Did you know Cybrary's video training is FREE? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
Next we look at Proxies and learn what they are and why they are essential to server management and network security. You'll learn how proxies are deployed, how they are designed, where in the network you will find and utilize them as another first layer of security. [toggle_content title="Transcript"] Now we will be talking about proxies. Proxies are devices or servers that forward packets between clients and servers, they forward traffic between clients and servers. These are proxies, they could be proxy servers or they could even be routers. They are proxies that they forward packets between clients and servers on a network. We have several types of proxies. We have several instances with which we could use proxies, in certain networks where the networks are designed with private addresses. Private addresses cannot move over the internet. They are not internet rout-able, they are just network rout-able. We will see how proxies could be used to facilitate such networks. In some other environments, web servers could be protected using proxies. There we talk about reverse proxies. We will do 2 diagrams to explain how forwarding proxies work and reverse proxies work. In this instance we have, we could have hundreds or thousands of computers on the internal network with private addresses, hundreds or thousands of computers on your internal network with private addresses. The private addresses cannot go past through the internet because these private addresses could also be in use by another organization on the internet. The idea is, on another part of the world, the idea is we have a proxy in place. Usually when organizations seek an address and a public address from the service provider, service providers will give 1 or 2 public IP addresses. They don't want to know if you have thousands of computers on your network. Given 1 public IP address, your users cannot share that maybe 5 minutes each a day. That would not be efficient for your users, "Okay, you have it for 5 minutes, you have it for 5 minutes, she gets it for 5 minutes," that is not efficient. Rather, we would implement a proxy and have that public address issued by the service provider on the proxy. Then what we do is, we do client proxy configuration, meaning, on the client machines we set the proxy address so that these client systems can get to the proxy. How do we do that? On that proxy on the client system you click on start, go to control panel, internet options, once you get to the internet options you double click on internet options. The page opens up, on the connections tab. At the bottom of the page, you'll see it says LAN settings. When you click on LAN settings, another box pops off. On that box in the middle of the box you'll see it says proxy. You provide the proxy address and the port number, the desired port used for the proxy by the organization. That way, these machines know to forward their packets to the proxy and can be delivered through the internet to wherever the destination that packet is destined for. Let us see what happens when we implement a proxy. Systems on the internal network cannot get anything outside the internet themselves. All their requests are sent to the proxy, let's assume computer B is going to send a request to Google, "What is the weather tomorrow?" The packet is put on the network. We know it's coming from computer B, it's going to Google. The content of the packet is, "What is the weather tomorrow?" The proxy will receive that, what the proxy has is, the proxy has within itself a proxy table so computer A, B, C and D. The proxy will process that packet in this fashion. Who is it coming from? It was coming from B, so the proxy will flag the message. That flag means it came from computer B, the proxy effectively removes the address of computer B, flags the message so to know it came from B. The proxy will put its own address, which is the public address. The proxy will provide its own address. We know it's going to Google and the question and the question remains, "What is the weather tomorrow?" That message is sent to Google. Google will process that and send it back to the proxy. This is what we get from Google. We know it's coming from Google, who is it going to? The proxy because it came from the proxy, Google has no business with the flag. What is the weather tomorrow? Google says, "You are in for some trouble tomorrow, the weather is 5◦." The proxy gets this packet, inspects the flag, "That is the message for computer B," the proxy will then process that packet again. Who did it come from? It came from Google, it's going to computer B, because of that and that weather is 5◦. We can see what has happened here by doing address translation, packets on the internal network with private addresses, are processed by the proxy, sent across the internet, received, processed by the proxy and pushed to the internal network. Private addresses are being converted to a public address. These private addresses are being converted to a public address. This is what we call network address translation. The private internal addresses are being converted to public addresses. This is what we call network address translation. What are some benefits of network address translation? One, multiple computers on a network with private addresses can share one public address. two, we have something called caching. Computer B did ask for the weather from Google, it takes a while, a short while for the proxy to go, service that request. The proxy will go to Google and ask, "What is the weather?" process the packet and set it back to computer B. If computers A, C, and D were also to ask for the same request, "What is the weather tomorrow?" Provided they are just asking about the same thing, the proxy does not go to the internet anymore; rather, it has a copy for computer A, a copy for computer C and another copy for computer B. it will service any other user's subsequent request service from the proxy because now the proxy knows that answer. That is what we call caching. It allows reduced usage of our bandwidth as well. 3, it offers some security. The bad guys out here on the internet, the only address they see is that of the proxy leaving, they don't see our internal addresses. These bad guys cannot directly attack the internal network. They don't see the addresses. That way, our proxy also offers some form of security. Our proxies could stand behind a firewall or have a firewall built into them. They have their own security. [/toggle_content]
CISSP CISM CISA CHFI CSXF CEH, Cyber Security Specialist & Trainer
Subscribe to become an Insider Pro and get access to premium content such as: