The system of a Secure Web Gateway appliance is configured to support the filtering functions that protect your network against threats arising from the web.
When performing this configuration, you will mainly be dealing with system settings and files.
Some system settings are already configured during the initial setup of Secure Web Gateway, others can be configured later on the user interface.
Initial system settings
System configuration is in part performed during the initial setup of Secure Web Gateway.
Settings that are configured during this setup include the primary network interface, host name, root password, and others.
After the initial setup you can configure more system settings and also modify the initial settings.
This includes configuring system settings for:
- Network interfaces — Network interfaces are configured to enable processing of web traffic on a Secure Web Gateway appliance, specifying the host name, gateways, use of the IPv4 or IPv6 protocol, and other settings.
NOTE: Some of these settings are already configured during the initial setup.
- Proxies — Secure Web Gateway can be configured to run as a proxy that intercepts web traffic and transmits it if this is allowed by the rules of your web security policy.
Proxies can be configured in different ways regarding;
- Network mode — The network mode can be an explicit (also known as direct) proxy mode or a transparent mode.
- Network protocol — The network protocol can be, for example, HTTP, HTTPS, FTP, ICAP, or IFP, to enable the filtering of web traffic that is going on under any of these protocols.
- Cluster nodes — Instead of running a Secure Web Gateway appliance in a standalone mode, you can run multiple appliances as nodes in a cluster.
To configure a cluster with several appliances as nodes, the Central Management system settings are provided.
- Update schedules — Updates are scheduled to ensure that the latest available information is used by the filtering functions on Web Gateway.
System files contain particular parameters of the appliance system. They can be modified using the File Editor.
System configuration can also include several other activities.
- Network interface bonding — Bonding two or more network interfaces enables them to act as one while increasing bandwidth and providing High Availability.
- Cache volume resizing — Logical volumes for web caching and for storing temporary and log files can be resized on an appliance using a wizard.
- Closed networks — Secure Web Gateway appliances can be operated and updated in networks that have no internet connectivity for security or other reasons. These networks are also known as "closed" or "isolated" networks.