A Web proxy receives requests from a client and then presents the request to the server on the client's behalf. A VPN (virtual private network) protects network traffic as it crosses the Internet. These are two very different technologies, but they do have some applications in common.
A private network, or LAN, relies on physical access for a great part of its security. Intruders have less ability to tap the cable of the network and intercept data traveling around the network if access to the building is monitored, and there are few hidden locations where a stranger can set up wire-tapping equipment. When the data from a network has to travel out of the building, physical security is no longer possible, and so procedural and software methods have to compensate for this insecure environment. The VPN uses encryption to give data packets the same level of security available on the LAN. Proxy servers can encrypt data but cannot offer stronger security than is already available by using LAN-based encryption systems.
A Web proxy receives all traffic from a network or individual computer, no matter what addresses those requests carry. A computer protected by a proxy server cannot contact any other computer. Instead, it delivers the required address to the proxy. The proxy contacts that address on a separate connection, and receives the response containing the required resource. That resource is usually a Web page. The proxy then delivers the resource to the client, trapping any malicious software the Web server might try to download on client computers. The client and the server are never in direct contact. VPNs are implemented by software resident on two sides of an Internet connection. They maintain a pipeline down which many different messages can travel. All data passing over this connection is fully encrypted. Thus security is ensured through a direct connection.
Proxy servers offer encryption as an optional extra. VPNs can only be formed with encryption. The proxy server encrypts the data in a packet, the VPN encrypts the entire packet, including the header, which contains information needed for routing. The encrypted data packet cannot reach its destination because the address of the destination is rendered unreadable by routers. Therefore, the VPN "encapsulates" that packet in its entirety in the data body of another packet. The carrying packet has an unencrypted header that routes the packet to its destination. The receiving VPN software strips off the encapsulating packet, decrypts the original packet, and forwards it to its destination.
A VPN and a Web proxy both protect the address information of a client computer or network -- but they use very different methods to achieve this. The VPN requires encryption to perform its service, but the proxy server offers anonymity by breaking direct contact between the client and server.
- Photo Credit Thinkstock Images/Comstock/Getty Images
eCommerce Website Security Analysis
E-commerce is when goods or services are purchased using the Internet. As e-commerce grows with many online retailers and stores, hackers and...
Hardware Vs. Software VPN
A type of network commonly used by businesses and organizations is known as a virtual private network, or VPN. This kind of...
How to Set Up a Proxy Server for VPN
A VPN (virtual private network) is a Web service that hides your IP address behind its own servers to give you anonymity...
The Differences Between VPN and Proxy
VPN stands for Virtual Private Network. It is a method of channeling a connection over a public medium, like the Internet, while...