1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server...
-
Upload
sibyl-lawrence -
Category
Documents
-
view
215 -
download
0
Transcript of 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server...
![Page 1: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/1.jpg)
1
Chapter 6: Proxy Server in Internet and Intranet Designs
Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in Proxy Server Designs Proxy Server Design Optimization
![Page 2: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/2.jpg)
2
Microsoft Proxy Server 2.0 and Microsoft Windows 2000
![Page 3: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/3.jpg)
3
Proxy Server Design Review
Collect requirements and constraints. Consider
Data amount and confidentiality Accessibility to resources Plans for growth Existing proxy server characteristics Availability requirements
![Page 4: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/4.jpg)
4
Proxy Server Design Decisions
Decisions based on requirements Proxy Server characteristics
Persistent or nonpersistent connections Types of Proxy Server clients Connection methods
Dynamic protocols or static routing tables
Multiple connections and proxy servers Network traffic filters
![Page 5: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/5.jpg)
5
Proxy Server Features
Prevents unauthorized access Allows only authorized users Performs Network Address Translation
(NAT) Supports public and private IP
addressing Caches Web content locally Provides Internet connectivity
![Page 6: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/6.jpg)
6
Web Content Caching Example
![Page 7: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/7.jpg)
7
IPX to IP Gateway Designs
Provide Internet connectivity to Internetwork Packet Exchange (IPX)-based networks
Translate IPX packets to IP packets Each proxy server requires
Two interfaces for Internet connectivity security
IPX and IP configured Proxy Server client software on client
computers
![Page 8: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/8.jpg)
8
Placing Proxy Servers in the Design
![Page 9: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/9.jpg)
9
Proxy Server Interface Requirements
At least one network interface Two interfaces for Internet connections Specifications
Persistent or nonpersistent connection IP configuration information for IP networks IPX configuration information for IPX
networks
![Page 10: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/10.jpg)
10
Proxy Server LAT Information
A proxy server uses the local address table (LAT).
Determines whether the address is in the private network.
Allows automatic or manual updating. Downloads the LAT to the client.
![Page 11: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/11.jpg)
11
Proxy Server Client Support
Windows Proxy Server client Microsoft Internet Explorer 5.0 SOCKS Default gateway
![Page 12: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/12.jpg)
12
Proxy Server Support for Client OSs
![Page 13: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/13.jpg)
13
Proxy Server Data Protection
Packet filters Web publishing Domain filters User authentication
![Page 14: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/14.jpg)
14
Protecting Private Networks
Packet filtering Web publishing
![Page 15: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/15.jpg)
15
Packet Filtering Criteria
Direction Protocol ID Local port Remote port Local host IP address Remote host IP address
![Page 16: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/16.jpg)
16
Web Publishing Criteria By default, Proxy Server discards inbound
requests to access Web and FTP servers in the private network.
Web Publishing feature gives Web and FTP access on the private network.
Proxy Server does one of the following if the URL is not on the Web Publishing list: Discards the request Redirects the request to the default Web site Redirects the request to any Web site on the
private network
![Page 17: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/17.jpg)
17
Restricting Internet Access
![Page 18: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/18.jpg)
18
Packet Filtering
Criteria based on IP headers. Use the same process as for filtering
inbound traffic. Specify outbound in the Direction
criteria.
![Page 19: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/19.jpg)
19
Proxy Server Domain Filters
Filter requests based on Single IP address IP address range Fully qualified domain name (FQDN)
Reject or forward all packets.
![Page 20: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/20.jpg)
20
Proxy Server User Authentication
Use the Active Directory directory service or a member server.
Allow or disallow specific users. Combine with filters to restrict
resources.
![Page 21: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/21.jpg)
21
Proxy Server Optimization Techniques
Direction of traffic determines the method used. Web content cache Proxy array Network Load Balancing Round robin DNS
![Page 22: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/22.jpg)
22
Web Content Caching
Active caching (default) Updates content based on a variety of criteria Reduces processor overhead Can increase connection costs
Passive caching Updates the content at client request Eliminates activity when clients are not on the
Internet Can increase traffic and overhead
![Page 23: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/23.jpg)
23
Proxy Arrays
![Page 24: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/24.jpg)
24
Proxy Server Hierarchy
Combining hierarchy and caching improves performance.
Top-level proxy server provides Internet access.
Lower-level servers forward requests.
![Page 25: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/25.jpg)
25
Optimizing Private Network Access Network Load Balancing
Is included in Microsoft Windows 2000 Advanced Server and Microsoft Windows 2000 Datacenter Server
Works on Windows only Balances traffic across all proxy servers Requires additional memory
Round robin DNS Statically load balances traffic Works on all operating systems Improves performance but not availability
![Page 26: 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.](https://reader034.fdocuments.in/reader034/viewer/2022051821/56649e5c5503460f94b54a12/html5/thumbnails/26.jpg)
26
Chapter Summary
Use Proxy Server to provide IP and IPX Internet connectivity.
Base decisions on the organization’s requirements.
Protect data. Optimize for performance and
availability.