Proxy Server enhances the security of an organization by isolating the private network from the Internet and by acting as an intermediary in the exchange of traffic
between the Internet and the private network. With the private network isolated, you can reduce the number of required public addresses by selecting a private addressing scheme. Proxy Server 2.0 acts in a similar fashion as the NAT server, and can translate your internal network's
private IP addresses to make Internet access available.
Throughout the module, Proxy Server with initial capitalization is used to indicate the Microsoft® Proxy Server 2.0 product. When proxy server appears without initial capitalization, it indicates a computer that is providing proxy services.
Restricting Internet and private network traffic
Proxy Server allows you to restrict the traffic between the Internet and private network so that you can limit the access of private network users to Internet-based resources, and limit Internet user access to private, network-based resources. You can restrict access to Internet resources based on many more parameters than are available with NAT servers.
The following Slide Show illustrates the ways in which Proxy Server can restrict the traffic between the Internet and the private network.
Proxy server allows you to restrict the traffic between the internet and the private network in four ways.
Second, you can establish filters that forward or block Internet Protocol packets based on the IP address and protocol numbers.
Third, you can intercept inbound Uniform Resource Locator requests and determine whether the requests must be forwarded to a private network resource.
You can use screened subnets to provide the required level of network security.
Proxy Server intercepts (FTP) File Transfer Protocol and (HTTP) Hypertext Transfer Protocol Internet requests for Web objects and saves
the retrieved Web objects in alocal disk-based cache. When private network users request Internet-based resources,
Proxy Server checks the local cache to see if the request is stored there. If the request is found in the local cache, the Web object is retrieved from the local cache and no Internet request is necessary. The Web-caching services can significantly reduce the number of requests that are sent over the Internet. This has the potential to reduce costs if you pay for Internet connections based on network usage, and it also improves perceived performance for the end-user.
Integrating Proxy Server into existing networks
If integrated into existing networks, Proxy Server provides the advantages detailed in the following figure.
Winsock is a programming interface and the supporting program that handles input/output requests for Internet applications in a Windows operating system.
It is called Winsock because it's an adaptation for Windows of the Berkeley UNIX sockets interface.
Active Directory (AD) is a directory service that Microsoft developed for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially,
Active Directory was only in charge of centralized domain management.
IPX/SPX stands for Internetwork Packet Exchange/Sequenced Packet Exchange. IPX and SPX are networking protocols used primarily on networks using the Novell NetWare operating systems.
Click the Quiz link below to review the Internet connectivity needs addressed by Proxy Server. Connectivity Proxy Server - Quiz
In the next lesson, you will be introduced to the factors that determine whether a Proxy Server solution is an appropriate solution for Internet connectivity.