SlideShare a Scribd company logo
2
Most read
3
Most read
4
Most read
Proxy Server
A Proxy Server is computer that functions as an intermediary between a web browser (such as Internet
Explorer) and the Internet. Proxy servers help improve web performance by storing a copy of frequently
used webpages. When a browser requests a webpage stored in the proxy server's collection (its cache),
it is provided by the proxy server, which is faster than going to the web. Proxy servers also help improve
security by filtering out some web content and malicious software.
A Proxy Server is a server (a computer system or an application) that acts as an intermediary for
requests from clients seeking resources from other servers. A client connects to the proxy server,
requesting some service, such as a file, connection, web page, or other resource available from a
different server and the proxy server evaluates the request as a way to simplify and control its
complexity. Proxies were invented to add structure and encapsulation to distributed systems. Today,
most proxies are web proxies, facilitating access to content on the World Wide Web and providing
anonymity.
Proxy Servers have these main purposes:
 Improve Performance: Proxy servers can dramatically improve performance for groups of users.
This is because it saves the results of all requests for a certain amount of time. Consider the case
where both user X and user Y access the World Wide Web through a proxy server. First user X
requests a certain Web page, which we'll call Page 1. Sometime later, user Y requests the same
page. Instead of forwarding the request to the Web server where Page 1 resides, which can be a
time-consuming operation, the proxy server simply returns the Page 1 that it already fetched for
user X. Since the proxy server is often on the same network as the user, this is a much faster
operation. Real proxy servers support hundreds or thousands of users. The major online services
such as America Online, MSN and Yahoo, for example, employ an array of proxy servers.
 Filter Requests: Proxy servers can also be used to filter requests. For example, a company might
use a proxy server to prevent its employees from accessing a specific set of Web sites.
 Translation: A translation proxy is a proxy server that is used to localize a website experience for
different markets. Traffic from global audiences is routed through the translation proxy to the
source website. As visitors browse the proxy site, requests go back to the source site where
pages are rendered. Original language content in the response is replaced by translated content
Figure 1 IP Address Replacement
Proxy Server
as it passes back through the proxy. The translations used in a translation proxy can be either
machine translation, human translation, or a combination of machine and human translation.
Different translation proxy implementations have different capabilities. Some allow further
customization of the source site for local audiences such as excluding source content or
substituting source content with original local content.
 Accessing Services Anonymously: An anonymous proxy server (sometimes called a web proxy)
generally attempts to anonymize web surfing. There are different varieties of anonymizers. The
destination server (the server that ultimately satisfies the web request) receives requests from
the anonymizing proxy server, and thus does not receive information about the end user's
address. The requests are not anonymous to the anonymizing proxy server, however, and so a
degree of trust is present between the proxy server and the user. Many proxy servers are funded
through a continued advertising link to the user.
 Security: A proxy can keep the internal network structure of a company secret by using network
address translation, which can help the security of the internal network. This makes requests
from machines and users on the local network anonymous. Proxies can also be combined with
firewalls.
An incorrectly configured proxy can provide access to a network otherwise isolated from the Internet.
Types of Proxy
A proxy server may reside on the user's local computer, or at various points between the user's
computer and destination servers on the Internet.
1. A proxy server that passes requests and responses unmodified is usually called a gateway or
sometimes a tunneling proxy.
2. A forward proxy is an Internet-facing proxy used to retrieve from a wide range of sources (in
most cases anywhere on the Internet).
Figure 2 Proxy Server Working
Proxy Server
3. A reverse proxy is usually an Internet-facing proxy used as a front-end to control and protect
