The primary purpose of a proxy service is to act on behalf of another system, generally either one or more clients, or one or more servers. A forward proxy provides proxy services to one or more clients. When a client desires access to the Internet, it submits a request through the forward proxy, which can allow or deny the request. When allowing the request, the forward proxy passes the request along to a server over the Internet. When the server responds to the request, it responds to the forward proxy, which recognizes the response as directed to the requesting client. The forward proxy is a single point of access and control, which makes it well-suited to enforce security policies on the clients behind the forward proxy.
Similarly, a reverse proxy provides proxy services to one or more servers. When a client desires access to a server, the request is submitted to the reverse proxy, which accepts requests on behalf of the servers behind it. The reverse proxy then passes the request to the appropriate server and ultimately responds to the client as if the response is from the server itself. The reverse proxy hides the identity of the servers behind it, making it also well suited to provide security.
A proxy service is generally a process executing on a computing system that sits on the network over which it proxies. A computing system hosting the proxy process is sometimes referred to as a proxy device. For reverse proxies, the proxy service can execute on one of the server computing systems for which it serves as proxy, in addition to whatever processes the server ordinarily runs.