Security considerations with Squid proxy server

Securing and controlling workstation access to the web has never been an easy task for security professionals. Firewalls and access control list on routers alone may not bring an acceptable level of security for your organization. Even if their primary role is to reduce network traffic and improve performance, HTTP proxy servers (also called cache servers) are likely to be installed as an additional security layer and as a web surfing monitoring system. Having secure proxy servers is critical because many users depend on it for their work. Several proxy server products are available nowadays. Since commercial products are very expensive, alternative products such as open source software are often considered. The most popular and widely used proxy server in this category is indisputably Squid. This paper will cover various security aspects and recommendations to improve Squid's overall security during its installation time. Software configuration parameters and an overview of logging and content filtering software will also be approached.