Product Reviews

Microsoft Proxy Server 2.0

Microsoft’s Proxy Server 2.0 isn’t exactly the new kid on the block, but it still stands as one of the premier NT-based firewall products in service. And don’t let the name fool you—Proxy Server has packet-filtering capabilities. The product sports some solid features including NT security model integration, Microsoft Management Console integration, and proxy arrays, plus it’s no surprise that Proxy Server fits NT and Windows 2000 like a glove. The product also enjoys incredible plug-in support from third parties that provides added functionality such as Web content filtering and intrusion detection.

Proxy Server doesn’t provide NAT support in the same way as other products mentioned in this article. The product consists of a Web Proxy, SOCKS Proxy, and Winsock Proxy. When implementing the Winsock Proxy, Proxy Server works by replacing the Winsock DLL located on the client machines with a modified version designed to route all authorized requests off the proxy server. This implementation requires a software installation at each client and is Windows-centric. Obviously, this approach isn’t attractive to heterogeneous shops that must support a large variety of operating systems.

With a dizzying array of tuning options, Microsoft’s Proxy Server 2.0 is designed with corporate networks in mind. Remember that most of these powerful capabilities are limited to the Web (HTTP) proxy. (Click image to view larger version.)

Proxy Server really shines when it comes to NT integration and horizontal scalability. By creating arrays of proxy servers, it’s possible to ease the load on a server cluster without having to build bigger boxes. This type of configuration easily provides security integration, performance, and fault-tolerance, with next-to-zero administration or training required. For NT-only shops that require mostly Web-only access (no traditional NAT), Proxy Server is a very strong contender in the firewall arena.

About the Author

Chip Andrews, MCSE+I, MCDBA is a software security architect at (Clarus Corp.). Chip maintains the (sqlsecurity.com) Web site and speaks at security conferences on SQL Server security issues.

comments powered by Disqus
Most   Popular