The WSA main features are\u00a0 L4 Traffic Monitor and Web Proxy. Other features are
\n– URL filtering
\n– Web usage controls
\n– Application visibility & control
\n– Anti-Malware scanning (Sophos, McAfee, Webroot)<\/p>\n
Secure web proxy<\/strong> monitors and scans web traffic for malicious\u00a0 content. When you enable the web proxy, you can configure it to be in transparent or explicit forward\u00a0 mode<\/p>\n The L4 Traffic Monitor<\/strong> detects and blocks rogue traffic across all ports and IP addresses. The L4 Traffic Monitor listens to network traffic that comes in over all ports and IP addresses on the appliance and matches domain names and IP addresses against entries in its own\u00a0 database tables to determine whether to allow outgoing traffic. L4 Traffic Monitor deployment is independent of the Web Proxy deployment. You can connect the L4 Traffic Monitor to a network tap or the mirror\/span port of a switch.<\/p>\n When you enable the web proxy, you can configure it to be in transparent or explicit forward mode.<\/p>\n Features you enable determine how you deploy and physically connect the appliance to the network. Two main deployment methods are Explicit forward proxy and Transparent Proxy.<\/p>\n Explicit Forward Proxy:<\/strong> Client applications, such as web browsers, are aware of the Web Proxy and must be configured to point to a single Web Security appliance. This deployment requires a connection to a standard network switch. When you deploy the Web Proxy in explicit forward mode, you can place it anywhere in the network. IP spoofing is disabled by default<\/p>\n ON – IP address of original source is maintained. OFF – Changing IP address to WSA IP address<\/p>\n Automatic:<\/strong><\/em> Configure each client application to use a PAC file to detect the appliance Web Proxy\u00a0 automatically. Then you can edit the PAC file to specify the appliance Web Proxy information. PAC files work with web browsers only. Transparent Proxy:<\/strong> Clients applications are unaware of the Web Proxy and do not have to be configured to connect to the proxy. This deployment requires an Layer 4 switch or a WCCP v2\u00a0 router. When you specify a WCCP router, you need to configure additional settings on\u00a0 the appliance.When you specify a Layer 4 switch, you only need to specify that the appliance is connected to a Layer 4 switch when you configure the appliance.<\/p>\n Note:<\/strong> When the Web Proxy is configured in transparent mode, you must enable the HTTPS Proxy if the appliance receives HTTPS traffic. When the HTTPS Proxy is disabled, the Web Proxy passes through\u00a0 explicit HTTPS connections and it drops transparently redirected HTTPS requests<\/p>\n <\/p>\n Management – M1 and M2<\/strong>: Use for management of the WSA. Can also be used for data traffic in deployments where there is no separate management network. <\/p>\nDeployment<\/strong><\/h4>\n
\nManual:<\/strong><\/em> Configure each client application to point the appliance Web Proxy by specifying the\u00a0 appliance hostname or IP address and the port number, such as 3128, used for listening to data\u00a0 traffic.<\/p>\nDevice Interface:<\/strong><\/h4>\n
\nData – P1 and P2:<\/strong> Use the Data interfaces for Web Proxy data traffic. Only P1 enabled by default. If P2 is enabled both interfaces should be connected to a different subnet.
\nL4 Traffic Monitor – T1 and T2:<\/strong> Use for Tap and Span. Can be used in simplex (only T1 for incoming and outgoing traffic) or duplex (T1 and T2 connected. T1 for outgoing and T2 for incoming) communication.<\/p>\n