Академический Документы
Профессиональный Документы
Культура Документы
INTRODUCTION
1
Proxy Firewall
The Proxy Firewall is developed, keeping the idea of extensive use of Internet by
institutions and companies in mind. It helps more than one person to use the Internet at
same time from different computers in a network through just one simple connection with
existing service provider.
Proxy Firewall speaks the client side of a protocol to another server. This is often
required when clients have certain restrictions on which server they can connect to. Thus
a client would connect to Proxy Firewall, which does not have such restrictions, and the
Proxy Firewall will in turn communicate for the client.
The project has 4 modules and they are loaded in the server system of the network
within an Internet connection. There are a number of client systems connected to the
server. These clients can use Internet simultaneously.
1. Administration:
2
Proxy Firewall
2. Downloading
Downloading includes the downloading of a particular site that the user requests.
The site is downloaded using the Internet Explorer of client by establishing the
connection with the remote server. It involves:
Validating the client
Checking security
Checking client security
3. Caching
Caching means storing the sites downloaded for further request. If the clients
request the same file frequently, it will be given from the cache by avoiding connection
with the remote server each time. This will increase the efficiency of the entire system.
It involves:
Checking file in cache
Storing in cache
1. Security
Proxy Firewall provides security by screening the unwanted sites. When a request
for a particular site is given, it will first check for security provided by administrator. If
that site is restricted, it will not service the request. In addition to security checking Proxy
Firewall produces the validation of clients. Before servicing the request given by the
client the server will check whether the request is from a valid client and whether he is
requesting in his allotted time.
3
Proxy Firewall
Power Plus software Limited established its strong presence in the field of Software
Development. The company has a 100 percent Export Oriented Unit at The Software
Technology Parks of India – An Autonomous body under the Ministry of Electronics,
Government of India and has set up its Software development unit in Dubai.
Power plus software private limited looks forward to its expansion as and when
technology demands. The company have attracted additional expert talents to support
their core competencies and focused on their marketing strategies. The company expects
to continue to lead the way in the software industry by continuing to innovate and serve.
4
Proxy Firewall
The Proxy Firewall has the following modifications, which can be incorporated in
the future.
The proposed proxy cannot be able to cache in the FTP and Gopher requests.
This only accepts the HTTP request. For further modification caching of FTP and
Gopher requests can be done.
Looking into the client status table, the administrator has to understand the peak
time of request manually. The software can be further modified in such a way that he can
manipulate it through the reports.
5
Proxy Firewall
The check in and checkout time can be given only in hours. There is no option to
give the time in minutes that can be further modified.
A user cannot be allowed to use the proxy after midnight, which needs
modification.
intermediary between web browser and web server that helps multiple clients to access
As the Internet grows in its number of users and its scope, more people are
looking for simple cost effective ways of linking their own LAN’s to the Internet
Installing a full –fledged connection to the Internet can cost quite a bit. Even through
Hardware cost for Internet routers and CSU/DSU (Channel Service Unit/Digital Service
Unit)are decreasing, proper Internet connections are still beyond the reach of many
business and private users. This being the case, people have been searching for solutions
that will provide LAN-wide access to the Internet through a smaller connection, which
does not require all the fancy hard wares that installing a large connection needs.
sanctioned IP address to have access to the Internet through a typical dial up link to an
6
Proxy Firewall
ISP. In many situations PROXY FIREWALL is a better choice than granting full access
to the Internet to workstations with valid IP address having context on the Internet.
PROXY FIREWALL is easier to set up and has security features that make it easy to
control the type of Internet access, client workstation has. The workstations behind the
PROXY FIREWALL have valid Internet connections and therefore cannot talk to the
7
Proxy Firewall
SYSTEM
SPECIFICATION
8
Proxy Firewall
9
Proxy Firewall
Frontend : C#.NET
10
Proxy Firewall
SYSTEM ANALYSIS
11
Proxy Firewall
The development and implementation of Proxy Firewall required the study of two
existing ISA Servers. They were Microsoft ISA Server and Wingate ISA Server. The
Microsoft ISA SERVER provides an easy; secure way to bring Internet access to every
desktop in an organization. Wingate Proxy allows multiple computers to share single
Internet connection.
Microsoft ISA Server supports all Internet protocols including HTTP, FTP, Real
Audio, Video conferencing, e-mailing, voice mailing and news protocols. The Microsoft
ISA Server also provides security features through which we can provide the Internet
connection to the authentic users only. The Microsoft Proxy Sever does offer a great deal
of control to the outside Internet via a central authority.
Microsoft ISA Server can cache most World Wide Web objects (HTML document,
wave files and graphics). This means that Microsoft ISA Server can draw from a local
hard drive to serve out Internet data that it has already handled. This improves
performance to workstations and reduces the use of the outside link
If many users are using Microsoft ISA Server to access a multitude of different
web sites, objects in cache could be flushed before they are ever called on again. This
ISA Server can use any valid connection method that it supported by NT to talk to
Internet, depending on the size of your organization and the number of users accessing
the network. However, there are some situations when using is preferable to letting
workstation has valid Internet connections on their own.
Wingate is an ISA Server software package that allows you to share a single or
multiple Internet connection with an entire computer network. The Internet connection
shared by Wingate can be of nearly any type, including dial up modem, ISDN, XDSL,
cable modem, satellite connection or even dedicated TI circuits.
