group project proxy server cis 454 local area network professor: dr. ganesan group #1 robert wang,...
TRANSCRIPT
![Page 1: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/1.jpg)
Group ProjectGroup ProjectProxy ServerProxy Server
CIS 454 LOCAL AREA NETWORKCIS 454 LOCAL AREA NETWORKPROFESSOR: DR. GANESANPROFESSOR: DR. GANESAN
GROUP #1GROUP #1ROBERT WANG, DI LY, LINDA WUROBERT WANG, DI LY, LINDA WUKAY AYARJOKEKAY AYARJOKE
![Page 2: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/2.jpg)
Microsoft Microsoft Proxy Server Proxy Server
2.02.0
![Page 3: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/3.jpg)
Course Outline
• Overview of Microsoft Proxy Server.
• Examples of Capacity Planning.• Web Proxy Server Configuration.• Proxy Server Auto Dial.
![Page 4: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/4.jpg)
Overview of Microsoft Overview of Microsoft Proxy ServerProxy Server
![Page 5: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/5.jpg)
Overview of Microsoft Proxy Server
• What is Proxy Server?• Firewall Server.• Web Cache Server.• 3 Proxy Services – Web Proxy,
WinSock Proxy, and SOCKS Proxy.• System Requirements.
![Page 6: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/6.jpg)
What is Proxy Server ?
• A secure gateway between a protected network (LAN) and the Internet.
• Mediates traffic and processes all incoming and outgoing requests.
• Application server that acts as both a firewall server and a web cache server.
• Only One IP address is “visible” to outside world.
![Page 7: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/7.jpg)
Proxy Server ExampleProxy Server Example
LANInternet
FTPGopherHTTP
Win NT
IIS
Proxy
Traffic
LAN
One IP address is visible.
IP addresses are hidden.
![Page 8: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/8.jpg)
What is a Firewall ?What is a Firewall ?• System that enforces an access
control policy between two networks.• Some block traffic; others permit
traffic.• Protects against unauthenticated
logins from the “outside.”• A “phone tap” and tracing tool.• Cannot protect against attacks
outside of the firewall and viruses.
![Page 9: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/9.jpg)
Types of FirewallsTypes of Firewalls
• Network Level (Router).– Decisions based on source, destination
addresses and ports in IP packets.– Route traffic directly, fast and transparent.
• Application Level (Proxy Server)– Permit no direct traffic between networks.– Good for logging and access control.– Provide detailed audit report.– Enforce more conservative security.
![Page 10: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/10.jpg)
MS Proxy Server as MS Proxy Server as Firewall ServerFirewall Server
• Packet Filtering – examines all TCP/IP based attempts in & out of the network.– Static and Dynamic.
• Logs all connection attempts & alerts in real-time of the suspicious activities.
• Reverse Proxy - Places the web server behind Proxy Server to publish to the Web.– “Impersonates" a Web server to the outside.– Reverse Hosting & Server Proxying.
![Page 11: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/11.jpg)
Reverse Proxy ExampleReverse Proxy Example
Proxy
Web Server
InternetClientMkt Dept
LAN
Secure Network
www.company.com
www.company.com
www.company.com
![Page 12: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/12.jpg)
MS Proxy Server as Web MS Proxy Server as Web Cache ServerCache Server
• Web Caching – process of storing Web content locally to reduce network traffic.– Active and Passive.
• Allow internal clients to have full Web access behind the firewall without compromising security.
• Hierarchical Caching.• Distributed Caching.
![Page 13: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/13.jpg)
Cache ExampleCache Example
Internet
1st client 2nd client
Connection to Internet
ProxyContentCached
50% Traffic Saving
Cache Hit!
![Page 14: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/14.jpg)
Hierarchical Caching Hierarchical Caching ExampleExample
InternetProxy
ProxyProxy
New York
Los AngelesBoston
Client Client Client Client
Source: http://www.microsoft.com/proxy/guide/WebCach.asp?A=2&B=2
![Page 15: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/15.jpg)
Distributed Caching Distributed Caching ExampleExample
Internet Proxy
1 Proxy
3 Proxy
4Proxy
2
Load BalancingFault toleranceScalability
Client Client Client Client Client Client
Source: http://www.microsoft.com/proxy/guide/WebCach.asp?A=2&B=2
![Page 16: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/16.jpg)
WinSock, SOCKS, Web WinSock, SOCKS, Web ProxyProxy
• Protocols allow the application clients to communicate to application servers.
