Proxy Firewall

Proxy Firewall
INTRODUCTION
1
Proxy Firewall
1.1 PROJECT DESCRIPTION
The Proxy Firewall is developed, keeping the idea of extensive use of Internet by
institutions and companies in mind. It helps more than one person to use the Internet at
same time from different computers in a network through just one simple connection with
existing service provider.
Proxy Firewall speaks the client side of a protocol to another server. This is often
required when clients have certain restrictions on which server they can connect to. Thus
a client would connect to Proxy Firewall, which does not have such restrictions, and the
Proxy Firewall will in turn communicate for the client.
The project has 4 modules and they are loaded in the server system of the network
within an Internet connection. There are a number of client systems connected to the
server. These clients can use Internet simultaneously.
The four modules are:

 Administration
 Downloading
 Caching
 Security
1. Administration:
An Administration module is responsible for the working of the Proxy Firewall.

It involves
 Client Administration
 Security checking
 Maintaining the restricted sites & clients
 Cache clearing
2
Proxy Firewall
2. Downloading
Downloading includes the downloading of a particular site that the user requests.
The site is downloaded using the Internet Explorer of client by establishing the
connection with the remote server. It involves:
 Validating the client
 Checking security
 Checking client security
3. Caching
Caching means storing the sites downloaded for further request. If the clients
request the same file frequently, it will be given from the cache by avoiding connection
with the remote server each time. This will increase the efficiency of the entire system.
It involves:
 Checking file in cache
 Storing in cache
1. Security
Proxy Firewall provides security by screening the unwanted sites. When a request
for a particular site is given, it will first check for security provided by administrator. If
that site is restricted, it will not service the request. In addition to security checking Proxy
Firewall produces the validation of clients. Before servicing the request given by the
client the server will check whether the request is from a valid client and whether he is
requesting in his allotted time.
3
Proxy Firewall
1.2 ORGANIZATION PROFILE
Power Plus software Limited established its strong presence in the field of Software
Development. The company has a 100 percent Export Oriented Unit at The Software
Technology Parks of India – An Autonomous body under the Ministry of Electronics,
Government of India and has set up its Software development unit in Dubai.
The company specializes in Client/server Application Development, Web centric

Applications and Embedded Systems Applications. Having Several years of Experience
with various industries, they give small business the power to do big business. Despite
rapid changes in the field, a few things have stayed with time and the explosive
innovation in technology has been able to meet the new needs of the people. For its
customers, Power plus Software Private Limited has been able to provide the
technology needed which in turn helped them to enhance its development expertise.
Power plus software private limited looks forward to its expansion as and when
technology demands. The company have attracted additional expert talents to support
their core competencies and focused on their marketing strategies. The company expects
to continue to lead the way in the software industry by continuing to innovate and serve.
4
Proxy Firewall
1.3 SCOPE AND OBJECTIVE OF THE PROJECT
Proxy Firewall is not designed to perform as a permanent one. It was designed by

taking into account the needs for future development. In this program the security
information is maintained with a database and if any enhancements required can be made
with subsequent updates within the database. The application provides a feature of
putting itself integrated to the shell wherein access of file resources through other
application software’s can be restricted. With the Need to restrict other applications being
loaded along side this application, support of the Required Operating System API’s can
be integrated. While developing the system suggestions from the subject experts were
taken into account and hence all required data is stored as File Dumps to avoid the
Intricacy of portability.
The Proxy Firewall has the following modifications, which can be incorporated in
the future.
The proposed proxy cannot be able to cache in the FTP and Gopher requests.
This only accepts the HTTP request. For further modification caching of FTP and
Gopher requests can be done.
Looking into the client status table, the administrator has to understand the peak
time of request manually. The software can be further modified in such a way that he can
manipulate it through the reports.
Another disadvantage of proposed system is it cannot support the FTP, Gopher,

and HTTP requests. At the time of further development we must be able to do that.
5
Proxy Firewall
In the newly developed system, connection has to be established before executing

the Proxy Firewall. The program can be modified so that connection can be established
automatically at the time of execution of the proxy system by using the internal command
of the modem.
The check in and checkout time can be given only in hours. There is no option to
give the time in minutes that can be further modified.
A user cannot be allowed to use the proxy after midnight, which needs
modification.
The main aim of the project is to develop software that act as an
intermediary between web browser and web server that helps multiple clients to access
The net with single internet connection
As the Internet grows in its number of users and its scope, more people are
looking for simple cost effective ways of linking their own LAN’s to the Internet
Installing a full –fledged connection to the Internet can cost quite a bit. Even through
Hardware cost for Internet routers and CSU/DSU (Channel Service Unit/Digital Service
Unit)are decreasing, proper Internet connections are still beyond the reach of many
business and private users. This being the case, people have been searching for solutions
that will provide LAN-wide access to the Internet through a smaller connection, which
does not require all the fancy hard wares that installing a large connection needs.
PROXY FIREWALL makes it possible for an entire LAN with a non-
sanctioned IP address to have access to the Internet through a typical dial up link to an
6
Proxy Firewall
ISP. In many situations PROXY FIREWALL is a better choice than granting full access
to the Internet to workstations with valid IP address having context on the Internet.
PROXY FIREWALL is easier to set up and has security features that make it easy to
control the type of Internet access, client workstation has. The workstations behind the
PROXY FIREWALL have valid Internet connections and therefore cannot talk to the
Internet on their own.
7
Proxy Firewall
SYSTEM
SPECIFICATION
8
Proxy Firewall
2.1 HARDWARE SPECIFICATION
Processor : Intel PIII 700MHZ with 810 E Chipset.
Memory : 128 MB SD RAM.
Hard Disk : 40 GB HDD (UDMA-Seagate).
Floppy Drive : 1.44 inch (Sony).
Modem : 56 KBPS Internal Modem
Keyboard : Microtek multimedia 110 keys
Mouse : Logitech 3 button Mouse.
Monitor : 15”VGA Samtron Monitor.
9
Proxy Firewall
2.2 SOFTWARE SPECIFICATION
Operating System : Windows 2000 Server
Languages used : C#. NET
Frontend : C#.NET
Backend : SQL Server
Other S/W’s used : Internet Explorer, IE 5.5, HTML
10
Proxy Firewall
SYSTEM ANALYSIS
11
Proxy Firewall
3.1 EXISTING SYSTEM
The development and implementation of Proxy Firewall required the study of two
existing ISA Servers. They were Microsoft ISA Server and Wingate ISA Server. The
Microsoft ISA SERVER provides an easy; secure way to bring Internet access to every
desktop in an organization. Wingate Proxy allows multiple computers to share single
Internet connection.
Microsoft ISA Server supports all Internet protocols including HTTP, FTP, Real
Audio, Video conferencing, e-mailing, voice mailing and news protocols. The Microsoft
ISA Server also provides security features through which we can provide the Internet
connection to the authentic users only. The Microsoft Proxy Sever does offer a great deal
of control to the outside Internet via a central authority.
Microsoft ISA Server can cache most World Wide Web objects (HTML document,
wave files and graphics). This means that Microsoft ISA Server can draw from a local
hard drive to serve out Internet data that it has already handled. This improves
performance to workstations and reduces the use of the outside link
If many users are using Microsoft ISA Server to access a multitude of different
web sites, objects in cache could be flushed before they are ever called on again. This
ISA Server can use any valid connection method that it supported by NT to talk to
Internet, depending on the size of your organization and the number of users accessing
the network. However, there are some situations when using is preferable to letting
workstation has valid Internet connections on their own.
Wingate is an ISA Server software package that allows you to share a single or
multiple Internet connection with an entire computer network. The Internet connection
shared by Wingate can be of nearly any type, including dial up modem, ISDN, XDSL,
cable modem, satellite connection or even dedicated TI circuits.
12
Proxy Firewall
Wingate ISA Server consists of a server component, which can install on the
computer with the modem or Hub and client component, which is installed on the other
components of the network. Wingate requires TCP/IP network and the server component
must be installed on a Windows 95/98/NT system. Since Wingate runs in the background
as a service, this computer does not have been dedicated to operating Wingate.
The primary benefit of Wingate is its ability to allow multiple computers to share
single Internet connection. This eliminates the need to add additional phone lines,
Internet access account, modem or expensive dedicated circuit hardware in order to
provide Internet access to multiple computers. By sharing a single Internet account and
connection with Wingate, a home or business user can provide Internet access to an entire
network with cost having that can be seen immediately. Wingate also include an HTTP
cache that can increase the performance of your Internet connection for web browsing.
Wingate allows simultaneous Internet sharing for networked computers using

