1
00:00:00,550 --> 00:00:02,140
<v ->Proxy Servers.</v>

2
00:00:02,140 --> 00:00:04,270
A proxy server is a device that acts

3
00:00:04,270 --> 00:00:06,180
as a middle man for your clients.

4
00:00:06,180 --> 00:00:07,590
For example, if you're at work

5
00:00:07,590 --> 00:00:10,000
and you wanted to connect to diontraining.com,

6
00:00:10,000 --> 00:00:11,500
your work computer's likely going to go

7
00:00:11,500 --> 00:00:13,380
from itself to a proxy server

8
00:00:13,380 --> 00:00:14,730
within your company's LAN.

9
00:00:14,730 --> 00:00:17,260
And then, that proxy server makes the connection

10
00:00:17,260 --> 00:00:20,140
to Dion Training to get the information that you requested.

11
00:00:20,140 --> 00:00:22,110
And then it will hand it back to you.

12
00:00:22,110 --> 00:00:23,930
This middle man approach allows the company

13
00:00:23,930 --> 00:00:26,080
to log everything that's being requested,

14
00:00:26,080 --> 00:00:28,510
who made them, and to filter out things

15
00:00:28,510 --> 00:00:30,290
they don't want you to access.

16
00:00:30,290 --> 00:00:32,870
There are four types of proxies in use today.

17
00:00:32,870 --> 00:00:36,110
IP Proxy, Caching Proxy, Content Filter,

18
00:00:36,110 --> 00:00:37,920
and Web Security Gateways.

19
00:00:37,920 --> 00:00:40,300
An IP Proxy is used to secure a network

20
00:00:40,300 --> 00:00:42,860
by keeping machines behind it anonymous.

21
00:00:42,860 --> 00:00:44,290
When your work computer decides

22
00:00:44,290 --> 00:00:46,150
to connect to Dion Training through the proxy

23
00:00:46,150 --> 00:00:48,830
in my example above, my server doesn't know

24
00:00:48,830 --> 00:00:50,840
which particular computer is actually connected

25
00:00:50,840 --> 00:00:52,740
to it from your company's network.

26
00:00:52,740 --> 00:00:55,460
All I see is the proxy server itself.

27
00:00:55,460 --> 00:00:57,610
This is because your proxy is using NAT

28
00:00:57,610 --> 00:00:59,980
to translate your request from your machine

29
00:00:59,980 --> 00:01:01,830
into a request from the proxy.

30
00:01:01,830 --> 00:01:03,670
If you had 20 different computers on there

31
00:01:03,670 --> 00:01:05,420
trying to access my web server,

32
00:01:05,420 --> 00:01:06,990
it would still just look like one machine

33
00:01:06,990 --> 00:01:08,990
to my server, not 20.

34
00:01:08,990 --> 00:01:11,920
The next type is called a Caching Proxy.

35
00:01:11,920 --> 00:01:13,860
Caching Proxies are used to attempt to serve

36
00:01:13,860 --> 00:01:16,270
client requests without actually connecting

37
00:01:16,270 --> 00:01:18,330
to the remote server each time.

38
00:01:18,330 --> 00:01:19,700
Let's say that you went to my website

39
00:01:19,700 --> 00:01:21,950
at diontraining.com, and then your coworker,

40
00:01:21,950 --> 00:01:24,640
five minutes later, tried to go to diontraining.com,

41
00:01:24,640 --> 00:01:25,780
just like you did.

42
00:01:25,780 --> 00:01:28,170
Well, the proxy, if it's using a cache,

43
00:01:28,170 --> 00:01:29,600
is going to be able to keep a copy

44
00:01:29,600 --> 00:01:32,850
of my webpage from the first time it fulfilled your request.

45
00:01:32,850 --> 00:01:34,880
Then, when your coworker requested it,

46
00:01:34,880 --> 00:01:36,600
it would simply give it from its cache

47
00:01:36,600 --> 00:01:39,200
instead of going and getting a new copy from my site.

48
00:01:39,200 --> 00:01:40,610
This will allow your company to save

49
00:01:40,610 --> 00:01:43,200
on bandwidth costs, and increase the speed of delivery

50
00:01:43,200 --> 00:01:45,500
for your coworker, because it already has it locally,

51
00:01:45,500 --> 00:01:47,230
inside your network.

52
00:01:47,230 --> 00:01:50,900
The most common caching proxy is known as an HTTP Proxy,

53
00:01:50,900 --> 00:01:53,050
which attempts to cache the web pages that are visited

54
00:01:53,050 --> 00:01:55,463
by users, such as the example I just gave you.

55
00:01:56,330 --> 00:01:57,710
Caching proxies are not as effective

56
00:01:57,710 --> 00:01:58,740
as they used to be, though,

57
00:01:58,740 --> 00:02:01,200
because we all live in a Web 2.0 world

58
00:02:01,200 --> 00:02:04,570
with lots of customized content being served up to us.