access to a server on a private network. A reverse proxy commonly also performs tasks such as
load-balancing, authentication, decryption or caching.
 Open Proxies
An open proxy is a forwarding proxy server that is accessible by any Internet user. An anonymous open
proxy allows users to conceal their IP address while browsing the Web or using other Internet services.
There are varying degrees of anonymity however, as well as a number of methods of 'tricking' the client
into revealing itself regardless of the proxy being used.
 Reverse Proxies
A reverse proxy (or surrogate) is a proxy server that appears to clients to be an ordinary server.
Requests are forwarded to one or more proxy servers which handle the request. The response from the
proxy server is returned as if it came directly from the origin server, leaving the client no knowledge of
the origin servers. Reverse proxies are installed in the neighborhood of one or more web servers. All
traffic coming from the Internet and with a destination of one of the neighborhood's web servers goes
through the proxy server. The use of "reverse" originates in its counterpart "forward proxy" since the
reverse proxy sits closer to the web server and serves only a restricted set of websites.
There are several reasons for installing reverse proxy servers:
a) Encryption/SSL Acceleration: When secure web sites are created, the SSL encryption is often not
done by the web server itself, but by a reverse proxy that is equipped with SSL acceleration
hardware. See Secure Sockets Layer. Furthermore, a host can provide a single "SSL proxy" to
Figure 3 Reverse Proxy
Proxy Server
provide SSL encryption for an arbitrary number of hosts; removing the need for a separate SSL
Server Certificate for each host, with the downside that all hosts behind the SSL proxy have to
share a common DNS name or IP address for SSL connections. This problem can partly be
overcome by using the SubjectAltName feature of X.509 certificates.
b) Load Balancing: The reverse proxy can distribute the load to several web servers, each web
server serving its own application area. In such a case, the reverse proxy may need to rewrite the
URLs in each web page (translation from externally known URLs to the internal locations).
c) Serve/Cache Static Content: A reverse proxy can offload the web servers by caching static
content like pictures and other static graphical content.
d) Compression: The proxy server can optimize and compress the content to speed up the load
time.
e) Spoon Feeding: reduces resource usage caused by slow clients on the web servers by caching the
content the web server sent and slowly "spoon feeding" it to the client. This especially benefits
dynamically generated pages.
f) Security: The proxy server is an additional layer of defense and can protect against some OS and
Web Server specific attacks. However, it does not provide any protection from attacks against
the web application or service itself, which is generally considered the larger threat.
g) Extranet Publishing: A reverse proxy server facing the Internet can be used to communicate to a
firewall server internal to an organization, providing extranet access to some functions while
keeping the servers behind the firewalls. If used in this way, security measures should be
considered to protect the rest of your infrastructure in case this server is compromised, as its
web application is exposed to attack from the Internet.
Proxy vs. NAT
Most of the time 'proxy' refers to a layer-7 application on the OSI reference model. However, another
way of proxying is through layer-3 and is known as Network Address Translation (NAT). The difference
between these two proxy technologies is the layer in which they operate, and the procedure to
configuring the proxy clients and proxy servers.
In client configuration of layer-3 proxy (NAT), configuring the gateway is sufficient. However, for client
configuration of a layer-7 proxy, the destination of the packets that the client generates must always be
the proxy server (layer-7), then the proxy server reads each packet and finds out the true destination.
Proxy Server
Because NAT operates at layer-3, it is less resource-intensive than the layer-7 proxy, but also less
flexible. As we compare these two technologies, we might encounter a terminology known as
'transparent firewall'. Transparent firewall means that the layer-3 proxy uses the layer-7 proxy
advantages without the knowledge of the client. The client presumes that the gateway is a NAT in layer-
3, and it does not have any idea about the inside of the packet, but through this method the layer-3
packets are sent to the layer-7 proxy for investigation.