• Performs three functions: – Intercepts connection requests.– Sets up proxy circuit.– Relays application data.
![Page 17: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/17.jpg)
WinSock & SOCKS Proxy• WinSock Proxy.
– For Window application.– Creating virtual connection between internal
and Internet application.– Acts as gateway protocol for IPX/SPX.
• SOCKS Proxy.– Allows Unix, Mac and Window client
application that support SOCKS protocol specification.
– Handles all TCP/IP traffic through the proxy server.
– Cannot Handle UDP based protocols.
![Page 18: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/18.jpg)
Web ProxyWeb Proxy
• Web Proxy– Supports any CERN web browser.– Supports HTTP, FTP, SSL and Gopher
protocol.– Enables its caching capabilities.
![Page 19: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/19.jpg)
System RequirementsSystem Requirements
• WinNT Server 4.0 with service pack 3 or later.
• IIS – Internet Information Server.• Network interface card.• CPU and disk space:
– Intel based: 486/33MHz or higher & 125MB.– RISC based: RISC processor compatible
with WinNT 4.0 & 160MB.
• 16MB of RAM.
![Page 20: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/20.jpg)
Examples of Capacity Examples of Capacity ImplementationImplementation
![Page 21: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/21.jpg)
Examples of Capacity Examples of Capacity PlanningPlanning
• Small Office Network.• Medium-Size Office Network with a
Branch Office.• Large Enterprise Network.
![Page 22: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/22.jpg)
Example of Small Office Example of Small Office NetworkNetwork
Modem or ISDN line
ISP
Proxy Server(Win NT RAS client)
Web Server Mail Server
Internet
Client Client Client
ContentCached
LAN
Source: http://www.microsoft.com/proxy/guide/NetScenarios.asp?A=2&B=5
![Page 23: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/23.jpg)
Small Office NetworkSmall Office Network• Characteristic:
– A single LAN segment.– Use of the IP network protocol.– Demand-dial connectivity to an ISP.– Fewer than 300 clients.
• The proxy-based computers set up:– One NIC to the internal network.– One modem to the external network (Internet).
• Uses Auto Dial for demand-dialing to Internet.
• Caching is enabled and configured to limit the demand-dialing to the Internet.
![Page 24: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/24.jpg)
Small Office Network Small Office Network Cont . . . Cont . . .
• Stores a local copy of popular URLs in dedicated disk drive.
• Uses a single network security policy.– Password authentication.– User permissions.– Protocol definitions. – Domain, cache and packet filtering.
![Page 25: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/25.jpg)
Example of Branch Office Example of Branch Office NetworkNetwork
Internet
ISP
ProxyServerArrayWeb Server Mail Server
Router
Web Server
(Department LAN)
Modem or ISDN Line
Web Server
Remote Branch Office
Proxy server(Win NT RAS client)
Router on T1 line
Clients
LAN
Clients
Source: http://www.microsoft.com/proxy/guide/NetScenarios.asp?A=2&B=5
![Page 26: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/26.jpg)
Branch Office NetworkBranch Office Network
• Characteristic . . .– A central office with several LAN segments.– A branch office with a single LAN segment.– Use of the IP network protocol.– Demand-dial connectivity from the branch office
to the central office.– Dedicated-link connectivity from the central
office to an ISP.– Fewer than 2,000 clients.
• Auto Dial feature provides demand-dialing from remote office to central office.
![Page 27: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/27.jpg)
Branch Office Network Cont . . .
• Proxy-based computer set up at branch:– One NIC to the local network (branch).– One modem to remote network at the central
office.
• Caching is enabled to minimize demand-dialing to central office and to reduce long-distance phone charge.
• Active caching should not be used at remote branch.
![Page 28: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/28.jpg)
Branch Office NetworkBranch Office NetworkCont . . .Cont . . .
• Global Security policy:– Administrated at central office.– Central office can also set and override local
policy.
• Remote branch proxy has no direct Internet access.
• All clients requests are routed upstream to the proxy array at central office.
