Proxy provides users access internet with the host application. The proxy server serves the special rites or a collection of rites performed on a dual_homed host or braison host. The user’s client program through the proxy server will intermediate and replace the server that the user needs to communicate with. The Proxy server identifies client requirements and decides to respond or not respond if the request is met, the proxy server will connect to the server instead of the client, and it continues to transition the request from the client to the server, as well as meet the requirements of the server to the client. So the proxy is the same as the connection bridge between the server and the client.
The proxy allows the user to access internet services in the immediate sense. A dual-homed host needs to log in to the host before using any services on the Internet. This is often inconvenient, and some young people frustrated when they feel through firewalls proxies it to solve this problem. Of course, it also has the new protocol, but in general, it is quite convenient for the user. Because a proxy allows users to access services on the Internet from their personal system, it does not allow packets directly between systems and Internet use. The indirect way is through a dual-homed host or through a combination of screening and router bastion host.
One proxy server, like a firewall, is designed to protect natural resources in the local network when linking other networks such as network Internet. We also difficult to distinguish the differences between a proxy server and a firewall. You can think that a proxy is a service run on a firewall, where which firewall is a server physically located between the Internet and the local network. The basic firewall provides control expansion to filter and supervision information out into the network. Proxy services run on a firewall at the application level and provide a system transmission control load sophisticated.
Proxy services are a way to prevent internet users trying to access the local network. These services are designed to use local network services. Only the data package required by local network users is transmitted through the firewall.
For example, suppose a workstation’s local network wants to access a Web server on the Internet. HTTP proxy service running on the firewall blocks HTTP packets of users, repackaging, and transfer of data required to put the Web server on the Internet. The packet contains the source IP address of the proxy server, not the IP address of the user’s workstation. Apparently, the same as all data packets are transmitted from the proxy server, which provides a level of security and confidentiality for all address inside. When a Web server answers the request, the proxy server receives the answer and move this to the local workstation. The advantage of this method is the local network is not adapted to the Internet’s addressing standards, an important factor when the Internet running based on IP address. For safety reasons, the packet will be tested to the virus or the ability to change data by vandals outside. Proxy servers can create a Web server encryption prevents destruction of useful resources.
Proxy servers also have important buffer functions. Because it is a central location for local network users can access the Internet, a proxy server can store the documents are accessed frequently on the Internet and allows users to access their local network when needed. For example, thousands of users can access the content Dilbert every day. If a company has a proxy server host, this will be the first store in the day. The user then accesses this item from a local store and not from the Dilbert website. Because the proxy server control packets to local network users, it is also easy to check virus, data filtering, and access control. The package containing desired data can be removed. The proxy server provides services for applications such as HTTP, FTP, Telnet, and other internet protocols. There are many proxy compatibilities for various applications. In special cases, the workstation must be running special software to access the firewall. For example, Microsoft’s proxy allows the computer to run on IPX protocol(Internetwork Packet Exchange). Access to the proxy server must be used special software. In addition, the proxy server can use SOCKS, an authentication protocol that requires workstations to have the software to access the SOCKS.
Summarized, the proxy server is an intermediary device allowing users to access the website indirectly. The website is not placed on this proxy. This is very common and necessary as we need access to the international website; some websites are blocked and can only be accessed using a proxy. But when we use a proxy, that will be difficult in some cases; we do not have access to some of the web. This is because the website does not support proxies.
WHAT IS THE ISA CLIENT?
According to popular belief, the client is a computer that sends a request for data to the server, and the server collects and sends data to the client response. Relations client – servers depend on the software installed on the client to help it communicate with a certain service at the server.
However, the concepts for ISA clients and ISA servers are quite different. ISA client does not necessarily have to be installed on a specific application, and the client application on the ISA is not necessarily directly connected to the ISA server. In short and more specifically, any computer connected to the resources that it needs to use through ISA is an ISA client.
According to the above concept, ISA clients will belong to 1 of 3 categories:
- SecureNAT client.
- Web Proxy client
- Firewall client.
A single computer can be configured to operate in one or more of the ISA clients. For example, A Windows XP machine can be configured for all three types of clients. A Linux machine can be configured as a Web Proxy client and Firewall client. Selecting the most appropriate type of ISA client is sometimes not an easy problem.
WEB PROXY CLIENT
Web proxy clients are computers that have browsers configured to use the ISA server as a web proxy server. However, not only a web browser but other applications can also be configured to use the ISA server’s web proxy server. For example, instant messenger programs (chat) or mail browsers.
When SecureNAT or Firewall client access to the website, the request is transferred to the firewall service on the ISA. Firewall service to transfer the request to the web proxy filter. Web proxy client requests are directed to port 8080 – the port of the web proxy filter – hereby increasing web access speed significantly.
When the Web proxy client uses a web browser to download the data from the FTP server, for example, ftp://ftp.example.com, web browsers will implement an HTTP tunnel (HTTP tunneling) rather than directly using FTP. Web proxy requests FTP client packaged with one HTTP header with the target address being the internal address of the ISA card, and the goal is TCP port 8080. Upon receiving this request, ISA 2006 will change the HTTP header and FTP transfer request packet to the server ftp.example.com. When using a web proxy for an FTP connection, the client can only download (download). To be able to upload (upload), the client must be configured as SecureNAT or Firewall client.
Administrators can limit the number of Web proxy client’s simultaneous connections. This configuration is useful when the access bandwidth is limited or when the administrator wants to maintain a certain percentage of users accessing the web at a time.