only one Internet connection of nearly any type. Thus acting as a powerful firewall,
Wingate also helps to protect your valuable network from intruders. Wingate was the first
Windows based Internet sharing ISA Server solutions.
DRAWBACKS OF THE EXISTING SYSTEM
The existing ISA Servers possess the following drawbacks:
The existing ISA Server does not have ability to filter sites based on a user-by-
user approach. This means that you cannot define filter for specific users. Unfortunately,
site filtering is still rough around the edges and does not support many filter functions.
The existing ISA Server does not have the ability to provide access to a client for
certain specific period in a day.
13
Proxy Firewall
If you have a large network of users but a relatively small link to the Internet, it
would have two groups of Internet user with separate time.
This server gives greater access from inside the protected network to the outside,
but will keep the inside completely inaccessible from outside.
PROBLEM DEFINITION
When a client wants to down load a file, it will send the corresponding request to
the proxy server first. The proxy is then connected to the server you requested and return
the data for you. Rules set on the proxy firewall can either grand or deny these service
requests.
Proxy Firewall must be able to cache frequently request files. When the user
requests a file, the Proxy Firewall first looks in its cache for the file. If found the server
returns the file. Otherwise the file is requested from the source. This improves the
performance and reduces the network traffic.
The Proxy Firewall must provide some degree of security for the internal
network. Because the proxy server makes all external requests, the external host cannot
learn the name or IP address of computers on the internal network. The proxy server
screens all incoming and outgoing traffic and protects the network from unwelcome
intruders thus providing security to the internal network.
The Proxy Firewall must have the provision for restricting various sites that are
provided by the administrator. The site restrictions have to be made available either in
server level as a whole or in a client-by-client manner.
The Proxy Firewall also checks the user login time in the log file table. The
clients connected the proxy server has its own permitted time. The user is permitted to
access the net only if he is issuing the request within his permitted time.
14
Proxy Firewall
Proxy Firewall must be able to provide FTP caching and Gopher caching,
which is not currently supported in the existing system.
The administrator must be able to estimate the peak time and fall
time of request from the clients. This enables him to arrange the allotted time of clients
accordingly.
Proxy
Proxies are store-and-forward caches. It acts as a passage. When you configure

your web browser to use a proxy, it never connects to the URL. Instead, it always
connects to the ISA SERVER, and asks it to get the URL for the client. Proxies can be
used as a sort of firewall, because it isolates the client from connecting to the Internet.
CORPORATE N/W
INTERNE
PROXY
SERVER
Working of a Proxy Firewall
A Proxy Firewall receives a request for an Internet service (such as a Web page
request) from a user. If it passes filtering requirements, the Proxy Firewall, assuming it
also as a cache server, looks in its local cache of previously downloaded Web pages. If it
15
Proxy Firewall
finds the page, it returns it to the user without needing to forward the request to the
Internet. If the page is not in the cache, the Proxy Firewall, acting as a client on behalf of
the user, uses one of its own IP addresses to request the page from the server out on the
Internet. When the page is returned, the Proxy Firewall relates it to the original request
and forwards it on to the user.
To the user, the Proxy Firewall is invisible; all Internet requests and returned
responses appear to be directly with the addressed Internet server. (The proxy is not quite
invisible; its IP address has to be specified as a configuration option to the browser or
other protocol program.)
The advantages of using a Proxy Firewall
An advantage of using a Proxy Firewall is that its cache can serve all users. If one
or more Internet sites are frequently requested, these are likely to be in the proxy’s cache,
which will improve user response time. In fact, there are special servers called cache
servers.
The functions of proxy, firewall and caching can be in separate server programs or
combined in a single package. Different server programs can be in different computers.
For example, a Proxy Firewall may be in the same machine with a firewall server or it
may be on a separate server and forward request through the firewall.
There are different types of ISA SERVERs with different features, some are
anonymous proxies, which are used to hide your real IP address and some are used to
filter sites, which contain material that may be unsuitable for people to view. When you
connect to a website, your true IP address will not be shown, but the ISA SERVER’s IP
address. This does not mean that you are completely anonymous. The ISA SERVER will
have logs of IP’s that used the ISA SERVER and the time of access.
16
Proxy Firewall
Why should you use a proxy?
You can use a Proxy if you have a child and wish to restrict the sites they are
viewing; you will need to make sure you get the correct type of proxy because not all
proxies filter sites. You can use it to protect yourself; it can be used to hide your IP which
is useful because it means hackers cannot get info about you when using it. They will
only get the Proxy Firewall’s IP. Proxy Firewalls are not hard to set up, no hardware or
software is needed; you just need to configure your browser to connect through it.
Some ISP’s (Internet Service Providers) make all their users use a Proxy Firewall,
for example in the United Arab Emirates, the main ISP makes all users use an Proxy
Firewall which blocks sites with unsuitable material. It does this using the Meta tags in
the HTML code used to make the web page. Some ISP’s may give you a choice so you
can use one or not. If you want to use a Proxy Firewall there are many around with
different functions, you just have to get the one that suits your needs best
17
Proxy Firewall
3.2 PROPOSED SYSTEM
An advanced futuristic one replaces the existing ISA Server, which incorporates
the different facets of the facilities of computers and networking. The proposed system
has a high degree of efficiency. This system focuses on administrative side and so has
added security features. Here the administrator with valid user name and password can
only make changes to the proxy settings. This software can resist clients from viewing
certain sites like a porno site or an auction site and also can make use of logoff/logon
options so that a particular client can access the net only for a certain allotted time.
In this proxy setting a server listens to client through port, which is set during
installation like port 5000. The Proxy Firewall accepts a client request after checking the
client’s address and login time. A client can access only those sites, which are not
restricted. Another feature is the check in / checkout file through which the administrator
can control the usage of system. Using the add client option the administrator can
add/remove the clients. There is an option, change administrator with which a new
administrator can take charge after producing the old password (previous administrator’s
password).
The features of the proposed system are: -
A Server or an Administrator can access the proxy setting only by relieving

his/her username and password.
Since thread feature of C#.NET is used multiple clients can be connected to the
Internet simultaneously.
An Administrator has the power to restrict the usage of proxy setting to certain
client.
There is provision for restricting the site in a client-by-client manner.
18
Proxy Firewall
An Administrator can restrict certain sites to certain clients.
An Administrator has the provision to make changes to the restricted sites.
Looking into the Log file, the Administrator can verify the sites accessed by the
clients in a particular date.
In the proposed system the Administrator can find the peak time and fall time of
requests.
The Administrator has the provision to add/remove the clients connected to the
Proxy Firewall.
A caching mechanism is available which avoid frequent downloading of

commonly used sites.
There is provision to clear the cache and it can be cleared either completely or
those which are stored before a specified period of time.
19
Proxy Firewall
3.3 FEASIBILITY STUDY
After the problem is clearly understood and solutions are proposed the next step is
to conduct the feasibility study, which is a part of system analysis as well as system
design process. The main objective of this study is to determine whether the proposed
system is feasible or not. Mainly there are three types of feasibility study to which the
proposed system is subjected as described below. Three key considerations are involved
in the feasibility.
 Technical feasibility
 Behavioral feasibility
 Economic feasibility
The proposed system must be evaluated from a technical viewpoint first, and if
technical feasibility their impact on the organization must be assessed. If compatible,
behavioral system can be devised. Then they must be tested for economical feasibility.
Technical Feasibility
The assessment of technical feasibility must be based on an outline design of

