An SSL Proxy is a device, usually a router or computer, that routes traffic from a client to other servers using the Secure Sockets Layer (SSL) protocol. SSL is an encrypted protocol that creates a secure connection from a client to another client or server. SSL is often used in conjunction with Hypertext Transfer Protocol to create a more secure connection when browsing the Internet; the resulting protocol, or language in simpler terms, is known as HTTPS.
The function of a proxy server is to route and filter traffic for a network or client. In a typical scenario, the client, usually a computer, puts out a request, typically to go the World Wide Web, and the proxy server receives that request and filters it and routes it accordingly. The advantage of a proxy server is that it can centralize the network traffic and provide security at the same time.
The proxy can filter requests using almost any specific criteria it wants. For instance, if a company wanted to only let traffic go out of the main network, to another network or the World Wide Web at a specific time of the day, they could set the proxy server to block all traffic outside the network the rest of the time. Since the traffic went through one server, it could also be monitored for usage statistics; a helpful thing for many companies.
Secure Sockets Layer (SSL) is a protocol that encrypts data for security purposes. In addition to encryption, it also utilizes a system of certificates that other computers or servers use to validate its authenticity. The HTTPS protocol, the combination of HTTP and SSL, is widely used in creating secure connections on the Internet. Many companies that take credit cards online, for example, utilize the HTTPS protocol so no one can tap into the data stream and pull out sensitive information.
The main purpose of an SSL proxy is to protect sensitive data on a large scale. There are many instances where this would be desirable. One typical example would be with a large company that handled sensitive data, such as financial or legal information. The network could be set up so that all outgoing traffic, from the whole company or just a certain department, would go through an SSL proxy. This could create an extra layer of protection when sending information, especially data that had to go out on the Internet.
Another typical use for an SSL proxy server would be for businesses that take payments of some sort. Oftentimes, they have a reverse SSL proxy. The reverse proxy takes traffic coming in, instead of out, and can keep the SSL protocol intact as well as keep the inside of the network hidden from possible intruders.