FAQs for Oracle iplanet Proxy Server 4.0



Similar documents
A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

Proxies. Chapter 4. Network & Security Gildas Avoine

Lecture 8a: WWW Proxy Servers and Cookies

Chapter 6 Virtual Private Networking Using SSL Connections

Introduction to Computer Security Benoit Donnet Academic Year

White Paper. Securing and Integrating File Transfers Over the Internet

SiteCelerate white paper

Building a Highly Available and Scalable Web Farm

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

F-Secure Messaging Security Gateway. Deployment Guide

Configuration Guide BES12. Version 12.2

echomountain Enterprise Monitoring, Notification & Reporting Services Protect your business

Configuration Guide BES12. Version 12.3

SSL VPN Portal Options

IBM Unica emessage Version 8 Release 6 February 13, Startup and Administrator's Guide

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Edge Gateway for Layered Security and Acceleration Services

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

Transparent Identification of Users

Lecture 8a: WWW Proxy Servers and Cookies

How To Protect A Web Application From Attack From A Trusted Environment

Novell Access Manager SSL Virtual Private Network

Basic Network Configuration

The following multiple-choice post-course assessment will evaluate your knowledge of the skills and concepts taught in Internet Business Associate.

Network Configuration Settings

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

Proxy Server, Network Address Translator, Firewall. Proxy Server

Configuration Guide BES12. Version 12.1

VPN. Date: 4/15/2004 By: Heena Patel

Application Note. Onsight Connect Network Requirements v6.3

Cyan Networks Secure Web vs. Websense Security Gateway Battle card

Chapter 12 Supporting Network Address Translation (NAT)

Configuration Guide. BES12 Cloud

SSL VPN Technical Primer

Monitoring Forefront TMG

S y s t e m A r c h i t e c t u r e

Third Party Integration

HOW TO CONFIGURE PASS-THRU PROXY FOR ORACLE APPLICATIONS

Building a Systems Infrastructure to Support e- Business

Citrix Access on SonicWALL SSL VPN

How To Configure SSL VPN in Cyberoam

OS/390 Firewall Technology Overview

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

Application Delivery Networking

Considerations In Developing Firewall Selection Criteria. Adeptech Systems, Inc.

Introduction to Endpoint Security

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

Internet Content Adaptation Protocol (ICAP)

McAfee Web Gateway 7.4.1

Fig : Packet Filtering

Anonymity on the Internet Over Proxy Servers

This section contains information intended to help plan for SocialMiner installation and deployment.

Ranch Networks for Hosted Data Centers

PLATO Learning Environment System and Configuration Requirements. for workstations. April 14, 2008

LDAP Authentication and Authorization

Lecture 8b: Proxy Server Load Balancing

Stopping secure Web traffic from bypassing your content filter. BLACK BOX

PLATO Learning Environment System and Configuration Requirements for workstations. October 27th, 2008

Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified

Tel: Toll-Free: Fax: Oct Website: CAIL Security Facility

Copyright 2006 Comcast Communications, Inc. All Rights Reserved.

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications

ACE Management Server Deployment Guide VMware ACE 2.0

Product Standard General Interworking: Internet Server

GoToMyPC Corporate Advanced Firewall Support Features

Firewall, Mail and File server solution

Secure Web Appliance. Reverse Proxy

CMPT 471 Networking II

APV9650. Application Delivery Controller

GlobalSCAPE DMZ Gateway, v1. User Guide

Understanding Slow Start

Niagara IT Manager s Guide

Step-by-Step Configuration

Requirement Priority Name Requirement Text Response Comment

QUESTION: 1 Which of the following are valid authentication user group types on a FortiGate unit? (Select all that apply.)

Safeguarding the Corporate Portal: A Review of Portal Security

District of Columbia Courts Attachment 1 Video Conference Bridge Infrastructure Equipment Performance Specification

Novell Access Manager

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Project Title: Judicial Branch Enterprise Document Management System RFP Number: FIN122210CK Appendix D Technical Features List

Using RADIUS Agent for Transparent User Identification

By Masaya NORIFUSA* ABSTRACT. SAFEBORDER is an SSL VPN appliance product that offers a unique remote access solution to

Microsoft Lync Server 2010

INUVIKA OPEN VIRTUAL DESKTOP FOUNDATION SERVER

Requirements Collax Security Gateway Collax Business Server or Collax Platform Server including Collax SSL VPN module

