Proxy vs Reverse-Proxy

itrorev · December 2007

Greetings folks,

I don't believe that reverse-proxy is even on the Net+, but I'm still curious nonetheless. From what I've gathered on wikipedia, a reverse-proxy server seems identical to a regular proxy server; both act as a middle-man between the network and the outside world, both request services on behalf of an external client.

So, can someone explain the (supposedly) big difference between these two?

blargoe · January 2008

I could explain it best by giving "corporate" examples of each.

Proxy
A company has an HTTP proxy server on their network, and this is the only computer that is allowed to access hosts on the Internet via port 80. All hosts inside the network are then required to connect to this proxy server if they want to peruse HTTP content on the Internet.

Reverse Proxy
A company hosts an HTTP web server on their network. Rather than allowing access to make a TCP connection directly to port 80 from the Internet, there is a host in the DMZ to which all internet hosts connect, that forwards those requests to the web server. The firewall allows inbound port 80 from this reverse proxy server and denies everything else from the outside.

CoryS · January 2008

I have a question to broaden the OPs..

What would be the benefit of using a reverse proxy if you had port forwarding on your firewall for port 80 to your webserver? Would traffic monitoring become more parseable (if thats a word) if you used something like ISA 2006?

blargoe · January 2008

I can't speak to the ISA question, but one difference between using the reverse proxy and forwarding ports is where the TCP connection is made. In the web server example above, in a port forwarding scenario, the clients on the Internet are still making a tcp connection to port 80 on the actual server.

Proxy vs Reverse-Proxy

Comments