Skip to Content
United States
Worldwide
Sun Java System Web Proxy Server
|
General QuestionsQ: What is Java System Web Proxy Server (formerly Sun ONE Web Proxy Server)?
A:
Java System Web Proxy Server is high-performance server software for caching and filtering Web content for e-commerce solutions, enterprise customers or Internet Service Providers (ISPs). It provides caching on-demand by intelligently caching frequently accessed documents and caching on-command for batch updates of the cache. This replication model conserves network bandwidth and reduces response times for clients. Java System Web Proxy Server also enables network administrators to maintain fine-grain control over the use of network resources by blocking access to specific sites by user or by document. It also solves the problems of network congestion and slow response time, and provides control over network resources without burdening end users or network administrators.
Q: Who needs Java System Web Proxy Server?
A:
Network administrators and MIS organizations that support many Web clients for companies or ISPs can deploy Java System Web Proxy Server to provide network services that are faster, more reliable, more efficient, and more secure. In addition, Java System Web Proxy Server helps enhance network performance and security by caching and filtering Web content.
Q: What is caching on-command?
A:
Caching on-command enables an administrator to schedule batch updates to the cache. This includes:
Q: Does Java System Web Proxy Server support Cache Array Routing Protocol?
A:
Yes. Cache Array Routing Protocol (CARP) is a proposed standard for distributed caching. It provides a mechanism for routing content requests among an array of proxy servers in a deterministic fashion. CARP enables load balancing, fault-tolerance, more efficient caching, and easier management for multiple proxy servers.
Q: Does Java System Web Proxy Server support Internet Cache Protocol?
A:
Yes. Internet Cache Protocol (ICP) is an Informational RFC for dynamic proxy routing. It enables Java System Web Proxy Server to send queries to neighbor caches to determine whether they already have a document. ICP provides a mechanism for automatic content discovery.
Q: Does Java System Web Proxy Server support access control?
A:
Yes. Java System Web Proxy Server lets network administrators use a user name and password, IP address, host name, or domain name to grant or limit access to network resources, including specific sites and documents. It also maintains access control as configured by the requested document's home server.
Q: Can Java System Web Proxy Server filter access to undesirable content?
A:
Yes. Java System Web Proxy Server allows administrators to ban access to particular sites using a list of URLs or wildcard patterns. For example, an administrator could use http://*.sun.com/* to prevent all access to the Sun site. Java System Web Proxy Server can also use any list of prohibited sites in a standard, return-delimited format. Several vendors supply frequently updated lists in this format.
In addition, Java System Web Proxy Server provides filtering based on content type, such as specific Multipurpose Internet Mail Extensions (MIME) types, and based on content, such as HTML tag
Q: How does Java System Web Proxy Server enhance security?
A:
Java System Web Proxy Server enhances security in the following ways:
Q: Does Java System Web Proxy Server provide a circuit-level gateway for generic protocol support?
A:
Java System Web Proxy Server includes an implementation of SOCKS version 5 for authenticated firewall traversal. SOCKSv5 is an open standard for facilitating traffic through the firewall at the circuit level. It provides generic protocol support, including support for streaming media.
Q: Is Java System Web Proxy Server extensible?
A:
Yes. Java System Web Proxy Server supports the Server Plug-in API. It supports all of the server application functions used by other Sun Java System (formerly Sun ONE) servers, as well as three proxy-specific functions: Connect, Stream, and DNS. The Server Plug-in API implementation in Java System Web Proxy Server gives administrators complete control over access, filtering, caching, and logging.
Q: Which version of Simple Network Management Protocol does Java System Web Proxy Server support?
A:
Java System Web Proxy Server supports SNMP versions 1 and 2.
Q: Does Java System Web Proxy Server support Lightweight Directory Access Protocol (LDAP) for centralized management?
A:
Java System Web Proxy Server includes support for LDAP for centrally managing user name and password information. LDAP simplifies the administration of a distributed proxy network.
Q: Does Java System Web Proxy Server have built-in log analysis tools? What kind of logging does it do?
A:
Java System Web Proxy Server automatically logs all requests using either the common log-file format or an extended log-file format. The extended log-file format includes the referrer field and user agent. You can also create your own log file format by selecting which HTTP fields you would like to log. A built-in log analysis program includes reports such as total number of requests, total bytes transfered, most commmon URLs requested, most common IP addresses making requests, performance during peak periods, cache hit rates, and estimated response time reduction. The items logged and the analysis program are completely configurable using the server manager's HTML form.
Q: Which protocols does Java System Web Proxy Server support?
A:
Java System Web Proxy Server supports HTTP, FTP, and Gopher for caching. It also supports SSL for the transmission of encrypted traffic, and SOCKS, which is a generic way of tunneling protocols (such as telnet) that are not proxied.
Q: What is secure reverse proxying?
A:
Reverse proxying is used to protect a Web server or database behind a firewall. A client connects to a proxy server (with an SSL session if necessary). The proxy server initiates a second connection from it to the Web server, from which it can retrieve data. All of this is transparent to the end user. Corporate data can remain behind the firewall and yet be accessible to the public as necessary. To provide additional security, the proxy server can be configured to speak only to the Web server's IP address and vice versa, and the firewall can be configured to allow HTTP traffic only between those two IP addresses.
