To network administrators for large networks, the need for proxy servers--intermediaries that stand sentinel between an internal network and the open Internet--is so basic, it goes almost without saying. But in smaller organizations that lack dedicated IT resources, the need may not be quite so self-evident.
How They Work
Proxies intercept requests for Internet pages from users within a company's network and perform a number of chores related to protecting the network, improving performance and enforcing company Web use policies. This is sometimes referred to as a forward proxy server. It's the kind that virtually all organizations need. If your company also hosts its own Web servers on its premises, you additionally need a reverse proxy to perform a complementary, but somewhat different, set of security- and performance-related tasks around requests coming from the Internet into your servers.
When an internal user requests a Web page, the request goes through the proxy server so that it appears to the Internet to be coming from the server - from its IP address (or one of them) - and not the user's device. This anonymity provides an important measure of security by reducing the amount of information about a network and its users easily accessible to hackers on the Internet. The proxy server may, in addition, perform caching. If your users frequently need to access certain pages on the Internet, the server can download and store copies on its hard drive, in cache and also continuously monitor the page for changes and download them when they appear, so the cached page is always up to date. This speeds display of cached pages for users, and cuts traffic going out over the company's Internet gateway, thus potentially reducing bandwidth requirements and congestion that can degrade overall performance.
A third important set of proxy server chores relates to enforcement of company policies and restrictions around Web use. In organizations that allow employees unrestricted access to the Internet but publish policies limiting personal use--no gambling, porn or hate literature sites, for example, or only during lunch and breaks--network administrators can monitor proxy server logs to spot users habitually breaching policies. Some companies make the mistake of installing a proxy and then never looking at it again, thus wasting much of its potential utility, Armstrong says. If employees are allowed to use the Web for personal surfing, too-close monitoring could result in privacy and labor law infringements by the company--if an employee is researching a medical problem on his lunch hour, for example. In addition, if administrators closely monitor the activity of an employee for no very good reason--especially in the absence of clearly stated policies--and later try to bring disciplinary action for violations, unions or lawyers may be able to claim the company was victimizing the employee.
But if policy restrictions and monitoring practices are clearly stated and signed off on by employees, these kinds of problems shouldn't arise. The alternative is to use the basic filtering capabilities of proxy server software to block users going to certain sites. It works similarly to parental filtering on home networks. At the simplest level, if a restricted site is added to a list in the server software, when a user tries to surf to that site, the server denies the request and returns an error message.
From here, choosing and implementing a proxy server is something that requires consultation and further information on selecting the proper one. If analyzed right, you can see this become an effective tool for small business networking.
Source
No comments:
Post a Comment