NOTE: at work I installed a web proxy to separate internal user traffic from external traffic hitting our production servers. While I’m not part of the network team, they asked me to do this because of my prior experience and interest in such things. The idea of this was to be a temporary fix until they get a new line installed providing greater bandwidth, but my argument is for the continuation of this segmentation even after the new line is installed. Below is a slightly sanitized version of my arguments for this. Note that my thoughts and comments are driven by years of running networks, thus it is something I care about and have spent years thinking about, so it is wordy. I’d be very happy to discuss this, or other solutions, via the comments below because I never want to stop learning.
I’d like to share my thoughts in as to why I think the network is better served with keeping internal traffic and public traffic separate. Regardless of if you use the existing web proxy server, or another one with different network topology, I care less about the tool, and more about making the network and user experience better for both internal and external users
Home