Security Encyclopedia

Proxy

A Proxy or Proxy Server is an intermediary server, either software or hardware, the sits between an end user and a website or other service’s server. Proxies are used for different reasons including efficiency, privacy, and security.

With a proxy, web traffic moves through the proxy along its way to its ultimate destination. Requests are first sent to the proxy server, which handles the request along with the additional tasks of filtering content, scanning for malware, masking the origin of the request, encrypting messages, and more.

Proxies are commonly used for information security against threats and for system optimization, such as load balancing and cacheing similar requests for added speed. They may serve as a firewall, and handle authentication requests. At a minimum, a proxy would shield an enterprise’s internal infrastructure from known threats found on the external web.

Proxy servers can have unintended consequences for security. Since they can obfuscate the true origin of a request, they can also mask the legitimate parties to a dialogue, exchange, or transaction. PCs all require a unique Internet Protocol (IP) address that serves as its legitimate identifier. Without the knowledge who the parties are, the masking of parties can result in the parties being spoofed or suffering a man-in-the-middle (MITM) attack.

Example:

“We’re a small business and therefore don’t have an elaborate IDPS but our IT vendor does have us use a proxy that acts as a firewall against commonplace known threats, by filtering them. As we grow, we’ll hire an internal team assesses and build our infrastructure but for the foreseeable future we’ll stick with the IaaS vendor.”