Basics of Proxy Server

Proxy Server

A proxy server is an another hardware or can be a software that is used to mask or hide the real IP address of the user from the Internet. 

Your IP address sends information from your computer to the internet, When you browse the Internet, you compromise your information. 

You may have wondered why certain sites know where you are. How Advertisements at eCommerce sites work. This is because the IP is traceable.

• Usually, companies track your IP address for advertisement purposes. 
• It works as a gateway between your computer and the Internet. 
• Using a proxy server will protect your IP so it is not traceable for [Windows OS] only.

Besides the above it is used for the major purpose of ::

• It is to keep machines behind anonymous.
• It is to speed up access to resources or cache.
• Web proxies are commonly used for cache web pages from web server.
• Applied to block unwanted websites.
• To log or audit usage statistics or internet usage report.
• To scan outbound content and transmitted content and bypass security.
• It provides a secure gateway to internet.
• Because of the Proxy Server has two network interface cards, the LAN is secured from unauthorized users attempting to access the private network. Only one point of contact exists between the private network and the Internet.
• Proxy server 2.0 provides a dynamic packet filtering feature that enables to block specific packets at port.

 

FORWARD PROXY:

It sends request to a web server forwarded from user or client system. Forward Proxies evade firewall and increases the security.

REVERSE PROXY:

A reverse proxy is a server that is used to handle all the requests at server end. 

Used for:

1. Encryption or SSL (Secure Socket Layer) acceleration

2. Load Balancing

3. Security

4. Compression

Benefits of Proxy Server

Proxies can be transparent or nontransparent. A transparent proxy does not change the request beyond what is required for proxy authentication and identification; in other words, clients need not be aware of the existence of the proxy. 

A nontransparent proxy changes the request in order to provide some added service to the user agent, such as media type transformation, protocol reduction or anonymity filtering. 

In organizations, proxy servers are generally used for traffic filtering (web filters) and performance improvement (load balancers).

-DR

Basics of a Firewall

Basics about Firewall

It is a part of Computer network or system that is to block the access of unauthorized attack in a communication. It can be installed either software or hardware. It is a device which permits or denies network transmissions or traffics. This is first fence of the defense of a network.

• Basically Firewalls protect inside networks from unauthorized access by users on an outside network. 
• It can permit or block any port number, web applications.
• A firewall can also protect inside networks from each other, let say, by keeping a Human resources network separate from a User network. 
• A firewall typically establishes a obstacle between a trusted internal network and  zero trusted external network such as web.
• Basically a firewall is to isolate one network from another.

If you have network resources that need to be available to an outside user, such as a web or FTP server, you can place these resources on a separate network behind the firewall, called a demilitarized zone (DMZ). The firewall allows limited access to the DMZ, but because the DMZ only includes the public servers, an attack there only affects the servers and does not affect the other inside networks.

Demilitarized Zone

Demilitarized Zone or DMZ zone is a perimeter that adds an additional security layer to organization's internal local area network from untrusted traffic. It is ideally set between two firewalls. 

The prime advantage of using DMZ is to provide an internal network is strong in security layers by restricting access to sensitive data and servers. 

                                                                       

   Firewall 

1. Basic firewall placement:

In a typical firewall configuration, a firewall is placed between the Internet and the organization's servers or office computers. The firewall will block all unauthorized inbound and/or outbound traffic.

2.  Firewall with Demilitarized Zone (DMZ) Configuration

In this scenario, server "A" has special requirements which might make it more vulnerable to intrusion. For additional security, Server "A" is placed on a separate network segment with its own firewall rules. If a hacker manages to compromise server "A", the hacker will still not be able to gain access to the other servers because they are on a different network segment protected by their own firewall rules.

The goal of a DMZ is to add an extra layer of security to an organization's local area network and critical resources. This functions as a small, isolated network positioned between the Internet and the private network.

                                                                    DMZ firewall

3. Firewall with Fail-over Configuration

In this scenario, a backup firewall is installed. The backup device will continuously monitor the "health" of the primary firewall. If the primary firewall fails, the backup firewall will assume the IP address of the failed primary firewall and take over the firewall duties. You might choose to install a backup firewall if your Internet service is mission critical and you cannot tolerate extended periods of downtime due to hardware failure.

There are also some Security Policies that can be applied here because A security policy determines which traffic is allowed to pass through the firewall to access another network.

The policies are like so as: 

•   Permitting or denying access list.
•   Applying HTTP, HTTPS or FTP filtering.
•   Applying QoS Policy.
•   Applying Connection Limits, TCP controls.
•   NAT applying for hiding IP address.
•   Using AAA [authentication, authorization and accounting].

Firewall hardware devices:

The hardware or devices are also used as firewall service.

like : Cisco ASA server or hot bricks.

Two types of firewall dominate the market today.

1. Application Proxies.

2. Packet filtering gateways.

windows firewall:

It is a software of Microsoft that firewalls or packet filters. It is a default software setting present in windows 7/8/10 and other products.

Firewall Type :-

Hardware (Network):Protects local network from un-authorized access from outside.

Software (Application):To be installed in computer or client system. 

Both Software and Hardware firewall can also be configured from User level to compromise between Security and convenience.

A firewall works based on the "Access Control List". 

ACL: Access Control List

• This is a list of Conditions that decides/filters the packets movement or inbound and outbound traffic.
• It categorizes the packets.

They are two types:

1. Standard Access List
2. Extended Access List

A firewall protects us from below attacks;

• IP Spoofing
• Password Attack
• Man in the middle attack
• Network packet sniffing
• Denial of service
• Software exploitation

Besides the above attacks, we also get benefit in other ways as mentioned below;

• Limited access of ports from outside network to internal LAN.
• We can hide our Internal IPs from the external world. Actual IP addresses will be unknown to hackers.
• One can limit the access level of critical servers both from LAN and WAN.
• Can allow the trusted users sitting outside to access the resources through VPNs.
• Establish secured tunnels with other firewall for data access over VPN.
• Block the IP addresses which are generating malicious traffic.

-DR