Networking

Proxy Servers

A proxy service provides management and control over what is now an essential feature of any modern networkInternet access. A proxy server, which can be a computer or a dedicated hardware device running proxy service software, acts as an intermediary between a user on the internal network and a service on the external network (normally the Internet). The proxy server takes requests from a user and then performs those requests on behalf of the user. To the external system, the request looks as if it originated from the proxy server, not from the user on the internal network. Figure 2 shows how a proxy server fits into a network configuration.

Figure 2 A proxy server in a typical network configuration.


There are a couple of excellent reasons to implement a proxy server:

  • To perform NAT functions A proxy server can process and execute commands on behalf of clients that have private IP addresses. This enables an organization with only one registered IP address to provide Internet access to a large number of computers. This process is known as IP proxy.

  • To allow Internet access to be controlled Having a centralized point of access allows for a great deal of control over the use of the Internet. By using the functionality of a proxy server application or by using an add-on feature, proxy servers can filter requests made by clients and either allow or disallow them. You can, for example, implement uniform resource locator (URL) filtering, which allows or denies users access to certain sites. More sophisticated products can also perform tests on retrieved material, to see if it fits acceptable criteria. Such measures are intended to prevent users from accessing inappropriate Internet web pages. As an "after the event" feature, proxy server applications also normally provide logging capabilities so that Internet usage can be monitored.

Although the most common function of a proxy server is to provide access to the Web for internal clients, that is not its only function. A proxy server, by definition, can be used as an intermediary for anything, not just HTTP requests. Other services can be supported by a proxy server, depending on the proxy server application being used and its configuration. For example, you might configure a proxy server to service HTTP requests (TCP port 80), Post Office Protocol 3 (POP3) email retrieval (TCP port 110), Simple Mail Transfer Protocol (SMTP) mail sending (TCP port 25), and HTTPS requests (TCP port 443). With an understanding of what a proxy server is designed to do, you can look at one additional feature built in to proxy server functionality, caching.