Proxy Servers - Intermediaries for Network Traffic
About 2 min read
A proxy is a server that sits between the client and the server and relays communication. As its name ("proxy," meaning agent) suggests, it sends requests and returns responses on behalf of the client. It is used for a variety of purposes, including access control in corporate networks, speedups through caching, and ensuring anonymity. Combined with a firewall, it becomes an important component of network security.
Forward Proxy and Reverse Proxy
Forward Proxy
Placed on the client side, it sends requests to external servers on behalf of the user. Widely used for corporate internet access, it serves for recording access logs, content filtering, and concealing IP addresses.
Reverse Proxy
Placed on the server side, it distributes requests from outside to multiple servers behind it. It is used for load balancing, SSL termination, caching, and DDoS mitigation. Nginx and Cloudflare are representative examples.
Flow of Communication
Use in Enterprises
In a corporate network, a forward proxy plays multiple roles. Through content filtering, it restricts access to sites inappropriate for work. By logging all communication, it can be used for investigating data leaks and for compliance audits. Through caching, it speeds up repeated access to the same content and saves bandwidth. Our article on remote work security also explains access control from outside the company.
Transparent Proxy and Explicit Proxy
An explicit proxy is one whose address is set manually in the browser or application. The user is aware of the proxy's existence. A transparent proxy, on the other hand, relays communication automatically at the level of network equipment, so the user needs no configuration and is not aware of the proxy's existence. Captive portals that display a terms-of-use page on public Wi-Fi or hotel networks are also a type of transparent proxy.
The Difference from a VPN
| Aspect | Proxy | VPN |
|---|---|---|
| Encryption | Usually none (except HTTPS proxies) | Encrypts all communication |
| Scope | Specific app / browser | Communication of the entire device |
| Speed | Can be sped up with caching | Has encryption overhead |
| Main uses | Filtering, caching | Concealing communication, remote access |
Our article on the basics of VPNs and how to choose one explains in detail how VPNs work and the key points for selecting one.
Security Risks
Because a proxy is a relay point for communication, routing traffic through a malicious proxy carries the risk of a man-in-the-middle attack. Some free proxy services intercept the content of communication to insert advertisements or to steal credentials. With HTTPS communication, the proxy cannot read the contents of the data, but corporate proxies with an SSL inspection feature can inspect the contents because they decrypt and re-encrypt HTTPS communication using their own certificates. Please also refer to our article on public Wi-Fi security.
Real-World Use Cases
"We deployed a Squid proxy on our internal network and capture logs of all HTTP/HTTPS communication. It has helped with the early detection of unauthorized access using former employees' accounts, and we actually detected two cases of suspicious outbound transmissions."
For those who want to grasp the overall picture of network security, network security books on Amazon are well suited for systematic learning.
Was this article helpful?