system requirements in terms of input, output, files, programs, and procedures. This can
be qualified in terms of volumes of data, trends, frequency of updating, cycles of activity
etc, in order to give an introduction of technical system.
Behavioral Feasibility
People are inherently resisted to change and computers have been known to
facilitate change. Since the new proposed system is nothing to do with the ordinary
customers and worker resistance to the system is very much less. On the other hand the
users of the system are accessing this system through Internet and they are computer
literate, so resistance from that side is also very less.
20
Proxy Firewall
Economical Feasibility
Justification of any capital outlay is that it will reduce expenditure or improve the
quality of service or goods, which in turn may be expected to provide increased profits.
The technique of cost benefit analysis is often used a basis for assessing economic
feasibility
21
Proxy Firewall
3.4 DATA FLOW DIAGRAM (DFD)
A Data Flow Diagram (DFD) is a diagram that describes the flow of data and the
processes that change or transform data throughout a system. It is a structured analysis
and design tool that can be used for flowcharting in place of, or in association with,
information oriented and process oriented system flowcharts. When analysts prepare the
DFD, they specify the user needs at a level of detail that virtually determines the
information flow into and out of the system and the required data resources. This network
is constructed by using a set of symbols that do not imply a physical implementation. The
DFD reviews the current physical system, prepares input and output specification,
specifies the implementation plan etc.
Four basic symbols are used to construct data flow diagrams. They are symbols
that represent data source, data flows, and data transformations and data storage. The
points at which data are transformed are represented by enclosed figures, usually circles,
which are called nodes.
Basic data flow diagram symbols are
A "Square" defines a source (originator) or destination of a system data.
An "Arrow" identifies data flow. It is a pipeline through which information flows.
22
Proxy Firewall
A "Circle" represents a process that transforms incoming data flow(s) into

outgoing data flow(s).
An "Open Rectangle" is a data store.
Steps to Construct Data Flow Diagrams
Four steps are commonly used to construct a DFD

 Process should be named and numbered for easy reference. Each name should be
representative of the process.
 The direction of flow is from top to bottom and from left to right.
 When a process is exploded in to lower level details they are numbered.
 The names of data stores, sources and destinations are written in capital letters.
23
ZERO LEVEL DFD
Proxy Firewall
24
Reply Reply
WEB PROXY
BROWSER SERVER WEB SERVER
WEB
SERVER files from the Request for
remote server accessing files
Request for accessing
FIRST LEVEL DFD FOR ADMINISTRATOR
Proxy Firewall
25
Administrator Invalid User
Request
Reply
Request
securit
y sites
Client
Add/ Client
Remove
Reply
User ID &
Password
Cache Request
Clearing
Administrator
Validating
Administrator
clearin
Cache
the
administrato Cache
g
r Reply
Request
Securit
y sites
Add/Remove Security
Reply
Add/Remove
Request
Access
inform
Client
Client access
ation
Reply
SECOND LEVEL DFD FOR DOWNLOADING AND CACHING
In Valid Client
Proxy Firewall
26
Client access Restricted site
Search
Reply
Search
Security
Validatin
Reply
Restricted for a particular
Checking
client
g the
security Client
1.1
Request to
1.2
access the the
Web Browser
client Search
If Valid
If not
Checking
restricted Client Restriction
security
client
1.3
If not Reply
Web Browser restricted
Request
Checking
the file in
Search
cache
1.4
If not found Cache
Reply
Storing
Cache
1.6
Request to
Connectin
Access
remote
Web Server
g to
1.5
Downloaded
file
Reply
Proxy Firewall
SYSTEM DESIGN
27
Proxy Firewall
4.1 ARCHITECTURAL DESIGN
Architectural design represents the structure of data and program

components that are required to build a computer based system. It considers the
architectural style that the system will take, the structure and properties of the
components that constitute the system, and the interrelationships that occur among all
architectural components of a system.
ADMINISTRATOR DOWNLOADING CACHIN

G
PROXY FIREWALL
Reports 4
1. Client details SECURITY
2.Block sites 4.1 Security checking
3. Cache information 4.2 Client Validation
4. Hit details 1. Administrator
2. Security
3. Cache
4. Client Access
5. Client Status
6. Client
Restriction
28
Proxy Firewall
4.2 INPUT DESIGN
Input design is the process of converting user-oriented description of the inputs to

a computer-based business system into a programmer-oriented specification. Input data
are collected and organized into a group of similar data. The goal of input data design is
to make data entry as easy, logical and free from errors as possible. In input data design,
we design the source document that capture the data and then select the media used to
enter them into the computer. The input design process initiated in the study phase, as a
part of feasibility study.
In entering data, operators need to know the following: -
 The field length must known to the data entry operator, so that the data entered will
not exceed the allocated space and/or numeric data may be right justified where
appropriate.
 Field sequence of fields must match the sequence of the fields on the source
document.
There are two major approaches for entering data using C#.NET environment.
They are Menus and Dialogue boxes.
Menus: In this the user chooses from a list of options what to perform. A
menu limits a user choice of response but reduce the chances for error in data entry. Thus
menu simplifies the data access and entry.
The various Menus listed in the proposed system are Menu, Administrator,
Security, Reports and Help.
 Menu: Under this we have three fields Start, Stop and Exit.
29
Proxy Firewall
Clicking start begins the Internet Cruising and stop gives a break to the journey.
Exit helps to quit from the menu.
 Administrator: This contains Add Client, Change Administrator, Clear Cache, and
Server Details.
The Add Client option is used for adding or removing a client from the file. A
client is added along with his check in and checkout time. We can change the
administrator login or password using the Change administrator option. Here the new
administrator has to give the existing administrator’s password, i.e. the old password, and
the new password. Clear Cache is used to clear the cache details from the file. Server
Details is used to specify the Server ID and Port Number by which we can change the
existing port.
 Security: This field contains Block Sites and Client Restriction.

Block Site option is used for adding or removing a particular site that has to be
blocked.
Client Restriction restricts a particular client from entering into a site.
 Report: Report menu gives the monitored information about the login process, client
restriction, cache details etc. This menu consists of five fields,
Log File which gives description about the sites accessed by a particular client on
a particular date with time of accession. Blocked sites are displayed in the Block File.
Security Restriction displays the restricted sites with the client Id. Cache Information
gives information about cached sites. Client Details contains the information about a
client’s login time, when did he quit and the client id.
 Help: This is the ultimate menu, which provides help information to the user.
30
Proxy Firewall
Dialog Box: These are windows that appear in response to certain conditions
that occur when a program is run. Dialogue Box has various controls like buttons, text
boxes, list boxes and combo boxes. We can also include pictures using Bitmaps, Icons,
etc. With the use of all these controls we can make a ‘dialog’ with the program. Thirteen
dialogue boxes stands steadily to help the user to perform the operation easily. Various
operations like adding the client, giving restrictions to a particular client, blocking a site,
allowing password usage to protect the server from unauthorized access, changing the
administrator, Caching the sites once entered etc are performed with these thirteen dialog
boxes.
The input given by the users is the site name, which they want to access. This is
specified in the internet explorer window.
The rest of the inputs are given by the system Administrator. He gives them
through properly designed forms. There are forms designed for the following:
 For specifying the current server in the network.

 For changing the administrator login ID and password.
 For including the clients and their valid time interval.
 For adding the general security sites.
 For adding the security sites for a particular client
31
Proxy Firewall
4.3 OUTPUT DESIGN

Computer output is the most important and direct source of information to the
user. Efficient output design should improve the system relationship with the user and
help in decision making. The task output preparation is critical requiring skill and ability
to align user requirements with capabilities of the system in operation.
The standard for output suggest the following:
 Give each output a specific name or title.
 Provide a sample of the output layout including areas where printing may appear and
location of each field.
 State whether each output field is to include significant zeros, spaces between fields,
alphabetic or any other data.
 Specify the procedure for providing the accuracy of output data.
The Proxy Firewall’s output consists of the internet explorer window and
reports, which help the Administrator to know the status of various clients and monitoring
the traffic. The clients do not have access too these reports. What the clients can do is
request for the web site, which they need, and the server satisfies their request, if valid
Internet Explorer Window: The user gets the main output of the system through internet
explorer window. The users request, for the sites they want to access, to the Proxy
Firewall. The server services the client by fetching the requested web page for them. If
either the request or the client is not valid the server gives them an appropriate error
message.
Reports: Reports are accessible only to the Administrator of the Proxy Firewall. The
reports provide the administrator with information about the following:
 Clients that can access the Proxy Firewall.

