Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.

Published bySibyl Lawrence Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in."— Presentation transcript:

1 1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in Proxy Server Designs Proxy Server Design Optimization

2 2 Microsoft Proxy Server 2.0 and Microsoft Windows 2000

3 3 Proxy Server Design Review Collect requirements and constraints. Consider Data amount and confidentiality Accessibility to resources Plans for growth Existing proxy server characteristics Availability requirements

4 4 Proxy Server Design Decisions Decisions based on requirements Proxy Server characteristics Persistent or nonpersistent connections Types of Proxy Server clients Connection methods Dynamic protocols or static routing tables Multiple connections and proxy servers Network traffic filters

5 5 Proxy Server Features Prevents unauthorized access Allows only authorized users Performs Network Address Translation (NAT) Supports public and private IP addressing Caches Web content locally Provides Internet connectivity

6 6 Web Content Caching Example

7 7 IPX to IP Gateway Designs Provide Internet connectivity to Internetwork Packet Exchange (IPX)-based networks Translate IPX packets to IP packets Each proxy server requires Two interfaces for Internet connectivity security IPX and IP configured Proxy Server client software on client computers

8 8 Placing Proxy Servers in the Design

9 9 Proxy Server Interface Requirements At least one network interface Two interfaces for Internet connections Specifications Persistent or nonpersistent connection IP configuration information for IP networks IPX configuration information for IPX networks

10 10 Proxy Server LAT Information A proxy server uses the local address table (LAT). Determines whether the address is in the private network. Allows automatic or manual updating. Downloads the LAT to the client.

11 11 Proxy Server Client Support Windows Proxy Server client Microsoft Internet Explorer 5.0 SOCKS Default gateway

12 12 Proxy Server Support for Client OSs

13 13 Proxy Server Data Protection Packet filters Web publishing Domain filters User authentication

14 14 Protecting Private Networks Packet filtering Web publishing

15 15 Packet Filtering Criteria Direction Protocol ID Local port Remote port Local host IP address Remote host IP address

16 16 Web Publishing Criteria By default, Proxy Server discards inbound requests to access Web and FTP servers in the private network. Web Publishing feature gives Web and FTP access on the private network. Proxy Server does one of the following if the URL is not on the Web Publishing list: Discards the request Redirects the request to the default Web site Redirects the request to any Web site on the private network

17 17 Restricting Internet Access

18 18 Packet Filtering Criteria based on IP headers. Use the same process as for filtering inbound traffic. Specify outbound in the Direction criteria.

19 19 Proxy Server Domain Filters Filter requests based on Single IP address IP address range Fully qualified domain name (FQDN) Reject or forward all packets.

20 20 Proxy Server User Authentication Use the Active Directory directory service or a member server. Allow or disallow specific users. Combine with filters to restrict resources.

21 21 Proxy Server Optimization Techniques Direction of traffic determines the method used. Web content cache Proxy array Network Load Balancing Round robin DNS

22 22 Web Content Caching Active caching (default) Updates content based on a variety of criteria Reduces processor overhead Can increase connection costs Passive caching Updates the content at client request Eliminates activity when clients are not on the Internet Can increase traffic and overhead

23 23 Proxy Arrays

24 24 Proxy Server Hierarchy Combining hierarchy and caching improves performance. Top-level proxy server provides Internet access. Lower-level servers forward requests.

25 25 Optimizing Private Network Access Network Load Balancing Is included in Microsoft Windows 2000 Advanced Server and Microsoft Windows 2000 Datacenter Server Works on Windows only Balances traffic across all proxy servers Requires additional memory Round robin DNS Statically load balances traffic Works on all operating systems Improves performance but not availability

26 26 Chapter Summary Use Proxy Server to provide IP and IPX Internet connectivity. Base decisions on the organization’s requirements. Protect data. Optimize for performance and availability.

Download ppt "1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in."

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Configuring Internet Access for a Network. Overview Options for Connecting a Network to the Internet Configuring Internet Access by Using a Router Configuring.

Configuring Internet Access for a Network. Overview Options for Connecting a Network to the Internet Configuring Internet Access by Using a Router Configuring.
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
Nassau Community College

Nassau Community College
Module 1: Microsoft Windows 2000 Networking Services Infrastructure Overview.

Module 1: Microsoft Windows 2000 Networking Services Infrastructure Overview.
NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.

NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.
Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.

Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.
Hands-On Microsoft Windows Server 2003 Networking Chapter 1 Windows Server 2003 Networking Overview.

Hands-On Microsoft Windows Server 2003 Networking Chapter 1 Windows Server 2003 Networking Overview.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Module 7: Microsoft Proxy Server 2

Module 7: Microsoft Proxy Server 2
Module 6: NAT As a Solution for Internet Connectivity.

Module 6: NAT As a Solution for Internet Connectivity.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
Windows Server 2008 Chapter 8 Last Update 2012.05.31 1.0.0.

Windows Server 2008 Chapter 8 Last Update
Chapter 11: Dial-Up Connectivity in Remote Access Designs

Chapter 11: Dial-Up Connectivity in Remote Access Designs
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
11.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 4: Dynamic Host Configuration Protocol.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 4: Dynamic Host Configuration Protocol.

Similar presentations

Ads by Google