A reverse proxy or surrogate is a proxy server that is installed within the neighborhood of one or more servers. Typically, reverse proxies are used in front of Web servers. All connections coming from the Internet addressed to one of the Web servers are routed through the proxy server, which may either deal with the request itself or pass the request wholly or partially to the main web servers.
There are several reasons for installing reverse proxy servers:
1. Security: the proxy server may provide an additional layer of defense by separating or masquerading the type of server that is behind the reverse proxy. This configuration may protect the servers further up the chain.
2. Encryption / SSL acceleration: when secure websites are created, the SSL encryption is sometimes not done by the Web server itself, but by a reverse proxy that is equipped with SSL acceleration hardware.
3. Load distribution: the reverse proxy can distribute the load to several servers, each server serving its own application area.
4. Caching: A reverse proxy can offload the Web servers by caching static content, such as images, as well as dynamic content, such as a HTML-page rendered by a content management system.
5. Compression: the proxy server can optimize and compress the content to speed up the load time.
TERMS USED:
PROXY SERVER: a proxy server is a server (a computer system or an application program) that acts as a go-between for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server evaluates the request according to its filtering rules. For example, it may filter traffic by IP address or protocol. If the request is validated by the filter, the proxy provides the resource by connecting to the relevant server and requesting the service on behalf of the client. A proxy server may optionally alter the client's request or the server's response, and sometimes it may serve the request without contacting the specified server. In this case, it 'caches' responses from the remote server, and returns subsequent requests for the same content directly.
SSL ACCERLERATION: SSL acceleration is a method of offloading the processor-intensive public key encryption algorithms involved in SSL transactions to a hardware accelerator. Typically, this is a separate card that plugs into a PCI slot in a computer that contains one or more co-processors able to handle much of the SSL processing.
Read more :
http://www.sans.org/reading_room/whitepapers/webservers/a_reverse_proxy_is_a_proxy_by_any_other_name_302?show=302.php&cat=webservers
There are several reasons for installing reverse proxy servers:
1. Security: the proxy server may provide an additional layer of defense by separating or masquerading the type of server that is behind the reverse proxy. This configuration may protect the servers further up the chain.
2. Encryption / SSL acceleration: when secure websites are created, the SSL encryption is sometimes not done by the Web server itself, but by a reverse proxy that is equipped with SSL acceleration hardware.
3. Load distribution: the reverse proxy can distribute the load to several servers, each server serving its own application area.
4. Caching: A reverse proxy can offload the Web servers by caching static content, such as images, as well as dynamic content, such as a HTML-page rendered by a content management system.
5. Compression: the proxy server can optimize and compress the content to speed up the load time.
TERMS USED:
PROXY SERVER: a proxy server is a server (a computer system or an application program) that acts as a go-between for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server evaluates the request according to its filtering rules. For example, it may filter traffic by IP address or protocol. If the request is validated by the filter, the proxy provides the resource by connecting to the relevant server and requesting the service on behalf of the client. A proxy server may optionally alter the client's request or the server's response, and sometimes it may serve the request without contacting the specified server. In this case, it 'caches' responses from the remote server, and returns subsequent requests for the same content directly.
SSL ACCERLERATION: SSL acceleration is a method of offloading the processor-intensive public key encryption algorithms involved in SSL transactions to a hardware accelerator. Typically, this is a separate card that plugs into a PCI slot in a computer that contains one or more co-processors able to handle much of the SSL processing.
Read more :
http://www.sans.org/reading_room/whitepapers/webservers/a_reverse_proxy_is_a_proxy_by_any_other_name_302?show=302.php&cat=webservers
No comments:
Post a Comment