1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.

Slides:



Advertisements
Similar presentations
Enabling Secure Internet Access with ISA Server
Advertisements

Configuring Internet Access for a Network. Overview Options for Connecting a Network to the Internet Configuring Internet Access by Using a Router Configuring.
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
Nassau Community College
Module 1: Microsoft Windows 2000 Networking Services Infrastructure Overview.
NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.
Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.
Hands-On Microsoft Windows Server 2003 Networking Chapter 1 Windows Server 2003 Networking Overview.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Lesson 19: Configuring Windows Firewall
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Module 7: Microsoft Proxy Server 2
Module 6: NAT As a Solution for Internet Connectivity.
1 Enabling Secure Internet Access with ISA Server.
Windows Server 2008 Chapter 8 Last Update
Chapter 11: Dial-Up Connectivity in Remote Access Designs
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 4: Dynamic Host Configuration Protocol.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Module 7: Configuring TCP/IP Addressing and Name Resolution.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Configuring Routing and Remote Access(RRAS) and Wireless Networking
Internal NetworkExternal Network. Hub Internal NetworkExternal Network WS.
Chapter 6: Packet Filtering
By : Himanshu Mishra Nimish Agarwal CPSC 624.  A system designed to prevent unauthorized access to or from a private network.  It must have at least.
Objectives Configure routing in Windows Server 2008 Configure Network Address Translation 1.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
Jamel Callands Austin Chaet Carson Gallimore.  Downloading  Recommended Specifications  Features  Reporting and Monitoring  Questions.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 7: Domain Name System.
Chapter 13 – Network Security
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
Windows 7 Firewall.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.
CHAPTER 3 PLANNING INTERNET CONNECTIVITY. D ETERMINING INTERNET CONNECTIVITY REQUIREMENTS Factors to be considered in internet access strategy: Sufficient.
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
1 Chapter 7: NAT in Internet and Intranet Designs Designs That Include NAT Essential NAT Design Concepts Data Protection in NAT Designs NAT Design Optimization.
Overview of Microsoft ISA Server. Introducing ISA Server New Product—Proxy Server In 1996, Netscape had begun to sell a web proxy product, which optimized.
Page 1 TCP/IP Networking and Remote Access Lecture 9 Hassan Shuja 11/23/2004.
1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
1 Chapter 3: Multiprotocol Network Design Designs That Include Multiple Protocols IPX Design Concepts AppleTalk Design Concepts SNA Design Concepts.
McLean HIGHER COMPUTER NETWORKING Lesson 14 Firewalls & Filtering Comparison of Internet content filtering methods: firewalls, Internet filtering.
The Intranet.
Module 7: Advanced Application and Web Filtering.
Module 1: Configuring Routing by Using Routing and Remote Access.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
Security fundamentals Topic 10 Securing the network perimeter.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 4: Planning and Configuring Routing and Switching.
Module 10: Windows Firewall and Caching Fundamentals.
6.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing.
1 Chapter 13: RADIUS in Remote Access Designs Designs That Include RADIUS Essential RADIUS Design Concepts Data Protection in RADIUS Designs RADIUS Design.
1 Chapter 8: DHCP in IP Configuration Designs Designs That Include DHCP Essential DHCP Design Concepts Configuration Protection in DHCP Designs DHCP Design.
1 Welcome to Designing a Microsoft Windows 2000 Network Infrastructure.
FIREWALLS By k.shivakumar 08k81f0025. CONTENTS Introduction. What is firewall? Hardware vs. software firewalls. Working of a software firewalls. Firewall.
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
11 SECURING NETWORK TRAFFIC WITH IPSEC Chapter 6.
Security fundamentals
Module 3: Enabling Access to Internet Resources
Affinity Depending on the application and client requirements of your Network Load Balancing cluster, you can be required to select an Affinity setting.
CONNECTING TO THE INTERNET
SECURING NETWORK TRAFFIC WITH IPSEC
Planning and Troubleshooting Routing and Switching
Computer Data Security & Privacy
Chapter 5: Multiprotocol Routing Designs
SUBMITTED BY: NAIMISHYA ATRI(7TH SEM) IT BRANCH
IIS.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 4: Planning and Configuring Routing and Switching.
Presentation transcript:

