Many network administrators only want to protect private network resources from external attacks when assessing security threats.
The landscape of today is littered with threats that have their origins in malware-infected endpoints.
Attackers can use these to collect and forward sensitive information from your network, to attack or spam other networks.
Companies large and small are better served when network administrators are concerned with threats that are associated with connections that leaving from the
intranet.
Proxy server allows you to restrict the traffic between the internet and the private network in four ways. First, you can choose to grant Internet access only to authorized users. Second, you can establish filters that forward or block Internet Protocol packets based on the IP address and protocol numbers. Proxy Server 2.0 allows packet filtering similar to that used with NAT and RRAS servers. Third, you can intercept inbound Uniform Resource Locator requests and determine whether the requests must be forwarded to a private network resource. You can use screened subnets to provide the required level of network security. A screened subnet is a DMZ and is typically placed between the private network and the internet.