59
00:02:04,570 --> 00:02:07,160
So, for example, if you went to Facebook.com

60
00:02:07,160 --> 00:02:09,280
and your coworker went to Facebook.com,

61
00:02:09,280 --> 00:02:10,860
both of your Facebook feeds look

62
00:02:10,860 --> 00:02:12,550
drastically different, don't they?

63
00:02:12,550 --> 00:02:14,250
This is because you each get different information

64
00:02:14,250 --> 00:02:16,500
based on your friends and your likes and your desires.

65
00:02:16,500 --> 00:02:18,320
So, caching here isn't very helpful

66
00:02:18,320 --> 00:02:20,630
because of this Web 2.0 structure.

67
00:02:20,630 --> 00:02:23,330
Also, most caching proxies only keep a copy

68
00:02:23,330 --> 00:02:26,090
of the information they get for about 24 hours.

69
00:02:26,090 --> 00:02:27,840
And after 24 hours, they're going to go back out

70
00:02:27,840 --> 00:02:29,650
and request a new copy to ensure

71
00:02:29,650 --> 00:02:31,730
that they get the latest information.

72
00:02:31,730 --> 00:02:33,230
Now, to simplify the installation

73
00:02:33,230 --> 00:02:35,020
and configuration of a caching proxy

74
00:02:35,020 --> 00:02:37,100
in your web browser, there's a special type

75
00:02:37,100 --> 00:02:41,250
of file called a PAC, a Proxy Auto-Configuration file.

76
00:02:41,250 --> 00:02:42,960
This file contains the settings needed

77
00:02:42,960 --> 00:02:45,270
for a host to connect to the proxy server.

78
00:02:45,270 --> 00:02:47,710
Unfortunately though, these files are subject

79
00:02:47,710 --> 00:02:50,020
to modification, and could be used to redirect

80
00:02:50,020 --> 00:02:52,080
the user to an attacker's control proxy

81
00:02:52,080 --> 00:02:53,960
instead of your organization's.

82
00:02:53,960 --> 00:02:55,791
For this reason, it is better to disable

83
00:02:55,791 --> 00:02:59,050
the PAC files, and manually configure your proxy settings

84
00:02:59,050 --> 00:03:01,620
on your host machines, or you can push these out

85
00:03:01,620 --> 00:03:05,160
using a global policy object, or GPO update.

86
00:03:05,160 --> 00:03:06,920
Now, the third type of proxy is called

87
00:03:06,920 --> 00:03:08,820
an Internet Content Filter.

88
00:03:08,820 --> 00:03:10,580
These are used in large organizations

89
00:03:10,580 --> 00:03:12,820
as a way to prevent users from getting to stuff

90
00:03:12,820 --> 00:03:14,880
that they don't want you to access at work.

91
00:03:14,880 --> 00:03:16,240
It can filter out all types

92
00:03:16,240 --> 00:03:17,640
of different Internet activities,

93
00:03:17,640 --> 00:03:19,940
such as websites that aren't allowed to be accessed,

94
00:03:19,940 --> 00:03:21,930
email services they don't want you to get to,

95
00:03:21,930 --> 00:03:23,640
or even instant messaging.

96
00:03:23,640 --> 00:03:26,590
For example, many of the organizations I work for,

97
00:03:26,590 --> 00:03:29,500
we blocked web mail services like Gmail and Yahoo

98
00:03:29,500 --> 00:03:31,670
because we didn't want people accessing those at work.

99
00:03:31,670 --> 00:03:33,130
We also blocked gambling websites,

100
00:03:33,130 --> 00:03:35,370
and pornography, and even Facebook.

101
00:03:35,370 --> 00:03:36,820
Now, some of these are because

102
00:03:36,820 --> 00:03:38,770
they went against our organizational values.

103
00:03:38,770 --> 00:03:41,630
So, that was the case in gambling and pornography.

104
00:03:41,630 --> 00:03:43,730
While others were blocked because we didn't want people

105
00:03:43,730 --> 00:03:45,170
hindering productivity at work,

106
00:03:45,170 --> 00:03:47,660
things like Facebook and that web-based email.

107
00:03:47,660 --> 00:03:49,340
Again, this is something that your organization

108
00:03:49,340 --> 00:03:52,500
can decide, what they want to use, and what they don't.

109
00:03:52,500 --> 00:03:55,120
The final type is called Web Security Gateway.

110
00:03:55,120 --> 00:03:57,310
And this type of proxy acts as a go-between

111
00:03:57,310 --> 00:03:59,900
for devices that will scan them for viruses,

112
00:03:59,900 --> 00:04:01,700
filter out contents like ads,

113
00:04:01,700 --> 00:04:04,860
and then can act as a data loss prevention device as well.

114
00:04:04,860 --> 00:04:07,130
This type of proxy is looking at what's being sent out

115
00:04:07,130 --> 00:04:09,610
of the network, and what is coming back into the network

116
00:04:09,610 --> 00:04:14,527
to ensure that it aligns with your organization's policies.