Secure Proxy Server  «Prev  Next»

Lesson 1

Securing Proxy Server

One of the primary functions of a proxy server is to secure your internal network resources from Internet intruders. Proxy Server 2.0 includes several methods that allow you to secure your internal network resources, such as packet filters and network address translation. The security of a Proxy Server design is measured by the ability of the design to prevent unauthorized access to data transmissions and private network resources. Proxy Server enhances security by isolating the private network from the Internet and restricting traffic between the private network and the Internet.
By the end of this module, you will understand how to:
  1. Restrict access to Internet resources
  2. Define the number of screened subnets required in the Internet connectivity design
  3. Restrict IP traffic by using IP packet filters
  4. Restrict IP traffic by using domain filters
  5. Restrict inbound traffic by using Web Publishing
Microsoft introduced Microsoft Internet Security and Acceleration (ISA) Server as the successor to Microsoft Internet Proxy Server (MIPS). ISA Server represents a significant evolution from MIPS, integrating superior firewall protection, web caching, and VPN (Virtual Private Network) support to provide a robust and versatile network security solution.
The ISA Server provides an enterprise-level firewall and network security suite that offers a multitude of features:
  1. Secure Web Proxy: ISA Server acts as a secure web proxy, providing comprehensive HTTP, HTTPS, FTP and SOCKS protocol support.
  2. Application Layer Firewall: In addition to basic packet filtering, ISA Server provides application-layer filtering, ensuring more robust protection by inspecting data up to the application layer of the OSI model.
  3. Integrated VPN: ISA Server also supports VPN connections, allowing secure remote access to the internal network.
  4. Web Caching: Leveraging web caching technology, ISA Server can store and serve frequently requested web content, improving network performance.
  5. Policy-Based Access Control: Administrators can control user access based on various policies including IP addresses, protocols, applications, and even specific users or groups.
  6. Intrusion Detection: ISA Server features built-in intrusion detection mechanisms to detect and thwart potential network threats.
  7. Performance Monitoring and Logging: ISA Server provides extensive logging and reporting capabilities to monitor network usage and detect any abnormal activities.

ISA Server was later succeeded by Microsoft Forefront Threat Management Gateway (TMG), which continued the legacy of providing comprehensive, flexible network security for Microsoft-based infrastructures.

Overview

Proxy server is an intermediary server between client and the interner. Proxy servers offers the following basic functionalities:
  1. Firewall and network data filtering.
  2. Network connection sharing
  3. Data caching
Proxy servers allow to hide, conceal and make your network id anonymous by hiding your IP address.

Purpose of Proxy Servers

Following are the reasons to use proxy servers:
  1. Monitoring and Filtering
  2. Improving performance
  3. Translation
  4. Accessing services anonymously
  5. Security
In the next lesson, you will learn how to restrict access to Internet resources.