A proxy server is a computer that offers a computer network service to allow clients to make indirect network connections to other network services. A client connects to the proxy server, then requests a connection, file, or other resource available on a different server. The proxy provides the resource either by connecting to the specified server or by serving it from a cache. In some cases, the proxy may alter the client's request or the server's response for various purposes.
When it receives a request for a Web resource (specified by a URL), a caching proxy looks for the resulting URL in its local cache. If found, it returns the document immediately. Otherwise it fetches it from the remote server, returns it to the requester and saves a copy in the cache. The cache usually uses an expiry algorithm to remove documents from the cache, according to their age, size, and access history. Two simple cache algorithms are Least Recently Used (LRU) and Least Frequently Used (LFU). LRU removes the least-recently used documents, and LFU removes the least-frequently used documents
A proxy server has a variety of potential purposes, including:
To keep machines behind it anonymous, mainly for security.
To speed up access to resources (using caching).
To prevent downloading the same content multiple times (and save bandwidth).
To log / audit usage, e.g. to provide company employee Internet usage reporting.
To scan transmitted content for malware before delivery.
To scan outbound content, e.g., for data loss prevention.
To bypass website restrictions at work and/or school.
Forward Proxy
A forward proxy provides proxy services to a client or a group of clients. When one of these clients makes a connection attempt to that file transfer server on the Internet, its requests have to pass through the forward proxy first.Depending on the forward proxy's settings, a request can be allowed or denied. If allowed, then the request is forwarded to the firewall and then to the file transfer server. From the point of view of the file transfer server, it is the proxy server that issued the request, not the client. So when the server responds, it addresses its response to the proxy.
Reverse proxy
As its name implies, a reverse proxy does the exact opposite of what a forward proxy does. While a forward proxy proxies in behalf of clients (or requesting hosts), a reverse proxy proxies in behalf of servers. A reverse proxy accepts requests from external clients on behalf of servers stationed behind it just like what the figure below illustrates. Reverse Proxy in the DMZ to isolate web servers from direct Internet access and accelerate web based applications and public websites.
Proxy Modes:
Transparent mode– in transparent mode, users’ browsers do not require modification in terms of configuration. Requests are transparently redirected.
Explicit mode – in explicit mode, users’ browsers require modification via setting the host name of the Service or via a Proxy Auto-Config (PAC) file.