More Related Content

What's hot (20)

PPTX
Cisco Identity Services Engine (ISE)
Anwesh Dixit
 
PDF
17 palo alto threat prevention concept
Mostafa El Lathy
 
PPT
CCNA Security 02- fundamentals of network security
Ahmed Habib
 
PPTX
Zero Trust: Redefining Security in the Digital Age
Arnold Antoo
 
PDF
CCNAv5 - S3: Chapter1 Introduction to Scaling Networks
Vuz Dở Hơi
 
PPTX
WeirdAAL (AWS Attack Library)
Chris Gates
 
PPTX
Forti web
Lan & Wan Solutions
 
PDF
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Ajeet Singh
 
PDF
5G Network Slicing
Sridhar Bhaskaran
 
PDF
Yang in OpenDaylight
Gunjan Patel
 
PDF
Cisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
Bruno Teixeira
 
PPTX
From Cisco ACS to ISE
Mahzad Zahedi
 
PDF
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdf
Jesmar Cannao'
 
PDF
CCNAv5 - S4: Chapter3 Point to-point Connections
Vuz Dở Hơi
 
PPTX
Subnetting (FLSM & VLSM) with examples
Krishna Mohan
 
PDF
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014
Bruno Teixeira
 
PDF
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
Cisco Canada
 
PDF
Palo alto-review
Rayan Darine
 
PDF
MySQL Performance - Best practices
Ted Wennmark
 
PPTX
IPv4
Dhiraj Mishra
 
Cisco Identity Services Engine (ISE)
Anwesh Dixit
 
17 palo alto threat prevention concept
Mostafa El Lathy
 
CCNA Security 02- fundamentals of network security
Ahmed Habib
 
Zero Trust: Redefining Security in the Digital Age
Arnold Antoo
 
CCNAv5 - S3: Chapter1 Introduction to Scaling Networks
Vuz Dở Hơi
 
WeirdAAL (AWS Attack Library)
Chris Gates
 
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Ajeet Singh
 
5G Network Slicing
Sridhar Bhaskaran
 
Yang in OpenDaylight
Gunjan Patel
 
Cisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
Bruno Teixeira
 
From Cisco ACS to ISE
Mahzad Zahedi
 
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdf
Jesmar Cannao'
 
CCNAv5 - S4: Chapter3 Point to-point Connections
Vuz Dở Hơi
 
Subnetting (FLSM & VLSM) with examples
Krishna Mohan
 
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014
Bruno Teixeira
 
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
Cisco Canada
 
Palo alto-review
Rayan Darine
 
MySQL Performance - Best practices
Ted Wennmark
 

Viewers also liked (20)

