Proxy Server MS Overview Functions
Download
Report
Transcript Proxy Server MS Overview Functions
Microsoft Proxy Server 2.0
By Helen Sarian
Nam Trieu
Roy Chau
Nancy Trang
Xiao Xia Ren
Objectives of the Proxy Server
•
•
•
•
•
•
•
•
•
•
Defining the Microsoft Proxy Server 2.0
Benefits
Features
System Requirements
Pricing
Different Sized Network
Configuration of Proxy Server
Proxy Relay
Advantages and Disadvantages of Proxy
Summary
Definition Of Proxy Server 2.0
•
•
•
•
•
•
Extensible firewall
Content cache server
Provides Internet security
Improves network response time
Offers Web caching
Gateway with firewall-class security between
a LAN and the Internet
• Blocks access to undesirable sites.
Purpose of Proxy Server
•
www.microsoft.com/technet
Benefits of Proxy Server
• High Performance Caching
• Manageability & Control
• Firewall Security
High-Performance Caching
• Accelerates access to the Internet
• Offers unbeaten scalability
• Fault-Tolerance
Manageability & Control
• Blocks access to undesirable web sites
• Supports centralized management tools
• Many cost saving benefits
Firewall
• Protects internal network while
allowing connection to the Internet
• Real-time alerting and logging
• Cannot protect against attacks outside
of the firewall and viruses
2 Types of Firewalls
• Application Level
– Proxy Server
• No direct traffic between networks permitted
• Logging and access control
• Network Level
– Router
• Route traffic directly, fast and transparent.
Features of MS Proxy Server 2.0
•
•
•
•
•
•
•
•
Real-time Security Alerts
Reverse Proxy
Reverse Hosting
Server Proxying
Improved Performance
Hierarchical Content Caching
FTP and HTTP Cache Support
Web Administration
Real-Time Security Alerts
• Notification of network under attack
• Supports several alerting thresholds
Reverse Proxy
• Places web server behind Proxy server
to Publish to the Web
• Web Server can maintain access to
internal network services
Reverse Proxy
Client
•
Dept Connect
By LAN
Internet
Proxy
Web Server
Secure Network
Reverse Hosting
• Extension of reverse proxy
• Allows several web servers behind MS
Proxy Server to publish on the Internet.
* Web server can publish independently
* Also, can appear as directories in a
single large virtual web server.
Server Proxying
• Application Server can be behind Ms
Proxy Server for added security.
• Similar to Web Server behind Proxy
Server
• Example:
MS Exchange Server computer can be
placed behind you Proxy Server
Improved Performance
• Offers unbeaten performance for
Internet connection
• Proxy Server 2.0 is 40% faster than
Proxy Server 1.0
Hierarchical Caching
• Caching across a hierarchical
connection of individual Proxy Servers
• Enables distributed deployment to
branch offices and departments
FTP and HTTP Cache Support
• You can cache not only HTTP 1.0
objects
• You can also cache HTTP 1.1
• FTP Objects
• Greater control over the Tim-to –Live
(TTL) setting
• As well with MS Proxy Server version
2.0
Web Administration
• You can administer MS Server locally or
remotely
• Via a Web browser for added
Management flexibility
• Ease-of-use
• You can even create HTML error pages
System Requirements for MS
Proxy Server
• Computer / Processor
• Memory
• Hard Disk
• Display
• operating System
• Peripherals
Computer /Processor of MS
Proxy Server
• 486/33 MHz or Higher
• Pentium or Pentium PRO Processor
• Intel Pentium 133 MHz
supports up to 300 desktop PCs
• Intel Pentium 166 MHz
supports more than 300 desktop PCs
also supports DIGITAL Equipment Alpha
Processor /AXP
Hardware
• 1 to 300 clients: Pentium 133 with 2 GB
of cache and 32 MB of RAM
• 300 to 2,000 clients: Pentium 166 with 2
to 4 GB of cache and 64 MB of RAM
• 2,000 to 3,500 clients: Pentium 200 with
8 to 16 GB of cache and 256 MB of RAM
Memory of MS Proxy Server
• 24 MB of RAM
• 32 MB RAM
supporting up to 300 desktop PCs
• 64 MB RAM
supporting more than 300 desktop PCs
Hard Disk MS Proxy Server
• 20 MB of available hard disk space
minimum
• For caching 100+ MB recommended
Display of MS Proxy Server
• VGA
• Super VGA
• Video Graphics adapter
– Compatible with Windows NT Server 4.0
Operating System of MS Proxy
Server
• Microsoft Windows NT Server version
4.0
• With windows NT Server 4.0 Service
Pack 3 or greater
Peripherals
Microsoft Internet Information
server 3.0 or greater
MS Proxy Server Pricing
• Microsoft Internet Security & Accelerate
Server 2.0 English North America CD
–
–
–
–
–
Version:
Part Number:
Environment:
Media:
Estimated Price:
2.00
621-00135
Win NT
CD
$999.00
Pricing Cont..
