Microsoft Proxy Server 2.0

1
Microsoft Proxy Server 2.0

• By Helen Sarian
• Nam Trieu
• Roy Chau
• Nancy Trang
• Xiao Xia Ren

2
Objectives of the Proxy Server

• Defining the Microsoft Proxy Server 2.0
• Benefits
• Features
• System Requirements
• Pricing
• Different Sized Network
• Configuration of Proxy Server
• Proxy Relay
• Advantages and Disadvantages of Proxy
• Summary

3
Definition Of Proxy Server 2.0

• Extensible firewall
• Content cache server
• Provides Internet security
• Improves network response time
• Offers Web caching
• Gateway with firewall-class security between a
  LAN and the Internet
• Blocks access to undesirable sites.

4
Purpose of Proxy Server

www.microsoft.com/technet
5
Benefits of Proxy Server

• High Performance Caching
• Manageability Control
• Firewall Security

6
High-Performance Caching

• Accelerates access to the Internet
• Offers unbeaten scalability
• Fault-Tolerance

7
Manageability Control

• Blocks access to undesirable web sites
• Supports centralized management tools
• Many cost saving benefits

8
Firewall

• Protects internal network while allowing
  connection to the Internet
• Real-time alerting and logging
• Cannot protect against attacks outside of the
  firewall and viruses

9
2 Types of Firewalls

• Application Level
• Proxy Server
• No direct traffic between networks permitted
• Logging and access control
• Network Level
• Router
• Route traffic directly, fast and transparent.

10
Features of MS Proxy Server 2.0

• Real-time Security Alerts
• Reverse Proxy
• Reverse Hosting
• Server Proxying
• Improved Performance
• Hierarchical Content Caching
• FTP and HTTP Cache Support
• Web Administration

11
Real-Time Security Alerts

• Notification of network under attack
• Supports several alerting thresholds

12
Reverse Proxy

• Places web server behind Proxy server to Publish
  to the Web
• Web Server can maintain access to internal
  network services

13
Reverse Proxy

Client
Internet
Dept Connect By LAN
Proxy
Web Server
Secure Network
14
Reverse Hosting

• Extension of reverse proxy
• Allows several web servers behind MS Proxy Server
  to publish on the Internet.
• Web server can publish independently
• Also, can appear as directories in a single
  large virtual web server.

15
Server Proxying

• Application Server can be behind Ms Proxy Server
  for added security.
• Similar to Web Server behind Proxy Server
• Example
• MS Exchange Server computer can be placed behind
  you Proxy Server

16
Improved Performance

• Offers unbeaten performance for Internet
  connection
• Proxy Server 2.0 is 40 faster than Proxy Server
  1.0

17
Hierarchical Caching

• Caching across a hierarchical connection of
  individual Proxy Servers
• Enables distributed deployment to branch offices
  and departments

18
FTP and HTTP Cache Support

• You can cache not only HTTP 1.0 objects
• You can also cache HTTP 1.1
• FTP Objects
• Greater control over the Tim-to Live (TTL)
  setting
• As well with MS Proxy Server version 2.0

19
Web Administration

• You can administer MS Server locally or remotely
• Via a Web browser for added Management
  flexibility
• Ease-of-use
• You can even create HTML error pages

20
System Requirements for MS Proxy Server

• Computer / Processor
• Memory
• Hard Disk
• Display
• operating System
• Peripherals

21
Computer /Processor of MS Proxy Server

• 486/33 MHz or Higher
• Pentium or Pentium PRO Processor
• Intel Pentium 133 MHz
• supports up to 300 desktop PCs
• Intel Pentium 166 MHz
• supports more than 300 desktop PCs
• also supports DIGITAL Equipment Alpha Processor
  /AXP

22
Hardware

• 1 to 300 clients Pentium 133 with 2 GB of cache
  and 32 MB of RAM
• 300 to 2,000 clients Pentium 166 with 2 to 4 GB
  of cache and 64 MB of RAM
• 2,000 to 3,500 clients Pentium 200 with 8 to 16
  GB of cache and 256 MB of RAM

23
Memory of MS Proxy Server

• 24 MB of RAM
• 32 MB RAM
• supporting up to 300 desktop PCs
• 64 MB RAM
• supporting more than 300 desktop PCs

