A proxy server acts as an intermediary between internal users and the external Internet. It provides security, administrative control, and caching services for an enterprise network. A proxy server receives requests from internal users, checks the requests against filtering rules, looks for requested content in its local cache, and either returns the content or requests it from the external Internet on the user's behalf. Using a proxy server improves response times when cached content is requested frequently by internal users.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online from Scribd
A proxy server acts as an intermediary between internal users and the external Internet. It provides security, administrative control, and caching services for an enterprise network. A proxy server receives requests from internal users, checks the requests against filtering rules, looks for requested content in its local cache, and either returns the content or requests it from the external Internet on the user's behalf. Using a proxy server improves response times when cached content is requested frequently by internal users.
A proxy server acts as an intermediary between internal users and the external Internet. It provides security, administrative control, and caching services for an enterprise network. A proxy server receives requests from internal users, checks the requests against filtering rules, looks for requested content in its local cache, and either returns the content or requests it from the external Internet on the user's behalf. Using a proxy server improves response times when cached content is requested frequently by internal users.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online from Scribd
A proxy server acts as an intermediary between internal users and the external Internet. It provides security, administrative control, and caching services for an enterprise network. A proxy server receives requests from internal users, checks the requests against filtering rules, looks for requested content in its local cache, and either returns the content or requests it from the external Internet on the user's behalf. Using a proxy server improves response times when cached content is requested frequently by internal users.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online from Scribd
Download as doc, pdf, or txt
You are on page 1of 9
proxy server
In an enterprise that uses the Internet, a proxy server is a server
that acts as an intermediary between a workstation user and the Internet so that the enterprise can ensure security, administrative control, and caching service. A proxy server is associated with or part of a gateway server that separates the enterprise network from the outside network and a firewall server that protects the enterprise network from outside intrusion. A proxy server receives a request for an Internet service (such as a Web page request) from a user. If it passes filtering requirements, the proxy server, assuming it is also a cache server , looks in its local cache of previously downloaded Web pages. If it finds the page, it returns it to the user without needing to forward the request to the Internet. If the page is not in the cache, the proxy server, acting as a client on behalf of the user, uses one of its own IP addresses to request the page from the server out on the Internet. When the page is returned, the proxy server relates it to the original request and forwards it on to the user. To the user, the proxy server is invisible; all Internet requests and returned responses appear to be directly with the addressed Internet server. (The proxy is not quite invisible; its IP address has to be specified as a configuration option to the browser or other protocol program.) An advantage of a proxy server is that its cache can serve all users. If one or more Internet sites are frequently requested, these are likely to be in the proxy's cache, which will improve user response time. In fact, there are special servers called cache servers. A proxy can also do logging. The functions of proxy, firewall, and caching can be in separate server programs or combined in a single package. Different server programs can be in different computers. For example, a proxy server may in the same machine with a firewall server or it may be on a separate server and forward requests through the firewall.
This article contains important information
about Microsoft Proxy Server installation requirements. For more information, please review Chapter 2 of the Microsoft Proxy Server online documentation.
Hardware Requirements
Microsoft Proxy Server has the same
hardware requirements as Microsoft Windows NT Server version 4.0. For more information, see the documentation for Windows NT Server version 4.0.
Software Requirements
The following programs must already be
installed on the server computer before Microsoft Proxy Server can be installed:
• Microsoft Internet Information
Server version 2.0 • Microsoft Windows NT Server version 4.0 • Microsoft Windows NT Server 4.0 Service Pack 1 (provided on the Microsoft Proxy Server compact disc)
The server computer can be configured as a stand-alone server, a
primary domain controller (PDC), or a backup domain controller (BDC). However, for the highest security level and the best performance, it is recommended that you install Microsoft Proxy Server on a computer configured as a stand-alone server. For more information about member servers, PDCs, and BDCs, see the documentation for Windows NT Server.
For best cache performance, it is strongly recommended that at
least one disk drive on the server computer be configured as a Windows NT File System (NTFS) volume.
Before you install Microsoft Proxy Server,
complete the following tasks:
Verify your software configuration:
1. Verify that Microsoft Windows
NT Server 4.0 Service Pack 1 is installed. 2. Verify that Microsoft Internet Information Server 2.0 is installed. 3. Verify that TCP/IP is installed on the server.
Verify your hardware configuration:
1. Setting Up the Disk Drives
Microsoft Proxy Server can be
installed on computers that have their hard disks configured as file allocation table (FAT) or NTFS volumes. However, for security and performance, it is recommended that at least one of the server's hard disks be configured as an NTFS volume.
Features that NTFS volumes provide
(and FAT volumes do not) include:
o A maximum file size of up
to 64 gigabytes (GB), depending on the size of the disk clusters. o Integration with Windows NT Server security to control and audit file, share, and directory access. o An Activity log that you can use to restore the disk in the event of a power failure or other problem. o Support for flexible per- file compression.
The Web Proxy service of Microsoft
Proxy Server stores cached Internet objects on one or more of the server's disk drives. The particular disk drives used for this purpose are selected during installation. For best cache performance, it is strongly recommended that you configure all drives that have space allocated to the cache as NTFS drives.
If your current server disk volume is
formatted to use FAT partitions, you can convert these partitions to NTFS (before or after installing Microsoft Proxy Server) using the Convert program included with Windows NT Server. Convert does not overwrite data on the disk. For more information about using this program to convert FAT volumes to NTFS volumes, see your documentation for Windows NT Server, or type "convert/?" (without the quotation marks) at the command line in the Command Prompt window.
