What’s a reverse proxy?
A reverse proxy is a network protection tool. It sits in the DMX, between a company’s local network (internal) and the internet.
It can:
- Limit the number of IP addresses exposed to the Internet
- Authenticate external users with usernames and passwords
- Redirect authenticated users to the internal environment(s) that they are permitted to use
- Improve application performance by using algorithms to forward requests to several backup servers — which is why they’re sometimes called “server accelerators”
In short, with a reverse proxy, the servers responding to external client requests aren’t exposed on the web.
Example: Clients visiting www.CompanyX.com will only see one IP address when completing online transactions even though their requests are being redirected to various company servers based on the transaction type or traffic volumes.
As the name suggests, it’s the opposite of a forward proxy, which hides the internal user’s identity behind a single IP address when they browse the internet.
Example: A CompanyX employee shops for shoes on a vendor site. The vendor’s servers know that the request is coming from CompanyX (which has just one IP address), but they don’t know exactly who is shopping for shoes.
What are the benefits for your infrastructure?
- Improved security
With fewer servers exposed to the Internet, your external attack vulnerability decreases. By acting as a barrier, a reverse proxy provides an added layer of security for your environments and between them. It’s what is called security through obscurity. A hacker would need to break past the proxy’s security before they could get to your applications. This gives you more time to detect and stop the attack.
- Better load balancing
A reverse proxy enables more effective redirection of external requests to internal applications. It optimizes load balancing between servers based on transaction type or server availability. This helps prevent your environments from crashing during peak periods (like Black Friday for retailers).
- Lower costs
A reverse proxy also allows companies to reduce their number of IP addresses. Even though the monthly cost per IP address is low, it’s nonetheless a recurring expense.
Infrastructure overhaul projects, like migrating some of all of your environments to the Cloud, provide an opportunity to review your firewall best practices. A reverse proxy is definitely a solution to that you’ll want to include. If you’d like to discuss reverse proxies, feel free to reach out to our team.