WEBVTT 1 00:00:00.300 --> 00:00:03.180 In this lesson, we're going to discuss proxies. 2 00:00:03.180 --> 00:00:05.880 Proxy servers are devices that create a network connection 3 00:00:05.880 --> 00:00:07.830 between an end-user's client machine 4 00:00:07.830 --> 00:00:10.620 and a remote resource such as a web server. 5 00:00:10.620 --> 00:00:12.480 These devices can either be physical, 6 00:00:12.480 --> 00:00:13.980 hardware based appliances 7 00:00:13.980 --> 00:00:16.470 or they can simply be a piece of software installed 8 00:00:16.470 --> 00:00:19.020 on another server within our infrastructure. 9 00:00:19.020 --> 00:00:22.410 Either way, these devices provide a few distinct benefits, 10 00:00:22.410 --> 00:00:25.200 such as increased speed and efficiency in our networks, 11 00:00:25.200 --> 00:00:26.280 increased security, 12 00:00:26.280 --> 00:00:28.920 and additional opportunities to conduct auditing. 13 00:00:28.920 --> 00:00:30.810 Increased speed and efficiencies are gained 14 00:00:30.810 --> 00:00:33.000 when using a proxy because proxy servers 15 00:00:33.000 --> 00:00:35.310 provide a function called web caching. 16 00:00:35.310 --> 00:00:37.650 Essentially whenever a user requests a website 17 00:00:37.650 --> 00:00:41.250 through a proxy, it retains a local copy in its cache. 18 00:00:41.250 --> 00:00:43.950 Then when another user requests the same website, 19 00:00:43.950 --> 00:00:45.150 instead of requesting it directly 20 00:00:45.150 --> 00:00:47.640 from that web server over the slower WAN link, 21 00:00:47.640 --> 00:00:49.830 the proxy server can simply provide the user 22 00:00:49.830 --> 00:00:53.100 the cached copy that it saved locally inside of itself. 23 00:00:53.100 --> 00:00:54.900 This saves time and bandwidth 24 00:00:54.900 --> 00:00:57.390 and it works really well for static websites. 25 00:00:57.390 --> 00:00:59.730 Now this technique doesn't work really well when 26 00:00:59.730 --> 00:01:02.190 you're dealing with modern Web 2.0 websites. 27 00:01:02.190 --> 00:01:04.620 Things like Facebook and Twitter and Reddit 28 00:01:04.620 --> 00:01:06.330 and places like this that are going to use 29 00:01:06.330 --> 00:01:08.340 user-generated types of content. 30 00:01:08.340 --> 00:01:10.410 This is because every time you log in, 31 00:01:10.410 --> 00:01:12.270 you're getting a personalized experience 32 00:01:12.270 --> 00:01:13.860 individual to that user. 33 00:01:13.860 --> 00:01:16.800 And this makes the caching not nearly as efficient. 34 00:01:16.800 --> 00:01:20.250 The second benefit of a proxy server is increased security. 35 00:01:20.250 --> 00:01:23.190 Now this occurs because each proxy can be configured 36 00:01:23.190 --> 00:01:24.450 with a list of acceptable 37 00:01:24.450 --> 00:01:26.670 and non-acceptable sites and they can then 38 00:01:26.670 --> 00:01:29.160 block those sites that are deemed unacceptable. 39 00:01:29.160 --> 00:01:30.390 So for example, 40 00:01:30.390 --> 00:01:32.400 let's say an employee tries to access a website 41 00:01:32.400 --> 00:01:34.290 containing pornography or gambling 42 00:01:34.290 --> 00:01:36.090 while they're sitting at their desk at work. 43 00:01:36.090 --> 00:01:39.690 Our proxy server might be configured to prevent that access. 44 00:01:39.690 --> 00:01:41.940 Similarly, we can also block websites that are 45 00:01:41.940 --> 00:01:43.140 known to host malware 46 00:01:43.140 --> 00:01:45.180 and other content that we wouldn't want access 47 00:01:45.180 --> 00:01:46.950 from our corporate networks. 