Implementing Reverse Proxy Using Squid. Prepared By Visolve Squid Team

Cisco Secure Access Control Server 4.2 for Windows

Deployment Guide Microsoft IIS 7.0

Overview - Using ADAMS With a Firewall

Ensuring the security of your mobile business intelligence

axsguard Gatekeeper Internet Redundancy How To v1.2

The World Wide Web: History

Routing Security Server failure detection and recovery Protocol support Redundancy

Cornerstones of Security

Overview - Using ADAMS With a Firewall

Transcription:

FAQs for Oracle iplanet Proxy Server 4.0 Get answers to the questions most frequently asked about Oracle iplanet Proxy Server Q: What is Oracle iplanet Proxy Server (Java System Web Proxy Server)? A: Oracle iplanet Proxy Server is high-performance server software for caching and filtering Web content for e-commerce solutions, enterprise customers or Internet Service Providers (ISPs). It provides caching on-demand by intelligently caching frequently accessed documents and caching on-command for batch updates of the cache. This replication model conserves network bandwidth and reduces response times for clients. Oracle iplanet Proxy Server also enables network administrators to maintain fine-grain control over the use of network resources by blocking access to specific sites by user or by document. It also solves the problems of network congestion and slow response time, and provides control over network resources without burdening end users or network administrators. Q: Who needs Oracle iplanet Proxy Server? A: Network administrators and MIS organizations that support many Web clients for companies or ISPs can deploy Oracle iplanet Proxy Server to provide network services that are faster, more reliable, more efficient, and more secure. In addition, Oracle iplanet Proxy Server helps enhance network performance and security by caching and filtering Web content. Q: What is caching on-command? A: Caching on-command enables an administrator to schedule batch updates to the cache. This includes: the ability to preload documents or sites into the cache in anticipation of user demand the ability to automatically refresh documents that already reside in the cache Administrators can schedule batch updates to take place at regular intervals and off-peak hours so network bandwidth is not tied up caching documents during periods of heavy network use. Caching on-command is more efficient than "active caching" because administrators have the ability to control batch updates. Administrators can check the proxy access logs to determine whether frequently accessed sites are actually desirable for caching. Plus, administrators don't have to wait for usage patterns to develop to specify batch updates.

Q: Does Oracle iplanet Proxy Server support Cache Array Routing Protocol? A: Yes. Cache Array Routing Protocol (CARP) is a proposed standard for distributed caching. It provides a mechanism for routing content requests among an array of proxy servers in a deterministic fashion. CARP enables load balancing, fault-tolerance, more efficient caching, and easier management for multiple proxy servers. Q: Does Oracle iplanet Proxy Server support Internet Cache Protocol? A: Yes. Internet Cache Protocol (ICP) is an Informational RFC for dynamic proxy routing. It enables Oracle iplanet Proxy Server to send queries to neighbor caches to determine whether they already have a document. ICP provides a mechanism for automatic content discovery. Q: Does Oracle iplanet Proxy Server support access control? A: Yes. Oracle iplanet Proxy Server lets network administrators use a user name and password, IP address, host name, or domain name to grant or limit access to network resources, including specific sites and documents. It also maintains access control as configured by the requested document's home server. Q: Can Oracle iplanet Proxy Server filter access to undesirable content? A: Yes. Oracle iplanet Proxy Server allows administrators to ban access to particular sites using a list of URLs or wildcard patterns. For example, an administrator could use http://*.oracle.com/* to prevent all access to the Oracle site(s). Oracle iplanet Proxy Server can also use any list of prohibited sites in a standard, return-delimited format. Several vendors supply frequently updated lists in this format. In addition, Oracle iplanet Proxy Server provides filtering based on content type, such as specific Multipurpose Internet Mail Extensions (MIME) types, and based on content, such as HTML tag Q: How does Oracle iplanet Proxy Server enhance security? A: Oracle iplanet Proxy Server enhances security in the following ways: Network screening prevents external audiences from being able to view the network structure and addresses. Access control and content filtering ensure that network resources are not used inappropriately. Oracle iplanet Proxy Server facilitates communication through most firewalls in four ways: o Web content such as Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), and Gopher o Secure Sockets Layer (SSL) tunneling for encrypted communications such as Hypertext Transfer Protocol Secure (HTTPS) and SNEWS using Netscape Communicator or another SSL-compatible Web client