1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in Proxy Server Designs Proxy Server Design Optimization

2 Microsoft Proxy Server 2.0 and Microsoft Windows 2000

3 Proxy Server Design Review Collect requirements and constraints. Consider Data amount and confidentiality Accessibility to resources Plans for growth Existing proxy server characteristics Availability requirements

4 Proxy Server Design Decisions Decisions based on requirements Proxy Server characteristics Persistent or nonpersistent connections Types of Proxy Server clients Connection methods Dynamic protocols or static routing tables Multiple connections and proxy servers Network traffic filters

5 Proxy Server Features Prevents unauthorized access Allows only authorized users Performs Network Address Translation (NAT) Supports public and private IP addressing Caches Web content locally Provides Internet connectivity

6 Web Content Caching Example

7 IPX to IP Gateway Designs Provide Internet connectivity to Internetwork Packet Exchange (IPX)-based networks Translate IPX packets to IP packets Each proxy server requires Two interfaces for Internet connectivity security IPX and IP configured Proxy Server client software on client computers

8 Placing Proxy Servers in the Design

9 Proxy Server Interface Requirements At least one network interface Two interfaces for Internet connections Specifications Persistent or nonpersistent connection IP configuration information for IP networks IPX configuration information for IPX networks

10 Proxy Server LAT Information A proxy server uses the local address table (LAT). Determines whether the address is in the private network. Allows automatic or manual updating. Downloads the LAT to the client.

11 Proxy Server Client Support Windows Proxy Server client Microsoft Internet Explorer 5.0 SOCKS Default gateway

12 Proxy Server Support for Client OSs

13 Proxy Server Data Protection Packet filters Web publishing Domain filters User authentication

14 Protecting Private Networks Packet filtering Web publishing

15 Packet Filtering Criteria Direction Protocol ID Local port Remote port Local host IP address Remote host IP address

16 Web Publishing Criteria By default, Proxy Server discards inbound requests to access Web and FTP servers in the private network. Web Publishing feature gives Web and FTP access on the private network. Proxy Server does one of the following if the URL is not on the Web Publishing list: Discards the request Redirects the request to the default Web site Redirects the request to any Web site on the private network

17 Restricting Internet Access

18 Packet Filtering Criteria based on IP headers. Use the same process as for filtering inbound traffic. Specify outbound in the Direction criteria.

19 Proxy Server Domain Filters Filter requests based on Single IP address IP address range Fully qualified domain name (FQDN) Reject or forward all packets.

20 Proxy Server User Authentication Use the Active Directory directory service or a member server. Allow or disallow specific users. Combine with filters to restrict resources.

21 Proxy Server Optimization Techniques Direction of traffic determines the method used. Web content cache Proxy array Network Load Balancing Round robin DNS

22 Web Content Caching Active caching (default) Updates content based on a variety of criteria Reduces processor overhead Can increase connection costs Passive caching Updates the content at client request Eliminates activity when clients are not on the Internet Can increase traffic and overhead

23 Proxy Arrays

24 Proxy Server Hierarchy Combining hierarchy and caching improves performance. Top-level proxy server provides Internet access. Lower-level servers forward requests.

25 Optimizing Private Network Access Network Load Balancing Is included in Microsoft Windows 2000 Advanced Server and Microsoft Windows 2000 Datacenter Server Works on Windows only Balances traffic across all proxy servers Requires additional memory Round robin DNS Statically load balances traffic Works on all operating systems Improves performance but not availability

26 Chapter Summary Use Proxy Server to provide IP and IPX Internet connectivity. Base decisions on the organization’s requirements. Protect data. Optimize for performance and availability.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.