12
Proxy Firewall
Wingate ISA Server consists of a server component, which can install on the
computer with the modem or Hub and client component, which is installed on the other
components of the network. Wingate requires TCP/IP network and the server component
must be installed on a Windows 95/98/NT system. Since Wingate runs in the background
as a service, this computer does not have been dedicated to operating Wingate.
The primary benefit of Wingate is its ability to allow multiple computers to share
single Internet connection. This eliminates the need to add additional phone lines,
Internet access account, modem or expensive dedicated circuit hardware in order to
provide Internet access to multiple computers. By sharing a single Internet account and
connection with Wingate, a home or business user can provide Internet access to an entire
network with cost having that can be seen immediately. Wingate also include an HTTP
cache that can increase the performance of your Internet connection for web browsing.
The existing ISA Server does not have ability to filter sites based on a user-by-
user approach. This means that you cannot define filter for specific users. Unfortunately,
site filtering is still rough around the edges and does not support many filter functions.
The existing ISA Server does not have the ability to provide access to a client for
certain specific period in a day.
13
Proxy Firewall
If you have a large network of users but a relatively small link to the Internet, it
would have two groups of Internet user with separate time.
This server gives greater access from inside the protected network to the outside,
but will keep the inside completely inaccessible from outside.
PROBLEM DEFINITION
When a client wants to down load a file, it will send the corresponding request to
the proxy server first. The proxy is then connected to the server you requested and return
the data for you. Rules set on the proxy firewall can either grand or deny these service
requests.
Proxy Firewall must be able to cache frequently request files. When the user
requests a file, the Proxy Firewall first looks in its cache for the file. If found the server
returns the file. Otherwise the file is requested from the source. This improves the
performance and reduces the network traffic.
The Proxy Firewall must provide some degree of security for the internal
network. Because the proxy server makes all external requests, the external host cannot
learn the name or IP address of computers on the internal network. The proxy server
screens all incoming and outgoing traffic and protects the network from unwelcome
intruders thus providing security to the internal network.
The Proxy Firewall must have the provision for restricting various sites that are
provided by the administrator. The site restrictions have to be made available either in
server level as a whole or in a client-by-client manner.
The Proxy Firewall also checks the user login time in the log file table. The
clients connected the proxy server has its own permitted time. The user is permitted to
access the net only if he is issuing the request within his permitted time.
14
Proxy Firewall
Proxy Firewall must be able to provide FTP caching and Gopher caching,
which is not currently supported in the existing system.
The administrator must be able to estimate the peak time and fall
time of request from the clients. This enables him to arrange the allotted time of clients
accordingly.
Proxy
CORPORATE N/W
INTERNE
PROXY
SERVER
A Proxy Firewall receives a request for an Internet service (such as a Web page
request) from a user. If it passes filtering requirements, the Proxy Firewall, assuming it
also as a cache server, looks in its local cache of previously downloaded Web pages. If it
15
Proxy Firewall
finds the page, it returns it to the user without needing to forward the request to the
Internet. If the page is not in the cache, the Proxy Firewall, acting as a client on behalf of
the user, uses one of its own IP addresses to request the page from the server out on the
Internet. When the page is returned, the Proxy Firewall relates it to the original request
and forwards it on to the user.
To the user, the Proxy Firewall is invisible; all Internet requests and returned
responses appear to be directly with the addressed Internet server. (The proxy is not quite
invisible; its IP address has to be specified as a configuration option to the browser or
other protocol program.)
An advantage of using a Proxy Firewall is that its cache can serve all users. If one
or more Internet sites are frequently requested, these are likely to be in the proxy’s cache,
which will improve user response time. In fact, there are special servers called cache
servers.
The functions of proxy, firewall and caching can be in separate server programs or
combined in a single package. Different server programs can be in different computers.
For example, a Proxy Firewall may be in the same machine with a firewall server or it
may be on a separate server and forward request through the firewall.
There are different types of ISA SERVERs with different features, some are
anonymous proxies, which are used to hide your real IP address and some are used to
filter sites, which contain material that may be unsuitable for people to view. When you
connect to a website, your true IP address will not be shown, but the ISA SERVER’s IP
address. This does not mean that you are completely anonymous. The ISA SERVER will
have logs of IP’s that used the ISA SERVER and the time of access.
16
Proxy Firewall
You can use a Proxy if you have a child and wish to restrict the sites they are
viewing; you will need to make sure you get the correct type of proxy because not all
proxies filter sites. You can use it to protect yourself; it can be used to hide your IP which
is useful because it means hackers cannot get info about you when using it. They will
only get the Proxy Firewall’s IP. Proxy Firewalls are not hard to set up, no hardware or
software is needed; you just need to configure your browser to connect through it.