• Microsoft Internet Security & Accelerate
Server 2.0 English Competitive/Version
Upgrade North America CD
–
–
–
–
–
Version:
Part Number:
Environment:
Media:
Estimated Price:
2.00
621-00138
Win NT
CD
$509.00
Different Sized Networks
• Small Office Network
• Medium-Size office Network
• Large Enterprise Network
Small Office Network
• Single LAN segment
• Connectivity to an ISP
• Supports fewer than 300 clients
• NIC to the internal network
• Modem to the external network
(Internet)
• Uses Auto Dial for dialing to the
Internet
Internet Network
Small
Internet Service
Provider
Proxy
Server
Client
Client
Web Server
Small Office Network Security
• Password identification required
• User permissions
• Protocol definitions
• Domain, cache, and packet filtering
Small Network on LAN
www.3com.com/smallbusiness
Medium Sized Network
• Branch office with several LAN segments
• Central office has a single LAN segment
• Demand-dial connection from Central office
to the Branch office
• Supports fewer than 2000 clients
• Auto Dial used for dialing between offices
• NIC to local network (branch)
• Modem to network in the central office
Large Enterprise Network
• Central location with LAN segments
with a backbone LAN
• Branch offices, each with a single LAN
segment
• ISP and Dedicated Link connection
from central location to an ISP
• Supports over 2000 clients
Auto Dial
• Proxy Servers dialing technique to an
ISP for Internet connection
• Uses Windows NT ‘s (Remote Access
Service) and Dial Up Networking to
connect with an ISP
Advantage of Auto Dial
• Save company Internet charges
– Event-Driven (is activated only when
Internet connection is needed
– Regulates usage – connect Internet only
during office hours
Dial Up Networking
• Purpose
– Connect client to remote networks
• Phonebook entry can store all the
required settings to connect a remote
network
– Personal
– Company (public access)
Proxy server configuration
• Uses Internet Service Manager.
• Proxy services
– Caching page
• Definition of cache
• Types of cache
• Application benefits from larger caches
– Routing page
– Publishing page
– Permission page
Caching Page
Cache
• Definition of cache
• Types of caches
• Applications that benefit from larger
caches
Definition of cache
• A cache is a small, higher speed
memory system which stores the most
recently used instructions or data from
a larger but slower memory system
(something more or less temporarily).
• Web pages you request are stored in
your browser’s cache directory on your
hard disk.
Types of Caches
• Local server caches
– Ex. Corporate LAN servers or access provider
servers that cache frequently accessed files.
• A disk cache
– Either a reserved area of RAM or a special hard
disk cache where most recently accessed data is
A disk
cache.
stored
for fast
access.
• Ex. L2 cache memory which is on a separate chip from
the microprocessor but faster to access than regular
RAM.
Cont. types …
• Ex. L1 cache memory on the same chip as the
microprocessor.
• International, national, regional,
organizational and other “macro”
caches to which highly popular
information can be distributed and
periodically updated and from which
most users would obtain information.
Applications that benefit from
larger caches
• Use of Apple GeoPort Telecom Adatper
• Computationally intensive applications
such as 3-D rendering
• Games, particularly 3-D types such as
Marathon and Descent
• SoftWindows
Proxy Relay
• Internet Firewall to protect the Intranet
• Intranet Firewall Window
• Static Router
Proxy Relay
• Proxy Server must be located on the
WAN
• May not be located on the LAN
• Problem with a proxy server on a LAN
is that each client must be configured to
support the proxy, which will have
more administration tasks.