48 00:01:46.950 --> 00:01:49.350 Finally, proxy servers also provide our network 49 00:01:49.350 --> 00:01:51.630 with additional auditing capabilities since they 50 00:01:51.630 --> 00:01:53.790 can record each and every request that's made 51 00:01:53.790 --> 00:01:57.060 by the users to go out to the wide area network. 52 00:01:57.060 --> 00:01:58.740 These logs can then be used to determine 53 00:01:58.740 --> 00:02:01.260 if an employee is attempting to access websites 54 00:02:01.260 --> 00:02:02.670 that they're not allowed to access 55 00:02:02.670 --> 00:02:04.590 such as gambling or pornography like we talked 56 00:02:04.590 --> 00:02:05.460 about earlier. 57 00:02:05.460 --> 00:02:07.650 But it can also tell us how much time 58 00:02:07.650 --> 00:02:10.320 an employee is spending on any given website. 59 00:02:10.320 --> 00:02:12.630 So if a manager is worried that an employee has 60 00:02:12.630 --> 00:02:15.870 been surfing Facebook all day and not doing their job, 61 00:02:15.870 --> 00:02:17.220 they can actually put in a request 62 00:02:17.220 --> 00:02:19.380 for the system administrators to create a report 63 00:02:19.380 --> 00:02:21.540 of that user's web browsing activity. 64 00:02:21.540 --> 00:02:23.550 And they can query the proxy server and look 65 00:02:23.550 --> 00:02:26.280 at the audit logs to determine exactly how much time 66 00:02:26.280 --> 00:02:29.190 they spent on any given site if this is allowed 67 00:02:29.190 --> 00:02:31.980 within the scope of the organization's policies. 68 00:02:31.980 --> 00:02:34.530 Now, in one of my previous organizations where I served 69 00:02:34.530 --> 00:02:35.820 as the IT director, 70 00:02:35.820 --> 00:02:36.990 we started seeing our network 71 00:02:36.990 --> 00:02:38.490 was slowing down over time 72 00:02:38.490 --> 00:02:40.320 because we started adding more users 73 00:02:40.320 --> 00:02:41.940 and we were getting worried about this. 74 00:02:41.940 --> 00:02:44.790 So one of the things we did was we started evaluating 75 00:02:44.790 --> 00:02:47.160 which websites were using the most bandwidth 76 00:02:47.160 --> 00:02:48.870 by checking our proxy servers. 77 00:02:48.870 --> 00:02:50.400 And, not surprisingly, 78 00:02:50.400 --> 00:02:53.610 number one and number two was YouTube and Facebook. 79 00:02:53.610 --> 00:02:55.620 Now this allowed me to go to upper management 80 00:02:55.620 --> 00:02:58.020 and request additional money to buy more bandwidth, 81 00:02:58.020 --> 00:03:00.270 or if they didn't want to give me that bandwidth, 82 00:03:00.270 --> 00:03:02.400 we would then request to block these sites 83 00:03:02.400 --> 00:03:04.590 so we could maximize the bandwidth we had 84 00:03:04.590 --> 00:03:06.540 for real work functions and not 85 00:03:06.540 --> 00:03:08.520 for people going on social media. 86 00:03:08.520 --> 00:03:10.350 Now, in the case of this organization, 87 00:03:10.350 --> 00:03:12.660 our leadership decided to block YouTube 88 00:03:12.660 --> 00:03:15.090 because they didn't see a valid business reason 89 00:03:15.090 --> 00:03:17.460 that would require our employees to be using YouTube 90 00:03:17.460 --> 00:03:18.630 during working hours 91 00:03:18.630 --> 00:03:21.180 instead of us buying a larger amount of bandwidth 92 00:03:21.180 --> 00:03:22.770 from our internet service provider. 93 00:03:22.770 --> 00:03:24.600 So they decided to save some money 94 00:03:24.600 --> 00:03:27.100 and make it so the employees couldn't use YouTube.