Q: Can I use Java System Web Proxy Server to protect my network from viruses and other dangerous programs?
A:
Yes. Java System Web Proxy Server helps system administrators implement their own security policies by stopping transmission of MIME types, Java and JavaScript, and ActiveX components.
Q: When do I use Cache Array Routing Protocol (CARP) instead of Internet Cache Protocol (ICP)?
A:
CARP is appropriate for a group of proxy servers that are serving the same audience of downstream clients or proxies, and that are all under common administrative control. ICP is appropriate for proxies that are not under common administrative control and that may be serving different clients.
Q: What are the advantages of SOCKS version 5 over other circuit-level gateways?
A:
SOCKSv5 provides generic protocol support for a variety of client platforms.
Q: How many clients can one Java System Web Proxy Server support?
A:
Java System Web Proxy Server can support a large number of clients. The actual number depends on your hardware configuration and how the network is being used.
Q: How would an Internet Service Provider deploy Java System Web Proxy Server?
A:
Ideally, an Internet Service Provider (ISP) would deploy one Java System Web Proxy Server at each point of presence (POP) and cluster them at the Internet gateway to provide faster, more reliable service and reduce network congestion between the POP and the central Internet gateway. Some ISPs have started by deploying Java System Web Proxy Server just at their gateway to the Internet, which reduces traffic on their link to the Internet, but not on their own network from the POP to the Internet gateway.
Q: How would a corporation deploy Java System Web Proxy Server?
A:
A corporation should deploy Java System Web Proxy Server at the following key places:
Q: Will Java System Web Proxy Server work with my firewall?
A:
Yes. Java System Web Proxy Server deployed at the Internet gateway caches Internet content to limit network congestion and reduce response kinks. It also works with major firewalls to provide a network control point for filtering content, complete logging, and analysis facilities. Java System Web Proxy Server supports encrypted communications using SSL-based protocols (such as HTTPS and SNEWS) and incorporates a SOCKS daemon for nonproxied protocols, such as telnet.
Q: Isn't using Java System Web Proxy Server a hassle for my end users?
A:
No. The Netscape Navigator component of Netscape Communicator supports an Automatic Proxy Configuration (APC) feature, which makes using a proxy network seamless and transparent to end users. Using APC, a system administrator can write a single JavaScript telling each client on the network how and when to use the available Java System Web Proxy Servers, and can publish the script to a specified URL. Changing proxy configuration requires the administrator to edit this script only once. Navigator will check the specified URL every time it is initialized.
Q: Can I build a network of Java System Web Proxy Servers to maximize the performance and efficiency of my network infrastructure?
A:
Yes. Java System Web Proxy Server supports hierarchical caching and lets users create intelligent proxy networks using Automatic Proxy Configuration (APC), proxy routing, CARP, and ICP. Hierarchical caching lets one proxy (on the engineering subnetwork, for example) retrieve a requested document from another Java System Web Proxy Server at the Internet gateway. APC (for client-to-proxy requests) and proxy scripting (for proxy-to-proxy requests) let the requesting entity use a different Java System Web Proxy Server or request the document directly based on host name, domain name, or IP address of the requestor; URL pattern matching; or the availability of the network or other Java System Web Proxy Servers. These capabilities increase cache hit rates and performance, reduce network traffic, and allow the Web infrastructure to "route" around network or system failure.
Q: Why doesn't Java System Web Proxy Server support full replication?
A:
Sun believes caching on-demand is a much more appropriate model for either the World Wide Web or an intranet. Common indexes should be distributed, but data can (and should) be stored wherever is most appropriate on the network. If Proxy Servers are deployed, there will be a 50 percent to 75 percent chance that the document will be cached locally and no chance of getting stale data.
Java System Web Proxy Server uses sophisticated statistical analysis to store the documents most likely to be needed. It also manages document expiry and version control, and by default checks the home server every time a document is requested. Full replication like that performed by other softwares presumes that each document needs to be fully replicated on every server(imagine doing that on the Web!). This model limits the scalability of the infrastructure, and requires many more servers, more hardware, and more management complexity. More importantly, it increases the likelihood of getting stale data. A document checked in at one location may take a day or more to be fully replicated around the world.
Q: Can I use Java System Web Proxy Server in my IPX environment?
A:
Third-party software, such as Cisco's Internet Junction, is available to enable Novell clients to access Java System Web Proxy Server.
Q: Why do I need multiple enterprise servers if I can proxy them?
A:
Java System Web Proxy servers typically represent a specific set of clients to all the Web servers from which they retrieve information. As proxy servers are widely used, this helps reduce the load on a particular Web server, but it does not substitute for proper capacity planning. Java System Web Proxy Server can also perform reverse proxying, which allows it to represent a Web server to all clients. This can help users manage encrypted traffic through a firewall, and provide an additional barrier for a Web server or database that must be protected behind a firewall. It is also a great way to scale performance if multiple reverse proxies are deployed with DNS round robin for load balancing.
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