Some ISP’s (Internet Service Providers) make all their users use a Proxy Firewall,
for example in the United Arab Emirates, the main ISP makes all users use an Proxy
Firewall which blocks sites with unsuitable material. It does this using the Meta tags in
the HTML code used to make the web page. Some ISP’s may give you a choice so you
can use one or not. If you want to use a Proxy Firewall there are many around with
different functions, you just have to get the one that suits your needs best
17
Proxy Firewall
An advanced futuristic one replaces the existing ISA Server, which incorporates
the different facets of the facilities of computers and networking. The proposed system
has a high degree of efficiency. This system focuses on administrative side and so has
added security features. Here the administrator with valid user name and password can
only make changes to the proxy settings. This software can resist clients from viewing
certain sites like a porno site or an auction site and also can make use of logoff/logon
options so that a particular client can access the net only for a certain allotted time.
In this proxy setting a server listens to client through port, which is set during
installation like port 5000. The Proxy Firewall accepts a client request after checking the
client’s address and login time. A client can access only those sites, which are not
restricted. Another feature is the check in / checkout file through which the administrator
can control the usage of system. Using the add client option the administrator can
add/remove the clients. There is an option, change administrator with which a new
administrator can take charge after producing the old password (previous administrator’s
password).
Since thread feature of C#.NET is used multiple clients can be connected to the
Internet simultaneously.
An Administrator has the power to restrict the usage of proxy setting to certain
client.
There is provision for restricting the site in a client-by-client manner.
18
Proxy Firewall
Looking into the Log file, the Administrator can verify the sites accessed by the
clients in a particular date.
In the proposed system the Administrator can find the peak time and fall time of
requests.
The Administrator has the provision to add/remove the clients connected to the
Proxy Firewall.
There is provision to clear the cache and it can be cleared either completely or
those which are stored before a specified period of time.
19
Proxy Firewall
After the problem is clearly understood and solutions are proposed the next step is
to conduct the feasibility study, which is a part of system analysis as well as system
design process. The main objective of this study is to determine whether the proposed
system is feasible or not. Mainly there are three types of feasibility study to which the
proposed system is subjected as described below. Three key considerations are involved
in the feasibility.
Technical feasibility
Behavioral feasibility
Economic feasibility
The proposed system must be evaluated from a technical viewpoint first, and if
technical feasibility their impact on the organization must be assessed. If compatible,
behavioral system can be devised. Then they must be tested for economical feasibility.
Technical Feasibility
Behavioral Feasibility
People are inherently resisted to change and computers have been known to
facilitate change. Since the new proposed system is nothing to do with the ordinary
customers and worker resistance to the system is very much less. On the other hand the
users of the system are accessing this system through Internet and they are computer
literate, so resistance from that side is also very less.
20
Proxy Firewall
Economical Feasibility
Justification of any capital outlay is that it will reduce expenditure or improve the
quality of service or goods, which in turn may be expected to provide increased profits.
The technique of cost benefit analysis is often used a basis for assessing economic
feasibility
21
Proxy Firewall
A Data Flow Diagram (DFD) is a diagram that describes the flow of data and the
processes that change or transform data throughout a system. It is a structured analysis
and design tool that can be used for flowcharting in place of, or in association with,
information oriented and process oriented system flowcharts. When analysts prepare the
DFD, they specify the user needs at a level of detail that virtually determines the
information flow into and out of the system and the required data resources. This network
is constructed by using a set of symbols that do not imply a physical implementation. The
DFD reviews the current physical system, prepares input and output specification,
specifies the implementation plan etc.
Four basic symbols are used to construct data flow diagrams. They are symbols
that represent data source, data flows, and data transformations and data storage. The
points at which data are transformed are represented by enclosed figures, usually circles,
which are called nodes.
Basic data flow diagram symbols are
22
Proxy Firewall
23
ZERO LEVEL DFD
Proxy Firewall
24
Reply Reply
WEB PROXY
BROWSER SERVER WEB SERVER
WEB
SERVER files from the Request for
remote server accessing files
Request for accessing
FIRST LEVEL DFD FOR ADMINISTRATOR
Proxy Firewall
25
Administrator Invalid User
Request
Reply
Request
securit
y sites
Client
Add/ Client
Remove
Reply
User ID &
Password
Cache Request
Clearing
Administrator
Validating
Administrator
clearin
Cache
the
administrato Cache
g
r Reply
Request
Securit
y sites
Add/Remove Security
Reply
Add/Remove
Request
Access
inform
Client
Client access
ation
Reply
SECOND LEVEL DFD FOR DOWNLOADING AND CACHING
In Valid Client
Proxy Firewall
26
Client access Restricted site
Search
Reply
Search
Security
Validatin
Reply
Restricted for a particular
Checking
client
g the
security Client
1.1
Request to
1.2
access the the
Web Browser
client Search
If Valid
If not
Checking
restricted Client Restriction
security
client
1.3
If not Reply
Web Browser restricted
Request
Checking
the file in
Search
cache
1.4
If not found Cache
Reply
Storing
Cache
1.6
Request to
Connectin
Access
remote
Web Server
g to
1.5
Downloaded
file
Reply
Proxy Firewall
SYSTEM DESIGN
27
Proxy Firewall
PROXY FIREWALL
Reports 4
1. Client details SECURITY
2.Block sites 4.1 Security checking
3. Cache information 4.2 Client Validation
4. Hit details 1. Administrator
2. Security
3. Cache
4. Client Access
5. Client Status
6. Client
Restriction
28
Proxy Firewall
The field length must known to the data entry operator, so that the data entered will
not exceed the allocated space and/or numeric data may be right justified where
appropriate.
