Space


Preinstallation Requirements

Hardware Requirements
Software Requirements
Before You Install
Server Security Checklist
Connecting the Server to the Internet

Before installing Microsoft Proxy Server, please review this entire chapter. It contains important information about installation requirements.


To TopHardware Requirements

Microsoft Proxy Server has the same hardware requirements as Microsoft Windows NT Server version 4.0. For more information, see the documentation for Windows NT Server version 4.0.


To TopSoftware Requirements

The following must already be installed on the server computer before Microsoft Proxy Server can be installed:

The server computer can be configured as a stand-alone server, a primary domain controller (PDC), or a backup domain controller (BDC). However, for the highest security level and best performance it is recommended that you install Microsoft Proxy Server on a computer configured as a stand-alone server. For more information about member servers, PDCs, and BDCs, see your documentation for Windows NT.

For best cache performance, it is strongly recommended that at least one disk drive on the server computer be configured as an Windows NT File System (NTFS) volume.


To TopBefore You Install

Verifying Your Software Configuration
Verifying Your Hardware Configuration

To TopVerifying Your Software Configuration

Before you install Microsoft Proxy Server, complete the following tasks:

To TopVerifying Your Hardware Configuration

Setting Up the Disk Drives
Setting Up the Network Adapters
Setting Up a Modem or ISDN Adapter

To TopSetting Up the Disk Drives

Microsoft Proxy Server can be installed on computers that have their hard disks configured as file allocation table (FAT) or NTFS volumes. However, for security and performance, it is recommended that at least one of the server’s hard disks be configured as an NTFS volume.

Features that NTFS volumes provide (and FAT volumes do not) include:

The Web Proxy service of Microsoft Proxy Server stores cached Internet objects on one or more of the server’s drives. The particular drives used for this purpose are selected during installation. For best cache performance, it is strongly recommended that all the drives having space allocated to the cache be configured as NTFS drives.

If your current server disk volume is formatted to use FAT partitions, before or after installing Microsoft Proxy Server you can convert these partitions to NTFS using the Convert program included with Windows NT Server. Convert does not overwrite data on the disk. For more information about using this program to convert FAT volumes to NTFS volumes, see your documentation for Windows NT Server or type convert /? at the command line in the Command Prompt window.

To TopSetting Up the Network Adapters

Before you install Microsoft Proxy Server, verify that network adapter cards are installed and configured properly. To create a secure configuration, the Microsoft Proxy Server computer must have at least one network adapter connected to the private network, plus one network adapter, modem, or integrated services digital network (ISDN) adapter to connect to the Internet.

You should install the network adapter cards in your server computer before installing Microsoft Proxy Server. For more information on installing network adapter cards, refer to documentation provided with your adapter cards. Once the adapter cards are installed, you can configure each card by using the Network application in Control Panel.

To configure additional network adapter cards

  1. Open Control Panel.
  2. Double-click the Network application, then click Adapters to display that property sheet.
  3. Add the additional network adapter card by clicking the Add button in the Adapters property sheet.

To configure TCP/IP settings for internal and external network adapter cards

  1. Set TCP/IP protocol bindings for the external network adapter card.

    Set the binding to TCP/IP, so that it can communicate over the Internet. When binding this network card to TCP/IP, you are prompted for the card’s Internet Protocol address. This address is usually supplied by your Internet Service Provider (ISP).

    If the external network adapter card will be used to connect to the Internet, it must be bound only to the TCP/IP protocol. In particular, do not bind IPX/SPX or NetBEUI to the externally connected cards.

  2. Set protocol bindings for the internal network adapter card.

    If the server will be running the Web Proxy service, the network adapter card connected to the private network must be bound to TCP/IP. If the server will be running the WinSock Proxy service, the network adapter card connected to the private network can be bound to TCP/IP, IPX/SPX, or both.

    Note   You can choose to implement Microsoft Proxy Server on a server that has only one network adapter card. This configuration can be used primarily for providing limited proxy service in the following ways:

    • Caching service for internal Web Proxy clients.
    • An IP application-level gateway to support internal IPX clients that use WinSock Proxy service.

    For more information, see “Server Administration.”

  3. Use one IP default gateway.

    A Microsoft Proxy Server computer should have only one IP default gateway. The IP address of the default gateway should be configured on the external network adapter card only.

  4. Disable dynamic host configuration protocol (DHCP) for the adapter cards.

    Use static IP addresses on the adapter cards. DHCP will attempt to reset the IP default gateway you selected for Microsoft Proxy Server.

To TopSetting Up a Modem or ISDN Adapter

RAS and Microsoft Proxy Server
Setting Up a Modem
Setting Up an ISDN Adapter
Setting Up RAS

To TopRAS and Microsoft Proxy Server

With Microsoft Proxy Server you can use the Windows NT Remote Access Service (RAS) dial-out client to connect to an Internet service provider (ISP). RAS dial-out requires the use of at least one of the following on the Server computer:

When selecting any hardware for use with a dial-up network connection, check the Windows NT Hardware Compatibility List to confirm that the modem or adapter you are purchasing is supported. Microsoft has tested these modems and ISDN adapters for use with RAS.

Also, try to select a modem or ISDN adapter that is the same or very close to the one that is used by the ISP you are using. This helps ensure optimal performance and the highest possible connection rates.

For information about selecting and installing a modem or ISDN adapter, see your documentation for Windows NT Server 4.0 or documentation provided with your modem or ISDN adapter.

To TopSetting Up a Modem

To set up a modem on the server computer

  1. Install the modem and start the server computer.
  2. In Control Panel, double-click the Modems application icon.
  3. Follow the on-screen instructions for installing a new modem.

For information about installing a modem, see your documentation for Windows NT Server 4.0 and the documentation provided with your modem.