o HTTPS proxying, which creates a secure session on behalf of a nonsecure Web client o SOCKS, which allows nonproxied protocols to be passed through the firewall Reverse proxying lets Oracle iplanet Proxy Server represent a Web server to the public, while allowing the Web server to remain secure behind the firewall. This is particularly useful when the Web server needs to communicate with databases that must remain behind the firewall. Q: Does Oracle iplanet Proxy Server provide a circuit-level gateway for generic protocol support? A: Oracle iplanet Proxy Server includes an implementation of SOCKS version 5 for authenticated firewall traversal. SOCKSv5 is an open standard for facilitating traffic through the firewall at the circuit level. It provides generic protocol support, including support for streaming media. Q: Is Oracle iplanet Proxy Server extensible? A: Yes. Oracle iplanet Proxy Server supports the Server Plug-in API. It supports all of the server application functions used by other Sun Java System (formerly Sun ONE) servers, as well as three proxy-specific functions: Connect, Stream, and DNS. The Server Plug-in API implementation in Oracle iplanet Proxy Server gives administrators complete control over access, filtering, caching, and logging. Q: Which version of Simple Network Management Protocol does Oracle iplanet Proxy Server support? A: Oracle iplanet Proxy Server supports SNMP versions 1 and 2. Q: Does Oracle iplanet Proxy Server support Lightweight Directory Access Protocol (LDAP) for centralized management? A: Oracle iplanet Proxy Server includes support for LDAP for centrally managing user name and password information. LDAP simplifies the administration of a distributed proxy network. Q: Does Oracle iplanet Proxy Server have built-in log analysis tools? What kind of logging does it do? A: Oracle iplanet Proxy Server automatically logs all requests using either the common log-file format or an extended log-file format. The extended log-file format includes the referrer field and user agent. You can also create your own log file format by selecting which HTTP fields you would like to log. A built-in log analysis program includes reports such as total number of requests, total bytes transfered, most commmon URLs requested, most common IP addresses making requests, performance during peak periods, cache hit rates, and estimated response time

reduction. The items logged and the analysis program are completely configurable using the server manager's HTML form. Q: Which protocols does Oracle iplanet Proxy Server support? A: Oracle iplanet Proxy Server supports HTTP, FTP, and Gopher for caching. It also supports SSL for the transmission of encrypted traffic, and SOCKS, which is a generic way of tunneling protocols (such as telnet) that are not proxied. Q: What is secure reverse proxying? A: Reverse proxying is used to protect a Web server or database behind a firewall. A client connects to a proxy server (with an SSL session if necessary). The proxy server initiates a second connection from it to the Web server, from which it can retrieve data. All of this is transparent to the end user. Corporate data can remain behind the firewall and yet be accessible to the public as necessary. To provide additional security, the proxy server can be configured to speak only to the Web server's IP address and vice versa, and the firewall can be configured to allow HTTP traffic only between those two IP addresses. Q: Can I use Oracle iplanet Proxy Server to protect my network from viruses and other dangerous programs? A: Yes. Oracle iplanet Proxy Server helps system administrators implement their own security policies by stopping transmission of MIME types, Java and JavaScript, and ActiveX components. Q: When do I use Cache Array Routing Protocol (CARP) instead of Internet Cache Protocol (ICP)? A: CARP is appropriate for a group of proxy servers that are serving the same audience of downstream clients or proxies, and that are all under common administrative control. ICP is appropriate for proxies that are not under common administrative control and that may be serving different clients. Q: What are the advantages of SOCKS version 5 over other circuit-level gateways? A: SOCKSv5 provides generic protocol support for a variety of client platforms. Q: How many clients can one Oracle iplanet Proxy Server support? A: Oracle iplanet Proxy Server can support a large number of clients. The actual number depends on your hardware configuration and how the network is being used.