PPTX
Configuring RIPv2
NetProtocol Xpert
 
PDF
Wireless Technology
Netwax Lab
 
PDF
OSPF Route Filtering
Netwax Lab
 
PDF
OSPF (open shortest path first) part iii
Netwax Lab
 
PDF
Eincop Netwax Lab: EIGRP iii
Netwax Lab
 
PDF
VRF Configuration
Netwax Lab
 
PDF
SSL Web VPN
Netwax Lab
 
PDF
Nxll23 i pv6
Netwax Lab
 
PDF
TCP Intercept
Netwax Lab
 
PDF
OSPF (open shortest path first) part ii
Netwax Lab
 
PDF
IP Address
Netwax Lab
 
PDF
Nxll24 i pv6
Netwax Lab
 
PDF
VPN (virtual private network)
Netwax Lab
 
PDF
STP Protection
Netwax Lab
 
PDF
Introduction of Networking
Netwax Lab
 
PDF
119163798 icnd1-practice-questions-9tut
nicolelemmimg
 
PDF
Networking Devices
Netwax Lab
 
PDF
VLAN (virtual local area network)
Netwax Lab
 
PDF
Nxll10 v lan and trunking
Netwax Lab
 
PDF
Cisco Internetworking Operating System (ios)
Netwax Lab
 
Configuring RIPv2
NetProtocol Xpert
 
Wireless Technology
Netwax Lab
 
OSPF Route Filtering
Netwax Lab
 
OSPF (open shortest path first) part iii
Netwax Lab
 
Eincop Netwax Lab: EIGRP iii
Netwax Lab
 
VRF Configuration
Netwax Lab
 
SSL Web VPN
Netwax Lab
 
Nxll23 i pv6
Netwax Lab
 
TCP Intercept
Netwax Lab
 
OSPF (open shortest path first) part ii
Netwax Lab
 
IP Address
Netwax Lab
 
Nxll24 i pv6
Netwax Lab
 
VPN (virtual private network)
Netwax Lab
 
STP Protection
Netwax Lab
 
Introduction of Networking
Netwax Lab
 
119163798 icnd1-practice-questions-9tut
nicolelemmimg
 
Networking Devices
Netwax Lab
 
VLAN (virtual local area network)
Netwax Lab
 
Nxll10 v lan and trunking
Netwax Lab
 
Cisco Internetworking Operating System (ios)
Netwax Lab
 
Ad

Similar to Proxy Server (20)

PPT
Reverse proxy
Proxies Rent
 
PPTX
Reverse proxy
tim4911
 
PPTX
Proxy Server: A Comprehensive Guide
HTS Hosting
 
PPTX
Firewall vpn proxy
SANKET SENAPATI
 
PPT
Reverse proxy
Proxies Rent
 
PPT
zigbee
mahamad juber
 
PPT
Web Proxy Server
Mohit Dhankher
 
PPT
Firewall with proxy server.
stableproxies
 
PPT
Proxy Servers
Sourav Roy
 
PPT
Proxies
Proxies Rent
 
PPT
Proxies
Proxies Rent
 
PPT
Proxies
Proxies Rent
 
PDF
Pre Week13
Ryosuke
 
PDF
Pre Week14
Ryosuke
 
PPT
Uses of proxies
Proxies Rent
 
PPT
Introduction to stable proxies.
stableproxies
 
PDF
HTTP 완벽가이드 6장.
HyeonSeok Choi
 
PPTX
cybersecurity unit 5 basics of cybersecurity
JayaMishra170943
 
PDF
Information System Security
Elijah Konzo
 
PDF
Web hosting presentations by hostindia.net
Hostin Services Pvt Ltd
 
Reverse proxy
Proxies Rent
 
Reverse proxy
tim4911
 
Proxy Server: A Comprehensive Guide
HTS Hosting
 
Firewall vpn proxy
SANKET SENAPATI
 
Reverse proxy
Proxies Rent
 
Web Proxy Server
Mohit Dhankher
 
Firewall with proxy server.
stableproxies
 
Proxy Servers
Sourav Roy
 
Proxies
Proxies Rent
 
Proxies
Proxies Rent
 
Proxies
Proxies Rent
 
Pre Week13
Ryosuke
 
Pre Week14
Ryosuke
 
Uses of proxies
Proxies Rent
 
Introduction to stable proxies.
stableproxies
 
HTTP 완벽가이드 6장.
HyeonSeok Choi
 
cybersecurity unit 5 basics of cybersecurity
JayaMishra170943
 
Information System Security
Elijah Konzo
 
Web hosting presentations by hostindia.net
Hostin Services Pvt Ltd
 
Ad

More from Netwax Lab (20)

