Web proxies are servers in the network which proxy the traffic towards the web server by terminating the TCP session towards the client and establishing a TCP session towards the web server. The data retrieved on the session towards the web server is forwarded to the client.
Figure 5.159. The TCP sessions towards a web proxy
.--------. .----------. .------------. | client | <------> | web proxy | <------> | web server | '--------' '----------' '------------' TCP session from TCP session from client to web proxy web proxy to server on TCP port 8080 on TCP port 80
Web proxies can also have a caching functionality, where static objects requested by a remote web server are stored on the web proxy and served to the client if the web proxy knows that the object is still valid. This will save traffic on the link between the web proxy and the web server, but the latency is often still there.
For the Steelhead appliance, the issue is that the web proxy is serving both plain-text and encrypted traffic on TCP port 8080 which makes an optimal optimization on that TCP port impossible.
The details of which web proxy server to use are configured on the client's web browser and there are two approaches:
Manual configuration in the clients web browsers settings, where different proxies can be configured for HTTP, HTTPS and FTP protocols.
Automatic configuration of the clients web browsers settings by the use of a Proxy Auto-Configuration file, a JavaScript file which parses the URL about to be retrieved and returns the proxy to be used.
By selecting different TCP port numbers for different kinds of traffic, for example TCP port 8080 for HTTP traffic and TCP port 8443 for HTTPS traffic, it will be possible for the Steelhead appliances to only optimize the plain-text HTTP traffic on TCP port 8080 and pass-through the encrypted HTTPS traffic on TCP port 8443.