Field sequence of fields must match the sequence of the fields on the source
document.
There are two major approaches for entering data using C#.NET environment.
They are Menus and Dialogue boxes.
Menus: In this the user chooses from a list of options what to perform. A
menu limits a user choice of response but reduce the chances for error in data entry. Thus
menu simplifies the data access and entry.
The various Menus listed in the proposed system are Menu, Administrator,
Security, Reports and Help.
Menu: Under this we have three fields Start, Stop and Exit.
29
Proxy Firewall
Clicking start begins the Internet Cruising and stop gives a break to the journey.
Exit helps to quit from the menu.
Administrator: This contains Add Client, Change Administrator, Clear Cache, and
Server Details.
The Add Client option is used for adding or removing a client from the file. A
client is added along with his check in and checkout time. We can change the
administrator login or password using the Change administrator option. Here the new
administrator has to give the existing administrator’s password, i.e. the old password, and
the new password. Clear Cache is used to clear the cache details from the file. Server
Details is used to specify the Server ID and Port Number by which we can change the
existing port.
Report: Report menu gives the monitored information about the login process, client
restriction, cache details etc. This menu consists of five fields,
Log File which gives description about the sites accessed by a particular client on
a particular date with time of accession. Blocked sites are displayed in the Block File.
Security Restriction displays the restricted sites with the client Id. Cache Information
gives information about cached sites. Client Details contains the information about a
client’s login time, when did he quit and the client id.
Help: This is the ultimate menu, which provides help information to the user.
30
Proxy Firewall
Dialog Box: These are windows that appear in response to certain conditions
that occur when a program is run. Dialogue Box has various controls like buttons, text
boxes, list boxes and combo boxes. We can also include pictures using Bitmaps, Icons,
etc. With the use of all these controls we can make a ‘dialog’ with the program. Thirteen
dialogue boxes stands steadily to help the user to perform the operation easily. Various
operations like adding the client, giving restrictions to a particular client, blocking a site,
allowing password usage to protect the server from unauthorized access, changing the
administrator, Caching the sites once entered etc are performed with these thirteen dialog
boxes.
The input given by the users is the site name, which they want to access. This is
specified in the internet explorer window.
The rest of the inputs are given by the system Administrator. He gives them
through properly designed forms. There are forms designed for the following:
31
Proxy Firewall
Reports: Reports are accessible only to the Administrator of the Proxy Firewall. The
reports provide the administrator with information about the following:
32
Proxy Firewall
The data in the system has to be stored and retrieved from database. Designing the
database is part of system design. Data elements and data structures to be stored have
been identified at analysis stage. They are structured and put together to design the data
storage and retrieval system.
1) AdminLogin:
This table contains the username and password, which helps the administrator to
login into the entire system.
2) Blocksites:
33
Proxy Firewall
This table contains the details of the site that are blocked or banned from viewing
or accessing. It contains three fields.
3) CacheSites:
This caches or stores the sites once accessed by the client into the cache file table.
These sites can be viewed or accessed easily the next time when it is called because the
sites get loaded directly from the cache file.
4) Client Block:
The Client Block table is used to monitor the sites that are restricted to a
particular client. A client cannot access a site that is included in the Client Block table.
5) Client Master
34
Proxy Firewall
This table is used to check the login and logoff time of a particular client using his
client id. Here a client can access the service only if his login time matches with the
system time provided by the administrator.
IP Address Varchar2 25
Reg.Date Date
StartTime Date
EndTime Date
6) HitList:
This table is used to give description about the number of times a particular site
was accessed by a particular client. This file contains three fields.
35
Proxy Firewall
7) Serverset
This table contains server IP and port number. This is used to change the
administrator and port number while installing the Proxy Firewall for a different client or
in a new system.
CachePort Number 5
ServerPort Number 5
ServerIP Varchar2 25
36
Proxy Firewall
CLIENT DETAILS
This contains the information about a clients login time. When did
He quite and the client id
BLOCKED SITES
These are displayed in the blocked sites file
HIT SITES
These files gives the information about how many items a particular site was
Accessed
CACHE SITES
These gives information about cached sites
Reports are accessible only to the Administrator of the proxy
firewall. The reports provide the Administrator with information about the following
Log detail
Cache details
37
Proxy Firewall
SYSTEM TESTING
38
Proxy Firewall
System testing is defined as the process by which one detects the defects in
the software. Any software development organization or team has to perform several
processes. Software testing is one among them. It is the final opportunity of any
programmer to detect and rectify any defects that may have appeared during the software
development stage. Testing is a process of testing a program with the explicit intention of
finding errors that make the program fail. In short system testing and quality assurance is
a review in software products and related documentation for completion, correctness,
reliability and maintainability. The various tests performed in “Proxy firewall System”
are unit testing, integration testing and acceptance testing.
UNIT TESTING
This is the first level of testing. In this different modules are tested against
the specification produces during the design of the modules. Unit testing is done during
the coding phase and to test the internal logic of the modules. It refers to the modules. It
refers to the verification of single program module in an isolated environment. Unit
testing first focuses on the modules independently of one another to locate errors.
39
Proxy Firewall
After coding each dialogue is tested and run individually. All necessary coding
where removed and it was ensured that all the modules are worked, as the programmer
would expect.