To TopSetting Up an ISDN Adapter

Integrated Services Digital Network (ISDN) offers a much faster communication speed than ordinary telephone service which uses analog equipment. ISDN can operate at speeds of 64 or 128 Kb per second.

Unlike most available modems, not all ISDN hardware uses the same signaling technology. This can introduce connection problems between your ISDN provider (local telephone company) and your hardware adapter. In some cases, the adapter may not work at all with service in your area. For this reason it is important to consult with both telephone and Internet service providers you will working with in your local area before making final selection on ISDN adapters. As with modems, obtaining an adapter that is support by Microsoft and listed on the Hardware Compatibility List is also highly recommended.

To install an ISDN adapter

  1. Install an ISDN card and start the server computer.
  2. In Control Panel, double-click the Network application icon, click the Adapters tab, and click Add.
  3. Follow the on-screen instructions to select or install a device driver for the ISDN adapter.

You must restart the computer after you have installed the ISDN drivers. Otherwise, not all of the available ISDN ports may be listed on screen when you configure Remote Access for ISDN.

To TopSetting Up RAS

RAS can be installed during initial Windows NT Server installation or afterward. To install and configure RAS after Windows NT is installed, use the Network application in Control Panel. You will need to logged on as member of the Administrators group. Also, because you are connecting to an ISP, you need to have the TCP/IP Protocol installed before installing RAS.

To install the RAS client with Microsoft Proxy Server

  1. In Control Panel, click on Network, click the Services tab, and click Add.

  2. From the Network Service box, select Remote Access Service, and then click OK.

  3. Follow the on-screen instructions to complete the installation of Remote Access Service.

    Select Dial out only for port usage to configure RAS for dialout-only connection to an ISP. Port usage can be set by clicking Configure in the Remote Access Service Setup dialog box.

    Network protocol settings should include TCP/IP only (the IPX/SPX and NetBEUI check boxes should be cleared). Network protocols can be set by clicking Network in the Remote Access Service Setup dialog box.

For more information on setting up RAS, see your documentation for Windows NT Server 4.0. For information on setting dial out options, see “Server Administration.”


To TopServer Security Checklist

Connecting computers to the Internet provides for some very powerful and useful scenarios. It becomes possible to communicate with millions of people and computers worldwide by using the TCP/IP protocols. This broad flexibility imposes a degree of risk: Not only can you communicate with people and systems using the protocols that you choose, it is also possible for users to attempt to initiate communication with your systems.

Review the following list to learn how to reduce security risks.


To TopConnecting the Server to the Internet

Assessing Bandwidth Requirements
Selecting Connection Hardware
Selecting an ISP
Analyzing Connection Costs

To TopAssessing Bandwidth Requirements

Before establishing a connection for your server to the Internet, estimate the amount of connected use that is expected to occur. First, determine the number of users requiring Internet access. Other factors to consider include determining what applications and services will be used for this connection, and setting reasonable limits for data transfer between remote sources on the Internet and computers on your private network. If real-time application processing is required, this could also enter into your decision-making process.

Internet access is generally scaled to fit a wide range of service needs by using one of several access methods. Service is usually packaged to offer either dial-up analog access with a modem, the use of Integrated Digital Services Network (ISDN) technology, or T1 line services for large-scale network access. This section describes each of these methods separately.

To TopSelecting Connection Hardware

You can connect your server to the Internet with any of several hardware options. This section will focus on several hardware options for direct connection from your Microsoft Proxy Server gateway to the Internet, or in some cases, installing Microsoft Proxy Server behind a router on your network.

To TopSelecting an ISP

Because the Internet consists of many networks and organizations linked together, service access points are not centrally administered. The Internet backbone networks are operated by large telecommunications companies who sell access to their high-speed network of computers to smaller companies. These companies may in turn sell or further parcel out service to other smaller companies who deliver service to individual consumers.

Any company that connects an organization to the worldwide Internet for a fee is termed an Internet Service Provider (ISP). This model is in flux and even the largest Internet providers are providing service to homes, while some smaller ISPs offer ISDN and even T1 service. Listings of ISPs can be found everywhere from Internet-related magazines to your local newspaper.

In most cases, selecting an ISP requires answering questions related to your own specific needs. The most basic concerns that all Internet users must consider are the type of service connection and bandwidth you will require (such as dial-up, ISDN, or T1) and how your service usage will be billed. In most cases, ISPs can offer a single flat rate for unlimited usage, or as an alternative, charge an hourly rate for a limited number of hours of Internet access time each month.

Another issue to consider when choosing an ISP is whether you will require assistance in setting up a registered DNS domain name or IP address for your private organization or company. Some ISPs provide this service for an additional fee.

Note   This is a distinction between commercial online services, such as CompuServe and America Online, which do provide Internet access by use of proprietary dial-up software, and an ISP, which provides a direct network connection to the Internet. You cannot connect your Internet gateway to a commercial online service.

To TopAnalyzing Connection Costs

Two factors that can affect the cost of your Internet connection are bandwidth and the persistence of connection.

To select appropriate bandwidth connections for your network, you will want to examine peak level demands created by all of your network users using Internet access. In most cases, users who browse graphics-intensive sites will consume most of the available bandwidth. With the object caching capabilities and domain filtering features available with Microsoft Proxy Server, you may be able to reduce your actual bandwidth requirements by caching frequently accessed sites locally, or by restricting access to some graphic intensive sites. For more information about caching, see “Configuring the Web Proxy Service,” and Appendix D, “Architecture.”

Also, ISPs provide access in some cases that is available at an hourly rate or on a 24-hour, 7-days per week basis. Consider whether your users need full-time or part-time access to the Internet and compare pricing for alternative service plans. 


© 1996 by Microsoft Corporation. All rights reserved.