![Page 29: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/29.jpg)
Example of Large Enterprise Example of Large Enterprise NetworkNetwork
InternetProxy ServerArray
Proxy ServerArray
RouterWeb Server
Department LAN
Web ServerMail Server
RouterWeb Server
Department LAN
ISP
CorporateNetwork
ClientsClients
Router on T1 line
Router
LAN
Source: http://www.microsoft.com/proxy/guide/NetScenarios.asp?A=2&B=5
![Page 30: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/30.jpg)
Large Enterprise Network
• Characteristic . . .– A central corporate office with many LAN
segments and a backbone LAN.– Several branch offices, each with a single
LAN segment– Use of both IP and IPX network protocols.– Demand-dial connectivity from the branch
office to the central office.– An ISP & Dedicated-link connectivity from
the central office to an ISP.– More than 2,000 clients.
![Page 31: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/31.jpg)
Large Enterprise Network Large Enterprise Network Cont . . .Cont . . .
• Proxy array is used for:– Distributed caching.– Load balancing.– Fault tolerance.
• Proxy array handles all client Internet requests (locally or branch).
• Active caching to retrieve popular URLs.
![Page 32: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/32.jpg)
Large Enterprise Network Large Enterprise Network Cont . . .Cont . . .
• Uses single array member to administration all other proxy.
• Proxy array is used on the backbone LAN.• Is used at ISP to demonstrate scalability.• Local branch clients use Auto Dial for demand-
dialing to RAS server.• Internet requests not serviced locally are
forwarded to corporate proxy array.• Server administration is set and enforced at the
central office.
![Page 33: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/33.jpg)
Large Enterprise Network Large Enterprise Network Cont . . .Cont . . .
• Departmental proxy connection:– One NIC to departmental LAN.– One NIC to backbone LAN.
• Proxy array at backbone is dual-homed.– Internal NIC.– External NIC to Internet.
• Proxy array at ISP:– Massive scalability, load-balancing, and fault-
tolerance.– Can cache massive amount of information.– Increases client performance.– Preserves ISP’s bandwidth out to the Internet
backbone.
![Page 34: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/34.jpg)
Web Proxy Server Configuration
![Page 35: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/35.jpg)
Proxy server configurationProxy server configuration
• Uses Internet Service Manager.• General Proxy.
– Service page.– Logging page.
• Service Specific Proxy.– Permission page.– Caching page.– Routing page.– Publishing page.
![Page 36: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/36.jpg)
Service Page Notes
• Product release and ID.• Current sessions – current user info.• Shared service:
– Security – packet, domain filtering, alerting and logging.
– Array, Auto Dial, and Plug & play.• Configuration:
– Client configuration, LAT, server backup and restore.
![Page 37: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/37.jpg)
Service PageService Page
Source: http://www.calstatela.edu/ats/cbt/
![Page 38: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/38.jpg)
Current SessionsCurrent Sessions
Source: http://www.calstatela.edu/ats/cbt/
![Page 39: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/39.jpg)
Client Installation
Source: http://www.calstatela.edu/ats/cbt/
![Page 40: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/40.jpg)
Logging Page Notes
• Sets logging options for web proxy, WinSock proxy, and SOCKS proxy.
• Provides auditing trail.• Records client, server, connection,
and object information.• Can log to text file or SQL/ODBC
database.– Database file requires more resources.
![Page 41: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/41.jpg)
Logging PageLogging Page
Source: http://www.calstatela.edu/ats/cbt/
![Page 42: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/42.jpg)
Permissions Page NotesPermissions Page Notes
• Grant or deny access to services.• Can provide unlimited access to an
individual user group.• Permission based on protocol via
protocol definition.– For example:
• FTP.• FTP Read.
![Page 43: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/43.jpg)
Permission PagePermission Page
Source: http://www.calstatela.edu/ats/cbt/
![Page 44: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/44.jpg)
Caching Page NotesCaching Page Notes
• Sets location and size of the disk cache.
• Enable or disable caching.• Can specify how often to update
cache.• Increase cache size does not effect
the data already cached.• Delete all cached content by setting
cache size to zero.
![Page 45: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/45.jpg)
Caching PageCaching Page
Source: http://www.calstatela.edu/ats/cbt/
![Page 46: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/46.jpg)
Routing Page NotesRouting Page Notes
• Information on directing client requests for Internet objects.
