A proxy server is a computer system or router that functions as a relay between client and server. It helps prevent an attacker from invading a private network and is one of several tools used to build a firewall.
The word proxy means "to act on behalf of another," and a proxy server acts on behalf of the user. All requests to the Internet go to the proxy server first, which evaluates the request and forwards it to the Internet. Likewise, responses come back to the proxy server and then to the user.
Proxy Servers Provide Anonymity
Address Translation and Caching
Like a virtual private network (VPN), a proxy server hides the user's IP address when accessing the Internet. See VPN
The proxy server is a dual-homed host with two network IP addresses. The address on the outbound side is the one the Internet sees. Proxies are often used in conjunction with network address translation (NAT), which hides the users' IP addresses on the internal network. Proxy servers may also cache Web pages so that the next request for that page can be retrieved much faster. See NAT
and proxy cache
Anonymous proxy servers let users surf the Web and keep their IP address private (see anonymous proxy
). Although not specifically called proxies, Internet email (SMTP) and the Usenet new system (NNTP) are somewhat similar because messages are relayed from sender to recipient. See firewall
Application Level and Circuit Level
"Application-level" proxies or "application-level gateways" are dedicated to specific content such as HTTP (Web) and FTP (file transfer). In contrast, a "circuit-level" proxy supports every application (see SOCKS
Forward and Reverse Proxies
In this definition, the proxy servers are "forward proxies" that hide the details of the clients from the servers. However, proxies can also reside at the website to hide details from the clients (see reverse proxy
A Proxy Server in a LAN
In this example, the proxy server functions as a firewall in the public side of a company network, which is called the "demilitarized zone" (see DMZ