A Transparent proxy server is also known as a forced proxy, intercepting proxy, and inline proxy. It is designed to intercept communication at network level without any special client browser configuration. Transparent proxies are located between the client browser and the web, and the proxy performs certain functions that are pretty similar to what a router (the gateway) does.
Transparent proxy can also be defined as a proxy server that modifies requests or responses pertaining to media type transformation, group annotation, anonymity filtering, and protocol reduction.
Purpose of Transparent Proxy Servers
Intercepting or transparent proxies are usually used by businesses that need to enforce usage policies as well as ease administrative overhead expenses. However, automatic proxy detection, DHCP and other features easily detect the real IP address of transparent proxy users. Transparent proxies are also used by Internet Service Providers in certain countries for saving upstream bandwidth time and for improving response time by caching pages.
Common Issues with Transparent Proxy Servers
- Interception of TCP (Transmission Control Protocol) may create one or more issues. A number of cross site attacks actually depend on the behavior of transparent proxies that do not have information about the intercepted destinations. Integrated application-level and packet-level software programs and appliances are used for communicating the information between the proxy and the packet handler.
- Interception of TCP also creates issues with HTTP authentication, such as NTLM (a connection oriented authentication) as the client browser understands that it’s communicating with a server, and not a proxy. For this reason, whenever a user tries to connect to a website through a proxy server, both the transparent proxy and the website itself require authentication.
- Transparent proxy connections can also create problems for caches (HTTP), as certain responses and requests are rendered unreachable by a shared cache.
Transparent Proxy Implementation Method
Transparent proxy servers can easily be implemented using a variety of methods. For example, WinGate and Microsoft TMG. This is possible because the proxy is hosted on the same host as the firewall or the router.
How Does Transparent Proxy Deployment Work?
During transparent proxy server deployment, the client software of the user has no idea that it is actually communicating with a proxy. Users can request information without any special configuration of their web browser; the proxy simply sends their content request out on their behalf. In a transparent proxy deployment, all traffic from a client browser passes through the proxy server, including traffic tunneled to HTTP or HTTPS via remote desktop software applications, IM (instant messaging) clients, Windows software updates, anti-virus applications, and various custom applications.