• Direct connection or use proxy.• Can enable backup route.• Can enable routing within proxy
array before routing upstream.• Can also configure web proxy
clients.
![Page 47: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/47.jpg)
Routing PageRouting Page
Source: http://www.calstatela.edu/ats/cbt/
![Page 48: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/48.jpg)
Publishing Page Notes
• Configures publishing requests.• Configures Reverse proxy and
hosting.• Incoming requests:
– Discard.– Sent to local web server.– Sent to another web server.
• Set default web server host by Default Mapping.
![Page 49: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/49.jpg)
Publishing PagePublishing Page
Source: http://www.calstatela.edu/ats/cbt/
![Page 50: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/50.jpg)
Proxy Server AutoDialProxy Server AutoDial
![Page 51: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/51.jpg)
What is AutoDial?What is AutoDial?
• Proxy server automatically dial out to an ISP for Internet connection.
• Uses Windows NT Server Remote Access Service (RAS) and Dial up Networking to establish a connection to an ISP.
• Event-driven– Client requests can activate Auto Dial from
the WinSock and SOCKS Proxy Service.– Web Proxy Service is activated when an
object requested is not located in the cache.
![Page 52: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/52.jpg)
Auto Dial BenefitsAuto Dial Benefits
• Can save company Internet charges– Event-Driven - activated only when Internet
connection is needed.– Regulate Usage - configured to connect to the
Internet during office hours only.
• Can be used as backup to an existing continuous Internet links. – only cost of configuring Auto Dial as continuous
Internet connection are the hardware & the online time when a continuous Internet link is down.
![Page 53: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/53.jpg)
Steps to Configuring Auto Steps to Configuring Auto DialDial
• Window NT Server Remote Access Service (RAS) and Dial-up Network before implementing Proxy Server Auto Dial.– For security reasons, install RAS Server on
separate computer of the Proxy Server computer.
• RAS and Dial-up Networking can be installed after or before the installation of Window NT Server 4.0.
![Page 54: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/54.jpg)
Remote Access Service
• Remote Access Service can be configured in Auto Dial as an:– RAS Client - to dial out only.– RAS Server - can be both dial out
and receive calls or just receive calls only.
– RAS Server requires a high level of security on you Intranet.
![Page 55: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/55.jpg)
Dial-up NetworkingDial-up Networking
• Used to connect client to remote networks.
• A phonebook entry stores all the setting needed to connect to a particular remote network.– Personal phonebook. – Company phonebook (public use).
![Page 56: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/56.jpg)
Phonebook Entry IncludesPhonebook Entry Includes
• Name of phonebook entry.• Connection method.• Phone number.• Serial line protocol offered by the server
you are calling.• Whether or not to include a login script• IP address.• IP address of a DNS or WIN Server on
the remote network or both.
![Page 57: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/57.jpg)
Netscape Netscape Proxy Server Proxy Server
3.253.25
![Page 58: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/58.jpg)
Course OutlineCourse Outline
• General Overview.• Implementation.• Architecture.• Configuration.• Upgrade.
![Page 59: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/59.jpg)
General OverviewGeneral Overview
![Page 60: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/60.jpg)
FeaturesFeatures
• Caching on command.• Client IP address forwarding.• Automatic content discovery
– Dynamic proxy routing.
• Enterprise Management.• Fine Grained Filtering.• Administrative Control.
![Page 61: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/61.jpg)
Caching on CommandCaching on Command
• Automatically update and caches frequently accessed documents.
• Documents or entire sites can be preloaded into the cache, and administrators can schedule updates of cached content.
![Page 62: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/62.jpg)
Client IP Address Client IP Address ForwardingForwarding
• Sends clients IP address to remote server if the Proxy is one of a chain of internal proxies.
![Page 63: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/63.jpg)
Enterprise ManagementEnterprise Management
• Centralize Management. – Support LDAP.– Uses Directory Server to manage
users and password centrally.
• Clustered Management.• Manual Configuration Files.• Custom log formats.
![Page 64: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/64.jpg)
Fine Grained FilteringFine Grained Filtering
• Access controls for sites, documents, and protocols.
• Content filtering - built-in virus scanning.
