Use a PAC file to make proxy settings dynamic
Are you deploying browser proxy settings by setting a proxy server and attempting to manage a proxy bypass list? There is a better way..
Fortunately Jason Curnow, who’s had many years experience working with PAC files, has a website where he’s documented his experiences and shows you how to create your own - The Proxy PAC File Guide.
Any proxy server or firewall (a firewall is going to understand the network topology better than a proxy server) worth it’s salt will do this type of work for you. I know my favourite firewall, ISA Server does - Automatic Detection Concepts in ISA Server 2006 (I’m sure other proxy servers or firewalls do too).
In complex environments you may not be able to rely on your proxy server to handle browser configurations completely, so you’ll need to roll up your sleeves and roll your own PAC file.
So why a PAC file? Here’s a couple of scenarios that demonstrate the awesomeness of a PAC file:
- Laptop users don’t need to disable their proxy settings when they’re outside the corporate network (OK, the ISA Server firewall client can do this too); and
- If you have internal web applications hosted across WAN links (e.g. your users are in London but SAP is hosted in Ireland), you can use a PAC file to direct specific URLs to proxy servers that handle that SAP traffic only, whilst every thing else goes via your Internet proxy.
So go and check it out, Jason has done some excellent work - The Proxy PAC File Guide.
