A proxy server is a dedicated computer or software system that sits between an end “client,” such as a desktop computer or mobile device, and a desired destination, such as a website, server, or web- or cloud-based application. The proxy:
By acting as an intermediary between the client and destination, proxies can shield the client’s IP address from the destination, providing a layer of privacy. This helps prevent capture of users’ personally identifiable information.
Proxies and Secure Web Gateways
Proxies are often implemented as part of a secure web gateway (SWG). This provides security inspection of HTTP and HTTPS web protocols along with URL filtering and malware prevention. Organizations can also use proxies instead of deploying agents on user devices. However, because proxies can only inspect web-based traffic, they are typically used as part of a more comprehensive security platform strategy or by organizations looking to gradually transition to a more secure method of remote access. Alternative onboarding methods include IPsec or GRE tunneling and firewall port forwarding.
Figure 1: Proxy server schema
While security inspection of all device traffic and protocols is ideal, organizations can achieve a balance of architectural flexibility and security by implementing proxies as part of a secure access service edge (SASE) approach. A SASE solution provides all the networking and security capabilities an organization needs in a single cloud-delivered service. The benefits of this approach include:
Learn more about SASE in our free Secure Access Service Edge (SASE) For Dummies® e-book.