Command Center

A proxy server is a machine which acts as an intermediary between the computers of a local area network (sometimes using protocols other than TCP/IP) and the Internet

Most of the time the proxy server is used for the web, and when it is, it's an HTTP proxy. However, there can be proxy servers for every application protocol (FTP, etc.).

The basic operating principle of a proxy server is quite simple: It is server which acts as a "proxy" for an application by making a request on the Internet in its stead. This way, whenever a user connects to the Internet using a client application configured to use a proxy server, the application will first connect to the proxy server and give it its request. The proxy server then connects to the server which the client application wants to connect to and sends that server the request. Next, the server gives its reply to the proxy, which then finally sends it to the application client

Nowadays, by using TCP/IP within local area networks, the relaying role that the proxy server plays is handled directly by gateways and routers. However, proxy servers are still being used, as they have some other features.

Most proxies have a cache, the ability to keep pages commonly visited by users in memory (or "in cache"), so they can provide them as quickly as possible. Indeed, the term "cache" is used often in computer science to refer to a temporary data storage space (also sometimes called a "buffer.")

A proxy server with the ability to cache information is generally called a "proxy-cache server".

The feature, implemented on some proxy servers, is used both to reduce Internet bandwidth use and to reduce document loading time for users.

Nevertheless, to achieve this, the proxy must compare the data it stores in cached memory with the remote data on a regular basis, in order to ensure that the cached data is still valid.

What's more, by using a proxy server, connections can be tracked by creating logs for systematically recording user queries when they request connections to the Internet

Because of this, Internet connections can be filtered, by analysing both client requests and server replies. When filtering is done by comparing a client's request to a list of authorised requests, this is called whitelisting, and when it's done with a list of forbidden sites, it's called blacklisting. Finally, analysing server replies that comply with a list of criteria (such as keywords) is called content filtering.

As a proxy is an indispensable intermediary tool for internal network users who want to access external resources, it can sometimes be used to authenticate users, meaning to ask them to identify themselves, such as with a username and password. It is also easy to grant access to external resources only to individuals authorised to do so, and to record each use of external resources in log files.

This type of mechanism, when implemented, obviously raises many issues related to individual liberties and personal rights.

A reverse-proxy is a "backwards" proxy-cache server; it's a proxy server that, rather than allowing internal users to access the Internet, lets Internet users indirectly access certain internal servers.

The reverse-proxy server is used as an intermediary by Internet users who want to access an internal website, by sending it requests indirectly. With a reverse-proxy, the web server is protected from direct outside attacks, which increases the internal network's strength. What's more, a reverse-proxy's cache function can lower the workload if the server it is assigned to, and for this reason is sometimes called a server accelerator.

Finally, with perfected algorithms, the reverse-proxy can distribute the workload by redirecting requests to other, similar servers; this process is called load balancing.

The most widely used proxy, without a doubt, is Squid, a free software program available for several platforms, including Windows and Linux.

In Windows, there are several programs for setting up a local area network proxy server at a low cost: