LevelBlue Completes Acquisition of Cybereason. Learn more

LevelBlue Completes Acquisition of Cybereason. Learn more

Services
Cyber Advisory
Managed Cloud Security
Data Security
Managed Detection & Response
Email Security
Managed Network Infrastructure Security
Exposure Management
Security Operations Platforms
Incident Readiness & Response
SpiderLabs Threat Intelligence
View All Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Operational Technology
End-to-end OT security
Microsoft
Unlock the full power of Microsoft Security
Securing the IoT Landscape
Test, monitor and secure network objects
Why LevelBlue
About Us
We reduce cyber risk and fortify organizations
Awards and Accolades
Recognition by analysts and media outlets
LevelBlue SpiderLabs
Global researchers, ethical hackers, and responders
LevelBlue Security Operations Platforms
Unprecedented security visibility and control
Security Colony
Access to cybersecurity threat protection resources
Partners
Microsoft
Unlock the full power of Microsoft Security
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP
Loading...
Loading...

LevelBlue Knowledge Base

Home » Knowledgebase » Legacy Products » Secure Web Gateway » HOWTO: How do I use the Upstream Proxy Policy?

HOWTO: How do I use the Upstream Proxy Policy?

Expand / Collapse
Show/Hide Article Tools


This article applies to:

  • Secure Web Gateway 10.x  

Question:

  • Is it possible to use different upstream proxies based on conditions?
  • How do I use the upstream proxy policy?

Procedure:

In order to forward requests to different upstream proxies, basically three steps are necessary:

  1. Define conditions
  2. Create an upstream proxy "Object"
  3. Assign this upstream proxy to the scanner(s)

The best practice is to perform the steps in the order that they are listed above. As an example, an administrator might want to use a specific upstream proxy for an individual URL.  The administrator would follow the steps below.

1. Create a URL list accordingly:




2. Create a "Upstream Proxy Object":

2.1 Policies > Condition Settings > Upstream Proxy




2.2 In order to add a Upstream Proxy, right click [Upstream Proxy]:




2.3 Define your Upstream Proxy details (IP address, ports, ...):





3. Create the Upstream Proxy policy and assign it to the Scanner(s)

3.1 Under Policies > Upstream Proxy, add a Policy:



 


3.2 Add a rule to this policy, in order to use the condition(s) defined in step 1:






3.3 Add the condition(s)




3.4 As a last step, assign this Upstream Policy to your scanner(s); the new Upstream Proxy policy can now be found in a dropdown-list in "Scanner Device Policies":

Notes:

  • Upstream Proxy policies can be defined "per scanner", providing the ability to distinguish between local and cloud scanners!
  • Security Policies are evaluated regardless of Upstream Proxy Policies; according to your requirements it might be necessary to whitelist client requests accordingly before they are sent to the upstream proxy!
  • Of course other conditions, such as header fields or IP range can be used.
  • One Upstream Proxy Policy can point to more than one upstream proxy. This does not automatically include Backup Upstream Proxy functionality.
  • Important for troubleshooting: When caching is enabled the scanner process connects to the caching server (upstream) and the caching server connects to the "real" configured upstream server. So when looking at traffic captures or logs, this behavior will be seen in the logs/cap files.

To contact LevelBlue about this article or to request support:

Rate this Article:
     

Add Your Comments


Comment submission is disabled for anonymous users.
Please send feedback to Trustwave Technical Support or the Webmaster.


Execution: 0.031. 8 queries. Compression Disabled.
Powered by InstantKB.NET