There are definitely security benefits to being behind a firewall while you browse the web. Intrusion is more difficult from direct access to your computer through open ports and from being scanned from outside parties. Still, the content of web sites can be designed to damage your computer through its web browser and a firewall cannot do much to help. In order for your computer to be able to communicate with the internet, web ports must be left open so your system can call out and make connections. Once that connection is made, typically over port eighty, a site is free to transmit any type of data it wants to your browser. Coded properly, a site could use this open port to exploit your browser and your machine could become infected.
An easy solution to this potential issue would be to isolate the computer from all contact with the outside world completely. But how to do that? Your users may need internet access, so disconnecting them from the outside is not always viable. Enter the proxy server. A proxy server makes outside connections on behalf of other machines. What does this mean? Instead of your computer directly accessing a web site, and therefor being subject to the actions of said site, the proxy server makes contact instead. This happens by pointing your computer and the browsers at the IP address of the proxy server. This is done either manually or by policy. The computer then routes all connections outside through the proxy server.
The proxy server then relays the web site response back to your browser, acting as an intermediate step, and thereby removing almost all risks from your computer itself. The proxy server is capable of filtering off any malicious code before it hits your machine. A proxy server is a time tested method of protecting your computers from the dangers of web browsing.
