WatchGuard Technologies FireboxTM System 4.6 User Manual

Page 65

Advertising
background image

User Guide

55

Setting up proxy services

5

Click OK.

6

Click File => Save => To Firebox to save your changes to the Firebox. Specify the
location and name of the new configuration file.

Configuring an HTTP proxy service

HyperText Transfer Protocol (HTTP) is the protocol used by the World Wide Web to
move information around the Internet. HTTP defines how messages are formatted
and transmitted, and what actions Web servers and browsers take in response to
commands. For example, when you enter a URL into your browser, you are sending
an HTTP command to the Web server, directing it to find and send you the requested
Web page.

The HTTP proxy does content-based filtering on outgoing connections only, with a
set of options that you can easily configure according to your own requirements. The
HTTP proxy does not process incoming connections. In addition, the HTTP proxy can
serve as a content filter for Web browsers. For more information, see “Configuring the
WebBlocker service” on page 60.

You can use two types of HTTP services:

Proxied-HTTP service allows outbound HTTP on TCP port 80 to be proxied

through the Firebox. The proxy has the capability of performing HTTP-specific
content filtering of each connection. Such content filtering can include denying
or removing “unsafe” content types (such as Java or ActiveX) and performing
general verifications on the HTTP exchange.

Filtered-HTTP service allows outbound HTTP on all TCP ports, but incoming

access only on port 80. Filtered HTTP is filtered by the standard packet filter,
which can restrict access by IP address or alias only. No proxy is used with this
service, meaning that Filtered-HTTP cannot make use of any of the advanced
HTTP-specific content-filtering options provided by the proxy. You must use
proxied-HTTP if you want accounting logs – for example, byte counts.

With either type of HTTP service, you should have a single icon that allows for
general outgoing HTTP access (for most internal users) and incoming HTTP access to
a limited set of Web servers.

From Policy Manager:

1

Double-click the HTTP Proxy service icon to open the HTTP Proxy Properties
dialog box.

2

Click the Properties tab. Click Settings.

The WatchGuard service called “HTTP” is not to be confused with an HTTP

caching proxy. An HTTP caching proxy refers to a separate machine that

performs caching of Web data.

Advertising
Popular Brands
Popular manuals