Internal User Aggregation

This first topology is designed to authenticate web users, aggregate user web traffic, and provide some caching. Figure 7-9 shows this topology option.

Figure 7-9. Basic Proxy Server Design proxy Servers

Figure 7-9. Basic Proxy Server Design

In this design, the firewall access rules define who is able to initiate outbound web requests. If it is desired that all users must use a proxy, the filtering on the firewall can enforce this decision. As an alternative, this design can permit certain user communities to be allowed direct access to the Internet, while others are required to go through the proxy. This can be an attractive option to isolate certain IP ranges that are outside of security policy standards. Lab and test networks are an ideal example.

A side benefit of this design is that less traffic flows through the firewall because the caching on the proxy servers is able to handle some requests locally.

The Google LSI Handbook

The Google LSI Handbook

Here's your chance to learn the secret formula that only the top webmaster's know about, that helps them easily dominate any keyword term. Discover How To Unravel The Mysteries Of Googles Search Engine Rankings, and Stay One Step Ahead Of The Rest In The keywords War!

Get My Free Ebook


Post a comment