2.2 Understanding WebMarshal Components
WebMarshal implementations include several components. A small organization can install all components on one server. A larger organization can scale WebMarshal by installing the components on a number of different servers and workstations within the network, as shown below.
Figure 1: WebMarshal components
Array Manager
Manages an array of WebMarshal Processing Servers. The Array Manager stores policy and controls communications between components.
Processing Server
Accepts Web requests, retrieves resources from the Web or local cache (Proxy service), and applies policy in the form of rules (Engine service). You can use one or more WebMarshal Processing Servers in your installation. Processing servers are also known as array nodes.
|
Note: WebMarshal caching uses a local directory to store Web content. This directory must be excluded from on-access or resident virus and malware scanning. If it is not excluded, WebMarshal caching is disabled. The default location of the cache directory is within the WebMarshal install directory, but for most production servers it will be located elsewhere. If you change the location of the cache directory, be sure that you also update virus scanner exclusions. |
Console
Allows administrators to define policy (rules), configure WebMarshal, and monitor Web sessions and server health in real time.
Marshal Reporting Console
Allows administrators or auditors to prepare Web management reports. Optional.
2.2.2 Other Software and Services
In addition to the above, most WebMarshal installations use the following software and network services.
Microsoft SQL Server or SQL Express
If you want to use the Marshal Reporting Console (MRC), you will need a Microsoft SQL Server to host the WebMarshal database that stores log information. If your web traffic volume and log retention requirements permit, you can use the free SQL Express (this could be the SQL Express Advanced instance required by MRC). If the volume of data exceeds the limit imposed by SQL Express, use Microsoft SQL Server.
|
Tip: If you are installing WebMarshal as an array, you can enhance performance by installing the WebMarshal Array Manager on the same server as the SQL database. |
Directory Server
If you want to import existing users and groups from your directory service for use in applying a Web Acceptable Use Policy, all WebMarshal servers must be able to connect with your directory server. WebMarshal can connect with Microsoft Active Directory or other Windows environments, as well as Novell NDS/eDirectory.
Malware Scanning Software
If you want to scan Web content for malware, you can install one or more supported malware scanners. See “Supported Malware Protection Software”. If you want to ensure protection of your servers, you can install scanning software of your choice on the servers.
|
Note: WebMarshal uses a temporary directory to unpack and scan Web content. This directory must be excluded from on-access or resident virus scanning. If it is not excluded, the WebMarshal Engine and/or the WebMarshal Controller service may be unable to start. By default, WebMarshal uses the \temp subdirectory of your install directory. You can change this location by editing XML configuration files on each processing server and restarting the WebMarshal services. If you change the location of the temporary directory for either or both services, be sure that you also update virus scanner exclusions. |