Logical errors found where corrected. In my project unit testing are done for the
two modules of the project separately and in each modules the different sub modules are
individually tested.
INTEGRATION TESTING
Data can be lost across any interface, one module can have an adverse
effect on another, sub functions when combined, may not produce the desired major
functions. Integration testing is a systematic testing to discover errors associated within
the interface. The objective is to take unit tested modules and build a program structure.
All the modules are combined and tested as a whole.
This provides the final assurance that the software meets the all the
functional, behavioral and performance requirements. The software is completely
assembled as a package. Validation succeeds when the software functions in a manner in
which user wishes. Validation refers to the process of using software in live environment
in order to find errors. During the course of validation the system failure may occur and
sometime the coding has to be hanged according to the requirement. Thus the feedback
from the validation phase generally produces changes in the software. In the proposed
system, validation testing is done and makes sure that no error remains before submitting
to the customer.
40
Proxy Firewall
TESTING TECHNIQUES
Testing is one of the major hurdles in the development of the system. Testing is
the process of finding errors in the system. Software bugs persist in contemporary and
cause inconvenience and occasional loss of information. Only error free software will be
stable for a long time. To accomplish this objective two different testing techniques are
used: white box testing and black box testing.
White box testing, some times called glass box testing, is a test case design
method that uses the control structure of the procedural design to derive test cases.
White box tests focus on the program control structure. Test cases derived to ensure that
all statements in the program have been executed at least once during the testing and that
all the logical conditions have been exercised. Basic path testing, a white box testing
technique makes use of program graphs to derive the set of linearly independent tests that
will ensure coverage. Condition and data flow testing further exercise program logic, an d
loop testing components other white box testing techniques by providing a procedure for
exercising complexity. Using white box testing method the software engineer can derive
test cases:
i. Guarantee that all independent paths within a module have been exercised at least
once.
ii. Exercise all the logical decisions on their true and false sides.
iii. Execute all loops at their boundaries and their operational limit.
iv. Execute internal data structures to assure their validity.
41
Proxy Firewall
Input
Test Ie
Data
Output
Test 42
Results
Oe
Proxy Firewall
The key problem defect tester is to select inputs that have a high probability being
member of the test.
By applying black box testing technique, we derive a set of test cases that satisfy the
following criteria:
Test cases that reduce the number of additional test cases that must be designed to
achieve reasonable testing.
Test cases that tell us something about presence or absence of errors, rather than
errors associated only with specific test at hand.
43
Proxy Firewall
TEST RESULTS
Each and every computer project starts with a statement of the business needs and
then developed in progressively greater level of details. It is the purpose of testing to
ensure that the communication between each level is verified and the end project satisfies
the business needs.
Testing a system requires more effort while developing it because it is one of the
final steps. Early planning for this stage can ensure smooth and easy testing. Adequate
preparation needs to be made before testing begins, so that it can be performed
effectively.
The aim of testing is to prove that the developed system addresses the pre defined
processing requirements and will perform reliably efficiently when running live. In the
proxy firewall providing test data to check the working of the system as specified
performs testing.
44
Proxy Firewall
45
Proxy Firewall
SYSTEM SECURITY
46
Proxy Firewall
System security
System security refers to the technical innovations and procedures applied to the
hardware and operating systems to protect against deliberate or accidental damage from a
defined threat. In contrast, data security is the protection of data from loss, disclosure,
modification and destruction.
The security features are considered while developing the system, so as to avoid the
errors and omissions that may lead to serious problems.
System integrity
47
Proxy Firewall
Disclosure of information
In comparison, data integrity makes sure that data do not differ from their original form and
have not been accidentally or intentionally disclosed, altered or destroyed.
Privacy
Privacy defines the rights of the users or organizations to determine what information they
are willing to share with or accept from others and how the organization can be protected
against unwelcome, unfair or excessive dissemination of information about it.
Confidentiality
A procedure for protecting systems makes sure that the facility is physically secure,
provides a recovery/ restart capability, and has access to backup files. The threat of external
48
Proxy Firewall
attack on a computer system is virtually last. The list of potential lists is Errors and
omissions, Disgruntled and dishonest employees, Fire, Natural disasters and External
attack.
In a database environment, there are three types of failure. They are catastrophic,
logical and structural. A catastrophic failure is one where part of a database is unreadable. It
is restored using the roll forward method of memory. A logical failure occurs when activity
to the database is interrupted (e.g. a power failure) with no chance of completing the
currently executing transactions. A typical example of structural damage is a pointer
incorrectly stored in a record that point to unrelated or non-existent data.
The application stores data in a RDBMS called SQL Server.We can store data in a
secured and easily retrievable manner into the table of oracle. So the proposed system
provides powerful security measures. The system is capable to cope with the changes in the
organization policies. The reconstruction of the system will increase its flexibility.
Security measures are provided to prevent unauthorized access of the system and
the database at various levels. In this project the data security, data validation checking
methods are applied using a password authentication. All the data, which is entered by the
user and the manager is validated. Users should enter their username and password for the
requesting access. Only the manager can add, modify or delete the users. This single point
control ensures better security. Password protection and simple procedures to change the
unauthorized access are provided to the users. The system allows the user to enter the
system only through login.