Q: How would an Internet Service Provider deploy Oracle iplanet Proxy Server? A: Ideally, an Internet Service Provider (ISP) would deploy one Oracle iplanet Proxy Server at each point of presence (POP) and cluster them at the Internet gateway to provide faster, more reliable service and reduce network congestion between the POP and the central Internet gateway. Some ISPs have started by deploying Oracle iplanet Proxy Server just at their gateway to the Internet, which reduces traffic on their link to the Internet, but not on their own network from the POP to the Internet gateway. Q: How would a corporation deploy Oracle iplanet Proxy Server? A: A corporation should deploy Oracle iplanet Proxy Server at the following key places: The Internet gateway: Oracle iplanet Proxy Server deployed just behind the firewall facilitates access to the Internet and reduces response times and communications expense. Major sub-network connections: Marketing, Sales, Product Development, Human Resources, and Finance departments might have their own subnetworks. A Oracle iplanet Proxy Server deployed at each subnet can reduce traffic on the corporate backbone. Remote offices that are disconnected from the internal network: Oracle iplanet Proxy Server can provide a quick mechanism for replicating content when necessary, providing better company integration and increasing network performance without large capital and communications expense. Internationally: Outside the United States, communications bandwidth is typically much more expensive, making Oracle iplanet Proxy Servers even more cost effective. Every international office can make use of an Oracle iplanet Proxy Server. Outside the firewall as a Web server substitute in reverse proxy configuration: This protects information on the secure Web server behind the firewall and offers load balancing via caching. Q: Will Oracle iplanet Proxy Server work with my firewall? A: Yes. Oracle iplanet Proxy Server deployed at the Internet gateway caches Internet content to limit network congestion and reduce response kinks. It also works with major firewalls to provide a network control point for filtering content, complete logging, and analysis facilities. Oracle iplanet Proxy Server supports encrypted communications using SSL-based protocols (such as HTTPS and SNEWS) and incorporates a SOCKS daemon for nonproxied protocols, such as telnet. Q: Isn't using Oracle iplanet Proxy Server a hassle for my end users? A: No. The Netscape Navigator component of Netscape Communicator supports an Automatic Proxy Configuration (APC) feature, which makes using a proxy network seamless and transparent to end users. Using APC, a system administrator can write a single JavaScript telling each client on the network how and when to use the available Oracle iplanet Proxy Servers, and can publish the script to a specified URL. Changing proxy configuration requires the

administrator to edit this script only once. Navigator will check the specified URL every time it is initialized. Q: Can I build a network of Oracle iplanet Proxy Servers to maximize the performance and efficiency of my network infrastructure? A: Yes. Oracle iplanet Proxy Server supports hierarchical caching and lets users create intelligent proxy networks using Automatic Proxy Configuration (APC), proxy routing, CARP, and ICP. Hierarchical caching lets one proxy (on the engineering subnetwork, for example) retrieve a requested document from another Oracle iplanet Proxy Server at the Internet gateway. APC (for client-to-proxy requests) and proxy scripting (for proxy-to-proxy requests) let the requesting entity use a different Oracle iplanet Proxy Server or request the document directly based on host name, domain name, or IP address of the requestor; URL pattern matching; or the availability of the network or other Oracle iplanet Proxy Servers. These capabilities increase cache hit rates and performance, reduce network traffic, and allow the Web infrastructure to "route" around network or system failure. Q: Why doesn't Oracle iplanet Proxy Server support full replication? A: Sun believes caching on-demand is a much more appropriate model for either the World Wide Web or an intranet. Common indexes should be distributed, but data can (and should) be stored wherever is most appropriate on the network. If Proxy Servers are deployed, there will be a 50 percent to 75 percent chance that the document will be cached locally and no chance of getting stale data. Oracle iplanet Proxy Server uses sophisticated statistical analysis to store the documents most likely to be needed. It also manages document expiry and version control, and by default checks the home server every time a document is requested. Full replication like that performed by other softwares presumes that each document needs to be fully replicated on every server(imagine doing that on the Web!). This model limits the scalability of the infrastructure, and requires many more servers, more hardware, and more management complexity. More importantly, it increases the likelihood of getting stale data. A document checked in at one location may take a day or more to be fully replicated around the world. Q: Can I use Oracle iplanet Proxy Server in my IPX environment? A: Third-party software, such as Cisco's Internet Junction, is available to enable Novell clients to access Oracle iplanet Proxy Server. Q: Why do I need multiple enterprise servers if I can proxy them? A: Oracle iplanet Proxy Servers typically represent a specific set of clients to all the Web servers from which they retrieve information. As proxy servers are widely used, this helps reduce the load on a particular Web server, but it does not substitute for proper capacity planning. Oracle

iplanet Proxy Server can also perform reverse proxying, which allows it to represent a Web server to all clients. This can help users manage encrypted traffic through a firewall, and provide an additional barrier for a Web server or database that must be protected behind a firewall. It is also a great way to scale performance if multiple reverse proxies are deployed with DNS round robin for load balancing.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information