With large companies and even with small individual websites or individuals online, it is possible to use a proxy server to protect the user's information from attacks or from being visible.
In essence, the proxy server is providing additional protection for all sites accessed by the users on the network. It works as an intermediate wall or screen that takes in your information or your request and sends it out as if it was from the server. It then also takes the information or the answer provided by the internet and communicates that response through itself, preventing direct communication.
A Step-By-Step Explanation
It can seem confusing, especially if you are using a secure website to access the internet, as the SSL certificate on the site provides the encryption and decryption to provide a secure transmission of data. While this is the true, here are some additional benefits to using this option to connect.
To get a simple yet clear picture, it is important to see how these operate. Think of an action you perform every day on your computer, let's take going to a website. You type in a URL into the address bar or click on a name on your list of favorites or bookmarked websites.
Your device, when routed through a proxy server, sends this request to view the website through the system. The server then forwards the message to the website, which returns the landing page through the proxy server to your computer.
Your device and this intermediary server are both on your internal or intranet. The website you are visiting is not, it is outside of your system. By sending the request through the proxy server instead of directly from your device the website you are trying to access can only see the one device on the network, not your individual device.
This does more than just screen your device. Proxy servers can be used to block the use of cookies, prevent websites from knowing your geographical location and they can also be used to block access to specific types of websites.
In some cases, they can be used to block social media sites from access on business computers or to prevent people from going to sites with malware or other types of viruses.
SSL and Proxy Servers
It is possible to use SSL technology between your device and the proxy server, and then also use SSL on proxy servers going to the website. In this way, the encryption and decryption would occur twice, once for each "hop." This would include the encryption to the internet and then the same coming back.
It is possible to set this up so that those access sites on the internet from the internal network will go through the https proxy servers. This will be the same as saying it is using the SSL on proxy servers to access the website and then receiving the response.
Advanced IT managers can set up SSL on proxy servers to exclude specific websites or specific categories of websites. These could be sites already known to be secure or to allow access to one or more websites within a category or group of sites that are blocked by the proxy server.
For example, there could be a broad category that restricts access to social media sites. However, for the sales and marketing team, it may be important to be able to access LinkedIn for business related postings and networking. The IT administrator to the system could add an https exception to the list. It is also possible to do this with the broader categories of websites if desired.
This will not impact any SSL/TLS certificates on the site and server, and encryption will still be in place. However, the proxy certificate will not block those sites or intercept the requests going back and forth.
In most applications, the proxy server actually acts as an intermediate certificate authority through the system. It will be important to ensure that all devices on the system have the correct certificate installed before using the SSL on proxy servers as the intermediate certificate may not be trusted.
If you need assistance with configuring SSL on proxy servers, talk to our expert staff. You can also review the information found in our knowledgebase that provides specific guidelines and troubleshooting. This is particularly important if you have multiple devices on the internal network and are having difficulties in accessing outside sites through the proxy server.