Sun™ ONE Web Proxy Server Evaluation Guide

Sun™ Open Net Environment (Sun ONE) Web Proxy Server (formerly, iPlanet Web Proxy Server) is a high-performance server software for caching and filtering content on the Internet and intranets. Sun ONE Web Proxy Server provides an industrial-strength infrastructure to ease network congestion, protect intranet content, enhance user productivity, and control access to network resources.

This guide is intended to provide a framework for evaluating and reviewing Sun ONE Web Proxy Server. It includes key criteria that Sun ONE customers have indicated are important, as well as a description of how Sun ONE Web Proxy Server meets these requirements. It also compares Sun ONE Web Proxy Server with its competition.

Background

---

The web proxy was first developed by Ari Luotonen, who was chief architect of Netscape Proxy Server, as a research project at the CERN Institute. Historically, web proxies were developed to serve as an intermediary for clients as they requested content from remote servers on the Internet. A web proxy was designed to act both as a server to clients and as a client to remote server machines. The proxy enhanced network security by preventing network packets from passing directly between the user's network and the Internet. It effectively screened the network and prevented external audiences from having visibility to network information. At the same time, internal clients maintained the perception of having a direct connection to the Internet.

The web proxy also served as a gateway for organizations to control and monitor their users' access to the Internet. Traditionally deployed at the Internet gateway as part of the organization's firewall solution, web proxies would often reside just inside a firewall, or inside a DMZ ("demilitarized zone").

The web proxy's location at the edge of the network was a natural place to cache content as well. By caching content close to users, subsequent requests for the information could be returned directly from the cache rather than fetching it from a remote server.

As Internet access has become increasingly important to the business processes of many organizations, the amount of traffic passing through the Internet gateway has increased dramatically and content availability has become critical. The caching web proxy has emerged as an effective solution for reducing network congestion and ensuring content availability.

More recently, intranets have become prevalent and organizations are now deploying caching web proxies at their branch offices, retail outlets, and other locations to reduce traffic at bottlenecks in their internal networks. As new web-based technologies, such as push-based services, emerge and offer the potential for dramatic increases in network traffic, caching web proxies are expected to become even more important.

Design Goals

---

As one of the original providers of commercially available web proxies, Netscape had a long history of leadership in the market. Now Sun Microsystems Inc. provides Sun ONE Web Proxy Server. Sun ONE Web Proxy Server addresses the needs of network administrators and users by providing the following benefits:

Scalable and flexible caching

Sun ONE Web Proxy Server's efficient caching model distributes data where users need it, so requests to remote content servers and network traffic are reduced. Proxy routing makes it possible for organizations to deploy Sun ONE Web Proxy Server at branch offices and network bottlenecks to benefit from caching on intranets. Caching on-demand intelligently caches documents based on user requests. Batch updates also enable caching on-command, so administrators can download documents or sites on a scheduled basis. Now Sun ONE Web Proxy Server enhances the scalability and reliability of caching by supporting proxy arrays. This distributed caching mechanism enables multiple proxies to operate as a single logical cache for load-balancing and failover. Support for dynamic proxy routing allows Sun ONE Web Proxy Server to query other caches for document availability.

Fine-grained filtering

Networks are only as strong as their weakest link, which is often the gateway. Sun ONE Web Proxy Server enhances network security by providing a control point for Internet traffic and by logging all transactions. Sun ONE Web Proxy Server's fine-grained controls limit access to specific documents or sites based on individual users, groups, IP addresses, host names, or wildcard expressions. Sun ONE Web Proxy Server also provides filtering of objectionable URLs, filtering of content including viruses and HTML tags, and filtering of content types. Sun ONE Web Proxy Server facilitates user access through the firewall. In addition to being able to tunnel protocols supported by the web proxy, organizations can use SOCKS version 5 to traverse the firewall for any protocol or application. Reverse proxying makes it possible for Sun ONE Web Proxy Server to act as a "web server stand-in," accepting encrypted traffic on behalf of a web server protected behind a firewall.

Ease of management

Sun ONE Web Proxy Server makes it easy for administrators to manage intelligent networks of proxy servers. Native Lightweight Directory Access Protocol (LDAP) support is now available to centralize user name and password management via Sun ONE Directory Server. Clustered management capabilities enable administrators to configure and maintain multiple proxies. Netscape Communicator's Automatic Proxy Configuration (APC) feature permits modifications to the proxy infrastructure without touching client software on each desktop. Sun ONE Web Proxy Server also supports Simple Network Management Protocol (SNMP) versions 1 and 2 for monitoring server status.