Transparent Mode on a Blade Server
You can configure a transparent mode for Web Gateway on a blade server.
In this mode, Web Gateway runs as a transparent router that directs data packets between segments of your network.
Transparent router
We recommend that you configure the transparent router mode as a two-legged proxy solution, with two separate network interfaces for inbound and outbound web traffic.
Each of the network interfaces is configured with its own IP address under VRRP (Virtual Router Redundancy Protocol). The outbound network interface should be used for load-balancing the traffic.
This is achieved by specifying its IP address as the physical component that is configured together with the management IP address.
This is achieved by filling in a table with the IP addresses of the scanning nodes in the cluster when configuring the director node. The following must be entered in this table for any particular node:
- For a backup node — IP address and Peer/Director as type
- For a node that runs as a scanning node only — IP address and Scanner as type
If the node that is first to run as an active director also runs as scanning node, its IP address must also be entered in the scanner table with Scanner as type.
If IP spoofing is configured, the blade servers on which Web Gateway only scans web traffic, without also directing it, do not need a connection for inbound web traffic. Inbound and outbound traffic is handled by an instance of Web Gateway that runs as a director node on a blade server.