49
Proxy Firewall
IMPLEMENTATION
50
Proxy Firewall
Implementation is the state of the project where theoretical design is turned into a
working system. The most critical stage in achieving a successful new system and in giving
the authorized confidence that the new system will work and be effective. The system can
be implemented only after testing is done and if it is found working according to
specifications.
Implementation plan
Implementation is the stage in the project where the theoretical design is turned into
a working system and is giving confidence on the new system for the users that it will work
efficiently and effectively. It involves careful planning, investigation of the current system
and it constraints on implementation, design of methods to achieve the change over, an
evaluation, of change over methods. Apart from planning, major task of preparing the
implementation are education and training of users. The more complex system being
implemented, the more involved will be the system analysis and the design effort required
51
Proxy Firewall
Implementation is the final and important phase. The most critical stage in
achieving a successful new system and in giving the users confidence that the new system
will work and be effective. The system can be implemented only after thorough testing is
done and if it is found to be working according to the specification. This method also offers
the greatest security since the old system can take over if the errors are found or inability to
handle certain type of transactions while using the new system.
The implementation process begins with preparing the plan for implementation of the
system. Once the planning has been completed, the major effort in the computer
department is to ensure that the programs in the system are working properly. At the same
time the HR department must concentrate on training user staff. A logical starting point for
this type planning involves knowledge of the following areas.
The following steps have been followed the implementation plan of the system:
Implementation planning
Equipment acquisition & installation
System conversation
User training
Personnel needs
52
Proxy Firewall
User’s Manual
Since it is a graphical user interface (GUI) system, the user is able to work with this
system without any difficult. Common GUI elements available on windows are also used in
the system for making interaction between the user and the system. Only authorized
persons are allowed to enter into the system. The entire available operation lists are given
in the menu bar of the particular module. The user can select appropriate menu options
from this list using mouse or keyboard. Keyboard shortcut keys are given for all the
commonly used menu options.
The system will automatically do all type of validation to enter the correct data.
Format for the special data are given in the form itself. The operation can’t be continued
unless you enter a valid and correct entry. System will display useful messages when any
error occurs in the entry or when an entry is not in an accepted format. Commonly used
operations can be invoked by clicking the appropriate toolbars buttons also.
People who are all involved in the system must be familiar and confident of their
role in the new system to achieve the objectives and benefits expected from the computer-
based system. This involves them in understanding the overall system and its effect on the
organization, and is being able to carry out their task effectively. The training should
involve every one associated with the implementation, use, operation or maintenance of the
new system. User staff must be instructed in how to perform their new tasks.
Hands on training to the computer center people are essential to make themselves
familiar with the system. Classroom lectures about the system have been given to the
computer center people. Practical training should also be given to them to use this software.
Training sessions must aim to give user staff the specific skills required in their new jobs.
The implementation of the proposed system includes the training of system operators.
53
Proxy Firewall
Training the system operators includes not only instructions in how to use the equipment,
but also in how to diagnose malfunctions and in what steps to take when they occur. So
proper training should be provided to the system operators. No training is complete without
familiarizing users with simple system maintenance activities. Since the proposed system is
developed in a GUI, training will be comparatively easy than systems developed in a non-
GUI. There are different types of training. We can select off-site to give depth knowledge to
the system operators.
Success of the system depends on the way in which it is operated and used.
Therefore the quality of training given to the operating person affects the successful
implementation of the system. The training must ensure that the person can handle all the
possible operations. Training must also include data entry personnel. They must also be
given training for the installation of new hardware, terminals, how to power the system,
how to power it down, how to detect the malfunctions, how to solve the problems etc. the
operators must also be provided with the knowledge of trouble shooting which involves the
determination of the cause of the problem.
The new system requires trained personnel for operating the system. Data entry jobs
must be done utmost carefully to avoid errors. This will reduce the data entry errors
considerably. It is preferable to provide the person with some kind of operating manuals
that will explain all the details of the system.
Thus the users are trained to operate the developed system. Both the hardware and
software securities are made to run the developed systems successfully in future. In order to
put new application system into use, the following activities were taken care of. So useful
tips and guidance is provided within the application itself. They have to be made aware that
what can be achieved with the new system and how it increases the performance of the
system.
The training schedule is coordinate with the schedule for completing the
development phase, for all essential training must be completed prior to the user acceptance
54
Proxy Firewall
review at the end of this phase. For the system to begin operation, a sufficient number of
users must be trained before the end of the development phase. Thereafter, additional
personnel are trained, and training continues throughout the operational life of the system.
Implementation includes all those activities that take place to convert from the old system
to the new. The old system consists of manual operations, which is operated in a very
different manner from the proposed new system. A proper implementation is essential to
provide a reliable system to meet the requirements of the organizations. An improper
installation may affect the success of the computerized system.
Implementation Methods
CHANGE OVER
Change Over is the stage of moving from existing to the new system. The change
over from the old system may take place when the system has been proved to the
satisfaction of the system analyst, Candidate system Manager, Management and operational
staff. There are several methods for handling the implementation and the conversion from
the old to the new computerized system.
The most secure method for conversion from the old system to the new system is to
run the old and new system is parallel. In this approach, a new person may operate in the
manual older processing system as well as start operating the new computerized system.