 General security sites
 Hit details
 Cache details
32
Proxy Firewall
4.4 DATABASE DESIGN
The data in the system has to be stored and retrieved from database. Designing the
database is part of system design. Data elements and data structures to be stored have
been identified at analysis stage. They are structured and put together to design the data
storage and retrieval system.
A database is a collection of interrelated data stored with minimum redundancy to

serve many users quickly and efficiently. The general objective is to make database
access easy, quick, inexpensive and flexible for the user. Relationships are established
between the data items and unnecessary data items are removed. Normalization is done to
get an internal consistency of data and to have minimum redundancy and maximum
stability. This ensures minimizing data storage required, minimizing chances of data
inconsistencies and optimizing for updates. The SQLSERVER2000 database has been
chosen for developing the relevant databases.
The various tables used in Proxy Firewall are: -
1) AdminLogin:
This table contains the username and password, which helps the administrator to
login into the entire system.
Field Name Data type Size

Username Varchar2 25
Password Varchar2 25
2) Blocksites:
33
Proxy Firewall
This table contains the details of the site that are blocked or banned from viewing
or accessing. It contains three fields.

SiteID Number 5
SiteName Varchar2 25
Site Desc Varchar2 25
3) CacheSites:
This caches or stores the sites once accessed by the client into the cache file table.
These sites can be viewed or accessed easily the next time when it is called because the
sites get loaded directly from the cache file.

Cache No Number 5
Site name Varchar2 25
CacheDate Date
4) Client Block:
The Client Block table is used to monitor the sites that are restricted to a
particular client. A client cannot access a site that is included in the Client Block table.

Serial No Number 5
Client ID Number 5
Site Name Varchar2 25
5) Client Master
34
Proxy Firewall
This table is used to check the login and logoff time of a particular client using his
client id. Here a client can access the service only if his login time matches with the
system time provided by the administrator.
Field Name Data Type Size

ClientID Number 5
IP Address Varchar2 25
Reg.Date Date
StartTime Date
EndTime Date
6) HitList:
This table is used to give description about the number of times a particular site
was accessed by a particular client. This file contains three fields.

SerialNo Number 5
SiteName Varchar2 25
HitCount Number 5
35
Proxy Firewall
7) Serverset
This table contains server IP and port number. This is used to change the
administrator and port number while installing the Proxy Firewall for a different client or
in a new system.
Field Name Data Type Size
CachePort Number 5
ServerPort Number 5
ServerIP Varchar2 25
36
Proxy Firewall
4.5 REPORT DESIGN
Report menu gives the monitored information about the

login process, blocked sites, client restrictions ,cache details etc. This menu consist of
four items. CLIENT DETAILS, BLOCKED SITES, HIT SITES and CACHE SITES
CLIENT DETAILS
This contains the information about a clients login time. When did
He quite and the client id
BLOCKED SITES
These are displayed in the blocked sites file
HIT SITES
These files gives the information about how many items a particular site was
Accessed
CACHE SITES
These gives information about cached sites
Reports are accessible only to the Administrator of the proxy
firewall. The reports provide the Administrator with information about the following
 Clients that can access the proxy firewall
 Security sites for a particular client
 Log detail
 Cache details
37
Proxy Firewall
SYSTEM TESTING
38
Proxy Firewall
5.1 TESTING PROCESS
System testing is the stage of implementation, which is aimed at ensuring that

the system works accurately and efficiently before live operation commences. Testing is
the process of executing the program with the intent of finding errors and missing
operations and also a complete verification to determine whether the objectives are met
and the user requirements are satisfied. The ultimate aim is quality assurance.
System testing is defined as the process by which one detects the defects in
the software. Any software development organization or team has to perform several
processes. Software testing is one among them. It is the final opportunity of any
programmer to detect and rectify any defects that may have appeared during the software
development stage. Testing is a process of testing a program with the explicit intention of
finding errors that make the program fail. In short system testing and quality assurance is
a review in software products and related documentation for completion, correctness,
reliability and maintainability. The various tests performed in “Proxy firewall System”
are unit testing, integration testing and acceptance testing.
UNIT TESTING
This is the first level of testing. In this different modules are tested against
the specification produces during the design of the modules. Unit testing is done during
the coding phase and to test the internal logic of the modules. It refers to the modules. It
refers to the verification of single program module in an isolated environment. Unit
testing first focuses on the modules independently of one another to locate errors.
39
Proxy Firewall
After coding each dialogue is tested and run individually. All necessary coding
where removed and it was ensured that all the modules are worked, as the programmer
would expect.
Logical errors found where corrected. In my project unit testing are done for the
two modules of the project separately and in each modules the different sub modules are
individually tested.
INTEGRATION TESTING
Data can be lost across any interface, one module can have an adverse
effect on another, sub functions when combined, may not produce the desired major
functions. Integration testing is a systematic testing to discover errors associated within
the interface. The objective is to take unit tested modules and build a program structure.
All the modules are combined and tested as a whole.
After data design is completed, integration testing is done by combining

the sub modules first and then combining the main two modules and tested as a whole.
This testing provides the assurance that the application is well integrated functional unit
with smooth transition of data.
VALIDATION TESTING
This provides the final assurance that the software meets the all the
functional, behavioral and performance requirements. The software is completely
assembled as a package. Validation succeeds when the software functions in a manner in
which user wishes. Validation refers to the process of using software in live environment
in order to find errors. During the course of validation the system failure may occur and
sometime the coding has to be hanged according to the requirement. Thus the feedback
from the validation phase generally produces changes in the software. In the proposed
system, validation testing is done and makes sure that no error remains before submitting
to the customer.
40
Proxy Firewall
TESTING TECHNIQUES
Testing is one of the major hurdles in the development of the system. Testing is
the process of finding errors in the system. Software bugs persist in contemporary and
cause inconvenience and occasional loss of information. Only error free software will be
stable for a long time. To accomplish this objective two different testing techniques are
used: white box testing and black box testing.
5.2 WHITE BOX AND BLACK BOX TESTING
White box testing, some times called glass box testing, is a test case design
method that uses the control structure of the procedural design to derive test cases.
White box tests focus on the program control structure. Test cases derived to ensure that
all statements in the program have been executed at least once during the testing and that
all the logical conditions have been exercised. Basic path testing, a white box testing
technique makes use of program graphs to derive the set of linearly independent tests that
will ensure coverage. Condition and data flow testing further exercise program logic, an d
loop testing components other white box testing techniques by providing a procedure for
exercising complexity. Using white box testing method the software engineer can derive
test cases:
i. Guarantee that all independent paths within a module have been exercised at least
once.
ii. Exercise all the logical decisions on their true and false sides.
iii. Execute all loops at their boundaries and their operational limit.
iv. Execute internal data structures to assure their validity.
41
Proxy Firewall
Reasons for conducting white box testing
i. Logical errors and incorrect assumptions are inversely proportional to the

probability that the program path will be executed.
ii. The logical flow of a program is sometimes countered intuitive.
iii. Typographical errors are random.
BLACK BOX TESTING
White box tests are typically applied to small program components. Black box
testing on the other hand, testing in large. Black box tests are designed to validate
functional requirements without regard to internal working of the program. Black box
testing techniques focus on the information domain of the software, deriving test cases by
partitioning the input and output domain of the program in a manner that provides
through test coverage.Equallance partitioning divides the input domain into cases of data
that are likely to exercise specific software function. Boundary value analysis probe’s the
programs ability to handle data at the limits of acceptability. Orthogonal array testing
provides an efficient, systematic method for testing systems with small number of input
parameters. Black box testing focuses on the functional requirements of the software.
Another name for this is functional testing because mathematical function can be
specified using only their inputs and outputs.
Model for black box testing
Input
Test Ie
Data
Output
Test 42
Results
Oe
Proxy Firewall
The key problem defect tester is to select inputs that have a high probability being
member of the test.
Black box testing attempts to find errors in the following categories:
 Incorrect or missing functions.

 Interface errors.
 Errors in data structures or external database.
 Performance error.
 Initialization and termination error.
Black box testing are designed the following questions
 How the functional validity tested ?

