Proxy servers work in the middle of the traffic scene. You may have been exposed to the forwarding side of proxies; for example, your browser at work may have been pointed to a proxy server to enable access to an outside resource such as a website. There are multiple reasons to implement such a solution. Protection of the internal client systems is one benefit. Acting as an intermediary between the internal network client systems and outside untrusted entities, the proxy is the only point of exposure to the outside world. It prevents the client system from communicating directly with an outside source, thereby reducing exposure and risk. Additionally, as the middleman the proxy has the capability of protecting users (client systems) from themselves. In other words, proxies can filter traffic by content. This means proxies operate at the application layer (layer 7).

A substantial leg up on lower-level firewalls, proxies can filter outgoing traffic requests and verify legitimate traffic at a detailed level. Thus, if users try to browse to, say, hackme .com, they’ll be denied the request completely if the filters are applied to prevent it. Proxies also speed up browsing by caching frequently visited sites and resources. Cached sites can be served to local clients at a speed much faster than downloading the actual web resource.