This method offers high security, because even if there is a flow in the computerized
system, we can depend upon the manual system. However, the cost for maintaining two
systems in parallel is very high. This outweighs its benefits.
55
Proxy Firewall
Another commonly method is a direct cut over from the existing manual system to
the computerized system. The change may be with in a week or with in the day. There are
no parallel activities. However, there is no remedy in case of a problem. This strategy
requires careful planning.
56
Proxy Firewall
ALGORITHM
Step1:
Start the program
Step2:
Read request from the client
Step3:
Check for valid clients
If the client request is invalid then goto step: 8
Else if the client is valid then go to step: 4
Step4:
Check for security
if it is valid then goto step: 5
Else goto step1
Step5:
Search file in cache if present check to see if the site is modified
If yes go to step: 6 else
Display the file and go to step: 1
Step 6:
Read the file from the remote host
Step 7:
Store file in cache and display the file and goto step: 1
Step8:
Terminate the program
57
Proxy Firewall
The Proxy Firewall has the following modifications, which can be incorporated in
the future.
The proposed proxy cannot be able to cache in the FTP and Gopher requests.
This only accepts the HTTP request. For further modification caching of FTP and
Gopher requests can be done.
Looking into the client status table, the administrator has to understand the peak
time of request manually. The software can be further modified in such a way that he can
manipulate it through the reports.
Another disadvantage of proposed system is it cannot support the FTP, Gopher, and
HTTP requests. At the time of further development we must be able to do that.
58
Proxy Firewall
automatically at the time of execution of the proxy system by using the internal command
of the modem
.
The check in and checkout time can be given only in hours. There is no option to
give the time in minutes that can be further modified.
59
Proxy Firewall
7.4 CONCLUSION
The system entitled Proxy Firewall is developed in such a way that it provides the
access of Internet in a user-friendly manner. It provides an efficient means for multiple
clients to access the net with single Internet connection. This software is developed in such
a way that any number of clients can access the net at a given time. The system is tested
with input samples of website and performance of the system is proved much efficient. The
data maintenance and manipulation is achieved practically.
60
Proxy Firewall
7.5 BIBLIOGRAPHY
http://www.msdn.microsoft.com
http://www.developerfusion.com
http://www.aisto.com
http://www.dotnetfun.com
http://www.joegrip.com
61
Proxy Firewall
ANNEXURES
62
Proxy Firewall
SPLASH SCREEN
LOGIN FORM
63
Proxy Firewall
MAIN MENU
64
Proxy Firewall
SESSION ITEMS
65
Proxy Firewall
66
Proxy Firewall
LOCK APPLICATION
67
Proxy Firewall
SERVICE ITEMS
68
Proxy Firewall
START SERVICE
69
Proxy Firewall
STOP SERVICE
70
Proxy Firewall
CLIENT ITEMS
71
Proxy Firewall
CLIENT REGISRATION
72
Proxy Firewall
73
Proxy Firewall
ADMINISTRATOR ITEMS
74
Proxy Firewall
CACHE CLEARING
75
Proxy Firewall
HIT CLEARING
76
Proxy Firewall
CHANGEPASSWORD FORM
77
Proxy Firewall
SETTING ITEMS
78
Proxy Firewall
79
Proxy Firewall
SECURITY ITEMS
80
Proxy Firewall
81
Proxy Firewall
82
Proxy Firewall
REPORT ITEM
83
Proxy Firewall
HELP ITEM
84
Proxy Firewall
ABOUT FORM
85
Proxy Firewall
ERROR MESSAGES
86
Proxy Firewall
87
Proxy Firewall
88
Proxy Firewall
89
Proxy Firewall
8.2 REPORTS
CACHE DETAILS
90
Proxy Firewall
CLIENT DETAILS
91
Proxy Firewall
92
Proxy Firewall
93
Proxy Firewall
The .Net Framework includes classes, interfaces and value types that help
expedite and optimize the development process and give you access to system
functionality.
94
Proxy Firewall
One of the design goals of .NET Framework was to unify the runtime engines
so that all developers could work with a set of runtime services. The .NET Framework’s
solution is called the Common Language Runtime (CLR). The CLR provides capabilities
such as memory management, security, and robust error handling to any language that work
with the .NET Framework. The CLR enables languages to inter operate with one another.
95
Proxy Firewall
Memory can be allocated by code written in one language and can be freed by code written
in another language. Similarly, errors can be raised in one language and processed in
another language.
The .NET Framework provides many classes that help developers re-use code.
The .NET Class Libraries contain code for programming topics such as threading, file I/O,
database support, XML parsing, and data structures such as stacks and queues. This entire
class library is available to any programming languages that support the .NET Framework.
Because all languages now support the same runtime, they can re-use any class that works
with the .NET Framework. This means that any functionality available to one language will
also be available to any other .NET language.
The .NET Framework provides a set of tools that help to build code that works
with the .NET Framework. Microsoft provides a set of languages that are already .NET
compatible. C# .NET is one of those languages.
