Question : Setting up a proxy have security issues?

guys, i'm considering installing a proxy server on the work network. I want to mainly use it for caching and of course security also. The network currently all runs through around three 48-port switches, which are then connected to draytek 2820 routers which then go out to the internet. I read somewhere that I must be 'careful' when using proxy servers as they would put the network at risk?

I certainly thought they would make the network far more secure. I'm new to this and I'm new to Linux/Squid also. Is there anything I should be weary of when trying to set this up? Any tips will be handy.

Thanks
Yashy

Answer : Setting up a proxy have security issues?

For squid you want a reasonable amount of memory (1-2 GB+) so that it can keep a reasonable amount of cached data in memory rather than continually accessing the disk, really the more you can throw at it the better, running it in VMWare should be fine. Given you are running 3x48 port switches i assume you have a reasonable number of users so depending on what you consider an 'old' box you may be better off with a VM instance.

If you want to force users through the proxy you may also want to look at putting your routers on a separate VLAN to segment them off the main network so people can't change their settings and go straight out onto the internet. Then on you squid box have one alias/interface on the VLAN and one on the main network.

If part of your goal is to filter connections to particular material then you may also want to look at implementing openDNS as a layer of filtering.