The article discusses the growing security challenges of the Internet of Things (IoT) due to the increasing number of connected devices, which are often resource-limited and vulnerable to attacks. To address these challenges, the authors propose the IoT Proxy, a modular solution that externalizes security functions by routing traffic through a secure network gateway equipped with Virtual Network Security Functions (VNSFs). The IoT Proxy includes a Virtual Private Network (VPN) terminator and an Intrusion Prevention System (IPS) that uses machine learning-based oblivious authentication to identify connected devices. This approach enhances the security of IoT devices by offloading security tasks to a more powerful gateway, making it more resilient and scalable. The solution is tested in laboratory settings, showing promising results in securing real-world IoT ecosystems. The IoT Proxy's modular design allows for the inclusion of various VNSFs, enabling adaptability to different security needs. The system's ability to perform shallow packet inspection and its encryption-agnostic nature make it suitable for privacy-sensitive scenarios. The paper also highlights the effectiveness of the IoT Proxy in detecting various types of attacks, with high accuracy in identifying DoS and DDoS attacks. The experimental results demonstrate that the IoT Proxy can maintain good performance while providing enhanced security for resource-limited IoT devices. The authors conclude that the IoT Proxy offers a comprehensive security solution for IoT environments, with potential for future improvements in anomaly detection and live traffic analysis.The article discusses the growing security challenges of the Internet of Things (IoT) due to the increasing number of connected devices, which are often resource-limited and vulnerable to attacks. To address these challenges, the authors propose the IoT Proxy, a modular solution that externalizes security functions by routing traffic through a secure network gateway equipped with Virtual Network Security Functions (VNSFs). The IoT Proxy includes a Virtual Private Network (VPN) terminator and an Intrusion Prevention System (IPS) that uses machine learning-based oblivious authentication to identify connected devices. This approach enhances the security of IoT devices by offloading security tasks to a more powerful gateway, making it more resilient and scalable. The solution is tested in laboratory settings, showing promising results in securing real-world IoT ecosystems. The IoT Proxy's modular design allows for the inclusion of various VNSFs, enabling adaptability to different security needs. The system's ability to perform shallow packet inspection and its encryption-agnostic nature make it suitable for privacy-sensitive scenarios. The paper also highlights the effectiveness of the IoT Proxy in detecting various types of attacks, with high accuracy in identifying DoS and DDoS attacks. The experimental results demonstrate that the IoT Proxy can maintain good performance while providing enhanced security for resource-limited IoT devices. The authors conclude that the IoT Proxy offers a comprehensive security solution for IoT environments, with potential for future improvements in anomaly detection and live traffic analysis.