 What classes of input will make good test cases ?
 How are the boundaries of data classes isolated ?
 What data rates and data volumes can the system tolerate ?
By applying black box testing technique, we derive a set of test cases that satisfy the
following criteria:
 Test cases that reduce the number of additional test cases that must be designed to
achieve reasonable testing.
 Test cases that tell us something about presence or absence of errors, rather than
errors associated only with specific test at hand.
43
Proxy Firewall
TEST RESULTS
Each and every computer project starts with a statement of the business needs and
then developed in progressively greater level of details. It is the purpose of testing to
ensure that the communication between each level is verified and the end project satisfies
the business needs.
Testing a system requires more effort while developing it because it is one of the
final steps. Early planning for this stage can ensure smooth and easy testing. Adequate
preparation needs to be made before testing begins, so that it can be performed
effectively.
The aim of testing is to prove that the developed system addresses the pre defined
processing requirements and will perform reliably efficiently when running live. In the
proxy firewall providing test data to check the working of the system as specified
performs testing.
System testing is a critical aspect of Software Quality Assurance and represents

the ultimate review of specification, design and coding. Testing is process of executing a
program with the intent of finding an error. A good test is one that has a probability an as
yet undiscovered error. The purpose of testing is to identify and correct bugs in the
developed system. Nothing is complete without testing. Testing is the vital to the success
of the system.
44
Proxy Firewall
45
Proxy Firewall
SYSTEM SECURITY
46
Proxy Firewall
6.1 SECURITY FEATURES

Any system developed should be secured and protected against possible hazards.
The system have to face the unwanted events called threats. Computer system is secure
against a particular threat if counter measures have been taken to reduce an acceptability
low-level amount of loss that the threat may be expected to cause over a given period of
time. The system security problem can be divided into four related issues: Security,
Integrity, Privacy and Confidentiality. These problems may adversely affect the ability of
the computer system carry out is intended task.
System security
System security refers to the technical innovations and procedures applied to the
hardware and operating systems to protect against deliberate or accidental damage from a
defined threat. In contrast, data security is the protection of data from loss, disclosure,
modification and destruction.
The security features are considered while developing the system, so as to avoid the
errors and omissions that may lead to serious problems.
System integrity
System integrity refers to the proper functioning of hardware and programs,

appropriate physical security, and safety against external threats. A threat to a computer
system is any events that adversely affect the one or more assets or resources, which make
up the system. An event can be any of the following:
 Interruption of communication
 Destruction of hardware
 Modification of software
 Removal of programs
47
Proxy Firewall
 Disclosure of information
There are many methods for handling a threat

 Avoid it by altering the design
 Threat retention
 Threat reduction.(That is frequently of occurrence of a threat is reduced)
In comparison, data integrity makes sure that data do not differ from their original form and
have not been accidentally or intentionally disclosed, altered or destroyed.
Privacy
Privacy defines the rights of the users or organizations to determine what information they
are willing to share with or accept from others and how the organization can be protected
against unwelcome, unfair or excessive dissemination of information about it.
Confidentiality
The term confidentiality is a special status given to sensitive information in a

database to minimize the possible invasion of privacy. It is an attribute of information that
characterizes its need for protection. In contrast privacy is largely a procedural matter of
how information is used.
By considering these securities I have taken some precautions. They are

1.Physical security or protection from fire, flood and other physical damage.
2.Data base integrity through data validation techniques.
3.Control measures through passwords on a regular basis.
A procedure for protecting systems makes sure that the facility is physically secure,
provides a recovery/ restart capability, and has access to backup files. The threat of external
48
Proxy Firewall
attack on a computer system is virtually last. The list of potential lists is Errors and
omissions, Disgruntled and dishonest employees, Fire, Natural disasters and External
attack.
In a database environment, there are three types of failure. They are catastrophic,
logical and structural. A catastrophic failure is one where part of a database is unreadable. It
is restored using the roll forward method of memory. A logical failure occurs when activity
to the database is interrupted (e.g. a power failure) with no chance of completing the
currently executing transactions. A typical example of structural damage is a pointer
incorrectly stored in a record that point to unrelated or non-existent data.
The application stores data in a RDBMS called SQL Server.We can store data in a
secured and easily retrievable manner into the table of oracle. So the proposed system
provides powerful security measures. The system is capable to cope with the changes in the
organization policies. The reconstruction of the system will increase its flexibility.
The security measures of a computer system should be specified at an early stage in

the design of the system. During the system operation each user should understand the
procedures required to keep the system secure. There are many possible threats to the
security and integrity of any system where more the one user is associated with the system.
Software integrity has become increasingly important. The attribute measures a systems
ability to withstand attacks, both accidental and international on its security.
Security measures are provided to prevent unauthorized access of the system and
the database at various levels. In this project the data security, data validation checking
methods are applied using a password authentication. All the data, which is entered by the
user and the manager is validated. Users should enter their username and password for the
requesting access. Only the manager can add, modify or delete the users. This single point
control ensures better security. Password protection and simple procedures to change the
unauthorized access are provided to the users. The system allows the user to enter the
system only through login.
49
Proxy Firewall
IMPLEMENTATION
50
Proxy Firewall
7.1 IMPLEMENTATION METHODS
Implementation is the state of the project where theoretical design is turned into a
working system. The most critical stage in achieving a successful new system and in giving
the authorized confidence that the new system will work and be effective. The system can
be implemented only after testing is done and if it is found working according to
specifications.
The implementation is one phase of software development. It is concerned with

translating design specifications with source code. The primary goal of implementation is
to write source code to its specifications that can be easily verified, and so that
debugging, testing and modifications can be eased. Making the source code as clear and
straight forward as possible can achieve the goal.
The implementation is the process of converting a new or revised system into

operational one. It is the key stage in achieving a successful new system, because usually it
involves a lot of upheaval in the user department. This is also the phase where there is
maximum interaction between system personnel and the user departments. The most crucial
stage is at the time of delivering a successful system and in giving confidence to the users
that it will work efficiently and effectively.
Implementation plan
Implementation is the stage in the project where the theoretical design is turned into
a working system and is giving confidence on the new system for the users that it will work
efficiently and effectively. It involves careful planning, investigation of the current system
and it constraints on implementation, design of methods to achieve the change over, an
evaluation, of change over methods. Apart from planning, major task of preparing the
implementation are education and training of users. The more complex system being
implemented, the more involved will be the system analysis and the design effort required
51
Proxy Firewall
just for implementation. An implementation coordinating committee based on policies of

individual organization has been appointed. The implementation process begins with
preparing a plan for the implementation of the system. According to this plan, the activities
are to be carried out, discussions made regarding the equipment and resources and the
additional equipment has to be acquired to implement the new system.
Implementation is the final and important phase. The most critical stage in
achieving a successful new system and in giving the users confidence that the new system
will work and be effective. The system can be implemented only after thorough testing is
done and if it is found to be working according to the specification. This method also offers
the greatest security since the old system can take over if the errors are found or inability to
handle certain type of transactions while using the new system.
The implementation process begins with preparing the plan for implementation of the
system. Once the planning has been completed, the major effort in the computer
department is to ensure that the programs in the system are working properly. At the same
time the HR department must concentrate on training user staff. A logical starting point for
this type planning involves knowledge of the following areas.
The following steps have been followed the implementation plan of the system:
 Implementation planning
 Equipment acquisition & installation
 System conversation
 User training
 Personnel needs
Initially a primary implementation plan is prepared to schedule and manage different