PDF
Eincop Netwax Lab: Lab 1 static route
Netwax Lab
 
PDF
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Netwax Lab
 
PDF
Eincop Netwax Lab: Redistribution
Netwax Lab
 
PDF
Eincop Netwax Lab: Route Redistribution
Netwax Lab
 
PDF
Nxll12 zone based firewall
Netwax Lab
 
PDF
Nxll11 bgp
Netwax Lab
 
PDF
Nxll09 access list
Netwax Lab
 
PDF
Nxll21 ospf filtering & summarization
Netwax Lab
 
PDF
Nxll16 basic asa v8.2
Netwax Lab
 
PDF
Nxll20 na ting
Netwax Lab
 
PDF
Nxll14 cut through-proxy on asa
Netwax Lab
 
PDF
Nxll17 dynamic routing with asa
Netwax Lab
 
PDF
Nxll18 vpn (s2 s gre & dmvpn)
Netwax Lab
 
PDF
Nxll19 vrrp (virtual router redundancy protocol)
Netwax Lab
 
PDF
Nxll22 role based cli
Netwax Lab
 
PDF
Nxll25 hsrp with failover
Netwax Lab
 
PDF
Nxll26 bgp ii
Netwax Lab
 
PDF
Nxll28 ospf iii
Netwax Lab
 
PDF
Eincop Netwax Lab: Vlan and Trunking ii
Netwax Lab
 
PDF
Eincop Netwax Lab: EIGRP ii
Netwax Lab
 
Eincop Netwax Lab: Lab 1 static route
Netwax Lab
 
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Netwax Lab
 
Eincop Netwax Lab: Redistribution
Netwax Lab
 
Eincop Netwax Lab: Route Redistribution
Netwax Lab
 
Nxll12 zone based firewall
Netwax Lab
 
Nxll11 bgp
Netwax Lab
 
Nxll09 access list
Netwax Lab
 
Nxll21 ospf filtering & summarization
Netwax Lab
 
Nxll16 basic asa v8.2
Netwax Lab
 
Nxll20 na ting
Netwax Lab
 
Nxll14 cut through-proxy on asa
Netwax Lab
 
Nxll17 dynamic routing with asa
Netwax Lab
 
Nxll18 vpn (s2 s gre & dmvpn)
Netwax Lab
 
Nxll19 vrrp (virtual router redundancy protocol)
Netwax Lab
 
Nxll22 role based cli
Netwax Lab
 
Nxll25 hsrp with failover
Netwax Lab
 
Nxll26 bgp ii
Netwax Lab
 
Nxll28 ospf iii
Netwax Lab
 
Eincop Netwax Lab: Vlan and Trunking ii
Netwax Lab
 
Eincop Netwax Lab: EIGRP ii
Netwax Lab
 

Recently uploaded (20)

PDF
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 
PDF
Generative AI vs Predictive AI-The Ultimate Comparison Guide
Lily Clark
 
PDF
Make GenAI investments go further with the Dell AI Factory
Principled Technologies
 
PDF
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
PPTX
Agile Chennai 18-19 July 2025 | Workshop - Enhancing Agile Collaboration with...
AgileNetwork
 
PDF
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
PDF
introduction to computer hardware and sofeware
chauhanshraddha2007
 
PDF
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
PDF
NewMind AI Weekly Chronicles – July’25, Week III
NewMind AI
 
PDF
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
PDF
OFFOFFBOX™ – A New Era for African Film | Startup Presentation
ambaicciwalkerbrian
 
PDF
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 
PDF
The Future of Mobile Is Context-Aware—Are You Ready?
iProgrammer Solutions Private Limited
 
PDF
Responsible AI and AI Ethics - By Sylvester Ebhonu
Sylvester Ebhonu
 
PPTX
AI in Daily Life: How Artificial Intelligence Helps Us Every Day
vanshrpatil7
 
PPTX
Simple and concise overview about Quantum computing..pptx
mughal641
 
PPTX
Agile Chennai 18-19 July 2025 | Emerging patterns in Agentic AI by Bharani Su...
AgileNetwork
 
PDF
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
PDF
How ETL Control Logic Keeps Your Pipelines Safe and Reliable.pdf
Stryv Solutions Pvt. Ltd.
 
