I am wondering what the benefits are of using (or not using) a proxy server. I was talking to another friend of mine who works in an IT department. He said with his proxy server, he doesn't use any antivirus software on his work stations. We have a firewall, IDS and network monitoring with our setup. Also we only have open ports for Outlook mail and Internet access. We are planning to implement some more firewalls and an IPS to protect from the inside as well as from the outside. Any help in this matter would be very much appreciated.
A proxy server can be of use, but there are many types of proxy servers and many uses for them. In many environments, a proxy server is used to forward requests for Internet access. The proxy server may replace the IP address of the client with an Internet routable address. This does obscure the location of the client, but it should not take the place of a firewall. Many proxies have simply been used because they can provide Internet access to many systems without the expense of providing a routable Internet address for every system. Some proxies may also act as caching servers and improve performance, since multiple requests for the same Web pages may already be stored on the server.
Other proxies simply manage some service, for example a RADIUS proxy that forwards authentication requests to a RADIUS server. And, as you have mentioned, you can often gain other benefits by placing spam filters and antiviral products on the proxy. However, even where antiviral products are placed on Internet boundaries, it is still a good idea to have antiviral products on clients. After all, it may be that the proxy does not scan every bit of data. For example, e-mails may come from sources that don't go through the proxy or are not scanned by the proxy.
This was first published in November 2004