What is a Proxy?

Web Proxy?

A proxy server is computer that functions as an intermediary between a web browser (such as Internet Explorer) and the Internet. Proxy servers help improve web performance by storing a copy of frequently used webpages. When a browser requests a webpage stored in the proxy server’s collection (its cache), it is provided by the proxy server, which is faster than going to the web. Proxy servers also help improve security by filtering out some web content and malicious software.

Proxy servers are used mostly by networks in organizations and companies. Typically, people connecting to the Internet from home will not use a proxy server.

1. Obscure Client IP
2. Block Malicious Traffic
3. Block Sites (whitelists/blacklists)(categories of sites)
4. Log activity (user activity reports)
5. Improve Performance (caching the pages)
——————————–
:::Types of Proxies:::
1. Forward Proxies
2. Open Proxies
3. Reverse Proxies
——————————–
In an enterprise that uses the Internet, a proxy server is a server that acts as an intermediary between a workstation user and the Internet so that the enterprise can ensure security, administrative control, and caching service. A proxy server is associated with or part of a gateway server that separates the enterprise network from the outside network and a firewall server that protects the enterprise network from outside intrusion.

A proxy server receives a request for an Internet service (such as a Web page request) from a user. If it passes filtering requirements, the proxy server, assuming it is also a cache server , looks in its local cache of previously downloaded Web pages. If it finds the page, it returns it to the user without needing to forward the request to the Internet. If the page is not in the cache, the proxy server, acting as a client on behalf of the user, uses one of its own IP addresses to request the page from the server out on the Internet. When the page is returned, the proxy server relates it to the original request and forwards it on to the user.

To the user, the proxy server is invisible; all Internet requests and returned responses appear to be directly with the addressed Internet server. (The proxy is not quite invisible; its IP address has to be specified as a configuration option to the browser or other protocol program.)

An advantage of a proxy server is that its cache can serve all users. If one or more Internet sites are frequently requested, these are likely to be in the proxy’s cache, which will improve user response time. In fact, there are special servers called cache servers. A proxy can also do logging.

The functions of proxy, firewall, and caching can be in separate server programs or combined in a single package. Different server programs can be in different computers. For example, a proxy server may in the same machine with a firewall server or it may be on a separate server and forward requests through the firewall.
——————————–
:::Transparent versus non-transparent proxying:::

Issue
Smoothwall web proxy service can be configured to operate in either transparent or non-transparent mode – but what are the differences, and how should you choose between them?
Resolution
In transparent mode, there are no special configuration steps needed to setup client browsers, thus allowing the proxy service to be activated and in-use almost immediately. Once activated, all traffic destined for the Internet arriving on port 80 is automatically redirected through the proxy. With the latest Guardian products you can even use NTLM with Active Directory in conjunction with transparent proxying allowing for single sign on and minimal network configuration.
Both transparent and non-transparent proxying can be used together at the same time. Enabling transparent does not stop non-transparent from working. In situations where transparent is the norm but a specific application requires non-transparent you can simply configure the proxy settings in that application.
Both modes have pros and cons – if you would like to use transparent proxying please contact support for a discussion on the issues your network may experience when using this method.

Why use non-transparent proxying?

The main reason to use a non-transparent proxy is so that the web browser and other client applications know that a proxy is being used, and so can act accordingly. Initial configuration of a non-transparent proxy might be trickier, but ultimately provides a much more powerful and flexible proxying service. Another advantage of non-transparent proxying is that spyware and worms that use the web for transmission may not be able to function because they don’t know the proxy settings. This can reduce the spread of malicious software and prevent bandwidth from being wasted by infected systems.

Configuring proxy settings in non-transparent mode

When using non-transparent proxying, appropriate proxy settings must be configured on client machines and browsers. This can be achieved in a number of different ways:

Manually – Proxy settings can be entered manually in most web browsers and web-enabled applications. Usually such settings are entered as part of the applications Connection Settings or similar. The address of the proxy is required, along with the proxy port number. These settings are displayed on the “Services / web proxy” and “Guardian / web proxy” pages as part of the “Automatic configuration scrip”” region.

Automatic configuration script – The Smoothwall proxy provides a proxy.pac file that can be used to automatically configure proxy settings in most Internet browsers. To use the automatic configuration script, enter the URL displayed in the “Automatic configuration script” region of the “Services / web proxy” and “Guardian / web proxy” pages into your browser software.

Microsoft Windows 2000 domain – In a Windows 2000+ domain, proxy settings can be configured in the domain security policy. This eliminates the need to manually configure any part of the users system.

Automatic discovery – Many browsers support automatic discovery of proxy settings using the WPAD (Web Proxy Auto-Discovery) protocol. This is relatively easy to configure if you have a local DNS server. Using DHCP to distrubute proxy settings – DHCP can also be used to set proxy settings. That might be a better method than using security policies. Currently the DHCP server on the Smoothwall firewalls cannot be used for giving out proxy.pac locations.

Microsoft Windows login script – The Windows login script can be used to import a registry file which will automatically configure the system wide proxy settings.

.ini files – Browsers like Firefox can be configured automatically with ini files. Such files could be copied or modified as part of the login script on a Microsoft Windows or Linux network.

Third party solutions – Third party applications are available for Windows which can, at login, automatically configure web browser proxy settings. These range from simple programs designed specifically to automate proxy configuration, or more sophisticated applications that provide a range of services such as monitoring the users desktop.

When to use transparent proxying

When minimal or no network configuration is required. Transparent proxying can be useful in mixed environments containing Unix, Linux, Apple Mac and Microsoft Windows systems. This allows quick access to the web proxy for everyone, without having to configure a multitude of different platform specific applications and browsers. If transparent proxy is required, please have a talk with Smoothwall support before you decide on the implementation as there are a lot of caveats using this method.
——————————————–
How to Setup a Proxy

Most internet browsers can be setup to run through proxies in just a matter of minutes.

Internet Explorer Proxy Settings
Click Tools
Click Internet Options
Click the Connections Tab
Click LAN settings
Check the “Use a proxy server for your LAN” box
Enter the IP Address of the Proxy Server and the Port Number
Click OK
Go to WhatIsMyIP.com to check for proxy

FireFox Proxy Settings
Click the FireFox Button(The button in the upper left corner)
Click Options
Click Options in the new tab
Click the Advanced Tab
Click Settings
Click Manual Proxy Settings
In the HTTP Proxy Box enter the IP Address of the proxy server and the Port number
Click OK
Go to WhatIsMyIP.com to check for proxy

Google Chrome Proxy Settings
Click the Customize and Control Button(Button with the wrench picture in upper right corner
Click Under the Hood
Click Change proxy settings
Click LAN Settings
Check the “Use a proxy server for your LAN” box
Enter the IP Address of the Proxy Server and the Port Number
Click OK
Go to WhatIsMyIP.com to check for proxy

Safari Proxy Settings
Click Safari
Click Preferences
Click Advanced
Click Change Settings
Check the Web Proxy(HTTP) box
Enter the IP Address of the Proxy Server and the Port Number
Click Apply Now
Go to WhatIsMyIP.com to check for proxy

Advertisements

Posted on June 8, 2014, in Smoothwall. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: