Networking Basics: What is a Proxy Server
The quick definition: A proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. Today, most proxies are web proxies that facilitate access to content on the internet, while providing anonymity.
What is a Proxy Server and What are The Benefits?
Think of a proxy server as a middleman between your private network and the public internet, protecting your internal IP addresses and making your network more secure. These servers also can help you log network activity, and in some cases improve network performance.
Obscuring IP Addresses With a Proxy Server
Exposing your network to the public leaves it insecure and exposes your IP addresses. With an IP address, an attacker can probe the services running on your computer. One way to shield your private IP from attackers is through a proxy server service.
In the image above, the proxy server is in the middle. On the left side is a private network with IP addresses that will not route to the public internet. On the right is the internet.
When you install a proxy server, the private IP addresses from the left side contact the proxy server and tell it what site on the internet the user wants to access. The proxy server then forwards the request to the Internet.
When the proxy server downloads a website, it forwards the content to the requesting IP address (i.e. your computer or device). During this process, the private IP address is never exposed. The proxy server shows a public-facing IP address to the internet server, which in this example is 220.127.116.11,
Blocking Malicious Traffic with a Proxy Server
In our example, traffic freely flows from the private IP address range to the public internet. Proxy servers also block malicious traffic. In other words, traffic does not freely flow from right to left or from the public internet to your internal network. This stops malicious traffic from attacking your internal network.
Many proxy servers also have access controls that you can use to block malicious sites. When an internal network is successfully hacked, often it's because someone opened a malicious site and either downloaded malware or fell victim to a phishing scam.
A proxy server can help eliminate these problems by blocking any outgoing traffic from accessing malicious sites. The proxy server can look at the site address or IP address and say, "Nope, that's a bad site."
Using a Proxy Server to Monitor Internet Activity
Another security advantage is a proxy server's ability to log activity. Let's say you have a user who continually tries to access a malicious site. They might not even know their computer is attempting to access it, because the user's computer could have malware installed. With a proxy server, you can get logs and alerts when a specific IP continues to access malicious sites.
You can also review commonly accessed sites and either block them accordingly or whitelist the site to allow access. These logs also serve as a forensic tool, should you need to review internet activity after a successful breach on the network. Keep in mind, though, proxy servers should only be one piece of your security infrastructure.
Proxy caching is function of proxy servers during which a retrieved web page is cached on the proxy server's hard drive. This allows the cached content of that web page to be quickly available to clients behind the proxy the next time it's requested. Proxy caching can improve network performance because it eases bandwidth requirements and reduces delays.
Do You Need a Proxy Server?
A small home office probably doesn't need security and activity logging. But an enterprise network can take advantage of a proxy server's additional resources especially for its added security.
The ability to block malicious sites alone is worth investing in proxy servers. It only takes one successful data breach to ruin your organization's reputation. A proxy server can be an integral part of your network's security.
Learn more about proxy servers from CBT Nuggets:
delivered to your inbox.