How you configure Secure Web Gateway depends on the environment where you have set it up and what your requirements regarding web security are. After the initial setup, there is no fixed order of steps for completing this configuration.
The following are suitable high-level steps of a workflow for administrators in various environments and with different requirements.
- Complete the initial setup.
During the initial setup, some basic system settings are configured such as host name, root password, and primary network interface. After completing this setup, you can log on to the user interface and continue with more configuration activities.
For more information about how to complete different types of this setup, see Install Secure Web Gateway.
Configure network interfaces.
A primary network interface is already configured during the initial setup. On the user interface, you can configure more of them using the Network Interfaces system settings.
You can configure IP addresses, subnet masks, IP aliases, and other settings for these interfaces under IPv4 or IPv6.
- Configure proxies.
Proxies are set up on a Secure Web Gateway appliance to have web traffic redirected to them. This traffic is going on between users' systems that are configured as clients and websites that users request access to. The traffic is filtered and forwarded to its original destinations if the implemented web policy rules allow it.
On the user interface, you can configure proxies using the Proxies system settings.
You can set up different proxies for the different network protocols that web traffic follows, for example, HTTP, HTTPS, or FTP.
Proxies can run in different network modes, for example, in an explicit mode, where the clients are aware that they are redirected, or in a transparent mode, where they are unaware.
For more information, see Configure Proxies.
Configure a cluster.
You can run multiple Secure Web Gateway appliances as nodes in a cluster and administer them using the Central Management functions of Secure Web Gateway.
On the user interface, you can configure a cluster using the Central Management settings and other options that are provided under Configuration | Appliances.
For example, you can add an appliance as a node to a cluster, create node groups, or generate certificates for running web traffic on connections that are secured under the SSL or TLS protocol.
For more information, see Central Management.
- Configure a web policy.
A web policy consists of web security rules that are processed to filter traffic that is redirected to Secure Web Gateway.
Default rules grouped in rule sets that cover different fields of web security are implemented on Secure Web Gateway during the initial setup. They include, for example, an anti-malware rule that blocks the download of malware infected files to a users's system within your network.
You can modify or delete existing rules, import rules from libraries. and create your own rules. The Policy top-level menu of the user interface provides submenus with options for completing these activities.