|Lesson 8||Determining Proxy Server Client Requirements|
|Objective||Identify the Proxy Server Client Requirements to be included in the Proxy Server Design|
Determining Proxy Server Client Requirements
How does one determine proxy server client requirements?
Determining the client requirements for a proxy server involves several steps, including:
- Identify the number of clients: The first step is to identify the number of clients that will be using the proxy server. This will help determine the hardware and software requirements for the server.
- Determine the network bandwidth requirements: The next step is to determine the network bandwidth requirements for the clients. This will help determine the network capacity and internet connectivity requirements for the proxy server.
- Identify the application requirements: The proxy server may be required to support specific applications or protocols, such as web browsing, email, or file transfer. It's important to identify these requirements and ensure that the proxy server is configured to support them.
- Define the security requirements: The proxy server may be required to provide specific security features, such as web filtering, antivirus scanning, or intrusion prevention. It's important to define these requirements and ensure that the proxy server is configured to meet them.
- Consider the scalability requirements: It's important to consider the scalability requirements for the proxy server, such as the ability to add additional capacity as the number of clients or network bandwidth requirements increase.
- Define the user access requirements: The proxy server may be required to provide specific user access controls, such as user authentication or access policies. It's important to define these requirements and ensure that the proxy server is configured to meet them.
By considering these factors and defining the client requirements for the proxy server, it's possible to design and configure a solution that meets the needs of the organization and provides the necessary performance, security, and control for outbound internet traffic.
You must determine the Proxy Server client requirements so that you can specify the private network address ranges and select the appropriate software for connecting to Proxy Server.
Specifying private network IP Address Ranges
You must identify the IP address ranges within the private network so that you can specify these address ranges in the Proxy Server design.
Proxy Server clients can then determine if the destination IP address in an IP packet must be sent directly to the private network destination or forwarded to the proxy server. The IP address ranges that you specify are stored in the local address table (LAT) file on the proxy server.
When requests are sent to the proxy server, the proxy server uses the LAT to determine if the request is within the private network or on the Internet.
The following Slide Show describes:
- Computers on the private network may or may not use Proxy Server client software.
- For computers on the private network that do not have the Proxy Server Client software, you must specify the IP address of the proxy server's private network interface as the default gateway.
- Because the proxy server is the default gateway for the computer, all requests that are not on the computer's local subnet are forwarded to the proxy server, which forwards the request to the internet.
- When the computers on the private network have Proxy Server client software installed , they have a local copy of the LAT file.
- The Proxy Server clients use their local copy of the LAT file to determine if incoming requests have destinations within the private network or on the internet.
- Private network requests are sent to the destination within the private network without proxy server intervention, while internet requests are sent to the proxy server.
Computers On a private network with or without
Proxy Server Client
Selecting Software for connection to Proxy Server
You can specify that the private network interface of the proxy server is the default gateway entry for computers on the private network.
If you specify the proxy server as the default gateway, the private network traffic increases because all traffic destined for other subnets in the
private network is forwarded first to the proxy server and then on to the final destination. In order to prevent this, specify that the private network computers be configured with software to forward traffic to the proxy server if the final destination is the Internet.
The following table lists the software options for private network computers and the reason to include the options in your design.
||If you need to support:
|Microsoft® Internet Explorer 10.0
||HTTP and FTP traffic only Any operating system that includes Internet Explorer 5.0 Packet
filters and domain filters for filtering traffic
|Proxy Server client
||All IP protocol traffic Any operating system that supports the WinSock standard Packet filters
and domain filters for filtering traffic IPX/SPX-based private networks
||All IP protocols supported by the SOCKS applications UNIX, Macintosh, or operating systems that
run SOCKS-compatible applications SOCKS rules, protocol rules, and IP-packet filters for filtering traffic
|No client software
||All IP protocols Any operating system with the default gateway configured to send Internet
traffic to the proxy server Protocol rules, and IP-packet filters for filtering traffic
Question: When a computer on the private network does not have Proxy Server Client software, what do you need to specify as the default gateway?
Answer: The IP address of the proxy server's private network interface
The next lesson wraps-up this module.