Understanding proxy servers

While file transfer servers like Cerberus FTP Server by Redwood provide strong security for your data, they cannot protect against all eventualities. Specifically, if a bad actor has compromised credentials or is operating from inside your system, they may be able to transfer data outside of your organization before you realize a breach has occurred. 

As an example, hackers breached Finastra’s internal SFTP system, likely through a phishing attack, and claimed to use another internal file transfer application to remove the data. 

To combat these potential threats, many network admins use proxy and gateway servers. In this post, we’ll discuss how to set up these resources. 

What is a proxy server?

A proxy server sits between a client and a server to help organize and distribute traffic. Organizations generally use proxy servers for several reasons:

• To optimize and manage resources (for load balancing, traffic speed, etc.)
• To increase privacy for clients or servers
• To increase security by obfuscating final resource destinations
• To monitor and filter content that enters or leaves the organization

What types of proxy servers exist?

Proxy servers typically operate in several configurations:

• Forward proxies: Forward proxy servers accept and pass along inbound traffic from a client. They are often used to anonymize inbound traffic or for content delivery network caching purposes. Forward proxies can also be known as open proxies, which accept traffic from any user. 
• Reverse proxies: Reverse proxy servers sit within your organization’s network and act as a masking and filtering agent for client-server traffic. External clients will see all responses as coming from the reverse proxy server, which will handle the process of connecting client requests to specific internal resource servers.

What do reverse proxy servers do?

Reverse proxy servers help administrators deliver improved resource and security management through a number of features.

• Hide IP addresses of other internal resources: Reverse proxy servers only ever expose their own IP addresses to external clients, which means they provide obfuscation of the addresses and infrastructure of sensitive resources. 
• Tighten security: Your servers can be configured to only respond to requests from your proxy server, which helps reduce a potential data loss threat surface.
• Content control: Reverse proxy servers allow data loss prevention tools like ICAP policies or content filtering to run before information leaves your organization, adding an additional layer of content security. 
• Support for distributed environments: Depending on the network location of your reverse proxies, you can configure them to support extranets and other resource access for distributed users.
• Speed and bandwidth optimization: Reverse proxies can be configured to handle encryption computations, content compression and caching and other speed optimizations.
• Load balancing: One of the most common uses of a proxy server is to distribute traffic volumes across web servers to manage high visit volumes.

How are proxy servers different from gateways?

Proxy servers and gateways are often, but not always, the same thing. Most administrators will use the terms interchangeably as a result. Making things even less clear, both can be configured using similar hardware and applications. Generally, the difference comes down to use. 

Gateways

Gateways are generally used to describe routing. Gateways manage multi-protocol traffic for a number of applications and services, and may have additional firewall functionality. They typically handle application-level traffic. 

Proxy servers

Proxy servers represent a client or server. They generally connect network requests using the same protocol and often only serve service-specific requests. 

Of course, the above distinctions are not absolute. Reverse proxies do handle routing, which keeps these distinctions a bit blurry.