24
Hard Disk MS Proxy Server

• 20 MB of available hard disk space minimum
• For caching 100 MB recommended

25
Display of MS Proxy Server

• VGA
• Super VGA
• Video Graphics adapter
• Compatible with Windows NT Server 4.0

26
Operating System of MS Proxy Server

• Microsoft Windows NT Server version 4.0
• With windows NT Server 4.0 Service Pack 3 or
  greater

27
Peripherals

• Microsoft Internet Information server 3.0 or
  greater

28
MS Proxy Server Pricing

• Microsoft Internet Security Accelerate Server
  2.0 English North America CD
• Version 2.00
• Part Number 621-00135
• Environment Win NT
• Media CD
• Estimated Price 999.00

29
Pricing Cont..

• Microsoft Internet Security Accelerate Server
  2.0 English Competitive/Version Upgrade North
  America CD
• Version 2.00
• Part Number 621-00138
• Environment Win NT
• Media CD
• Estimated Price 509.00

30
Different Sized Networks

• Small Office Network
• Medium-Size office Network
• Large Enterprise Network

31
Small Office Network

• Single LAN segment
• Connectivity to an ISP
• Supports fewer than 300 clients
• NIC to the internal network
• Modem to the external network (Internet)
• Uses Auto Dial for dialing to the Internet

32
Small Network
Internet
Internet Service Provider
Proxy Server
Web Server
Client
Client
33
Small Office Network Security

• Password identification required
• User permissions
• Protocol definitions
• Domain, cache, and packet filtering

34
Small Network on LAN
www.3com.com/smallbusiness
35
Medium Sized Network

• Branch office with several LAN segments
• Central office has a single LAN segment
• Demand-dial connection from Central office to the
  Branch office
• Supports fewer than 2000 clients
• Auto Dial used for dialing between offices
• NIC to local network (branch)
• Modem to network in the central office

36
Large Enterprise Network

• Central location with LAN segments with a
  backbone LAN
• Branch offices, each with a single LAN segment
• ISP and Dedicated Link connection from central
  location to an ISP
• Supports over 2000 clients

37
Auto Dial

• Proxy Servers dialing technique to an ISP for
  Internet connection
• Uses Windows NT s (Remote Access Service) and
  Dial Up Networking to connect with an ISP

38
Advantage of Auto Dial

• Save company Internet charges
• Event-Driven (is activated only when Internet
  connection is needed
• Regulates usage connect Internet only during
  office hours

39
Dial Up Networking

• Purpose
• Connect client to remote networks
• Phonebook entry can store all the required
  settings to connect a remote network
• Personal
• Company (public access)

40
Proxy server configuration

• Uses Internet Service Manager.
• Proxy services
• Caching page
• Definition of cache
• Types of cache
• Application benefits from larger caches
• Routing page
• Publishing page
• Permission page

41
Caching Page
42
Cache

• Definition of cache
• Types of caches
• Applications that benefit from larger caches

43
Definition of cache

• A cache is a small, higher speed memory system
  which stores the most recently used instructions
  or data from a larger but slower memory system
  (something more or less temporarily).
• Web pages you request are stored in your
  browsers cache directory on your hard disk.

44
Types of Caches

• Local server caches
• Ex. Corporate LAN servers or access provider
  servers that cache frequently accessed files.
• A disk cache
• Either a reserved area of RAM or a special hard
  disk cache where most recently accessed data is
  stored for fast access.
• Ex. L2 cache memory which is on a separate chip
  from the microprocessor but faster to access than
  regular RAM.

• A disk cache.

45
Cont. types

• Ex. L1 cache memory on the same chip as the
  microprocessor.
• International, national, regional, organizational
  and other macro caches to which highly popular
  information can be distributed and periodically
  updated and from which most users would obtain
  information.

46
Applications that benefit from larger caches

• Use of Apple GeoPort Telecom Adatper
• Computationally intensive applications such as
  3-D rendering
• Games, particularly 3-D types such as Marathon
  and Descent
• SoftWindows

47
Proxy Relay

• Internet Firewall to protect the Intranet
• Intranet Firewall Window
• Static Router

48
Proxy Relay

• Proxy Server must be located on the WAN
• May not be located on the LAN
• Problem with a proxy server on a LAN is that each
  client must be configured to support the proxy,
  which will have more administration tasks.