• Cross - platform generic protocol support.
![Page 65: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/65.jpg)
Administrative ControlAdministrative Control
• Ensures that users access network resources safely and productively.
• Can specify distinct access controls based on access type.
• Allows administrators to create custom HTML files to be returned to users when access is denied.
![Page 66: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/66.jpg)
ImplementationImplementation
![Page 67: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/67.jpg)
Netscape Proxy Server Netscape Proxy Server ImplementationImplementation
• Bottleneck locations for implementing Proxy Server.– Internet Gateway—Forward Proxy.– Branch Office—Forward Proxy.– Internet Gateway—Reverse Proxy.
![Page 68: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/68.jpg)
Internet Gateway - Forward Internet Gateway - Forward ProxyProxy
• Provides gateway services at the application level with a web proxy as well as at the circuit level through SOCKS.
• Enhances Internet access. • Web content caching reduces response
times.• Facilitates bandwidth conservation.• Helps reduce overall communications
expense.• Content filtering and access control allows
easy management of intranet material.
![Page 69: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/69.jpg)
Proxy Server inside Proxy Server inside firewallfirewall
Internet
Proxy LAN
PC
PC
PC
Firewall
![Page 70: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/70.jpg)
Branch Office—Forward Branch Office—Forward ProxyProxy
• Multiple proxy server allows chaining proxies together to create a hierarchical caching system
• Proxy chaining allows multiple Netscape Proxy Servers to cache content locally setting up a hierarchy of servers for client access.
![Page 71: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/71.jpg)
Proxy Server at Remote & Proxy Server at Remote & InternetInternet
Internet
Proxy
Firewall
Backbone
Proxy
LAN PC
![Page 72: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/72.jpg)
Internet Gateway—Internet Gateway—Reverse ProxyReverse Proxy
• Proxy Server is placed outside firewall to represent a content server to external clients.
• Expose selected content without exposing web servers that host it or other elements of private network.
• Multiple reverse proxy servers can be used to balance the load on an over-taxed web server.
![Page 73: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/73.jpg)
Reverse Proxy Server Reverse Proxy Server
Internet
ReverseProxy
Web Server LAN
PC
PC
PCFirewall
![Page 74: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/74.jpg)
ArchitectureArchitecture
![Page 75: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/75.jpg)
ArchitectureArchitecture
– Dual-Homed Host Architecture
– Screened Host
– Screened Subnetwork
– Reverse Proxy
– Server Stand-in
– Load Balancing
![Page 76: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/76.jpg)
Dual-Homed Host Dual-Homed Host ArchitectureArchitecture
• Has two network interfaces, one connected to an internal LAN and the other to the Internet.
• Incorporates a firewall software package.
• Provides caching, fine-grain filtering and virus scanning.
![Page 77: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/77.jpg)
Proxy Server with a Dual-Homed Proxy Server with a Dual-Homed Host FirewallHost Firewall
Internet
Proxy Server & Firewall
LAN
Client
Client
![Page 78: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/78.jpg)
Screened Host
• Consists of a router deployed in front of a server that is hosted on a private network.
• Router can be traditional hardware router or firewall software application providing packet-filtering capabilities and restricting inbound access to internal network.
• Appropriate for small to medium-sized intranets that require a simple, yet effective security solution.
![Page 79: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/79.jpg)
Proxy Server implemented behind a screening router
Internet
Router
Proxy Server
LAN
Client
Client
![Page 80: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/80.jpg)
Proxy Server Implemented Behind a Screening Firewall
Internet
Firewall Software Router
Proxy Server
LAN
Client
Client
![Page 81: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/81.jpg)
Screened Sub-network
• Consists of multiple routers sandwiching a non-secure network that is outside or part of the firewall solution.
• Commonly referred to as a DMZ (demilitarized zone). Proxy is deployed in DMZ and is allowed access to both internal and external networks through routers.
• Popular architecture choice for larger organizations with heavily trafficked gateways.