activities that must be completed for a successful implementation. The preliminary plan
serves as a basis for the initial scheduling and assignment activities.
52
Proxy Firewall
User’s Manual
Since it is a graphical user interface (GUI) system, the user is able to work with this
system without any difficult. Common GUI elements available on windows are also used in
the system for making interaction between the user and the system. Only authorized
persons are allowed to enter into the system. The entire available operation lists are given
in the menu bar of the particular module. The user can select appropriate menu options
from this list using mouse or keyboard. Keyboard shortcut keys are given for all the
commonly used menu options.
The system will automatically do all type of validation to enter the correct data.
Format for the special data are given in the form itself. The operation can’t be continued
unless you enter a valid and correct entry. System will display useful messages when any
error occurs in the entry or when an entry is not in an accepted format. Commonly used
operations can be invoked by clicking the appropriate toolbars buttons also.
Education & Training
People who are all involved in the system must be familiar and confident of their
role in the new system to achieve the objectives and benefits expected from the computer-
based system. This involves them in understanding the overall system and its effect on the
organization, and is being able to carry out their task effectively. The training should
involve every one associated with the implementation, use, operation or maintenance of the
new system. User staff must be instructed in how to perform their new tasks.
Hands on training to the computer center people are essential to make themselves
familiar with the system. Classroom lectures about the system have been given to the
computer center people. Practical training should also be given to them to use this software.
Training sessions must aim to give user staff the specific skills required in their new jobs.
The implementation of the proposed system includes the training of system operators.
53
Proxy Firewall
Training the system operators includes not only instructions in how to use the equipment,
but also in how to diagnose malfunctions and in what steps to take when they occur. So
proper training should be provided to the system operators. No training is complete without
familiarizing users with simple system maintenance activities. Since the proposed system is
developed in a GUI, training will be comparatively easy than systems developed in a non-
GUI. There are different types of training. We can select off-site to give depth knowledge to
the system operators.
Success of the system depends on the way in which it is operated and used.
Therefore the quality of training given to the operating person affects the successful
implementation of the system. The training must ensure that the person can handle all the
possible operations. Training must also include data entry personnel. They must also be
given training for the installation of new hardware, terminals, how to power the system,
how to power it down, how to detect the malfunctions, how to solve the problems etc. the
operators must also be provided with the knowledge of trouble shooting which involves the
determination of the cause of the problem.
The new system requires trained personnel for operating the system. Data entry jobs
must be done utmost carefully to avoid errors. This will reduce the data entry errors
considerably. It is preferable to provide the person with some kind of operating manuals
that will explain all the details of the system.
Thus the users are trained to operate the developed system. Both the hardware and
software securities are made to run the developed systems successfully in future. In order to
put new application system into use, the following activities were taken care of. So useful
tips and guidance is provided within the application itself. They have to be made aware that
what can be achieved with the new system and how it increases the performance of the
system.
The training schedule is coordinate with the schedule for completing the
development phase, for all essential training must be completed prior to the user acceptance
54
Proxy Firewall
review at the end of this phase. For the system to begin operation, a sufficient number of
users must be trained before the end of the development phase. Thereafter, additional
personnel are trained, and training continues throughout the operational life of the system.
 Preparation of user and system documentation

 Conducting user training with demo and hands on
 Test run for some period to ensure smooth switching over the system
Implementation includes all those activities that take place to convert from the old system
to the new. The old system consists of manual operations, which is operated in a very
different manner from the proposed new system. A proper implementation is essential to
provide a reliable system to meet the requirements of the organizations. An improper
installation may affect the success of the computerized system.
Implementation Methods
CHANGE OVER
Change Over is the stage of moving from existing to the new system. The change
over from the old system may take place when the system has been proved to the
satisfaction of the system analyst, Candidate system Manager, Management and operational
staff. There are several methods for handling the implementation and the conversion from
the old to the new computerized system.
The most secure method for conversion from the old system to the new system is to
run the old and new system is parallel. In this approach, a new person may operate in the
manual older processing system as well as start operating the new computerized system.
This method offers high security, because even if there is a flow in the computerized
system, we can depend upon the manual system. However, the cost for maintaining two
systems in parallel is very high. This outweighs its benefits.
55
Proxy Firewall
Another commonly method is a direct cut over from the existing manual system to
the computerized system. The change may be with in a week or with in the day. There are
no parallel activities. However, there is no remedy in case of a problem. This strategy
requires careful planning.
56
Proxy Firewall
7.2 RUNNING METHODS
ALGORITHM
Step1:
Start the program
Step2:
Read request from the client
Step3:
Check for valid clients
If the client request is invalid then goto step: 8
Else if the client is valid then go to step: 4
Step4:
Check for security
if it is valid then goto step: 5
Else goto step1
Step5:
Search file in cache if present check to see if the site is modified
If yes go to step: 6 else
Display the file and go to step: 1
Step 6:
Read the file from the remote host
Step 7:
Store file in cache and display the file and goto step: 1
Step8:
Terminate the program
57
Proxy Firewall
7.3 SUGGESTION AND RECOMMENDATION
Proxy Firewall is not designed to perform as a permanent one. It was designed by

taking into account the needs for future development. In this program the security
information is maintained with a database and if any enhancements required can be made
with subsequent updates within the database. The application provides a feature of putting
itself integrated to the shell wherein access of file resources through other application
software’s can be restricted. With the Need to restrict other applications being loaded along
side this application, support of the Required Operating System API’s can be integrated.
While developing the system suggestions from the subject experts were taken into account
and hence all required data is stored as File Dumps to avoid the Intricacy of portability.
The Proxy Firewall has the following modifications, which can be incorporated in
the future.
The proposed proxy cannot be able to cache in the FTP and Gopher requests.
This only accepts the HTTP request. For further modification caching of FTP and
Gopher requests can be done.
Looking into the client status table, the administrator has to understand the peak
time of request manually. The software can be further modified in such a way that he can
manipulate it through the reports.
Another disadvantage of proposed system is it cannot support the FTP, Gopher, and
HTTP requests. At the time of further development we must be able to do that.
In the newly developed system, connection has to be established before executing

the Proxy Firewall. The program can be modified so that connection can be established
58
Proxy Firewall
automatically at the time of execution of the proxy system by using the internal command
of the modem
.
The check in and checkout time can be given only in hours. There is no option to
give the time in minutes that can be further modified.
A user cannot be allowed to use the proxy after midnight, which

needs modification.
59
Proxy Firewall
7.4 CONCLUSION
The system entitled Proxy Firewall is developed in such a way that it provides the
access of Internet in a user-friendly manner. It provides an efficient means for multiple
clients to access the net with single Internet connection. This software is developed in such
a way that any number of clients can access the net at a given time. The system is tested
with input samples of website and performance of the system is proved much efficient. The
data maintenance and manipulation is achieved practically.
60
Proxy Firewall
7.5 BIBLIOGRAPHY
 Elias M Award, System Analysis and Design ,Galgottia

Publications Pvt. Ltd 1991
 Roger S Pressman, Software Engineering – A
Practitioners Approach, McGraw Hill Inter Editions
1991
 Burton Harvey, Simon Robinson, Julian Temple man,
Karli Watson, c# Programming with the public beta,
SPD Pvt. Ltd Calcutta
 Andrew Troelsen, C# and the .Net platform , Apress
2001
 Mike Gunderlog,Joseph L Jorden ,Mastering SQL
Server 2000,BPB Publications , New Delhi,First Indian
Edition 2001
 http://www.msdn.microsoft.com
 http://www.developerfusion.com
 http://www.aisto.com
 http://www.dotnetfun.com
 http://www.joegrip.com
61
Proxy Firewall
ANNEXURES
62
Proxy Firewall
8.1 FORM LAYOUTS
SPLASH SCREEN
LOGIN FORM
63
Proxy Firewall
MAIN MENU
64
Proxy Firewall
SESSION ITEMS
65
Proxy Firewall
66
Proxy Firewall
LOCK APPLICATION
67
Proxy Firewall
SERVICE ITEMS
68
Proxy Firewall
START SERVICE
69
Proxy Firewall
STOP SERVICE
70
Proxy Firewall
CLIENT ITEMS
71
Proxy Firewall
CLIENT REGISRATION
72
Proxy Firewall
CLIENT ALTER FORM
73
Proxy Firewall
ADMINISTRATOR ITEMS
74
Proxy Firewall
CACHE CLEARING
75
Proxy Firewall
HIT CLEARING
76
Proxy Firewall
CHANGEPASSWORD FORM
77
Proxy Firewall
SETTING ITEMS
78
Proxy Firewall
PROXY SERVER SETTING FORM
79
Proxy Firewall
SECURITY ITEMS
80
Proxy Firewall
SITE BLOCKING FORM
81
Proxy Firewall
CLIENT BLOCKING FORM
82
Proxy Firewall
REPORT ITEM
83
Proxy Firewall
HELP ITEM
84
Proxy Firewall
ABOUT FORM
85
Proxy Firewall
ERROR MESSAGES
86
Proxy Firewall
87
Proxy Firewall
88
Proxy Firewall
89
Proxy Firewall
8.2 REPORTS
CACHE DETAILS
90
Proxy Firewall
CLIENT DETAILS
91
Proxy Firewall
BLOCK SITE DETAILS
92
Proxy Firewall
HIT SITE DETAILS
93
Proxy Firewall
8.3 ABOUT THE DEVELOPING SOFTWARE
ABOUT MICROSOFT. NET
Microsoft released the .Net (pronounced dot net) framework in

