Secure Proxy Server  «Prev  Next»

Lesson 7

Secure Proxy Server Solution (Conclusion)

In this module, you learned several different ways to secure a Proxy Server solution, and the situations where that security will be at a premium. Each solution can be adapted to the specific number and type of security requirements demanded by the organization for which you work. After completing this module, you should know how to make these adaptations. Specifically, you now know how to do the following:
  1. Restrict access to Internet resources
  2. Define the number of screened subnets required in the Internet connectivity design
  3. Restrict IP traffic by using IP packet filters
  4. Restrict IP traffic by using domain filters
  5. Restrict inbound traffic by using Web Publishing

Question:

Which of the skills that you learned in this module do you think will best meet the security requirements of your organization?

New terms

  1. Layer two: The OSI (Open Systems Interconnect) Layer 2 is the DataLink layer. The DoD-TCP/IP Layer 2 is the Internetwork Layer. Typically, when Layer 2 is discussed, the OSI model is assumed.

    Layer 2 of the Open Systems Interconnection (OSI) model is the Data Link Layer.
    The OSI model is a conceptual framework used to understand and describe how different network protocols interact and work together to provide network services. It comprises seven layers, each corresponding to a specific network function:
    1. Physical Layer
    2. Data Link Layer
    3. Network Layer
    4. Transport Layer
    5. Session Layer
    6. Presentation Layer
    7. Application Layer

    The Data Link Layer, or Layer 2, is responsible for the direct and reliable node-to-node data transfer across the physical layer. It manages error detection and correction to ensure a reliable data transfer by creating a logical structure over the raw data transmitted on the physical layer. This logical structure is composed of frames, which encapsulate the network layer packets. Additionally, the Data Link Layer is responsible for defining the method for devices on the same network to uniquely identify each other. This is typically done via Media Access Control (MAC) addresses in LAN environments.
    In summary, the Data Link Layer (Layer 2) plays a vital role in the network communication process by establishing, maintaining, and deciding who gets to use the data connection when there are multiple devices trying to send data at the same time. It is an essential part of the OSI model, enabling reliable and efficient data communication.
  2. Multihomed Proxy Server: A Proxy Server with more than one network interface card.
  3. SOCKS proxy:The SOCKS Proxy Services receives requests for Internet resources from SOCKS clients.
  4. Web proxy: The Web Proxy Service is available to CERN compliant browsers and provides HTTP, HTTPS, Gopher and FTP (Read) proxy services.
  5. WinSock proxy: The WinSock Proxy Service provides proxy services to WinSock client requests for web resources.
In the next module, you will learn how to enhance and optimize Proxy Server for availability and performance.

Create Proxy Server - Exercise

Click the Exercise link to practice identifying issues involved with creating a Proxy Server solution. Create Proxy Server - Exercise