2. Setting Up the Network Adapter
Cards
Before you install Microsoft Proxy
Server, verify that network adapter cards are installed and configured properly. To create a secure configuration, the Microsoft Proxy Server computer must have at least one network adapter card connected to the private network, plus one network adapter card, modem, or integrated services digital network (ISDN) adapter to connect to the Internet.
You should install the network
adapter cards in your server computer before installing Microsoft Proxy Server. For more information on installing network adapter cards, refer to documentation provided with your adapter cards. Once the adapter cards are installed, you can use the Network Control Panel to configure each card.
To configure additional network
adapter cards, perform the following steps:
1. Open Control Panel.
2. Double-click the Network icon, and then click the Adapters tab. 3. Click the Add button to add the additional network adapter card. To configure TCP/IP settings for internal and external network adapter cards, perform the following steps:
4. Set TCP/IP protocol bindings for
the external network adapter card.
Set the binding to TCP/IP, so
that it can communicate over the Internet. When binding this network card to TCP/IP, you are prompted for the card's Internet Protocol address. This address is usually supplied by your Internet Service Provider (ISP).
If the external network adapter
card will be used to connect to the Internet, it must be bound only to the TCP/IP protocol. In particular, do not bind IPX/SPX or NetBEUI to the externally connected cards. 5. Set protocol bindings for the internal network adapter card.
If the server will be running the Web Proxy service, the
network adapter card connected to the private network must be bound to TCP/IP. If the server will be running the WinSock Proxy service, the network adapter card connected to the private network can be bound to TCP/IP, IPX/SPX, or both.
NOTE: You can choose to implement Microsoft Proxy
Server on a server that has only one network adapter card. You can use this configuration primarily to provide limited proxy service in the following ways:
Caching service for
internal Web Proxy clients. n IP application-level gateway to support internal IPX clients that use the WinSock Proxy service. 6. Use one default IP gateway.
A Microsoft Proxy Server
computer should have only one IP default gateway. The IP address of the default gateway should be configured on the external network adapter card only. 7. Disable dynamic host configuration protocol (DHCP) for the adapter cards.
Use static IP addresses on the adapter cards. DHCP will
attempt to reset the IP default gateway you selected for Microsoft Proxy Server. 2. Setting Up a Modem or ISDN Adapter
RAS and Microsoft Proxy Server
ith Microsoft Proxy Server, you can
use the Windows NT Server Remote Access Service (RAS) dial-out client to connect to an ISP. RAS dial-out requires the use of at least one of the following on the Server computer:
o Modem - You can install
one or more modems. High- speed modems, such as 28.8 Kbps modems, are recommended. o ISDN adapter - If you are using an ISDN line and have signed up for the ISDN service option with an ISP, install an ISDN adapter.
When selecting any hardware for use
with a dial-up network connection, check the Windows NT Hardware Compatibility List to confirm that the modem or adapter you are purchasing is supported. Microsoft has tested the modems and ISDN adapters on this list for use with RAS. Also, try to select a modem or ISDN adapter that is the same or very close to the one that is used by the ISP you are using. This helps to ensure optimal performance and the highest possible connection rates.
For information about selecting and
installing a modem or ISDN adapter, see your documentation for Windows NT Server 4.0 or documentation provided with your modem or ISDN adapter.
Setting Up a Modem
To set up a modem on the server
computer, perform the following steps:
1. Install the modem and
start the server computer. 2. In Control Panel, double- click the Modems application icon. 3. Follow the on-screen instructions for installing a new modem.
For information about installing a
modem, see your documentation for Windows NT Server 4.0 and the documentation provided with your modem.
Setting Up an ISDN Adapter
ISDN offers a much faster
communication speed than ordinary telephone service that uses analog equipment. ISDN can operate at speeds of 64 or 128 Kb per second.
Unlike most available modems, not all
ISDN hardware uses the same signaling technology. This may introduce connection problems between your ISDN provider (the local telephone company) and your hardware adapter. In some cases, the adapter may not work at all with service in your area. For this reason it is important to consult with both telephone and Internet service providers you will be working with in your local area before making a final selection on ISDN adapters. As with modems, obtaining an adapter that is supported by Microsoft and on the Hardware Compatibility List is also highly recommended.
To install an ISDN adapter, perform
the following steps:
4. Install an ISDN card and
start the server computer. 5. In Control Panel, double- click the Network application icon, click the Adapters tab, and click Add. 6. Follow the on-screen instructions to select or install a device driver for the ISDN adapter.
You must restart the computer after
you have installed the ISDN drivers. Otherwise, not all of the available ISDN ports may be listed on the screen when you configure Remote Access for ISDN.
Setting Up RAS
You can install RAS either during or
after the initial Windows NT Server Setup. To install and configure RAS after Windows NT Server has been installed, use the Network Control Panel. You will need to log on as a member of the Administrators group. Also, because you are connecting to an ISP, you need to have the TCP/IP protocol installed before installing RAS.
To install the RAS client with Microsoft
Proxy Server, perform the following steps:
7. In Control Panel, double-
click Network, click the Services tab, and click Add. 8. In the Network Service box, select Remote Access Service, and then click OK. 9. Follow the on-screen instructions to complete the installation of the Remote Access Service.
Select Dial out only for port usage to
configure RAS for dialout-only connection to an ISP. Port usage can be set by clicking Configure in the Remote Access Service Setup dialog box.
Network protocol settings should
include TCP/IP only (the IPX/SPX and NetBEUI check boxes should be cleared). You can set the network protocols by clicking Network in the Remote Access Service Setup dialog box.