Direct to the Net

For smaller organizations, there's generally only one main link to the internet. A single proxy (or a redundant proxies) solve the security needs of this organization nicely. But for larger organizations where there are remote offices, each of which may have their own direct to the net connections, trying to control traffic may be a real challenge for the IT administrator.

While the corporate proxy controls the traffic to the internet at the main data center, it has no control over users who are at branch offices going directly to the internet over links to the internet that exist at the remote office. These "direct to the net" scenarios require a separate branch office proxy at each location that has its own connection to the Internet. For a large enough organization this can be a significant amount of branch office proxies, that will need central management to ensure corporate policy is uniformly enforced across all proxies in the corporate network.

This "direct to the net" scenario is becoming increasingly common as internet links become a commodity. The savvy IT administrator will keep ahead of the game by making sure their corporate proxy is capable of scaling as the Internet link bandwidth increases, and scales in terms of numbers of supported branch office proxies in a centrally managed deployment.