February 2002. It’s biggest initiative since the launch of windows in 1991. . Net is a
revolutionary Multi language platform that knits various aspects of application
development together with the Internet. The framework covers all layers of software
development above the operating system. Several software will be developed by
Microsoft to achieve this goal. It is accepted that every player in the industry, be it a
software developer or a device manufacture, adopt .Net so that they can be integrated.
The .Net initiative is all about enabling data transfer between networks, PCs and devices
seamlessly, independent of the platforms, architecture and solutions. Microsoft has taken
many of the best ideas in the industry, combined in some ideas of their own, and bought
them all in to one coherent package. . Net is Microsoft’s next –generation platform for
building web applications and web services. It is a platform for XML web services areas
of Microsoft.
 .Net is Microsoft’s new internet and web strategy
 .Net is not a new operating system
 .Net is delivers software as web services
 .Net is a framework for universal services
 .Net is server centric computing model
 .Net will run in any browser on any platform
 .Net is based on the newest web standards
THE .Net FRAMEWORK
The .Net Framework includes classes, interfaces and value types that help
expedite and optimize the development process and give you access to system
functionality.
94
Proxy Firewall
Microsoft designed C# from the ground up to take advantage of its new

.NET Framework. The .NET Framework is made up of four parts, the Common Language
Runtime, a set of class libraries, a set of programming languages, and the ASP.NET
environment. The .NET Framework was designed with three goals in mind. First, it was
intended to make Windows applications much more reliable, while also providing an
application with greater degree of security. Second, it was intended to simplify the
development of Web applications and services that not only work in the traditional sense,
but on mobile devices as well. Lastly, the framework was designed to provide a single set
of libraries that would work with multiple languages.
The four components of the .NET Framework
1) Common Language Runtime
One of the design goals of .NET Framework was to unify the runtime engines
so that all developers could work with a set of runtime services. The .NET Framework’s
solution is called the Common Language Runtime (CLR). The CLR provides capabilities
such as memory management, security, and robust error handling to any language that work
with the .NET Framework. The CLR enables languages to inter operate with one another.
95
Proxy Firewall
Memory can be allocated by code written in one language and can be freed by code written
in another language. Similarly, errors can be raised in one language and processed in
another language.
2) .Net Framework Class Library
The .NET Framework provides many classes that help developers re-use code.
The .NET Class Libraries contain code for programming topics such as threading, file I/O,
database support, XML parsing, and data structures such as stacks and queues. This entire
class library is available to any programming languages that support the .NET Framework.
Because all languages now support the same runtime, they can re-use any class that works
with the .NET Framework. This means that any functionality available to one language will
also be available to any other .NET language.
3) . Net Programming Languages
The .NET Framework provides a set of tools that help to build code that works
with the .NET Framework. Microsoft provides a set of languages that are already .NET
compatible. C# .NET is one of those languages.
4) ASP.NET
ASP.NET is a unified Web development platform that provides the services

necessary to build enterprise-class Web applications. While ASP.NET is largely syntax
compatible with Active Server Pages (ASP), it also provides a new programming model
and infrastructure that allows creating a powerful new class of applications. ASP.NET is
fully supported by the .NET Framework, allowing one to take full advantage of the
Common Language Runtime (CLR), type safety, inheritance, and all of the other features
of that platform.
96
Proxy Firewall
ASP.NET is a compiled. NET-based environment; one can author applications

in any .NET compatible language, including Visual Basic, C# and JScript. Developers can
easily access the benefits of these technologies, which include a managed Common
Language Runtime environment, type safety, inheritance, and so on.
ASP.NET has been designed to work seamlessly with WYSIWYG HTML
editors and other programming tools, including Microsoft Visual Studio.NET. Not only
does this make Web development easier, but it also provides all the benefits that these tools
have to offer, including a GUI that developers can use to drop server controls onto a Web
page, as well as fully integrated debugging support.
ASP.NET Web Forms
Web Forms are in ASP.NET technology used to create programmable web

pages. They can present information, using any mark-up language, to the user in any
browser and use code on the server to implement application logic.
ADO.NET
ADO introduced a simple object model that made accessing data in MS

Windows programs a straightforward task. In addition, ADO introduced the concept of
disconnected record sets as a way to transport data between the tires of distributed
applications. The low-level API behind ADO is called OLE DB.ADO.NET was designed
with the disconnected data in mind, because this stateless approach works best for
distributed Internet applications. ADO.NET contains two sets of similar classes. One set is
a generic set of classes that can be used to access all databases that have OLE DB provider
and a set of classes for Microsoft’s SQL server.
ADO.NET COMPONENTS
97
Proxy Firewall
The ADO.NET components have been designed to factor data access from data
manipulation. There are two central components of ADO.NET that accomplish this the
Dataset, and the .NET data provider, which is a set of components including the
Connection, Command, Data Reader, and Data Adapter objects. The ADO.NET Dataset is
the core component of the disconnected architecture of ADO.NET. The Dataset is explicitly
designed for data access independent of any data source. As a result it can be used with
multiple and differing of any data sources, used with XML data, or used to manage data
local to the application.
The other core element of the ADO.NET architecture is the .NET data provider
whose components are explicitly designed for data manipulation and fast, forward-only ,
read -only access to data. The connection object provides connectivity to a data source. The
Common objects enables access to database commands to return data, modify data, run
stored procedures, and sends or retrieve parameter information. The Data Reader provides a
high - performance stream of data from the data source. Finally, the Data Adapter provides
the bridge between the Dataset object and the data source.
VB.NET
VB.NET is virtually a new programming language, based around new core

technology – the .NET. The technical changes are so extensive that the developers will be
able to compete with C#, C++ and Java developers. It is full object oriented language
including the features like inheritance, parameterized constructors and overloading.
About Visual C# .NET(Front End Tool Used)
Microsoft C# (pronounced C sharp) is a new programming language designed for building

a wide range of enterprise applications that run on the .NET Framework. An evolution of
Microsoft C and Microsoft C++, C# is simple, modern, type safe, and object oriented. C#
98
Proxy Firewall
code is compiled as managed code, which means it benefits from the services of the
common language runtime. These services include language interoperability, garbage
collection, enhanced security, and improved versioning support
Visual C# .NET is currently part of the Visual Studio.NET. Microsoft Visual
C#.NET is the tool set for creating XML Web services and Microsoft .NET–connected
applications for Microsoft Windows and the Web.
This robust development package, which uses the component-oriented C#

development language, offers a language and environment for creating next-generation
software. Visual C# .NET delivers superior functionality for streamlining business
processes, including:
 Rapid design, development, and deployment support for creating and consuming XML
Web services.
 Form designers and visual controls for creating rich Windows-based applications.
 Authoring tools and services for building powerful Microsoft .NET server-based
solutions.
 Migration tools for converting Java-based projects to the Microsoft .NET development
environment.
With Visual C# .NET, developers can build solutions for the broadest range of
clients, including Windows, the Web, and mobile or embedded devices. Using this elegant
programming language and tool, developers can leverage their existing C++ and Java skills
and knowledge to be successful in the .NET environment.
Language Features
Intuitive C++ based Language
Use a language modeled on C++ syntax, immediately familiar to C++ and Java
developers, as well as intuitive new language constructs that greatly simplify development
tasks
 Reliable Interoperability
99
Proxy Firewall
Employ code to call native Windows APIs, use pre-built COM components, and
leverage existing ActiveX controls to seamlessly integrate existing applications and
components.
 Modern, Component-Oriented Language
Take advantage of inherent support for properties, indexes, delegates, single and
multidimensional arrays, advanced inheritance, attributes, versioning, and XML comments.
 Complete Windows-based Application Development Environment
With visual inheritance, developers can greatly simplify the creation of Windows-
based applications by centralizing in parent forms the common logic and user interface for
their entire solution. Using control anchoring and docking, programmers can build
resizable forms automatically, while the in-place menu editor enables developers to
visually author menus directly from within the Forms Designer.
 Powerful Debugging and Testing Tools
Visual C# .NET includes a powerful remote and multi-language debugger, enabling

