What Is a Proxy Server

A proxy server is a dedicated computer or software system that sits between an end “client,” such as a desktop computer or mobile device, and a desired destination, such as a website, server, or web- or cloud-based application. The proxy:

1. Receives a web request from a client
2. Terminates the connection
3. Establishes a new connection with the desired destination
4. Sends the data on the client’s behalf

By acting as an intermediary between the client and destination, proxies can shield the client’s IP address from the destination, providing a layer of privacy. This helps prevent capture of users’ personally identifiable information.

Proxies and Secure Web Gateways

Proxies are often implemented as part of a secure web gateway (SWG). This provides security inspection of HTTP and HTTPS web protocols along with URL filtering and malware prevention. Organizations can also use proxies instead of deploying agents on user devices. However, because proxies can only inspect web-based traffic, they are typically used as part of a more comprehensive security platform strategy or by organizations looking to gradually transition to a more secure method of remote access. Alternative onboarding methods include IPsec or GRE tunneling and firewall port forwarding.

Figure 1: Proxy server schema

While security inspection of all device traffic and protocols is ideal, organizations can achieve a balance of architectural flexibility and security by implementing proxies as part of a secure access service edge (SASE) approach. A SASE solution provides all the networking and security capabilities an organization needs in a single cloud-delivered service. The benefits of this approach include:

• Protection of all application traffic: SASE provides remote users with secure access to all applications and guards against much more than just web-based threats, reducing the risk of a data breach.
• Consolidated capabilities for complete security: SASE combines the security capabilities of SWG, firewall as a service (FWaaS), Zero Trust Network Access (ZTNA), cloud access security broker (CASB) and much more.
• Exceptional user experience: Security doesn’t have to come at the cost of user experience. Leading SASE solutions are built on massively scalable networks with ultra-low latency and can include native digital experience monitoring (DEM) capabilities. 

Learn more about SASE in our free Secure Access Service Edge (SASE) For Dummies^® e-book.

Resources

• Blog Post: It’s Time to Get SASE: The Next Chapter in Network Security
• E-Book: The 10 Tenets of an Effective SASE Solution