The IT Law Wiki


32,080pages on
this wiki
Add New Page
Add New Page Talk0

Definitions Edit

General Edit

A proxy is

[a] tool[] used to filter network communication, and improve the performance of groups of users.[1]

Software Edit

A proxy is

[a]n application or device acting on behalf of another in responding to protocol requests.[2]
[a] [s]oftware agent that performs a function or operation on behalf of another application or system while hiding the details involved. Typical proxies accept a connection from a user, make a decision as to whether or not the user or client network address is authorized to use the requested service, optionally perform additional authentication, and then complete a connection on behalf of the user to a remote destination.[3]

A proxy is an application that "breaks" the connection between client and server. It "receives a request from a client, and then sends a request on the client's behalf to the desired destination."[4]

Overview Edit

"The proxy accepts certain types of traffic entering or leaving a network and processes it and forwards it. This effectively closes the straight path between the internal and external networks making it more difficult for an attacker to obtain internal addresses and other details of the organization's internal network.[5]

When a proxy is used, each successful connection attempt actually results in the creation of two separate connections: one between the client and the firewall, and another between the firewall and the true destination. Some proxies perform basic analysis and validation of application protocols, such as Hypertext Transfer Protocol (HTTP), and can reject client requests that appear to be invalid, which might include some instances of malware. Such proxies are also known as application layer firewalls.

References Edit

  1. Assessing Technology, Methods, and Information for Committing and Combating Cyber Crime, at 19 n.22.
  2. Practices for Securing Critical Information Assets, Glossary, at 57.
  3. Glossary of Security Terms, Definitions, and Acronyms, at 197.
  4. NIST Special Publication 800-86, at C-2.
  5. NIST Special Publication 800-44.

See also Edit

Also on Fandom

Random Wiki