developers to test applications and build reliable multi-tier solutions that span process
boundaries and are written in multiple programming languages.
 NET Framework Class Library
Gain mature and powerful, built-in functionality, including a rich set of collection
classes, networking support, multithreading support, string and regular expression classes,
and broad support for XML, XML schemas, XML namespaces, XSLT, XPath, and SOAP.
 Robust Web Development Environment
100
Proxy Firewall
Create Web-based solutions in C# using the shared Web Forms Designer and XML
Designer. Developers can also use IntelliSense features and tag completion or choose the
WYSIWYG editor for drag-and-drop authoring to build interactive Web applications.
 Mobile Web Application Development
Available as part of Visual Studio .NET Professional Edition, native device support enables
developers to construct solutions for a wide variety of mobile devices, including Pocket
PCs, Tablet PCs, and mobile phones. Become immediately successful by using the same
programming model and techniques for building mobile applications as desktop and Web-
based applications. Some of the main features that make this language so special may be
as follows:
1. Object Oriented Language.

2. Powerful Language for making applications.
3. Security.
4. Multithreading and Multitasking.
5. Internet Programming.
6. Intranet Programming.
7. Interpretability.
8. Easily Understanding code.
XML
XML is the acronym for eXtensible Markup Language, the universal format for
structured documents and data on the web. XML is an industry standard protocol
administered by the W3C. XML is a key enabling technology for Microsoft .Net.
XML Web Services
101
Proxy Firewall
XML Web Services are units of application logic providing data and services to
other application. Applications access XML Web services via standard Web protocols and
data formats such as HTTP, XML and SOAP independent of how each XML Web services
is implemented. XML Web services combines the best aspects of component- based
development and the Web, and are a cornerstone of the Microsoft. NET-programming
model. Since web services use XML based protocols to communicate with other systems,
web services are independent of both operating systems and programming languages. An
application calling a web service will always send its request using XML, and get its
answer returned as XML. The calling application will never be concerned about the
operating system or the programming language running on the other computer.
ABOUT DATABASE
SQL Server 2000(Back End Tool Used)
Relational database systems are the most important database systems used in the
software industry today. One of the most outstanding system is Microsoft SQL Server.
SQL Server is a database management system developed and marketed by Microsoft. It
runs exclusively It runs exclusively under Windows NT, Windows 95/98, Windows 2000
Server. The most important aspects of SQL Server 7 are,
 SQL Server is easy to use.
 SQL Server scales from a mobile laptop to symmetric multiprocessor system.
 SQL Server provides data warehousing features that until now have only been
available in Oracle and other more expensive DBMS.
102
Proxy Firewall
SQL Server is a Relational Database Management System. The SQL Server

relational language is called Transact-SQL. SQL is a set oriented language. This means
that SQL can query many rows from one or more tables using just one statement. This
feature allows the use of this language at a logically higher level than procedural
language. Another important property of SQL is its non-procedurality. SQL contains two
sub languages DDL and DML. SQL Server work as a natural extension of Windows NT/
95/ 98. SQL Server is relatively easy to manage through the use of graphical computing
environment for almost every task of the system and database administration. SQL Server
uses services of Windows NT to offer new or extended database capabilities, such as
sending and receiving messages and managing login security. The SQL Server
administrator’s primary tool for interacting with the system is Enterprise Manager. The
Enterprise Manager has two main purposes: Administration of the database server and
Management of database objects. SQL Server Query Analyzer provides a graphical
presentation of the execution plan of a query and an automatic component that suggests
which index should be used for a selected query. This interactive component of SQL
Server performs the task like:
 Generating and executing Transact-SQL statements.

 Storing the generated Transact-SQL statements in a file.
 Analyzing execution plans for generated queries.
 Graphically illustrating the execution plan for a selected query.
A stored procedure is a special kind of batch written in Transact-SQL using the

SQL language and SQL extensions. It is saved on the database server to improve the
performance and consistency of repetitive tasks. SQL Server supports stored procedures
and system procedures. Stored procedures can be used for the following purposes: to
control access authorization, to create an audit trial of activities in database tables, to
separate data definition and data manipulation statements concerning a database and all
corresponding applications. The database object view can be used for:
103
Proxy Firewall
 Restricting the use of particular columns and rows of the tables-that is to control
access to a particular part of one or more tables.
 To hide the details of complicated queries, to restrict inserted and updated values to
certain ranges.
Indices are used to access data more efficiently. The Query Optimizer is the part
of SQL Server that decides how to perform a query in a better way. It generates several
query execution plans for the given query and selects the plan with the lowest cost.
 Declarative integrity constraints defined using CREATE and ALTER TABLE

statements.
 Procedural integrity constraints handled by triggers.
104
Proxy Firewall
Alter/Drop Form
105
Proxy Firewall
106
Proxy Firewall
107
Proxy Firewall
108
Proxy Firewall
109

Proxy Firewall

Загружено:

Сведения о документе

Исходное описание:

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Proxy Firewall

Загружено:

Авторское право:

Доступные форматы

Proxy Firewall

1.1 PROJECT DESCRIPTION

The four modules are:

An Administration module is responsible for the working of the Proxy Firewall.

1.2 ORGANIZATION PROFILE

The company specializes in Client/server Application Development, Web centric

1.3 SCOPE AND OBJECTIVE OF THE PROJECT

Proxy Firewall is not designed to perform as a permanent one. It was designed by

Another disadvantage of proposed system is it cannot support the FTP, Gopher,

In the newly developed system, connection has to be established before executing

The main aim of the project is to develop software that act as an

The net with single internet connection

PROXY FIREWALL makes it possible for an entire LAN with a non-

Internet on their own.

2.1 HARDWARE SPECIFICATION

Processor : Intel PIII 700MHZ with 810 E Chipset.

Memory : 128 MB SD RAM.

Hard Disk : 40 GB HDD (UDMA-Seagate).

Floppy Drive : 1.44 inch (Sony).

Modem : 56 KBPS Internal Modem

Keyboard : Microtek multimedia 110 keys

Mouse : Logitech 3 button Mouse.

Monitor : 15”VGA Samtron Monitor.

2.2 SOFTWARE SPECIFICATION

Operating System : Windows 2000 Server

Languages used : C#. NET

Backend : SQL Server

Other S/W’s used : Internet Explorer, IE 5.5, HTML

3.1 EXISTING SYSTEM

Wingate allows simultaneous Internet sharing for networked computers using

DRAWBACKS OF THE EXISTING SYSTEM

The existing ISA Servers possess the following drawbacks:

Proxies are store-and-forward caches. It acts as a passage. When you configure

Working of a Proxy Firewall

The advantages of using a Proxy Firewall

Why should you use a proxy?

3.2 PROPOSED SYSTEM

The features of the proposed system are: -

A Server or an Administrator can access the proxy setting only by relieving

An Administrator can restrict certain sites to certain clients.

An Administrator has the provision to make changes to the restricted sites.

A caching mechanism is available which avoid frequent downloading of

3.3 FEASIBILITY STUDY

The assessment of technical feasibility must be based on an outline design of

3.4 DATA FLOW DIAGRAM (DFD)

A "Square" defines a source (originator) or destination of a system data.

An "Arrow" identifies data flow. It is a pipeline through which information flows.

A "Circle" represents a process that transforms incoming data flow(s) into

An "Open Rectangle" is a data store.

Steps to Construct Data Flow Diagrams

Four steps are commonly used to construct a DFD

4.1 ARCHITECTURAL DESIGN

Architectural design represents the structure of data and program

ADMINISTRATOR DOWNLOADING CACHIN

4.2 INPUT DESIGN

Input design is the process of converting user-oriented description of the inputs to

In entering data, operators need to know the following: -

 Security: This field contains Block Sites and Client Restriction.

Client Restriction restricts a particular client from entering into a site.

 For specifying the current server in the network.

4.3 OUTPUT DESIGN

 Clients that can access the Proxy Firewall.