Web Security - Advanced Configuration
Overview
To access advanced web proxy options in the user interface select Proxy Settings from the Web Security menu. Then click on the Advanced button where you will be presented with the following options.
Web Proxy Server Settings
Cache Size
Specify the amount of disk space to use to store temporary files and cached webpages. The default setting of 500mb is recommended in most scenarios, however changing this setting may be of benefit depending on your Internet connection. Users on a slower connection such as ISDN or Dial-Up, for example, may want to set a larger cache size to minimize new page requests.
Access Logs
Enabling this option creates Web Proxy access logs (viewable under the Support and Diagnostics -> System Logs menu). The format of these logs is a personal choice. HTTP Common creates logs that more resemble Web Server log files, which are sometimes easier to read. Choosing Squid will create log files in the same format as previous versions of SiteFilter.
Allowed Port Settings
Allowed Ports
This is a list of ports over which requests are allowed through the Web Proxy. The default settings are generally acceptable, though you may want to change this configuration if there are specific ports you do not want to allow.
Allowed SSL Ports
Just like above, this is a list of ports which SSL requests are allowed to pass through the proxy. For example, some webmail services use a non-standard port, with an address like https://webmail.url:81. In this case, you would add port 81 to this list to allow SSL (https) access.
* Note: Port 80 ( HTTP ) and port 443 ( HTTPS ) are automatically added to Allowed Ports.
IP Address Filtering Settings
These settings determine how to handle IP Address requests from a user's web browser.
Lookup in database
This option will try to match the IP addresses to defined Web Proxy categories.
Block
This option will disallow any IP address requests.
Allow
This option will simply allow any IP address request - note that this can be used to bypass the defined Policies.
Parent Proxy Settings
Parent Proxy is used when the InstaGate or ThreatWall must make requests through another proxy server. Some Internet providers may require this. These settings can be obtained from your ISP if this is the case.
Safe Search
Enforce Google Safe-Search, when enabled, forces all search requests to Google to be flagged to use Google's Safe Search feature, regardless of whether the user has disabled it manually. This is particularly useful for blocking adult content on Google's image search.
Policies
Selecting the 'Policies' button will bring you to an interface where you can Add, Modify, Delete, or Copy any Web Security policy defined on the unit.
This interface will also give you access to modify the Default system policy (Block All). Note that the Default policy cannot be deleted, however it can be modified to be less restrictive if you wish.
