Sie sind auf Seite 1von 14

Proxy Server

• In an enterprise that uses the Internet, a proxy

server is a SERVER that acts as an
intermediary between a workstation user and
the Internet so that the enterprise can ensure
security, administrative control, and caching
service. A proxy server is associated with or
part of a gateway server that separates the
enterprise network from the outside network
and a firewall server that protects the
enterprise network from outside intrusion.
• A client connects to the proxy server, requesting
some service, such as a file, connection, web
page, or other resource, available from a
different server. The proxy server evaluates the
request according to its filtering rules.

Proxy Server
• A proxy server receives a request for an
Internet service (such as a Web page
request) from a user. If it passes filtering
requirements, the proxy server, assuming
it is also a cache server, looks in its local
CACHE of previously downloaded Web
• If it finds the page, it returns it to the user
without needing to forward the request to
the Internet. If the page is not in the
cache, the proxy server, acting as a client
on behalf of the user, uses one of its own
IP addresses to request the page from the
server out on the Internet. When the page
is returned, the proxy server relates it to
the original request and forwards it on to
the user.
Proxy Server
• To the user, the proxy server is
invisible; all Internet requests and
returned responses appear to be
directly with the addressed Internet
server. (The proxy is not quite
invisible; its IP address has to be
specified as a configuration option to
the browser or other protocol
• An advantage of a proxy server is that
its cache can serve all users. If one or
more Internet sites are frequently
requested, these are likely to be in
the proxy's cache, which will improve
Proxy Server
• The functions of proxy, firewall, and caching can be in
separate server programs or combined in a single
package. Different server programs can be in
different computers. For example, a proxy server
may in the same machine with a firewall server or it
may be on a separate server and forward requests
through the firewall.
• For example, it may filter traffic by IP address or
protocol. If the request is validated by the filter, the
proxy provides the resource by connecting to the
relevant server and requesting the service on behalf
of the client. A proxy server may optionally alter the
client's request or the server's response, and
sometimes it may serve the request without
contacting the specified server. In this case, it
'caches' responses from the remote server, and
Schematic representation of a proxy server , where
the computer in the middle acts as the proxy server
between the other two
Proxy Server
Proxy Server
 A proxy server has two purposes:
• To keep machines behind it anonymous
(mainly for security).
• To speed up access to a resource (via
caching). It is commonly used to cache
web pages from a web server.
 A proxy server that passes requests and
replies unmodified is usually called a
gateway or sometimes tunneling proxy.
• A proxy server can be placed in the user's
local computer or at various points
between the user and the destination
servers or the Internet. A reverse proxy is
a proxy used as a front-end to accelerate
and cache in-demand resources (such as a
web page).
Proxy Server
 Proxy servers implement one or more of
the following functions:
• Caching proxy server - It server
accelerates service requests by retrieving
content saved from a previous request
made by the same client or even other
clients. Caching proxies keep local copies
of frequently requested resources,
allowing large organizations to
significantly reduce their upstream
bandwidth usage and cost, while
significantly increasing performance. Most
ISPs and large businesses have a caching
proxy. These machines are built to deliver
superb file system performance (often
with RAID and journaling) and also contain
Proxy Server
• Another important use of the proxy server is to reduce
the hardware cost. An organization may have many
systems on the same network or under control of a
single server, prohibiting the possibility of an
individual connection to the Internet for each
system. In such a case, the individual systems can
be connected to one proxy server, and the proxy
server connected to the main server.
• Web proxy
• A proxy that focuses on World Wide Web traffic is
called a "web proxy". The most common use of a
web proxy is to serve as a web cache. Most proxy
programs (e.g. Squid) provide a means to deny
access to certain URLs in a blacklist, thus providing
content filtering. This is often used in a corporate,
educational or library environment, and anywhere
else where content filtering is desired. Some web
proxies reformat web pages for a specific purpose
or audience (e.g., cell phones and PDAs).
Proxy Server
• Content-filtering web proxy
• A content-filtering web proxy server
provides administrative control over
the content that may be relayed
through the proxy. It is commonly
used in both commercial and non-
commercial organizations (especially
schools) to ensure that Internet usage
conforms to acceptable use policy. In
some cases users can circumvent the
proxy, since there are services
designed to proxy information from a
filtered website through a non filtered
site to allow it through the users’
Proxy Server
• A content filtering proxy will often
support user authentication, to
control web access. It also usually
produces logs, either to give
detailed information about the
URLs accessed by specific users, or
to monitor bandwidth usage
statistics. It may also communicate
to daemon based and/or ICAP
based antivirus software to provide
security against virus and other
malware by scanning incoming
Proxy Server
• Anonymizing proxy server
• An anonymous proxy server
(sometimes called a web proxy)
generally attempts to anonymize web
surfing. There are different varieties
of anonymizers. One of the more
common variations is the open proxy.
Because they are typically difficult to
track, open proxies are especially
useful to those seeking online
anonymity, from political dissidents to
computer criminals. Some users are
merely interested in anonymity on
principle, to facilitate constitutional
human rights of freedom of speech,
Proxy Server
• The server receives requests from the
anonymizing proxy server, and thus does
not receive information about the end
user's address. However, the requests
are not anonymous to the anonymizing
proxy server, and so a degree of trust is
present between that server and the
user. Many of them are funded through a
continued advertising link to the user.
• Access control: Some proxy servers
implement a logon requirement. In large
organizations, authorized users must log
on to gain access to the web. The
Proxy Server
• The other types of proxy servers
are as follows
• Hostile proxy
• Intercepting proxy server
• Transparent and non-transparent
proxy server
• Forced proxy
• Suffix proxy
• Open proxy server
• Reverse proxy server
• Tunneling proxy server
• And so on.
Proxy Server
• Proxies can also be installed in order
to eavesdrop upon the dataflow
between client machines and the
web. All accessed pages, as well as
all forms submitted, can be
captured and analyzed by the proxy
operator. For this reason,
passwords to online services (such
as webmail and banking) should
always be exchanged over a
cryptographically secured
connection, such as SSL