Proxy Relay cont…
• If proxy server is already installed on
LAN, it is better to move it to WAN
– Enable Automatic Proxy Forwarding,
meaning Internet Firewall will
automatically forward all Web proxy
requests
Installing a proxy on the WAN
•
To install the proxy server on the WAN
port, first configure the Internet Firewall’s
intranet settings to allow LAN users to
access the proxy.
1. Install the proxy server
–
–
Install and configure using a valid IP address
Proxy server connect to a hub that is connected
to the WAN port on the Internet Firewall
Installing cont….
• Configure the Web Proxy Relay
– Click Advanced, and then select the Proxy
Relay tab
– Configure the Web proxy relay
• Web traffic is directed to the proxy
without reconfiguring all the Web
browsers on the LAN
Proxy Relay Window
http://support.3com.com/infodelit
Installing the Internet Firewall
1. Connect the Ethernet port labeled
LAN on the back of the Internet
Firewall to the network segment that
will be protected against unauthorized
access.
2. Connect the Ethernet port labeled
WAN on the back of the Internet
Firewall to the rest of the network.
Internet Firewall to protect the
Intranet
http://support.3com.com/infodelit
Installing Firewall…
• Connect the power adapter to an AC power
outlet and then connect it to the power port
on the back of the Internet Firewall
• Click Advanced, select the Intranet tab
• Using the inclusive method
– Include IP addresses of the machines which are
connected to the Intranet Firewall’s LAN port
Installing Firewall…
• Using the exclusive method
– Specify the IP addresses of the machines
connected to the Internet Firewall’s WAN port
• You can enter these addresses individually or
as a range
– Ex. 51 IP addresses from 192.168.23.50 to
192.168.23.100
• Click Update to send the configuration data to
the Internet Firewall
Intranet Firewall Window
http://support.3com.com/infodelit
Static Routers
• If the LAN has internal routers, you must
specify their addresses and network
information
• Click Advanced, select the Static Routes tab
• Static Routes Window Boxes and Controls
– LAN
• IP address and Subnet on the Internet Firewall’s LAN
port
Static Routers…
• DMZ/WAN
– IP addresses of the DMZ
• Add Route
– Type the destination network of the router in the
Dest. Network box
– IP address of the router as it appears on Internet
Firewall’s subnet in the Gateway box
– Select LAN or WAN that the router is connected to
• Click Update
Static Router
http://support.3com.com/infodelit
Network Settings
http://support.3com.com/infodelit
Advantages of Proxy Server
• Previously accessed pages will load much
faster
• Improved security on the Internet
• Protects the internal network from being
identified by the public.
– Giving the network two identities:
• One for internal use
• One for external use
• The cache can serve all users
Cont. Advantages…
• Proxy servers make better use of
Internet bandwidth.
– If you have limited bandwidth
– Extremely high Internet traffic
– You would benefit by using a proxy server.
Disadvantages of the Proxy
Server
• Unless some one has accessed a page
before you it will not load faster
• Some forms might not be processed.
• Proxy servers aren’t very helpful when
you have content that doesn’t lend itself
to be cached
– Ex. Common Gateway Interface Scripts
Cont. Disadvantages…
• A proxy server makes the audio and
video stream less efficient
• The movements are jerkier and the
sound and lip movements are skewed
– Because it can only store repeatable
information.
The reasons for using Proxy
servers
• Greatly reduce the amount of traffic on
the internet due to the fact when a
popular page is requested
– It doesn’t need to be loaded from the
source every time.
– The first time is requested it is cached and
every page is loaded from the proxy server.
Summary
• A proxy server intercepts all requests to
the Web server to see if it can fulfill the
requests by returning a locally stored
copy of the requested information. If
not, the proxy
– Completes the request to the server
– Returns the requested information to the
user
– Saves it locally to fulfill future requests
Summary cont…
• Proxy Server can minimize employees
in accessing non-related work sites
• Caching in different networks can
minimize direct dialing to avoid longdistance phone charges.
• Firewall will prevent hackers attempts
to the server