Installation and Setup Guide
31
Chapter 3 - Getting Started
7.1 HTTP Proxies
Vital Security can communicate with any RFC-compliant Web proxy.
7.2 Working with Caching Proxies
When a caching proxy is in use, Vital Security can be integrated either upstream or
downstream from the cache proxy in the network.
7.2.1 Downstream
When Vital Security is positioned downstream of the cache proxy, the cached content is
rescanned for every request. This topology clearly works for systems with user/group
policies that differentiate between the sites that the different users/groups may visit, as
every request is submitted to Vital Security and scanned against the relevant policy.
This means that:
Every request is scanned with the latest anti-virus updates, even if the content was
cached before the last update.
Traffic scanned initially by Vital Security is cached and subsequently forwarded again
by the caching proxy in line with additional user requests. Each time this happens, the
content is rescanned by Vital Security. The resulting drain on resources should be
taken into account regarding performance.
Every additional request for cached content is subjected to the policy specific to the
user making the new request. Policy changes will always be implemented because all
content, even if it comes from the cache, is scanned again by Vital Security.
All accesses to cached content are subject to the logging policy, and are potentially
logged by Vital Security.
7.2.2 Upstream
When Vital Security is positioned upstream from the cache, traffic is scanned only once,
and is then cached and forwarded directly to the users. This is optimal for organizations that
use a single policy for all Internet access, and do not apply different policies to different
users/groups. This is not suitable for per user/group policies that differentiate between the
sites visited by users/groups. (In such cases, you may consider working with ICAP.)
This means that:
Because content is only scanned once, there is less drain on resources, leading to
improved performance.
Cached content is not subject to the latest anti-virus updates, nor to policy changes.
Vital Security cannot log accesses to cached content.
To Next Page
Loading...
Need help?
General