PDF
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 
Generative AI vs Predictive AI-The Ultimate Comparison Guide
Lily Clark
 
Make GenAI investments go further with the Dell AI Factory
Principled Technologies
 
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
Agile Chennai 18-19 July 2025 | Workshop - Enhancing Agile Collaboration with...
AgileNetwork
 
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
introduction to computer hardware and sofeware
chauhanshraddha2007
 
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
NewMind AI Weekly Chronicles – July’25, Week III
NewMind AI
 
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
OFFOFFBOX™ – A New Era for African Film | Startup Presentation
ambaicciwalkerbrian
 
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 
The Future of Mobile Is Context-Aware—Are You Ready?
iProgrammer Solutions Private Limited
 
Responsible AI and AI Ethics - By Sylvester Ebhonu
Sylvester Ebhonu
 
AI in Daily Life: How Artificial Intelligence Helps Us Every Day
vanshrpatil7
 
Simple and concise overview about Quantum computing..pptx
mughal641
 
Agile Chennai 18-19 July 2025 | Emerging patterns in Agentic AI by Bharani Su...
AgileNetwork
 
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
How ETL Control Logic Keeps Your Pipelines Safe and Reliable.pdf
Stryv Solutions Pvt. Ltd.
 
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 

Proxy Server

  • 1. Proxy Server A Proxy Server is computer that functions as an intermediary between a web browser (such as Internet Explorer) and the Internet. Proxy servers help improve web performance by storing a copy of frequently used webpages. When a browser requests a webpage stored in the proxy server's collection (its cache), it is provided by the proxy server, which is faster than going to the web. Proxy servers also help improve security by filtering out some web content and malicious software. A Proxy Server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server and the proxy server evaluates the request as a way to simplify and control its complexity. Proxies were invented to add structure and encapsulation to distributed systems. Today, most proxies are web proxies, facilitating access to content on the World Wide Web and providing anonymity. Proxy Servers have these main purposes:  Improve Performance: Proxy servers can dramatically improve performance for groups of users. This is because it saves the results of all requests for a certain amount of time. Consider the case where both user X and user Y access the World Wide Web through a proxy server. First user X requests a certain Web page, which we'll call Page 1. Sometime later, user Y requests the same page. Instead of forwarding the request to the Web server where Page 1 resides, which can be a time-consuming operation, the proxy server simply returns the Page 1 that it already fetched for user X. Since the proxy server is often on the same network as the user, this is a much faster operation. Real proxy servers support hundreds or thousands of users. The major online services such as America Online, MSN and Yahoo, for example, employ an array of proxy servers.  Filter Requests: Proxy servers can also be used to filter requests. For example, a company might use a proxy server to prevent its employees from accessing a specific set of Web sites.  Translation: A translation proxy is a proxy server that is used to localize a website experience for different markets. Traffic from global audiences is routed through the translation proxy to the source website. As visitors browse the proxy site, requests go back to the source site where pages are rendered. Original language content in the response is replaced by translated content Figure 1 IP Address Replacement
  • 2. Proxy Server as it passes back through the proxy. The translations used in a translation proxy can be either machine translation, human translation, or a combination of machine and human translation. Different translation proxy implementations have different capabilities. Some allow further customization of the source site for local audiences such as excluding source content or substituting source content with original local content.  Accessing Services Anonymously: An anonymous proxy server (sometimes called a web proxy) generally attempts to anonymize web surfing. There are different varieties of anonymizers. The destination server (the server that ultimately satisfies the web request) receives requests from the anonymizing proxy server, and thus does not receive information about the end user's address. The requests are not anonymous to the anonymizing proxy server, however, and so a degree of trust is present between the proxy server and the user. Many proxy servers are funded through a continued advertising link to the user.  Security: A proxy can keep the internal network structure of a company secret by using network address translation, which can help the security of the internal network. This makes requests from machines and users on the local network anonymous. Proxies can also be combined with firewalls. An incorrectly configured proxy can provide access to a network otherwise isolated from the Internet. Types of Proxy A proxy server may reside on the user's local computer, or at various points between the user's computer and destination servers on the Internet. 1. A proxy server that passes requests and responses unmodified is usually called a gateway or sometimes a tunneling proxy. 2. A forward proxy is an Internet-facing proxy used to retrieve from a wide range of sources (in most cases anywhere on the Internet). Figure 2 Proxy Server Working
