Archives
  Columns
  Features
  Print Archives
1994-1998
  Special
  BYTE Digest
  Michael Abrash's Graphics Programming Black Book
  101 Perl Articles
  About Us
  How to Access BYTE.com
  Write to BYTE.com
  Advertise with BYTE.com

Newsletter
Free E-mail Newsletter from BYTE.com
 
    
  HOME   ABOUT US   ARCHIVES   CONTACT US   ADVERTISE   REGISTER
Visit the home page Browse the four-year online archive Download platform-neutral CPU/FPU benchmarks Find information for advertisers, authors, vendors, subscribers Request free information on products written about or advertised in BYTE Submit a press release, or scan recent announcements Talk with BYTE's staff and readers about products and technologies

ArticlesCyberspace Proxies

July 1995 / Reviews / Short-Order Internet Access / Cyberspace Proxies

When you connect your company to the Internet, you may well be extending your corporate LAN--and all its confidential information--to an electronic world full of hackers, spies, and saboteurs. Before plugging in, make sure you're protected (see "Barricading the Net," April BYTE).

One effective approach lies in not letting the Internet see your network. One method of achieving this--and still maintaining Internet access for your users--is a proxy server, a system or process that hides the location of the real client applications by handling Internet communications in place of the clients. Acting as an intermediary, it is both a server to the real client and a client to the real application server. An example will help illustrate a p roxy's role.

A popular Internet-based client/server application is WWW (World Wide Web) browsing. The client is the WWW browser residing on your workstation. The server is some unknown process somewhere out in cyberspace. All that is known about the WWW server is that it has a valid URL (uniform resource locator), such as http://happy.hacker.org , for example, and that it can carry on the protocol responsibilities of HTTP.

If you connect directly to the Internet through a router, the server immediately knows your IP address, and it may be able to gain greater control over it. But if an intermediate process (the proxy) on a secure system is acting as the client, the server will see only the proxy server. Typically, the proxy server is the only address the Internet can see. The protected LAN hides behind that one address, usually in a separate network domain.

Unfortunately, ordinary client software won't work in such a scheme. You need versions that can talk through a proxy rather t han directly to the server. The Netscape WWW browser is a good example. It can talk directly to a server, but it also has options for talking to various proxy agents.

Sun's Netra can run proxy services, although this is one of the elements the VAR must add. Because Instant Internet acts as an TCP/IP-to-IPX gateway, it is by nature a proxy server for the TCP/IP sessions of its clients. The outside world sees only the Instant Internet unit; all transactions with the outside world are connected to its single IP address. The NetWare PC clients don't need IP addresses because they can carry on a sockets connection to the outside world through the guise of Instant Internet.

Proxy servers are only one wall of protection. Firewalls (e.g., CheckPoint Software Technologies' FireWall-1, optional for Netra) are another. If you are really concerned about security, your Internet access plan might include both an Instant Internet, for the convenient Internet access it allows IPX clients, and a Netra running a firewall and proxy agent processes for maximum security.

Up to the Reviews section contentsGo to previous article: Short-Order Internet AccessGo to next article: Windows to the InternetSearchSend a comment on this articleSubscribe to BYTE or BYTE on CD-ROM  
Flexible C++
Matthew Wilson
My approach to software engineering is far more pragmatic than it is theoretical--and no language better exemplifies this than C++.

more...

BYTE Digest

BYTE Digest editors every month analyze and evaluate the best articles from Information Week, EE Times, Dr. Dobb's Journal, Network Computing, Sys Admin, and dozens of other CMP publications—bringing you critical news and information about wireless communication, computer security, software development, embedded systems, and more!

Find out more
BYTE.com Store

BYTE CD-ROM
NOW, on one CD-ROM, you can instantly access more than 8 years of BYTE.
 
The Best of BYTE Volume 1: Programming Languages
The Best of BYTE
Volume 1: Programming Languages
In this issue of Best of BYTE, we bring together some of the leading programming language designers and implementors...

Copyright © 2005 CMP Media LLC, Privacy Policy, Your California Privacy rights, Terms of Service
Site comments: webmaster@byte.com
SDMG Web Sites: BYTE.com, C/C++ Users Journal, Dr. Dobb's Journal, MSDN Magazine, New Architect, SD Expo, SD Magazine, Sys Admin, The Perl Journal, UnixReview.com, Windows Developer Network