![Page 82: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/82.jpg)
Proxy Server in Reverse Mode as a Stand-in for a Web Server
Client
Internet
Firewall Enterprise Server
Proxy Server
![Page 83: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/83.jpg)
Multiple Proxy Server in Reverse Mode to Balance the Load on a Web
Server
Internet
FirewallEnterprise ServerReverse
Proxies
DNS Server
![Page 84: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/84.jpg)
Chained Proxy Servers Providing Load Balancing and Fail-Over
Capabilities
Internet
Proxies
LAN
Router Router
LAN
Client
Client
Client
Client
Proxy A
Proxy 1
Proxy 2
Proxy 3
![Page 85: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/85.jpg)
Possible enterprise implementation
Internet Router
Central Office
Subnet
Proxy Server
Router
LAN
Client
Client
Router Router Proxy Server
LAN
Client
Client
BRANCH OFFICE
Bottlenecks
![Page 86: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/86.jpg)
ConfigurationConfiguration
![Page 87: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/87.jpg)
ConfigurationConfiguration
• Automatic Client Configuration.• Caching.• Templates.• Filtering.• Server Plug-in Functions.
![Page 88: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/88.jpg)
Automatic Client Configuration
• Enables automatic proxy configuration in Navigator clients on intranet.
• Administered by a Proxy Automatic Configuration (PAC) file.
• PAC allows load balancing across multiple proxy servers and alteration of proxy architecture without modifying end user settings.
![Page 89: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/89.jpg)
Caching
• Caches should be approximately 1 GB per partition and spread across multiple disk controllers.
• Refer to Administrator’s Guide for in-depth instructions on creating batch update configurations.
![Page 90: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/90.jpg)
TemplatesTemplates
• An object created in Proxy Server’s object configuration file, obj.conf.
• Used to assign unique procedures to specific URLs.
• Can make the server behave differently depending on the URL the client tries to retrieve.
• Allows customization of how Proxy Server interacts with clients.
![Page 91: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/91.jpg)
Server Plug-in FunctionsServer Plug-in Functions
• Extends capabilities of proxy by using Netscape Server Plug-in Application Programming Interface, NSAPI.
• Set of functions and header files use to create functions in the server configuration files.– AuthTrans, PathCheck, NameTrans,DNS,
Connect, Addlog.
• Use to create functions that uses a custom database for access control or create custom log files with special entries.
![Page 92: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/92.jpg)
Maintenance/UpgradeMaintenance/Upgrade
• Maintenance– Tuning the Servers– Monitoring the Servers
• Upgrade– Growth Issues– Licenses– Software Updates
![Page 93: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/93.jpg)
Tuning Servers
• Time-outs.• Up-To-Date Checks.• DNS Lookups:
– Enable DNS Caching.– Log Only Client IP Addresses.– Disable Reverse DNS.– Avoid ACLs with Client Host Names.
• HTTP Keep-Alive.
![Page 94: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/94.jpg)
Monitoring ServersMonitoring Servers
• Analyzing Logs.• Monitoring Performance:
– Cache Utilization.– CPU Utilization.– Memory Utilization.
![Page 95: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/95.jpg)
UpgradeUpgrade
![Page 96: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/96.jpg)
Upgrade
• Growth Issues– Is proxy services strategic for business?– Network bandwidth saturated?– CPU utilization too high?– Has a new field office been opened or
a department added– Has access content type been
changed?
![Page 97: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/97.jpg)
Upgrade Cont . . .Upgrade Cont . . .
• LicensesProxy User Licenses Proxy Servers
Purchased Deployed
1000 1 2000 2 3000 3 4000 4
![Page 98: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/98.jpg)
Upgrade Cont . . .Upgrade Cont . . .
• Software Updates– Refer to the Netscape Software
Download Site.– Netscape Proxy Server provides on-
the-fly virus scanning of all incoming data, using the Trend Micro’s InterScan VirusWall Purchase of Proxy Server give you 90 days of free virus pattern updates.
![Page 99: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/99.jpg)
References
• www.microsoft.com• www.netscape.com• www.clarknet.com• www.whatis.com• www.calstatela.edu/ats/cbt/
(CBT)
![Page 100: Group Project Proxy Server CIS 454 LOCAL AREA NETWORK PROFESSOR: DR. GANESAN GROUP #1 ROBERT WANG, DI LY, LINDA WU KAY AYARJOKE](https://reader036.vdocuments.mx/reader036/viewer/2022081520/5697bf761a28abf838c809e4/html5/thumbnails/100.jpg)
END OF COURSE END OF COURSE