If you have proxy servers between your staff and the public internet, and you’re configuring the proxy server name/IP and port in web browsers then
CUT THAT OUT RIGHT NOW!
Your web browsers can find your proxy servers automatically (with a little help….)
What is Web Proxy Autodiscovery Protocol (WPAD)?
The Web Proxy Autodiscovery Protocol (WPAD) is a method used by web clients (IE, Firefox, Chrome, Winodws) to locate an internet proxy automatically. Use this to configure the browser’s web proxy settings instead of hardcoding proxy settings (doesn’t suit travelling laptops).
Please find more details here: http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol
DNS record for WPAD
If you’re using Microsoft DNS, remove WPAD blocking by Windows DNS (there to prevent sneaky types renaming their PCs to WPAD and subverting web browsing) http://technet.microsoft.com/en-us/library/cc441517.aspx
Build and test your WPAD file rules
PACMagic is a handy tool for building and testing WPAD file rules.
The FindProxyForURL website has a great guide to get you started.
Consider which cases you want to bypass proxy (accessing intranet websites *.companyname.com and also internal websites accessed by IP address) and which cases you do want to route via proxy (that website in DMZ that looks like an internal site but you can’t get to directly).
Make a group policy to set IE to autodetect proxy. Deploy this to your test users (group policy scope filtering on AD group). Import the group policy template for Google Chrome and manage this with AD too. For Firefox you’ll need to put down a mozilla.cfg file.
Gotcha: JRE 7 update 21 has a bug with the dnsResolve function in WPAD files. For intranet sites accessed by IP, substitute for URL string compare tests like url.substring(7, 11)==”10.1″ until JRE7 is fixed. https://bugs.openjdk.java.net/browse/JDK-8062034
Find more IT Infrastructure tips at www.alexmags.com