49
Proxy Relay cont

• If proxy server is already installed on LAN, it
  is better to move it to WAN
• Enable Automatic Proxy Forwarding, meaning
  Internet Firewall will automatically forward all
  Web proxy requests

50
Installing a proxy on the WAN

• To install the proxy server on the WAN port,
  first configure the Internet Firewalls intranet
  settings to allow LAN users to access the proxy.
• Install the proxy server
• Install and configure using a valid IP address
• Proxy server connect to a hub that is connected
  to the WAN port on the Internet Firewall

51
Installing cont.

• Configure the Web Proxy Relay
• Click Advanced, and then select the Proxy Relay
  tab
• Configure the Web proxy relay
• Web traffic is directed to the proxy without
  reconfiguring all the Web browsers on the LAN

52
Proxy Relay Window
http//support.3com.com/infodelit
53
Installing the Internet Firewall

• Connect the Ethernet port labeled LAN on the back
  of the Internet Firewall to the network segment
  that will be protected against unauthorized
  access.
• Connect the Ethernet port labeled WAN on the back
  of the Internet Firewall to the rest of the
  network.

54
Internet Firewall to protect the Intranet
http//support.3com.com/infodelit
55
Installing Firewall

• Connect the power adapter to an AC power outlet
  and then connect it to the power port on the back
  of the Internet Firewall
• Click Advanced, select the Intranet tab
• Using the inclusive method
• Include IP addresses of the machines which are
  connected to the Intranet Firewalls LAN port

56
Installing Firewall

• Using the exclusive method
• Specify the IP addresses of the machines
  connected to the Internet Firewalls WAN port
• You can enter these addresses individually or as
  a range
• Ex. 51 IP addresses from 192.168.23.50 to
  192.168.23.100
• Click Update to send the configuration data to
  the Internet Firewall

57
Intranet Firewall Window
http//support.3com.com/infodelit
58
Static Routers

• If the LAN has internal routers, you must specify
  their addresses and network information
• Click Advanced, select the Static Routes tab
• Static Routes Window Boxes and Controls
• LAN
• IP address and Subnet on the Internet Firewalls
  LAN port

59
Static Routers

• DMZ/WAN
• IP addresses of the DMZ
• Add Route
• Type the destination network of the router in the
  Dest. Network box
• IP address of the router as it appears on
  Internet Firewalls subnet in the Gateway box
• Select LAN or WAN that the router is connected to
• Click Update

60
Static Router
http//support.3com.com/infodelit
61
Network Settings
http//support.3com.com/infodelit
62
Advantages of Proxy Server

• Previously accessed pages will load much faster
• Improved security on the Internet
• Protects the internal network from being
  identified by the public.
• Giving the network two identities
• One for internal use
• One for external use
• The cache can serve all users

63
Cont. Advantages

• Proxy servers make better use of Internet
  bandwidth.
• If you have limited bandwidth
• Extremely high Internet traffic
• You would benefit by using a proxy server.

64
Disadvantages of the Proxy Server

• Unless some one has accessed a page before you it
  will not load faster
• Some forms might not be processed.
• Proxy servers arent very helpful when you have
  content that doesnt lend itself to be cached
• Ex. Common Gateway Interface Scripts

65
Cont. Disadvantages

• A proxy server makes the audio and video stream
  less efficient
• The movements are jerkier and the sound and lip
  movements are skewed
• Because it can only store repeatable information.

66
The reasons for using Proxy servers

• Greatly reduce the amount of traffic on the
  internet due to the fact when a popular page is
  requested
• It doesnt need to be loaded from the source
  every time.
• The first time is requested it is cached and
  every page is loaded from the proxy server.

67
Summary

• A proxy server intercepts all requests to the Web
  server to see if it can fulfill the requests by
  returning a locally stored copy of the requested
  information. If not, the proxy
• Completes the request to the server
• Returns the requested information to the user
• Saves it locally to fulfill future requests

68
Summary cont

• Proxy Server can minimize employees in accessing
  non-related work sites
• Caching in different networks can minimize direct
  dialing to avoid long-distance phone charges.
• Firewall will prevent hackers attempts to the
  server