4) ASP.NET
96
Proxy Firewall
ADO.NET
ADO.NET COMPONENTS
97
Proxy Firewall
The ADO.NET components have been designed to factor data access from data
manipulation. There are two central components of ADO.NET that accomplish this the
Dataset, and the .NET data provider, which is a set of components including the
Connection, Command, Data Reader, and Data Adapter objects. The ADO.NET Dataset is
the core component of the disconnected architecture of ADO.NET. The Dataset is explicitly
designed for data access independent of any data source. As a result it can be used with
multiple and differing of any data sources, used with XML data, or used to manage data
local to the application.
The other core element of the ADO.NET architecture is the .NET data provider
whose components are explicitly designed for data manipulation and fast, forward-only ,
read -only access to data. The connection object provides connectivity to a data source. The
Common objects enables access to database commands to return data, modify data, run
stored procedures, and sends or retrieve parameter information. The Data Reader provides a
high - performance stream of data from the data source. Finally, the Data Adapter provides
the bridge between the Dataset object and the data source.
VB.NET
98
Proxy Firewall
code is compiled as managed code, which means it benefits from the services of the
common language runtime. These services include language interoperability, garbage
collection, enhanced security, and improved versioning support
Visual C# .NET is currently part of the Visual Studio.NET. Microsoft Visual
C#.NET is the tool set for creating XML Web services and Microsoft .NET–connected
applications for Microsoft Windows and the Web.
Rapid design, development, and deployment support for creating and consuming XML
Web services.
Form designers and visual controls for creating rich Windows-based applications.
Authoring tools and services for building powerful Microsoft .NET server-based
solutions.
Migration tools for converting Java-based projects to the Microsoft .NET development
environment.
With Visual C# .NET, developers can build solutions for the broadest range of
clients, including Windows, the Web, and mobile or embedded devices. Using this elegant
programming language and tool, developers can leverage their existing C++ and Java skills
and knowledge to be successful in the .NET environment.
Language Features
Intuitive C++ based Language
Use a language modeled on C++ syntax, immediately familiar to C++ and Java
developers, as well as intuitive new language constructs that greatly simplify development
tasks
Reliable Interoperability
99
Proxy Firewall
Employ code to call native Windows APIs, use pre-built COM components, and
leverage existing ActiveX controls to seamlessly integrate existing applications and
components.
Take advantage of inherent support for properties, indexes, delegates, single and
multidimensional arrays, advanced inheritance, attributes, versioning, and XML comments.
With visual inheritance, developers can greatly simplify the creation of Windows-
based applications by centralizing in parent forms the common logic and user interface for
their entire solution. Using control anchoring and docking, programmers can build
resizable forms automatically, while the in-place menu editor enables developers to
visually author menus directly from within the Forms Designer.
Gain mature and powerful, built-in functionality, including a rich set of collection
classes, networking support, multithreading support, string and regular expression classes,
and broad support for XML, XML schemas, XML namespaces, XSLT, XPath, and SOAP.
100
Proxy Firewall
Create Web-based solutions in C# using the shared Web Forms Designer and XML
Designer. Developers can also use IntelliSense features and tag completion or choose the
WYSIWYG editor for drag-and-drop authoring to build interactive Web applications.
Available as part of Visual Studio .NET Professional Edition, native device support enables
developers to construct solutions for a wide variety of mobile devices, including Pocket
PCs, Tablet PCs, and mobile phones. Become immediately successful by using the same
programming model and techniques for building mobile applications as desktop and Web-
based applications. Some of the main features that make this language so special may be
as follows:
XML
XML is the acronym for eXtensible Markup Language, the universal format for
structured documents and data on the web. XML is an industry standard protocol
administered by the W3C. XML is a key enabling technology for Microsoft .Net.
101
Proxy Firewall
XML Web Services are units of application logic providing data and services to
other application. Applications access XML Web services via standard Web protocols and
data formats such as HTTP, XML and SOAP independent of how each XML Web services
is implemented. XML Web services combines the best aspects of component- based
development and the Web, and are a cornerstone of the Microsoft. NET-programming
model. Since web services use XML based protocols to communicate with other systems,
web services are independent of both operating systems and programming languages. An
application calling a web service will always send its request using XML, and get its
answer returned as XML. The calling application will never be concerned about the
operating system or the programming language running on the other computer.
ABOUT DATABASE
Relational database systems are the most important database systems used in the
software industry today. One of the most outstanding system is Microsoft SQL Server.
SQL Server is a database management system developed and marketed by Microsoft. It
runs exclusively It runs exclusively under Windows NT, Windows 95/98, Windows 2000
Server. The most important aspects of SQL Server 7 are,
SQL Server is easy to use.
SQL Server scales from a mobile laptop to symmetric multiprocessor system.
SQL Server provides data warehousing features that until now have only been
available in Oracle and other more expensive DBMS.
102
Proxy Firewall
103
Proxy Firewall
Restricting the use of particular columns and rows of the tables-that is to control
access to a particular part of one or more tables.
To hide the details of complicated queries, to restrict inserted and updated values to
certain ranges.
Indices are used to access data more efficiently. The Query Optimizer is the part
of SQL Server that decides how to perform a query in a better way. It generates several
query execution plans for the given query and selects the plan with the lowest cost.
104
Proxy Firewall
Alter/Drop Form
105
Proxy Firewall
106
Proxy Firewall
107
Proxy Firewall
108
Proxy Firewall
109