  • 3. Proxy Server 3. A reverse proxy is usually an Internet-facing proxy used as a front-end to control and protect access to a server on a private network. A reverse proxy commonly also performs tasks such as load-balancing, authentication, decryption or caching.  Open Proxies An open proxy is a forwarding proxy server that is accessible by any Internet user. An anonymous open proxy allows users to conceal their IP address while browsing the Web or using other Internet services. There are varying degrees of anonymity however, as well as a number of methods of 'tricking' the client into revealing itself regardless of the proxy being used.  Reverse Proxies A reverse proxy (or surrogate) is a proxy server that appears to clients to be an ordinary server. Requests are forwarded to one or more proxy servers which handle the request. The response from the proxy server is returned as if it came directly from the origin server, leaving the client no knowledge of the origin servers. Reverse proxies are installed in the neighborhood of one or more web servers. All traffic coming from the Internet and with a destination of one of the neighborhood's web servers goes through the proxy server. The use of "reverse" originates in its counterpart "forward proxy" since the reverse proxy sits closer to the web server and serves only a restricted set of websites. There are several reasons for installing reverse proxy servers: a) Encryption/SSL Acceleration: When secure web sites are created, the SSL encryption is often not done by the web server itself, but by a reverse proxy that is equipped with SSL acceleration hardware. See Secure Sockets Layer. Furthermore, a host can provide a single "SSL proxy" to Figure 3 Reverse Proxy
  • 4. Proxy Server provide SSL encryption for an arbitrary number of hosts; removing the need for a separate SSL Server Certificate for each host, with the downside that all hosts behind the SSL proxy have to share a common DNS name or IP address for SSL connections. This problem can partly be overcome by using the SubjectAltName feature of X.509 certificates. b) Load Balancing: The reverse proxy can distribute the load to several web servers, each web server serving its own application area. In such a case, the reverse proxy may need to rewrite the URLs in each web page (translation from externally known URLs to the internal locations). c) Serve/Cache Static Content: A reverse proxy can offload the web servers by caching static content like pictures and other static graphical content. d) Compression: The proxy server can optimize and compress the content to speed up the load time. e) Spoon Feeding: reduces resource usage caused by slow clients on the web servers by caching the content the web server sent and slowly "spoon feeding" it to the client. This especially benefits dynamically generated pages. f) Security: The proxy server is an additional layer of defense and can protect against some OS and Web Server specific attacks. However, it does not provide any protection from attacks against the web application or service itself, which is generally considered the larger threat. g) Extranet Publishing: A reverse proxy server facing the Internet can be used to communicate to a firewall server internal to an organization, providing extranet access to some functions while keeping the servers behind the firewalls. If used in this way, security measures should be considered to protect the rest of your infrastructure in case this server is compromised, as its web application is exposed to attack from the Internet. Proxy vs. NAT Most of the time 'proxy' refers to a layer-7 application on the OSI reference model. However, another way of proxying is through layer-3 and is known as Network Address Translation (NAT). The difference between these two proxy technologies is the layer in which they operate, and the procedure to configuring the proxy clients and proxy servers. In client configuration of layer-3 proxy (NAT), configuring the gateway is sufficient. However, for client configuration of a layer-7 proxy, the destination of the packets that the client generates must always be the proxy server (layer-7), then the proxy server reads each packet and finds out the true destination.
  • 5. Proxy Server Because NAT operates at layer-3, it is less resource-intensive than the layer-7 proxy, but also less flexible. As we compare these two technologies, we might encounter a terminology known as 'transparent firewall'. Transparent firewall means that the layer-3 proxy uses the layer-7 proxy advantages without the knowledge of the client. The client presumes that the gateway is a NAT in layer- 3, and it does not have any idea about the inside of the packet, but through this method the layer-3 packets are sent to the layer-7 proxy for investigation.