A proxy service provides management and control over what is now an essential feature of any modern networkInternet access. A proxy server, which can be a computer or a dedicated hardware device running proxy service software, acts as an intermediary between a user on the internal network and a service on the external network (normally the Internet). The proxy server takes requests from a user and then performs those requests on behalf of the user. To the external system, the request looks as if it originated from the proxy server, not from the user on the internal network. Figure 8.2 shows how a proxy server fits into a network configuration. Figure 8.2. A proxy server in a typical network configuration.
There are a couple of excellent reasons to implement a proxy server:
Although the most common function of a proxy server is to provide access to the Web for internal clients, that is not its only function. A proxy server, by definition, can be used as an intermediary for anything, not just HTTP requests. Other services can be supported by a proxy server, depending on the proxy server application being used and its configuration. For example, you might configure a proxy server to service HTTP requests (TCP port 80), Post Office Protocol 3 (POP3) email retrieval (TCP port 110), Simple Mail Transfer Protocol (SMTP) mail sending (TCP port 25), and HTTPS requests (TCP port 443). With an understanding of what a proxy server is designed to do, you can look at one additional feature built in to proxy server functionality, caching. Caching Proxy ServersAn additional feature offered by many proxy server applications is caching; such a server is known as a caching proxy server. Caching enables the proxy server to store pages that it retrieves as files on disk. Consequently, if the same pages are requested again, they can be provided more quickly from the cache than if the proxy server had to continue going back to the Web server from which the pages were originally retrieved. This approach has two benefits:
As with any technology, with caching proxy servers, there are issues to be considered. Sometimes a sizable amount of hard disk space is required to store the cached pages. With the significant decline in the cost of hard disk space over recent years, this is not likely to be much of a problem, but it still needs to be considered. Another factor is that it's possible for pages held in the cache to become stale. As a result, a user might retrieve a page and believe that it is the latest version when, in fact, it has since changed, but the new page has not been updated in the proxy server cache. To prevent this problem, caching proxy servers can implement measures such as aging of cached information so that it is removed from the cache after a certain amount of time. Some proxy applications can also make sure that the page stored in the cache is the same as the page currently available on the Internet. If the page in the cache is the same as the one on the Internet, it is served to the client from the cache. If the page is not the same, the newer page is retrieved, cached, and supplied to the client. Using a Proxy ServerBefore clients can use a proxy server, it is sometimes necessary to configure the client applications to use it, and in other cases, additional client software is needed. In the case of Web browsers, it is sometimes necessary to manually tell the application that it needs to use a proxy server. Figure 8.3 shows Proxy Settings configuration screen in Microsoft Internet Explorer. Figure 8.3. The Proxy Settings configuration screen in Internet Explorer.Other applications besides Web browsers might need to use the proxy server functionality. In some cases, you might need to actually load client software. In essence, this client software modifies elements of the TCP/IP software on the system, to either make it aware of or enable it to cope with the existence of a proxy server. The good news is that the use of proxy servers is now so widespread that applications requiring special client software are becoming increasingly rare. When Two Become OneBy now, you might have realized that both firewalls and proxy servers play an important part in the network infrastructure. For that reason, many applications are now available that combine the functionality of both roles. These firewalling proxy servers provide a convenient means for an organization to control and secure the access of its network, and at the same time provide the benefits of Internet access to users. |