The IT Law Wiki
Don't have an account?
Register
Advertisement
Register
in: Software, Definition

Proxy

Edit

Definitions[]

General[]

A proxy is

[a] tool[] used to filter network communication, and improve the performance of groups of users.[1]

Software[]

A proxy is

[a]n application or device acting on behalf of another in responding to protocol requests.[2]
[a] [s]oftware agent that performs a function or operation on behalf of another application or system while hiding the details involved. Typical proxies accept a connection from a user, make a decision as to whether or not the user or client network address is authorized to use the requested service, optionally perform additional authentication, and then complete a connection on behalf of the user to a remote destination.[3]

A proxy is an application that "breaks" the connection between client and server. It "receives a request from a client, and then sends a request on the client's behalf to the desired destination."[4]

Overview[]

"The proxy accepts certain types of traffic entering or leaving a network and processes it and forwards it. This effectively closes the straight path between the internal and external networks making it more difficult for an attacker to obtain internal addresses and other details of the organization's internal network.[5]

When a proxy is used, each successful connection attempt actually results in the creation of two separate connections: one between the client and the firewall, and another between the firewall and the true destination. Some proxies perform basic analysis and validation of application protocols, such as Hypertext Transfer Protocol (HTTP), and can reject client requests that appear to be invalid, which might include some instances of malware. Such proxies are also known as application layer firewalls.

References[]

  1. Assessing Technology, Methods, and Information for Committing and Combating Cyber Crime, at 19 n.22.
  2. Practices for Securing Critical Information Assets, Glossary, at 57.
  3. Glossary of Security Terms, Definitions, and Acronyms, at 197.
  4. NIST Special Publication 800-86, at C-2.
  5. NIST Special Publication 800-44.

See also[]

Community content is available under CC-BY-SA unless otherwise noted.
Advertisement

Fan Feed