4min. read

What Is a Proxy Server

A proxy server is a dedicated computer or software system that sits between an end “client,” such as a desktop computer or mobile device, and a desired destination, such as a website, server, or web- or cloud-based application. The proxy:

  1. Receives a web request from a client
  2. Terminates the connection
  3. Establishes a new connection with the desired destination
  4. Sends the data on the client’s behalf

By acting as an intermediary between the client and destination, proxies can shield the client’s IP address from the destination, providing a layer of privacy. This helps prevent capture of users’ personally identifiable information.

Proxies and Secure Web Gateways

Proxies are often implemented as part of a secure web gateway (SWG). This provides security inspection of HTTP and HTTPS web protocols along with URL filtering and malware prevention. Organizations can also use proxies instead of deploying agents on user devices. However, because proxies can only inspect web-based traffic, they are typically used as part of a more comprehensive security platform strategy or by organizations looking to gradually transition to a more secure method of remote access. Alternative onboarding methods include IPsec or GRE tunneling and firewall port forwarding.

Figure 1: Proxy server schema

While security inspection of all device traffic and protocols is ideal, organizations can achieve a balance of architectural flexibility and security by implementing proxies as part of a secure access service edge (SASE) approach. A SASE solution provides all the networking and security capabilities an organization needs in a single cloud-delivered service. The benefits of this approach include:

  • Protection of all application traffic: SASE provides remote users with secure access to all applications and guards against much more than just web-based threats, reducing the risk of a data breach.
  • Consolidated capabilities for complete security: SASE combines the security capabilities of SWG, firewall as a service (FWaaS), Zero Trust Network Access (ZTNA), cloud access security broker (CASB) and much more.
  • Exceptional user experience: Security doesn’t have to come at the cost of user experience. Leading SASE solutions are built on massively scalable networks with ultra-low latency and can include native digital experience monitoring (DEM) capabilities. 

Learn more about SASE in our free Secure Access Service Edge (SASE) For Dummies® e-book.


Related content

What is a Secure Web Gateway (SWG)?

A secure web gateway (SWG) protects users from web-based threats in addition to applying and enforcing corporate acceptable use policies.

Learn more about secure web gateways and how to protect users from web-based threats.

Cloud Secure Web Gateway Use Case webpage

Comprehensive best-in-class web security and data protection through the industry’s most complete cloud-edge architecture.

Learn more about Palo Alto Networks best-in-class web security.

Whitepaper: Modernize Your SWG with SASE

Learn why organizations using legacy web proxy appliances should move to a modern SWG as the foundation for a complete, cloud-delivered SASE architecture.

Learn how to a SASE solution can help modernize your SWG.

Infographic: Cloud SWG vs. web proxy

Cloud SWG simplifies network security management with modern, complete cloud-delivered security delivered through Prisma Access.

Learn the difference between SWG and web proxies.