At 10.46 AM on 11/12/98, Evan Trent wrote:
- Just go take a look at Vicom... they have Internet Gateway,
SoftRouter, and a host of other products you can use for this sort of
thing.
For more server-centric configurations, you should also check out
IPNetRouter from Sustainable Softworks:
<http://www.sustworks.com/>
In my experience, their software is much more frequently updated
with new features and power-user (read: server-oriented) options. On
the other hand, Vicom's stuff is more point-and-shoot for simple
client-oriented networks.
IPNetRouter is $89, Vicom Internet Gateway is $215 - $730, depending
on the "number of users."
- The term proxy server here is somewhat incorrect. I'm not
sure why this term has been adopted by all these different scenarios,
but in this case you're looking for a gateway, not a server
upgrade or modification of your server's functionality. You're looking
to perform a function entirely independent of your web/information
server. You're simply zoning your LAN and WAN separately.
There are four kinds of widgets that people might call proxies. Note
that the term "widget" below may be either software, hardware, or a
combination.
- A router is a widget that sends packets back and forth
between multiple network segments (i..e., between ethernet, ADSL, and
LocalTalk networks all coming in to the same machine, but possibly on
different ports or cards). The widget may choose to filter out some
packets and not route them.
Important characteristic: multiple networks attached.
- A gateway is widget that translates data from one protocol
(like TCP/IP) to another protocol (like AppleTalk) as it flies past.
The widget may also choose to not translate some packets, and filter
them out.
Important characteristic: protocol translation.
- A proxy is a widget that receives requests with its left
hand (usually from one network), and then launches similar requests
with its right hand (usually on a different network). As the results
arrive back at the right hand, they are copied over to the
still-waiting left hand and returned to the original client. (It acts
as a server with its left hand, and as a client with its right hand.)
The widget may filter out certain requests or certain responses and not
copy them from hand to hand.
Important characteristic: acts as both client and server.
When a proxy operates at the packet level it is a transparent proxy,
and the clients usually don't know that there's a proxy involved.
- A cache is a widget that receives requests and either
responds directly from it's own store of information, or forwards the
requests "upstream" to another server. When data comes back from the
upstream server, this widget keeps a copy of the data for itself, and
also returns the data to the original client.
Important characteristic: data stored locally.
Vicom's SurfDoubler and Internet Gateway (VIG) are a
combination: they acts as a router for connecting different networks
and as a a gateway, since it can convert TCP/IP to PPP. In some ways,
it is also a transparent proxy, since it lets many clients share the
same Internet IP address. It filters some requests based on a
naughty-site list; it does not filter the responses it gets back from
the Web.
IPNetRouter is also a combination: it is a router for
connecting multiple networks, and a transparent proxy (virtual IP
addresses), but it is not a gateway to PPP. It relies on Apple's PPP
stack rather than providing its own protocol translation. It does not
filter Web pages.
WebSTAR 3.0's "Proxy Plug-in" is a proxy (it forwards HTTP
requests to other Web servers and returns the results to you), and a
cache, since it also keeps copies of some of the files. It's a caching
proxy {server}.
Maxum's new WebDoubler is also a caching proxy that can also
act as a router, creating a network of virtual IP addresses for all
your Web browsing clients. It filters both the requests being made (ie,
naughty-site list) and the Web pages that are returned (based on actual
Web content.)
A "firewall" is a fancy name for a security-oriented router
anr/or proxy widget with heavy logging and filtering. Open Door
Networks' DoorStop is a firewall.
So, if you want to connect an ADSL line (which usually has an
ethernet connection) to your Web server and also be able to use other
machines in your location as Web clients, you need either of the Vicom
products or Sustainable Softworks' IPNetRouter.
You will also need a second ethernet card for your server: ADSL
comes in on Ethernet #1, packets get wrangled appropriately by
IPNetRouter or VIG. Some packets (inbound web server requests) get
delivered to WebSTAR, and some get routed onto Ethernet #2, where you
have one or more additional computers with either real or virtual IP
addresses.
There's no need to get WebSTAR 3 or WebDoubler for this, unless you
have several people who will be browsing at once, and you want the
acceleration of a caching proxy. (And if you do have mulitple surfers,
WebDoubler will be significantly faster than WebSTAR as a proxy server
for architectural reasons: see
<http://www.maxum.com/webdoubler/faq/performance.html>
for the performance architecture details.)
For my money, I'd go with IPNetRouter for an ISDN or ADSL
connection, and with Vicom SurfDoubler for an analog modem connection.
Just personal preferences.
-Mark
PS. At our office, we surf through Maxum's WebDoubler for the extra
speed.
-
- BECAUSE SPEED MATTERS. ClearWay NITRO accelerates WebSTAR up to
200%. Download a free demo right now and see! <http://www.clearway.com/NITRO/>
-
