP Stack.

Implications
When connected to a LAN which operates a proxy, you become a good citizen
of that environment (and also subject to any possible monitoring).
The downside occurs when you take your laptop home for the evening and
attempt to access the Internet via your ISP. As the configuration on your
laptop is set for the proxy environment, it's highly probable that you go no where FAST!
Every request will timeout and you can't access your email either.

One good technique to manage multiple ISP connections is to use a Profile Manager,
like that provided by Netscape; one profile per ISP and the
proxy is honored only when in the enterprise environment.
Another technique is to create separate Internet Connections under the
Control panel-Internet Options.

Conclusion
Laptop systems which move from hotspots,home, and to an office or university location
are exposed for various problems when any admin implements a proxy server.
The home user NEVER needs a proxy and where present in your configuration,
it represents an attempt to control your experience or monitor your activity
-- CAVEAT EMPTOR!
 
One more important property of a proxy server is content caching. Depending on the clients' usage pattern, one can reduce internet traffic significantly by caching content on the proxy server.
 
Status
Not open for further replies.
Back